Trust math, not middlemen
Deploy Team Deploy Team Commercial Defense Deploy Team Deploy Team Application-layer coordination is necessary. So is message-layer proof. The first without the second is the gap the industry has been ignoring for fifty years. By Carl Hendrix, Founder & CEO, InnoviGuard AB I read Sten Tamkivi’s piece on Labrys this week. Good company. Real operators. Serious problem framing. The thesis is correct: militaries and humanitarian networks have been duct-taping consumer chat apps into mission infrastructure because nobody built the right tool. Labrys is building the right tool at the application layer. Maps, tasks, payments, identity onboarding, encrypted comms. The cockpit a coordinator actually needs.I want to talk about the floor below the cockpit. Every guarantee an application like this advertises rests on assumptions that live one layer down. The user was verified at onboarding, so we trust the session. The photo carries geolocation, so we trust the metadata. The payment went to a verified wallet, so we trust the rails. The chat is end-to-end encrypted, so we trust the channel. Each of those sentences contains the word trust. Each of them is an assumption, not a proof. The same gap is now showing up loudly in agentic AI. OpenAI stated in late 2025 that prompt injection is unlikely to ever be fully solved. The UK’s National Cyber Security Centre warned that prompt injection attacks may never be totally mitigated. OWASP ranks prompt injection as the #1 vulnerability in their 2025 Top 10 for LLM Applications. Different domain, same root cause. The agent reads instructions and cannot tell where they came from, whether they were altered, or whether they were meant for it. That is a provenance problem, not a confidentiality problem. The cryptographers are very good at confidentiality. Provenance is a different job and it needs a different tool. We built that tool. A mathematical stamp bound to origin, integrity, and destination. The stamp does not read your data. It does not touch your data. It does not need to. Whatever you stamp, plain text or encrypted blob, photograph or sensor reading or payment instruction or AI prompt, the proof guarantees the same three things. Rides with the data. Verifies only at the intended destination. Anywhere else it is inert. Nothing for an attacker to steal because there is nothing in the system worth stealing. Imagine the Labrys stack with that stamp underneath it. Every photo carries a proof of the device that captured it and the destination that should verify it. Every task instruction carries a proof of the coordinator who issued it and the operator it was meant for. Every payment instruction carries a proof of the authority who authorised it and the wallet that should receive it. The cockpit gets to make claims about its data that no application-layer product can make today. The same architecture applies to agents. An agent that only acts on stamped instructions cannot be hijacked by an unstamped one. The attack surface does not shrink. It disappears. This is not a criticism of Labrys. They are solving the workflow problem that needed solving. I am pointing at the layer below, the one the industry has been pretending was already handled, and the one OpenAI, NCSC, and OWASP have now publicly admitted they cannot solve from the top down. We have been quietly solving it from the bottom up. From Lund, Sweden. Trust math, not middlemen. Linkedin Protect everything, manage nothing. Lund • Malmö • Stockholm
Manifesto
Deploy Team Deploy Team Commercial Defense Deploy Team Deploy Team We make a stamp. That is the whole product. Origin. Integrity. Destination. The stamp proves three things and only those three things. The industry has been trying to solve this with the wrong tools for fifty years. We finally built the right one. By Carl Hendrix, Founder & CEO, InnoviGuard AB I am going to keep this simple, because the thing itself is simple. We make a stamp. The stamp goes on data. The stamp proves three things. Where the data came from. That the data has not been altered. That only the intended destination can verify the proof. That is what we sell. That is the entire product. Everything in this essay is about why those three guarantees matter, why nobody else has built them properly, and why the industry’s existing answers do not work. I am going to use the word stamp on purpose throughout this piece. Not protocol. Not framework. Not platform. Stamp. Because that is what it is. You hand us data. We give you a proof. The proof rides with the data. The destination verifies it. Anyone in between can see it. Nobody in between can verify it, forge it, or use it. That is the whole story. What we are not We are not cryptography. We do not hide data. We do not encrypt anything. We have no quarrel with cryptographers and we are not in their conversation. They are very good at what they do. Hiding information is hard and they have spent fifty years getting good at it. If you need confidentiality, hire a cryptographer. They will sort you out. We do something completely different. We attest. The stamp says this came from here, this has not changed, only that destination can confirm it. The stamp does not care what is inside the data. Plain text. Encrypted blob. A photograph. A sensor reading. A love letter. A voicemail in a language nobody speaks. A pharmaceutical formula. A telemetry packet from somewhere unfriendly. A prompt for an AI agent. We do not look at the contents. We do not need to. The stamp works on whatever you hand P55 Nexus. Cryptography and InnoviGuard’s stamp are complementary. You can encrypt your data and stamp it with us. You can stamp without encrypting. The two operations do different jobs. We have no opinion about confidentiality. We have a strong opinion about provenance. We do one thing. We do it well. The other thing is somebody else’s department. Three guarantees the industry has never properly delivered Every system in the world that moves data tries to answer three questions. Where did it come from. Has it been altered. Where is it going. The current answers to these three questions are weaker than people think. Most people in the industry know this privately. Almost nobody says it out loud. Origin The current industry answer is certificates. A certificate is a public document that binds a name to a public key, vouched for by a third party. The private key is the secret. The certificate is the label on the box. When the key gets stolen, and keys get stolen constantly, the certificate keeps working perfectly. It was never checking for the holder of the key. It was checking for the key. Two different things. Integrity The current industry answer is hashes. A hash is a fingerprint of the data, but the fingerprint travels with the data it is supposed to vouch for. If I can touch one, I can touch the other. The industry response is to sign the hash with a private key vouched for by a certificate, which puts us back in the previous paragraph. P55 Nexus closes this. Touch the data or the stamp and it stops validating. You can’t forge a replacement. Destination There is no current industry answer. None. Sit with that. Every protocol the world uses to move data secures the sender and the payload. None of them say anything meaningful about whether the data arrived where it was supposed to arrive. We secured the envelope. Nobody secured the address. If somebody intercepts your data and forwards it elsewhere, every signature still passes. The data just ends up where it was not supposed to be. What the stamp is P55 Nexus is a mathematical proof engine. It takes data, a source, and a destination, and produces a proof that binds the three together. The proof is destination-bound. It only verifies at the intended destination. Everywhere else it is inert. There is no key in the system. No secret. No vault. No certificate authority. Nothing for an attacker to steal because there is nothing in the system worth stealing. No secrets to protect, no third party to trust, no certificate at the end of the chain. Five hundred thousand operations per second per thread. Validated across billions of operations with zero observed forgeries. Runs on a server. Runs on a phone. Runs on an industrial controller. Runs on a sensor with a coin cell. The stamp is small, fast, cheap, and indifferent to what it stamps. If the engine is compromised, it stops working. It does not betray you. There is nothing to betray. The worst case is non-functionality, not exploitation. That is a fundamentally different risk profile than every system the industry has built before us, and it is one of the reasons we sleep well at night. No risk in trying Without our stamp, you have what you have today. Certificates, hashes, encryption, perimeters. You hope they hold. Add our stamp, and you have what you had, plus three guarantees you did not have before. Origin proven. Integrity proven. Destination bound. The stamp sits alongside your stack. It does not replace anything, and it does not depend on anything. If it works, you have capabilities your stack could not deliver. If it somehow does not, you are exactly where you started. No trapdoor. No secret to leak. No failure