Parinita  /  Products  /  Parinita Crucible
Infrastructure Layer

Parinita Crucible

The Sovereign AI Network OS

Per-packet identity enforced at the NIC, below the OS.

Crucible sits above Opera and below Conduit and Corridor in the Parinita stack. It is the control plane for identity, policy, and routing — encoding Orchestra workload-placement decisions as cryptographic identity in every packet, and validating that identity at the ConnectX-7 NIC via eBPF/XDP before the kernel ever sees it.

101
Sites Worldwide
<1s
Revocation Time
0
Bypassed Packets
<50ms
Failover
01 / The Problem

Network Security Breaks Down Below the OS.

Enterprise AI infrastructure relies on firewall rules and network policies enforced in software. Any process with kernel access can bypass them. Traditional SDN controllers and firewalls operate too high in the stack to enforce workload identity on every packet before it enters the network.

Identity is asserted at the application layer and trusted downstream. A compromised container can masquerade as any tenant. Policy revocation takes minutes. Regulated workloads cross public paths despite policy intent because enforcement is advisory, not architectural.

  • Kernel-Level Bypass

    Any process with kernel access can bypass software network policies. Identity asserted at the application layer is advisory, not architectural.

  • Slow Revocation

    Firewall rule propagation takes minutes. A compromised credential has a large window of valid use before policy catches up.

  • Cross-Tenant Exfiltration Risk

    IP-based isolation fails when pods share nodes or routing tables are misconfigured. One mistake exposes multiple tenants.

Capability
Current / legacy
What's needed
Per-packet identity enforcement
iptables / NetworkPolicy (L3/L4 only)
Ed25519/JWT tokens enforced at the NIC via eBPF/XDP
Identity revocation speed
Minutes (firewall rule propagation)
Sub-second via NATS JetStream across 101 POPs
Sovereign egress control
Software firewall rules (bypassable from kernel)
XDP program intercepts below the OS — architecturally bypass-impossible
Cross-tenant isolation
IP-based VLAN segregation
Four independent layers: network VNIs, identity routing, firewall inspection, K8s eBPF
Regulated workload consistency
Best-effort / eventual (no compliance guarantee)
Strong consistency with synchronous Chrysalis acknowledgment for ITAR/HIPAA/Financial
Key management
Software key stores (AWS KMS, Vault)
FIPS 140-3 Level 3 HSMs managed by Instrument — no software key exposure
02 / Core Capabilities

Identity enforced at the hardware boundary.

Crucible does not replace your firewall or SDN controller. It enforces workload identity at the NIC — before your network stack, your firewall, or your OS sees a single packet. Crucible decides what is allowed; Corridor decides how it moves.

Every packet carries a cryptographic identity token: tenant.plane.pop.workload-uuid.service-class. The ConnectX-7 ASIC drops packets without a valid Ed25519/JWT token before the kernel runs an instruction.

  • Identity in Every Packet

    Format: tenant.plane.pop.workload-uuid.service-class. Ed25519/JWT tokens signed by Instrument-managed FIPS HSM keys. Dropped at the NIC before the kernel runs.

  • Sub-Second Revocation

    Revocation propagates to all 101 POPs via NATS JetStream within one second.

  • Zero-Trust Inside Every POP

    WireGuard/UDP tunnels pre-positioned across every intra-plane, inter-plane, and inter-POP path. ChaCha20-Poly1305 plus IPsec/AES-GCM hardware offload at line rate.

  • Two Consistency Tiers

    Strong consistency with synchronous Chrysalis acknowledgment for ITAR/HIPAA/Financial. Eventual consistency for standard workloads.

  • Sovereign Egress Below the OS

    XDP intercepts packets leaving the sovereign fabric and reroutes through approved private circuits — never public internet for regulated workloads.

  • CRDT Routing Table

    The CRDT routing table on Plane 8 propagates state across 101 POPs without central coordination.

  • NIC-Level Enforcement

    ConnectX-7 ASIC runs eBPF/XDP — enforcement at the hardware boundary, not in software that can be bypassed.

  • FIPS HSM Key Management

    All signing keys managed by Instrument-integrated FIPS HSMs. No software key exposure. Key rotation without traffic disruption.

  • Chrysalis Audit Trail

    Every identity assertion, revocation, and policy change anchored on Chrysalis with cryptographic proof.

03 / Architecture

The Identity Stack

Crucible encodes identity in every packet header: tenant.plane.pop.workload-uuid.service-class. The ConnectX-7 ASIC runs an eBPF/XDP program and drops any packet missing a valid Ed25519/JWT token signed by an Instrument-managed FIPS HSM key — before the kernel runs a single instruction.

Revocation propagates to all 101 POPs via NATS JetStream within one second. WireGuard/UDP tunnels pre-positioned across every required path with ChaCha20-Poly1305 and IPsec/AES-GCM hardware offload — zero-trust posture inside every POP.

P1
Reasoning Cortex
AMD Instinct MI350P
Primary AI inference · LLM serving
1,450+ nodes · 288GB HBM3e · high-bandwidth accelerator
P2
Training & Generation
NVIDIA RTX PRO 6000 Blackwell
Training · TTS · creative compute
950+ nodes · 96GB GDDR7
P3
Chain & CPU Compute
AMD EPYC Turin 9005
Chrysalis validators · CPU inference
700+ nodes · Zen 5c
P4
Knowledge & Retrieval
Intel Sierra Forest
Almanac vector search · RAG anchor
1,250+ nodes · 144 E-cores
P5
Long-Term Memory
NVMe Storage
Enclave · Stratum immutable object
850+ nodes · ransomware-resistant
P6
Media & Acceleration
RTX 4500 BSE · Alveo MA35D
Four tiers · GPU + FPGA + CPU
2,150+ nodes · 4K/8K hardware acceleration
P7
Edge Reflex
Qualcomm Cloud AI 100 Ultra
Ultra-low-latency edge inference
2,000+ nodes · sub-10ms response
P8
Coordination Layer
AmpereOne A128
Orchestra · Chorus routing · agents
2,400+ nodes · 128 ARM cores
P9
Nervous System
Cisco 8000 · Palo Alto · Arista
Routing · firewall · dual fabric
3,500+ devices · ConnectX-7 NICs
04 / Identity Enforcement

Eight enforcement dimensions. Sub-second revocation.

