Confidential clean-room

Share the answers. Keep the data.

The AT-1 Vault is a data clean room for a single encrypted container. You register it; you hand a counterparty a scoped, revocable, audited query grant. They submit queries and get back policy-bounded results — not the bytes. The container never leaves infrastructure you control, every access is provably logged, and you can cut it off whenever you want.

answers: returned to the counterparty — not the raw bytes
scoped: per-grant columns, rows-vs-aggregates, budget, expiry
revocable: cut access or destruct the container server-side
hash-chained: tamper-evident audit of every single access

They query it — they never get the bytes

The encrypted .at1 container stays on infrastructure you control. The counterparty submits queries against it; the service returns only the rows or aggregates your policy allows — never the blob. Queryable-in-place means it answers without ever rehydrating the data.

Scoped, budgeted, expiring grants

Each share is a policy: which columns/regions, rows vs aggregates-only, a max-queries / max-rows / max-bytes-scanned budget, and an expiry. Access is metered and rate-limited, and you can revoke or destruct the container server-side at any time.

Tamper-evident, provable audit

Every access is logged to a hash-chained, integrity-sealed audit trail — who opened what, when, and that nothing was altered. You can't un-share data you deliberately released, but you can prove the record, end to end, and export it.

How a share works

register: encrypt your data -> one Vault entry (key held by you or owner-side KMS)
grant:    issue a scoped token -> {columns, rows|aggregates-only, budget, expiry}
query:    counterparty hits the gated endpoint -> policy-bounded results, never the blob
audit:    every call metered + logged to a hash-chained, tamper-evident trail
revoke:   cut the grant or destruct the container -- server-side, for real

It rides AT-1’s queryable-in-place engine, the integrity trailer, and the control-plane metering — so scoping, budgets, revocation, and the audit log are enforcement the server controls, not a checkbox the recipient is trusted to honor.

Where it fits

Data clean rooms — let a partner query your data for answers without ever handing over the dataset.
Regulated data sharing — health, finance, gov: scoped access with a provable, exportable audit trail.
M&A diligence rooms — give the buyer bounded queries, revoke the moment the deal moves on.
Sealed bids & embargoed disclosure — controlled release with every access on the record.

What it is — and isn’t.This enforces controlled access where it’s actually enforceable: server-side and with crypto. It is notrecipient-side “self-destruct” or “view-once” DRM — once you deliberately hand someone plaintext, no software can stop them from copying it, and we won’t pretend otherwise. The honest pitch: the data never leaves your control; they query it, every access is metered and provably logged, and you can cut it off.

Open the Vault Talk to us See the compliance vertical