About Arkivist

A private computer for teams who can't afford to share.

The Arkivist Computer is the tenant-facing product of the ARKIVIST platform — a fleet of hardware-isolated VMs, each a complete private machine for one organization and no one else.

Data infrastructure has a sharing problem.

Most cloud data platforms put your data on shared clusters, protected by access controls and policies. That means your encryption keys, your query logs, and your data live on the same hardware as other tenants — and the platform operator can read all of it.

Arkivist takes a different approach. Each customer gets their own isolated VM, their own LUKS encryption keys, their own network bridge, and their own copy of the full data stack — running on dedicated hardware in the region of their choice. There is no shared infrastructure to be breached. Isolation is physical, not logical.

The platform

Arkivist is part of ARKIVIST.

ARKIVIST is the Mothership — a fleet management platform that orchestrates the bastion servers, provisions tenant VMs, manages key escrow, handles compliance dual-write, and coordinates cross-tenant operations. The Arkivist Computer is how individual tenants experience the platform.

Every Arkivist Computer registers with the Mothership at provision time — identity minted, LUKS key split, SPIFFE SVID issued. After that, the VM runs independently. The Mothership coordinates; your VM executes.

Visit ARKIVIST.io →

Technology - Serious isolation needs serious primitives.

Arkivist is built on open standards and battle-tested infrastructure — not proprietary abstractions that obscure what is actually happening to your data.
  • Hardware-isolated VMs. Hard KVM isolation — each tenant is a true virtual machine, not a container. The Linux kernel enforces the boundary, and there is no hypervisor escape path to another tenant. Today we run Firecracker microVMs on dedicated Hetzner bare metal and customer-owned hardware; the runtime abstraction supports additional VM types as we add them.
  • LUKS encryption + Shamir escrow. Full-disk encryption per VM with Shamir 2-of-3 key split, anchored on Hedera. The platform operator cannot recover your key alone — recovery always requires your share.
  • SPIFFE / SVID identity. Every VM and every service within it gets a cryptographic identity at provision time. No static credentials, no passwords, no shared secrets anywhere in the stack.
  • ArkiAgent runtime — under your account, never ours. Each computer runs the ArkiAgent runtime: hot-reloading skills, persistent memory, and self-modification, hosted by the Parrot edge engine. It reasons under your own OpenRouter key — you pick the model, you pay the bill, Arkivist never sees your prompts or outputs.

Ready to see it in action?

We'll provision a live demo VM for your org — full stack, your data, your encryption keys.

Book a Demo