Crucible evaluates eight conditions on every packet before forwarding. Each dimension fails closed. An invalid result drops the packet at the NIC before the OS sees it.

  1. 01
    Token Presence
    Does the packet carry an Ed25519/JWT identity token?
  2. 02
    Token Validity
    Is the token signed by a current FIPS HSM key registered on this POP?
  3. 03
    Token Expiry
    Is the token within its valid time window?
  4. 04
    Tenant Entitlement
    Is this tenant authorized to use this plane at this POP?
  5. 05
    Sovereignty Constraint
    Does the packet destination comply with the workload data-residency policy?
  6. 06
    Egress Control
    Is the packet attempting to leave the sovereign fabric? Is the path approved?
  7. 07
    Revocation Check
    Has this identity been revoked within the last revocation window?
  8. 08
    Circuit Type
    Does the path type (public/private/sovereign) match the workload classification?
python
import crucible

client = crucible.Client(seat_id='seat_8f3k2...', region='us-east')

token = client.issue_token(
    tenant='tenant-01',
    plane='inference',
    pop='nyc-01',
    workload='wl-uuid-abc',
    service_class='regulated',
)
05 / Proof

Proven at scale. Not in a lab.

Parinita AI Edge is the production deployment of the Parinita platform and the largest heterogeneous AI infrastructure deployment in the United States.

Reference Deployment

Parinita AI Edge

The most complex heterogeneous AI infrastructure in the United States. 101 sites, 9 planes, 12,000+ nodes, 4 accelerator vendors, dual network fabrics, four-layer tenant isolation — all through a single sovereign control plane.

101
Points of Presence
4 tiers: T1 (32), T2 (29), T3 (19), T4 (21)
909+
K8s Clusters
101 sites x 9+ plane types
12K+
Compute Nodes
Supermicro, Dell, Ampere, Cachengo
4
Accelerator Vendors
Intel Habana, NVIDIA, AMD, Qualcomm

Network & Security Infrastructure

2,491+
Cisco Switches
+ 303 routers (EVPN-VXLAN)
1,734+
Arista Switches
Lossless GPU backend fabric
367+
Palo Alto Firewalls
PA-5580/PA-5560 series
152+
Petabytes Storage
NVMe over RDMA
  • Multi-vendor accelerators
    Four accelerator vendors — Intel Habana, NVIDIA, AMD, Qualcomm — orchestrated through one control plane with unified scheduling, monitoring, and lifecycle management.
  • Dual-fabric networking
    Cisco production fabric and Arista GPU backend fabric operating as a coordinated system, bridged by identity-aware routing.
  • Nationwide scale
    101 sites across 42 U.S. states, each operating autonomously with a local control agent and a sovereign cross-site routing plane.
  • Multi-tenant isolation
    Four-layer defense-in-depth: VXLAN VNIs, identity-routing, Palo Alto firewalls, and Cilium eBPF — validated across every plane and site.
  • Compliance readiness
    FIPS 140-2 at launch, with FedRAMP Moderate, CJIS, and IL4/IL5 certification paths active through Parinita compliance profiles.
  • Sub-millisecond routing
    Every request classified and dispatched in under 1ms, enabling real-time SLA enforcement without perceptible overhead.
06 / Use Cases

Built for teams that need hardware-enforced identity.

Crucible does not ask you to change your application code, your Kubernetes distribution, or your security operations tooling. It enforces identity below all of them.

You run AI infrastructure for regulated workloads where a compromised tenant could exfiltrate data from adjacent tenants. Crucible enforces isolation at the NIC — four independent isolation layers, no single point of failure.

  • Regulated AI Infrastructure

    Healthcare, financial services, defense, and government workloads needing cryptographic isolation enforced below the OS across all tenants.

  • Multi-Tenant AI Compute

    Selling AI compute to multiple customers on shared infrastructure. Crucible per-packet identity prevents cross-tenant data access even on shared physical hardware.

  • ITAR / HIPAA Compliance

    Regulated data must never cross an unapproved network path. Crucible XDP sovereign egress operates below the kernel — architecturally bypass-impossible.

  • Zero-Trust AI Networks

    Extending zero-trust from the application layer down to the NIC, eliminating implicit trust within a POP.

  • AI Edge at Scale

    Deploying identity-enforced networking across dozens or hundreds of locations. 101-POP production deployment demonstrates national-scale viability.

07 / Getting Started

Deployment Models

Crucible deploys as part of the Parinita Opera stack. The Crucible identity agent runs on every node and programs the ConnectX-7 NIC at boot.

Model 1
Single-Site

Crucible identity agent on every node, NIC-programmed at boot. Best for: proof of concept, single data center.

Model 2
Multi-Site

Central identity registry plus per-site Crucible agents with autonomous NIC enforcement. Best for: enterprise data center fleets.

Model 3
Nationwide

Full mesh with sovereign egress enforcement across all POPs. Best for: regulated enterprises and AI service providers.

08 / Get Started

Request a Demo

Our engineering team has deployed Crucible across 101 sites with 12,000+ nodes. We bring that operational experience to every deployment conversation.