Parinita Enclave
Sovereign Immutable Object Storage
Stratum. Flash. Qualcomm Cloud AI 100. Chrysalis attestation per write.
Enclave is the sovereign distributed immutable object storage platform — purpose-built to fill the market vacuum created by Veeam's acquisition of Object First. Vendor-neutral (Veeam, Commvault, Rubrik, Cohesity, Veritas ready), with atomic write-attest binding to Chrysalis on every object, post-quantum ML-DSA signatures, and the Qualcomm Cloud AI 100 hardware appliance underneath.
Immutable Backup Needs Cryptographic Proof, Not Policy
S3 Object Lock and legacy immutable backup appliances enforce immutability through policy — access controls, retention locks, admin-only deletion. Policy-dependent immutability can be changed by a privileged insider or a compromised admin account. Cyber-insurers and regulators increasingly require cryptographic proof of immutability.
Veeam acquired Object First (Ootbi) in January 2026, folding the only purpose-built immutable backup appliance into a single-vendor software roadmap. Regulated enterprises need a vendor-neutral, distributed, sovereign alternative with cryptographic immutability.
-
Policy-Dependent Immutability
S3 Object Lock and legacy immutable appliances enforce immutability through policy. A privileged insider or compromised admin can change or remove retention locks.
-
Single-Vendor Lock-In
Veeam's acquisition of Object First folded the only purpose-built immutable backup appliance into a single-vendor roadmap. Regulated enterprises need a vendor-neutral alternative.
-
No Ransomware Detection at the Storage Layer
Backup software detects ransomware at the job level. By the time a backup job completes, ransomware may have already encrypted a portion of the backup data.
Atomic write-attest. Vendor-neutral. Post-quantum.
Enclave does not require you to change your backup software. S3-native compatibility means Veeam, Commvault, Rubrik, Cohesity, and Veritas all work out of the box — no lock-in to a single backup vendor.
No write is acknowledged to backup software until blockchain proof is confirmed. Customers do not trust an audit log. They trust a signature chain anchored on Chrysalis.
-
Stratum — Rust Storage Engine
S3-native API, NPU-accelerated (Qualcomm IQ-9075M, 100/200 TOPS) for erasure coding, dedup, AES-256 encryption. Two consistency tiers: strong/Chrysalis-gated and eventual/CRDT.
-
Atomic Write-Attest
Flash coordinates the sequence — no write acknowledged to backup software until blockchain proof confirmed. Trust the signature chain, not an audit log.
-
Vendor-Neutral Backup Target
S3-native API means Veeam, Commvault, Rubrik, Cohesity, and Veritas all work out of the box. No exclusive lock-in to a single backup software vendor.
-
Ransomware Detection at the Storage Layer
Flash integrates with Plane 1 MI350P AI threat intelligence to detect encryption patterns at the storage layer and trigger quarantine before backup-job completion.
-
Qualcomm Cloud AI 100
64 Qualcomm IQ-9075M Symbiote nodes per Q64 chassis — 512 cores, 6,400 TOPS dense NPU, up to 16 TB NVMe scale-out, ConnectX-7 uplink. 2,040 chassis across 101 POPs.
-
Post-Quantum from Day One
ML-DSA-65 (CRYSTALS-Dilithium, FIPS 204) signatures on every write. The chain stays verifiable when the ecosystem migrates off classical crypto.
-
Cross-POP Replication
Flash manages cross-POP replication via Corridor. Sovereign replication paths — regulated data never crosses unapproved WAN circuits during replication.
-
Compliance Report Automation
Flash auto-generates Chrysalis-attested compliance reports — NIST CSF 2.0 Recover function, cyber-insurance documentation, regulatory audit evidence.
-
Standalone Hardware Option
Qualcomm Cloud AI 100 sold directly to enterprises as a standalone product, racked in their data center while remaining interoperable with the 101-POP sovereign edge for burst and AI compute offload.
The Four Layers
Stratum is the storage engine — proprietary Rust implementation, S3-native API, NPU-accelerated (Qualcomm IQ-9075M, 100 TOPS dense / 200 TOPS sparse) for erasure coding, dedup, and AES-256 encryption, with two consistency tiers. Flash is the orchestration agent — coordinating the atomic write-attest sequence, managing cross-POP replication via Corridor, integrating with MI350P AI threat intelligence for ransomware detection.
Hardware is the Qualcomm Cloud AI 100 Q64 chassis — 64 Qualcomm IQ-9075M Symbiote nodes, 512 CPU cores, 6,400 TOPS dense NPU, up to 16 TB NVMe scale-out, ConnectX-7 uplink. Planned deployment: 2,040 chassis across 101 POPs.
Write. Hash. Attest. Confirm. No write acknowledged without blockchain proof.
Flash coordinates the atomic write-attest sequence. Stratum writes to the Qualcomm Cloud AI 100 NVMe. Flash triggers the Chrysalis attestation. No write is acknowledged to backup software until the blockchain confirmation is received.
