What it is
KMS is the deterministic custody system for keys and KV material. It proves who had cryptographic authority, under which doctrine, and when.
KMS / Truth Stack
Key Management & Custody
Cryptographic key management and custody.
KMS is the deterministic custody system for keys and KV material. It proves who had cryptographic authority, under which doctrine, and when.
What problem it solves
Key systems regularly blur authority, storage, and convenience. When custody becomes ambiguous, historical truth collapses.
What it does
- Generates, rotates, revokes, and destroys keys with lineage and evidence.
- Binds custody to doctrine, capability scope, and irreversible failure semantics.
- Produces court-verifiable proof of custody, use, refusal, and death.
What it does not do
- It is not a generic secret manager, config store, or convenience retrieval layer.
- It does not interpret secrets, infer intent, or silently recover ambiguous state.
- It does not promise secrecy after compromise if custody truth remains provable.
Who it is for
- Operators who need key authority to remain provable under hostile scrutiny.
- Teams that need non-exportable custody, rotation lineage, and evidence-first failure handling.
Where it fits
KMS is the Truth Stack authority layer. It proves custody lineage while remaining hostile to storage, operators, and adjacent systems.
Typical deployment context
Used where key authority, revocation, and destructive failure semantics matter more than retrieval convenience.
Primary source docs
- Security doctrinekms/docs/01_security_doctrine.md
- Threat modelkms/docs/02_threat_model.md
- CLI/API contractkms/docs/06_cli_api_contract.md
- Refusal doctrinekms/docs/03_refusal_doctrine.md