Parinita  /  Products  /  Parinita Presence
Workflow Layer

Parinita Presence

The Sovereign User Surface. iOS. Android. Web. Desktop.

Three trust tiers. Operation-determined escalation. Every meaningful action Chrysalis-receipted.

Presence is the multi-platform app through which users access their personal AI twin, organizational context, inference capacity, and data. Every meaningful action carries a Chrysalis receipt. A seat without Presence is an inference allocation; a seat with Presence is a sovereign product the user holds in their hand.

101
Sites Worldwide
3
Trust Tiers
4
Platforms
$1
Per 3 App Installs/Mo
01 / The Problem

User-Facing AI Apps Have No Cryptographic Binding Between Credential, Action, and Evidence

When a user signs a document, releases a record, or executes a transaction through an AI app, there is typically no cryptographic binding between the credential used and the action taken.

A username and password, or even a WebAuthn passkey, establishes identity at login — but does not cryptographically bind that identity to the specific action, the specific context, and the specific time. Presence does.

  • Login Credentials Don't Bind to Actions

    A password or passkey establishes identity at login but does not cryptographically bind that identity to a specific action taken later in the session.

  • High-Trust Operations Have No Hardware Root

    Signing legal documents, releasing PHI, and executing financial transactions require a hardware-rooted credential — software-only signing keys can be copied and abused.

  • Context Switching Breaks Security Models

    Users who move between low-trust and high-trust contexts cannot manage separate apps or security profiles. Trust must escalate automatically based on the operation requested.

Capability
Current / legacy
What's needed
Credential-action binding
Login credential establishes session identity — not cryptographically bound to each subsequent action
Chrysalis receipt per action — seat identity, anchor identity, jurisdiction, POP, and operation hash for every meaningful action
High-trust hardware root
Software signing keys — can be copied, cached, or exfiltrated from device storage
Sealed tier uses hardware secure element — signing key never leaves the anchor device
Context escalation
User selects high-security mode manually — error-prone, frequently bypassed
Operation-determined automatic escalation — insufficient credential results in refusal, not downgrade
Multi-platform consistency
Different security models on mobile vs desktop — fragmented trust guarantees
Shared React Native and React Native Web codebase — same trust model across iOS, Android, web, and desktop
Action audit trail
Application logs — no cryptographic binding between user, action, and time
Chrysalis receipt — immutable record of who did what, on which anchor, in which jurisdiction, at what time
Anchor economics
Enterprise hardware tokens — $100+ per device, complex provisioning, IT-managed lifecycle
Tiffin ($10/mo, max 5/seat) and P15 ($5/mo, max 10/seat) — seat-bindable and delegatable without separate SKUs
02 / Core Capabilities

Three trust tiers. The operation decides — not the user.

Trust tier escalates automatically based on what's being requested — the user doesn't pick a 'high security mode.' Sensitive operations demand a higher-tier credential or get refused.

Every meaningful action stamps with seat identity, edge anchor identity (when present), active jurisdiction, POP, and operation hash — immutable even after revocation.

  • Open Trust Tier

    Seat passkey and OIDC authentication. For general chat, low-sensitivity context retrieval, and public-knowledge queries. The baseline tier for all Presence users.

  • Bound Trust Tier

    Seat plus proximity to a registered Micro/Tiffin or Micro Lite/P15 over BLE or NFC with current attestation. For organizational context, regulated workflows, and document handling.

  • Sealed Trust Tier

    Hardware-bound cryptographic signature from the secure element of the paired anchor device. Signing key never leaves the anchor. For legal docs, financial transactions, PHI release, and classified material.

  • Operation-Determined Escalation

    Trust tier escalates automatically based on what is being requested — not user-selectable. Sensitive operations demand a higher-tier credential or get refused.

  • Chrysalis Receipt per Action

    Every meaningful action stamps with seat identity, edge anchor identity (when present), active jurisdiction, POP, and operation hash. Receipt history is immutable even after revocation.

  • Tiffin Edge Anchor

    Micro (Tiffin) — $10/device/month, max 5 per seat, Qualcomm IQ-9075M enterprise NPU. Enables Bound and Sealed trust tiers via BLE/NFC proximity.

