Sentinel Prime Documentation
Technical reference for sovereign signing infrastructure
Getting Started
Set up Sentinel Prime in your VPC in under 10 minutes
Core Architecture
How Sentinel Prime achieves 42µs signing in hardware isolation
Nitro Enclaves
How AWS Nitro provides memory isolation, remote attestation, and a hardware root of trust.
Zero-Copy Network
Kernel-bypass I/O with io_uring and AF_XDP — why we skip the kernel for every packet.
Key Management
M-of-N key ceremonies, BIP-32 derivation paths, and automated rotation schedules.
Network Isolation
vsock vs TCP: latency benchmarks and why vsock is the only sane enclave transport.
JIT Signing
Derive keys at sign-time, hold them for microseconds, destroy them. Zero persistence.
ECDSA Performance
k256 vs ring vs OpenSSL: reproducible signing benchmarks on bare-metal instances.
Research & Analysis
Peer-reviewed quality research on latency, compliance, and costs
Latency Benchmarks
ZeroCopy (42µs) vs Fireblocks, Turnkey, AWS KMS — with methodology.
The Zero-Copy Thesis
Why hardware isolation is the future of key management.
Jitter Tax Research
How non-deterministic latency costs trading firms $2.1M/year — and how to eliminate it.
Cloud vs Colocation
3-year TCO model: cloud-native vs bare-metal for signing at scale.
Regulatory Pressure
EU AI Act Article 14, SEC 17a-4, and why hardware attestation is becoming mandatory.
Operations & Security
Deploy, monitor, and secure your signing infrastructure
Reference
API specs, methodology, glossary, and FAQ
Can't find what you're looking for?