Identity.
Hardware-bound identity, key custody, and per-tenant attestation.
Identity holds the operator's hardware-bound identity. It mediates access to the secure enclave, rotates session keys, and produces per-tenant attestations under the Adaptive Multi-Tenant OS (patent 04). When the operator switches tenants, Identity enforces the cryptographic isolation that makes tenant leakage architecturally impossible. Cloning refusal: foreign hardware produces an unauthorised identity.
- 01Hardware-bound key custody
- 02Per-tenant attestation
- 03Session key rotation and replay-resistance
- 04Cloning refusal: foreign hardware produces an unauthorised identity
Authoritative external corpora and standards this brain treats as canonical. Every retrieval against these sources is signed into the audit ledger so a regulator can prove which evidence drove which output.
- 01Mickai Patent 04, 08, 13, 53, 54
- 02FIDO2 and WebAuthn
- 03TPM 2.0 specification
- 04Intel SGX, AMD SEV, ARM TrustZone documentation
- 05NIST SP 800-63 Digital Identity Guidelines
- 06OAuth 2.0 and OpenID Connect RFCs
- 07ISO/IEC 24760 identity-management framework
- 08Verifiable-credential-issuer landscape
- 09eIDAS 2.0 European digital-identity regulation
Mickai-native tooling primitives this brain implements internally. Codex for sovereign plain-text graph PKM, Lectern for spaced-repetition memory, Stele for citation-provenance, and domain-native primitives layered on top. No external services in the trust path; data stays on operator-personalised hardware.
- 01Threshold (identity provider)
- 02Cipher (hardware-bound key custody)
- 03Wax-Seal (attestation-signing infrastructure)
- 04Aegis (per-tenant policy enforcement)