  • P15 Edge Anchor

    Micro Lite (P15) — $5/device/month, max 10 per seat, Pi 5 + Hailo-8L 13 TOPS residential. Enables Bound and Sealed tiers for home-office and distributed teams.

  • Multi-Platform Native

    React Native and React Native Web shared codebase across iOS, Android, and desktop (Windows, macOS, Linux) with native Swift and Kotlin modules for secure-enclave access and biometric auth.

  • Maximum Seat Economics

    5 Tiffin anchors ($50/mo) + 10 P15 anchors ($50/mo) + 50 app installs ($17/mo) + $175 seat = ~$292/month maximum per-seat economic ceiling.

03 / Architecture

The Plane Model

Orchestra introduces "planes" — logical groupings of hardware optimized for a specific workload class. Unlike Kubernetes node pools, planes represent fundamentally different hardware architectures with different drivers, network requirements, and scheduling semantics.

The plane model is what makes Orchestra different from every other orchestration tool. Kubernetes sees nodes. Orchestra sees purpose-built hardware tiers and routes workloads accordingly.

P1
Reasoning Cortex
AMD Instinct MI350P
Primary AI inference · LLM serving
1,450+ nodes · 288GB HBM3e · high-bandwidth accelerator
P2
Training & Generation
NVIDIA RTX PRO 6000 Blackwell
Training · TTS · creative compute
950+ nodes · 96GB GDDR7
P3
Chain & CPU Compute
AMD EPYC Turin 9005
Chrysalis validators · CPU inference
700+ nodes · Zen 5c
P4
Knowledge & Retrieval
Intel Sierra Forest
Almanac vector search · RAG anchor
1,250+ nodes · 144 E-cores
P5
Long-Term Memory
NVMe Storage
Enclave · Stratum immutable object
850+ nodes · ransomware-resistant
P6
Media & Acceleration
RTX 4500 BSE · Alveo MA35D
Four tiers · GPU + FPGA + CPU
2,150+ nodes · 4K/8K hardware acceleration
P7
Edge Reflex
Qualcomm Cloud AI 100 Ultra
Ultra-low-latency edge inference
2,000+ nodes · sub-10ms response
P8
Coordination Layer
AmpereOne A128
Orchestra · Chorus routing · agents
2,400+ nodes · 128 ARM cores
P9
Nervous System
Cisco 8000 · Palo Alto · Arista
Routing · firewall · dual fabric
3,500+ devices · ConnectX-7 NICs
04 / Trust Tier Model

Three tiers. Operation-determined escalation.

Open (seat passkey + OIDC), Bound (seat + proximity to Tiffin or P15 over BLE/NFC), Sealed (hardware secure-element signing — signing key never leaves the anchor device).

  1. 01
    Open tier requirement
    Seat passkey (WebAuthn) + OIDC. Sufficient for general chat, low-sensitivity context retrieval, and public-knowledge queries.
  2. 02
    Bound tier requirement
    Seat passkey plus active BLE or NFC proximity to a registered, attested Tiffin or P15 anchor device.
  3. 03
    Sealed tier requirement
    Hardware secure-element signing from the paired anchor device. Signing key never leaves the anchor. Required for legal docs, PHI release, financial transactions, and classified material.
  4. 04
    Operation classification
    The operation requested determines the minimum trust tier required. The user cannot override — insufficient credentials result in refusal, not downgrade.
  5. 05
    Chrysalis receipt
    Every meaningful action: seat identity, edge anchor identity, active jurisdiction, POP, and operation hash. Immutable even after revocation or session end.
  6. 06
    Anchor binding
    Anchors are seat-bindable and delegatable across organizational scopes — clinical rooms, courtrooms, trading floors, lab benches — without separate hardware SKUs.
  7. 07
    App install pricing
    Presence App installs price at $1 per 3 installs per month, maximum 50 per seat. Supports personal and shared-device deployments.
  8. 08
    Platform distribution
    Apple App Store, Google Play, enterprise MDM (iOS and Android), and standard desktop software deployment for Windows, macOS, and Linux.
python
import presence

client = presence.Client(seat_token='your_seat_token')

# Check active trust tier for current session
session = client.session.current()
print(f"Trust tier: {session.trust_tier}, Anchor: {session.anchor_id}, POP: {session.pop_id}")

# Request an operation (system determines required trust tier)
result = client.operations.execute(
    operation='sign_legal_document',
    document_id='contract_2026',
    required_tier='sealed'
)
print(f"Chrysalis receipt: {result.chrysalis_tx}")
05 / Proof

Proven at scale. Not in a lab.

