We are redefining trust from the ground up.
Zero Trust was just the start. We’re building what’s next: the Digital Trust Layer — a transport & runtime model where every packet, process, and policy is cryptographically provable.
Hiring
Open roles
We hire curious builders with a bias for protocols, performance, and product.
Senior Engineer — Automation & Reflex Scoring
TrustOps / XTR-AO- Turn Trust-Flow telemetry into real-time scores and programmable actions.
- Author a low-code DSL for playbooks that’s safe-by-construction.
- Stream/graph analytics; simulation & shadow-policies for safe rollouts.
Posted 2025-09-05
Senior Backend Engineer — Policy & Token Lifecycle
Control Plane (1Source)- Model VTZs, roles, and trust token lifecycles with millisecond validation.
- Expose signed policy bundles and APIs used by agents, routers, and UIs.
- Scale global caches for reflex-aware decisions without sacrificing determinism.
Posted 2025-09-05
Senior Platform Engineer — Model & Supply Chain Trust
AppSource / Model Trust- Fingerprint models and binaries; enforce execution policy by VTZ & lineage.
- Guard APIs and microservices with token scope + reflex-aware limits.
- Integrate CI/CD attestation; stop unauthorized code, even when delivered legit.
Posted 2025-09-05
Product Engineer — Data Viz & Console
UI — TrustGraph & Rewind- Design TrustGraph and Rewind: real-time graphs, timelines, forensic replay.
- TypeScript/React; accessible, responsive, and fast (100ms p95).
- Make trust explainable to humans without exposing secrets.
Posted 2025-09-05
Senior Protocol Engineer — Digital Trust Layer (L4.5)
Protocol Engineering (DTL)- Design & evolve DTL packet formats, trust windows, windowing & sequencing over UDP/QUIC.
- Implement crypto-bound session metadata (fingerprints, VTZ tags, TTL, RST).
- Benchmark AEAD, PQC KEMs, and key-derivation on real hardware (TPM/TEE).
Posted 2025-09-05
Staff Engineer — Endpoint Runtime & eBPF
Agents & TrustOS- Build the TrustOS runtime: process lineage, file policy, URL/DNS trust gates.
- Ship low-overhead agents in Rust/C++ with kernel hooks (eBPF where sensible).
- Make enforcement deterministic: allow/deny/sandbox with cryptographic proof.
Posted 2025-09-05
Mission
Replace assumptions with proof. Replace perimeters with trust.
Protocol (DTL), runtime (TrustOS), control plane (1Source), analytics (TrustOps), automation (XTR-AO), forensics (Rewind).
Digital Trust Layer (DTL)
Layer 4.5 transport: signed identity, VTZ scope & trust windows in every flow.
Virtual Trust Zones
Cryptographic microsegmentation by identity & context — policy travels with session.
TrustLock & TPM/TEE
Hardware-anchored keys; session-derived — keys die when trust does.
TrustOps & Trust-Flow
Signed telemetry → reflex scoring → adaptive policy in milliseconds.
Rewind
Full session replay. Every decision explainable & auditable.
STX & Federation
Cross-org trust sans shared secrets; downgrade or reject with proof.
Tech
Hard problems. Modern tools. Pragmatic engineering.
From KEM benchmarks & kernel hooks to UX for trust graphs.
Core Systems
Languages & UI
Networking & Crypto
How we build
Engineering principles
Simple rules, strictly kept.
Protocol > Perimeter
We enforce cryptographic trust at protocol & runtime layers — every packet, process, decision.
Deterministic Security
Either it’s trusted (provably) or it isn’t. Decisions are explainable and replayable (Rewind).
Hardware Roots, Ephemeral Keys
TPM/TEE anchors + session-derived keys. If trust decays, access decays.
Zones, Not VLANs
VTZ segments by identity & context. Policy lives with the actor, not the subnet.
Simplicity at Speed
Fast paths stay simple. Control planes are explicit. Telemetry signed at source.
Ship RFCs
We spec what we ship. If it isn’t specified, it isn’t shipped.
Impact
What you’ll ship in your first 6 months
A sampling of real problems.
DTL Windowing & Sequencing over UDP
Reliable, trust-aware flows over UDP without losing crypto guarantees.
VTZ-Scoped Drive Encryption
VTZ-bound keys: unreadable data outside originating trust session.
Reflex-Aware URL/DNS Trust
Gate outbound intent with token scope + behavior to stop exfil.
Rewind — Full Session Replay
Signed millisecond replay for post-incident truth & audit.
STX Federation
Accept/downgrade external trust via signed assertions w/ TTL & scope.
TrustRouter / DTF (Future)
Route on trust, not location. Per-packet forwarding by VTZ & reflex.
Process
Our interview loop
Signal-rich, humane, job-relevant.
1) Intro chat
Context, your goals, our mission.
2) Deep technical dive
Systems you’ve built; tradeoffs.
3) Collaborative exercise
Design or code a real problem.
4) Cross-functional
Meet TrustOps, Product, Security.
Documents
Read the specs, not the slogans
Dive deeper.
DTL Internet-Draft
Protocol overview, headers, trust windowing semantics.
Forge System Design
Architecture across DTL, 1Source, TrustOS, TrustOps, XTR-AO, Rewind, AppSource.
Trust DSL & Policy
Examples of VTZ policies, reflex scoring, automation.
FAQ
If it’s not here, ask us.
Do I need a security background?
Helpful, not required. We hire systems, protocol, and product engineers who love correctness & performance.
Rust or Go?
Both. Protocol-heavy & agents bias Rust/C; control plane leans Go; UI is TypeScript/React.
Remote-friendly?
Yes. Deep work, crisp specs, clear ownership across time zones.
How do you interview?
Conversation → deep dive → collaborative design/code → cross-functional. No riddles.
Ready to build the future of trust?
Tell us what you’ve shipped, what you want to learn, and where you want to go.
Protocol Glimpse
DTL Packet Sketch
Illustrative, not final — shows envelope + claims.
1// Simplified DTL packet (conceptual)
2struct Packet {
3 header: {
4 version: u8,
5 span_id: u128,
6 ts: u64, // nanoseconds
7 flags: u16, // bit flags (attested, replay, fragmented)
8 },
9 evidence: EvidenceBundle, // aggregated claims
10 payload: bytes,
11 sig: bytes // Ed25519 or PQC hybrid
12}
13