- 01Backup Job InitiationBackup software initiates an S3 PUT to the Stratum endpoint via S3-native API.
- 02Stratum WriteStratum receives the object, runs erasure coding and AES-256 encryption on Qualcomm NPU.
- 03Flash Attest TriggerFlash triggers Chrysalis attestation — SHA-256 hash of the written object submitted to Origin layer.
- 04Ransomware ScanFlash checks with MI350P AI threat intelligence for encryption patterns before attestation completes.
- 05Chrysalis AnchoringOrigin hashes to Cocoon ring. Cocoon commits to Chrysalis root chain. Confirmation returned to Flash.
- 06Write AcknowledgmentFlash acknowledges the write to backup software only after Chrysalis confirmation received. Atomic write-attest complete.
- 07Cross-POP ReplicationIf replication policy requires multi-POP redundancy, Flash triggers replication via Corridor sovereign paths.
- 08Compliance RecordChrysalis entry anchored: object hash, timestamp, pop_id, validator_signatures. Compliance report auto-generated.
# Point your backup software at the Enclave S3 endpoint:
# Veeam: Object Storage Repository -> S3 Compatible -> https://enclave.parinita.ai
# Commvault: Cloud Library -> S3 -> https://enclave.parinita.ai
# Rubrik: Archive Location -> S3 Compatible -> https://enclave.parinita.ai
# Credentials issued via Crucible workload identity — atomic write-attest begins immediately Proven at scale. Not in a lab.
Parinita AI Edge is the production deployment of the Parinita platform and the largest heterogeneous AI infrastructure deployment in the United States.
Parinita AI Edge
The most complex heterogeneous AI infrastructure in the United States. 101 sites, 9 planes, 12,000+ nodes, 4 accelerator vendors, dual network fabrics, four-layer tenant isolation — all through a single sovereign control plane.
Network & Security Infrastructure
- Multi-vendor acceleratorsFour accelerator vendors — Intel Habana, NVIDIA, AMD, Qualcomm — orchestrated through one control plane with unified scheduling, monitoring, and lifecycle management.
- Dual-fabric networkingCisco production fabric and Arista GPU backend fabric operating as a coordinated system, bridged by identity-aware routing.
- Nationwide scale101 sites across 42 U.S. states, each operating autonomously with a local control agent and a sovereign cross-site routing plane.
- Multi-tenant isolationFour-layer defense-in-depth: VXLAN VNIs, identity-routing, Palo Alto firewalls, and Cilium eBPF — validated across every plane and site.
- Compliance readinessFIPS 140-2 at launch, with FedRAMP Moderate, CJIS, and IL4/IL5 certification paths active through Parinita compliance profiles.
- Sub-millisecond routingEvery request classified and dispatched in under 1ms, enabling real-time SLA enforcement without perceptible overhead.
Built for ransomware-resilient, compliance-bound backup.
Enclave does not ask you to change your backup software or your disaster recovery procedures. It is the immutable backup target with cryptographic attestation beneath your existing backup stack.
Ransomware-resilient backup for cyber-insurance compliance, regulated workloads requiring cryptographic immutability, and multi-jurisdiction operations with data residency requirements at the storage layer.
-
Ransomware-Resilient Backup
Cyber-insurance compliance via NIST CSF 2.0 Recover function. Cryptographic immutability proves backup integrity independent of admin credentials.
-
Regulated Backup Targets
ITAR, HIPAA, and financial workloads requiring cryptographic immutability at the backup target — not policy-dependent S3 Object Lock.
-
Multi-Jurisdiction Data Residency
Backup data with jurisdiction-specific residency requirements. Enclave enforces residency at the storage layer — Stratum partitions are jurisdiction-bound.
-
Post-Veeam/Object First Migration
Enterprises moving off Object First following Veeam acquisition. Enclave is vendor-neutral, distributed, and sovereign — connects to Veeam and all other backup software via S3-native API.
-
Enterprise Backup at Edge Scale
Deploying immutable backup across dozens or hundreds of locations. 101-POP Enclave deployment provides distributed sovereign backup with centralized Chrysalis attestation.
Deployment Models
Enclave deploys as an S3-native backup target — point your existing backup software at the Enclave endpoint. No reconfiguration of Veeam, Commvault, Rubrik, Cohesity, or Veritas required.
S3-native backup target at a single POP — atomic write-attest, Chrysalis anchoring | Best for: Single data center deployment
Cross-POP replication via Corridor — multi-jurisdiction redundancy with sovereignty enforcement | Best for: Enterprise disaster recovery
101-POP distributed immutable backup — 2,040 Qualcomm Cloud AI 100 Q64 chassis, post-quantum ML-DSA-65 | Best for: AI service providers and regulated enterprises
Request a Demo
Our engineering team has deployed Enclave across 101 sites with 2,040 Qualcomm Cloud AI 100 Q64 chassis planned. We bring that operational experience to every deployment conversation.