A gramx

A gram is one. A gramx is many.

A gram is a handful of people and the machines they already own. A gramx is what grams become together: a space with an address, a membership, and a record that its own machines wrote.

Every gram derives the region it sits in, offline, from the machine itself — so it belongs to a regional gramx without asking anyone. What it publishes there is a separate decision, and it is always yours. Belonging is derived. Visibility is granted.

A private gramx is the same object with its admission list closed. There is no other product, no licence key, and nothing locked inside the free one waiting for a payment.

Your compliance is paper describing paper.

You hold a report and a contract. The report asserts that a control existed. The contract asserts that you will honour it. Both are documents about documents, and the machine that actually did the work — the one your obligation is really about — never said anything at all.

A private gramx changes exactly one thing, and it is who has to be trusted: the machine that did the work signs where it ran, and your customer verifies that without trusting you, and without trusting us.

A machine signing, right now

This is not an illustration of the mechanism. It is the mechanism. The node below signed its own statement about itself, with its own key, at the moment shown. Nothing on this page was typed in by a person, and nothing here can be typed in by a person.

Reading the node…

Three dials

Nothing below is a feature added for regulated buyers. Each is the same mechanism you have already seen above, turned up until it can carry weight in front of someone who has no reason to believe you.

Admission

Only machines you admit can run your work.

Admission is a signing decision, not a setting in a console. A machine enters your perimeter by presenting a key you have authorised, and every statement it later makes about itself is signed with that key. A machine you did not admit cannot produce a signature that verifies, so it cannot produce work that counts. There is no configuration to get wrong, because there is no configuration — there is a signature, or there is nothing.

Audit

The log is signed by the thing it describes.

An audit log written by an application is a record of what the application says it did. An audit log signed by the node is a record of what the node did, checkable against the node’s key by someone who has never met either of you. The difference does not matter until the day it is the only thing that matters, and on that day it is the whole case.

SLA

The obligation is measured by the party under it.

An SLA is normally a promise, followed some months later by a report on the promise, written by the promisor. Here the node emits a signed heartbeat on its own schedule. Whether it met its obligation is not a question your account manager answers. It is a question you answer, from the record, at any hour, without asking us.

What it runs on is what you already have

A machine is not one resource. It is compute, memory, an accelerator, a disk, a network link and a power draw — each spent separately, so each measured separately, and each signed by the node that provided it.

The seven resource networks →

You should not take any of this on my word

That would be the same mistake, one layer up. The page you actually want is the one where the signatures are laid out next to the raw snapshot they came from, including the measurements we have not proven yet and therefore refuse to print a number for. Read that page first. If the discipline on it is not real, nothing on this page is worth anything.

Verify us. Don't trust us. →

The gramx that chose to be seen

Every gramx is private by default. These granted visibility; the rest are here and say nothing, which is the correct behaviour and not an absence.

No gramx has chosen to be seen yet.

Let the machine speak for itself.

A gramx is admitted, not purchased. Tell us what you have to prove, and to whom.