Introduction
Documentation for the Seven Layer platform — SCSA Vault and the Vault API.
Seven Layer seals data to the physical world: to the silicon of a machine, or to a condition that must be met before anything opens. There is no portable key to copy, phish, or subpoena — capability is derived at access time, not stored.
Two products share the same cryptographic core:
SCSA Vault (desktop)
A desktop app that seals files to the hardware of a specific machine — CPU, GPU, or both. A sealed file is noise anywhere else.
Vault API
A REST API for conditional release: data that opens only when a time-lock matures or a t-of-n quorum approves, with a hash-chained audit trail.
Which one do I want?
- Protecting files on machines you control — laptops, workstations, lab boxes — use SCSA Vault. Drag, drop, sealed to that hardware.
- Building conditional release into a product — sealed-bid auctions, escrow, embargoes, evidence custody — use the Vault API.
Both derive keys from measurable state rather than storing them, and both write an append-only, tamper-evident log of every access.