knox.gate.check(action=fs.write, target=/etc)
↳ knox.policy.eval(scope=node:jl1) deny
↳ knox.risk.score(0.92) BLOCK
↳ knox.audit.append(0x7e22a1...) sealed
↳ knox.notify(team=forge, sev=warn) ok
knox.channel.handshake(peer=jl3)
↳ knox.identity.verify(ed25519 + ml-dsa-65) ok
↳ knox.kex.x25519 + aes-256-gcm session
↳ knox.chain.link(prev=0x4f9c, hash=0x7e23)
knox.gate.check(action=fs.write, target=/etc)
↳ knox.policy.eval(scope=node:jl1) deny
↳ knox.risk.score(0.92) BLOCK
↳ knox.audit.append(0x7e22a1...) sealed
↳ knox.notify(team=forge, sev=warn) ok
knox.channel.handshake(peer=jl3)
↳ knox.identity.verify(ed25519 + ml-dsa-65) ok
↳ knox.kex.x25519 + aes-256-gcm session
↳ knox.chain.link(prev=0x4f9c, hash=0x7e23)
knox.gate.check(action=fs.write, target=/etc)
↳ knox.policy.eval(scope=node:jl1) deny
↳ knox.risk.score(0.92) BLOCK
↳ knox.audit.append(0x7e22a1...) sealed
↳ knox.notify(team=forge, sev=warn) ok
knox.channel.handshake(peer=jl3)
↳ knox.identity.verify(ed25519 + ml-dsa-65) ok
↳ knox.kex.x25519 + aes-256-gcm session
↳ knox.chain.link(prev=0x4f9c, hash=0x7e23)
knox.gate.check(action=fs.write, target=/etc)
↳ knox.policy.eval(scope=node:jl1) deny
↳ knox.risk.score(0.92) BLOCK
↳ knox.audit.append(0x7e22a1...) sealed

POST-QUANTUMED25519 + ML-DSA-65

HASH-LINKEDTAMPER-EVIDENT CHAIN

PRE-EXECUTIONRISK SCORING ENGINE

KNOX

The cryptographic kernel for Canadian AI. Hardware-bound identity, hash-linked audit, pre-execution risk scoring. Built in-house. Carried forward from Waterloo.

SCROLL

KNOX · /0.1

Fort Knox. For Artificial Intelligence.

Knox is CASTLE's proprietary security kernel — a hardened cryptographic layer built entirely in-house by AXE Technologies. It draws from the same security philosophy that once protected the communications of world leaders and Fortune 500 enterprises. Rebuilt from first principles for Canadian AI, Knox ensures that every node is verified, every transmission is encrypted, and every action is scored for risk before execution.

Knox is not a configuration of existing tools. It is a proprietary defense system designed, built, and maintained by AXE — a layer of security that does not exist in any other Canadian AI platform. The architecture is our intellectual property. What we share here is what Knox does. How it does it stays inside the vault.

Knox v3 delivers military-grade cryptographic standards with forward secrecy — protecting data even under potential compromise scenarios. Each session generates ephemeral keys that are destroyed after use. The mathematics guarantee that yesterday's communications remain protected regardless of tomorrow's threats.

Core Capabilities

Cryptographic Identity

Every fleet node carries a hardware-bound cryptographic identity. Non-transferable. Non-forgeable. The system knows exactly who is talking — mathematically, not by policy.

Blind Relay Architecture

AI inference travels through encrypted channels using proprietary multi-layer encryption. The relay infrastructure routes ciphertext only — it mathematically cannot read your data, even if compromised.

Pre-Execution Threat Analysis

Every AI tool call is mathematically analyzed before execution using AXE's proprietary risk scoring engine. Dangerous operations are blocked before the first byte runs. No other AI platform does this.

Forward Secrecy

Ephemeral keys per session. Even if a key is compromised, past and future communications remain protected. Each session is cryptographically independent.

From Waterloo to Toronto. The Standard Continues.

Canada built the world's most trusted mobile security platform from Waterloo, Ontario — a system so secure it was used by heads of state, intelligence agencies, and the world's largest enterprises. That platform's security principles didn't die. AXE carries them forward — rebuilt from the ground up for Canadian AI infrastructure.

Knox represents over 1,400 lines of proprietary security code, three independent defense layers, and a cryptographic architecture that has no equivalent in the AI industry. It is not a wrapper around existing libraries. It is a purpose-built security kernel designed for one thing: making CASTLE impenetrable.

Plaintext Transmissions

Independent Defense Layers

1,400+

Lines of Proprietary Security Code

Military-Grade Cryptographic Kernel

Integration with CASTLE

Knox integrates with Shield (authentication) and every component of the CASTLE platform. Knox protects: Echo (inference), Crown (knowledge), Atlas (data), and Lens (browsing). Security isn't a feature. It's the foundation everything else is built on.

Shield

Authentication and authorization layer. Works alongside Knox for zero-trust security.

Echo

Inference protected by Knox encryption. Models run in isolated, verified containers.

Crown & Atlas

Knowledge and data always encrypted at rest and in transit. Knox manages access control.

The relay cannot read your data. Not because of a policy. Because of mathematics. That is the difference between security theater and security architecture.

/ Contact · we read every inquiry

Talk to .

Demos, partnerships, government RFPs, technical questions. A person reads every form. You hear from someone — not a queue.