Parinita AI Edge is the production deployment of the Parinita platform and the largest heterogeneous AI infrastructure deployment in the United States.

Reference Deployment

Parinita AI Edge

The most complex heterogeneous AI infrastructure in the United States. 101 sites, 9 planes, 12,000+ nodes, 4 accelerator vendors, dual network fabrics, four-layer tenant isolation — all through a single sovereign control plane.

101
Points of Presence
4 tiers: T1 (32), T2 (29), T3 (19), T4 (21)
909+
K8s Clusters
101 sites x 9+ plane types
12K+
Compute Nodes
Supermicro, Dell, Ampere, Cachengo
4
Accelerator Vendors
Intel Habana, NVIDIA, AMD, Qualcomm

Network & Security Infrastructure

2,491+
Cisco Switches
+ 303 routers (EVPN-VXLAN)
1,734+
Arista Switches
Lossless GPU backend fabric
367+
Palo Alto Firewalls
PA-5580/PA-5560 series
152+
Petabytes Storage
NVMe over RDMA
  • Multi-vendor accelerators
    Four accelerator vendors — Intel Habana, NVIDIA, AMD, Qualcomm — orchestrated through one control plane with unified scheduling, monitoring, and lifecycle management.
  • Dual-fabric networking
    Cisco production fabric and Arista GPU backend fabric operating as a coordinated system, bridged by identity-aware routing.
  • Nationwide scale
    101 sites across 42 U.S. states, each operating autonomously with a local control agent and a sovereign cross-site routing plane.
  • Multi-tenant isolation
    Four-layer defense-in-depth: VXLAN VNIs, identity-routing, Palo Alto firewalls, and Cilium eBPF — validated across every plane and site.
  • Compliance readiness
    FIPS 140-2 at launch, with FedRAMP Moderate, CJIS, and IL4/IL5 certification paths active through Parinita compliance profiles.
  • Sub-millisecond routing
    Every request classified and dispatched in under 1ms, enabling real-time SLA enforcement without perceptible overhead.
06 / Use Cases

Built for users who move between contexts with different trust requirements.

Presence is the surface through which the sovereign stack reaches users — its value is in the cryptographic binding underneath, not in a feature checklist.

Organizations whose users operate in clinical exam rooms, courtrooms, trading floors, and lab benches — different trust requirements, one coherent surface.

  • Regulated Professional Workflows

    Attorneys signing documents, physicians releasing PHI, traders executing transactions — each operation demands a Sealed credential with a Chrysalis receipt.

  • Distributed Workforces

    P15 anchors at $5/device/month support home-office Bound and Sealed workflows without enterprise-grade hardware. Max 10 anchors per seat.

  • Shared-Device Environments

    Clinical exam rooms, courtrooms, and lab benches — up to 50 Presence App installs per seat support shared-device deployment across an organizational scope.

  • High-Trust AI Operations

    Atma twin actions that require a Sealed credential — legal document signing, financial transaction authorization, PHI record release — all carry a Chrysalis receipt.

  • Zero-Trust Access Replacement

    Presence replaces VPN and zero-trust access tools for high-sensitivity operations with hardware-rooted trust tiers and a tamper-proof action receipt per operation.

07 / Getting Started

Deployment Models

Presence distributes through Apple App Store, Google Play, and enterprise MDM channels. Desktop via standard enterprise software deployment.

Mobile and Desktop Deployment
App Store and MDM Distribution

Distributes through Apple App Store, Google Play, and enterprise MDM. Desktop via standard software deployment on Windows, macOS, and Linux.

Edge Anchor Provisioning
Tiffin and P15 Pairing

Tiffin (max 5/seat) and P15 (max 10/seat) bind to seats at provisioning. BLE/NFC pairing enables Bound and Sealed trust tiers from that moment on.

Trust Tier Validation
Operation-Driven Escalation

The platform determines the minimum trust tier per operation automatically. No user configuration required — the operation classification is baked into the app logic.

08 / Get Started

Talk to Us

Our team can walk through the trust tier model and edge anchor deployment for your specific workflow and compliance requirements.