Hardware Trust Levels

The strength of a cryptographic proof is bounded by the hardware that produced it. HolyAxiom defines four levels — from browser-only software to sovereign PCB-level attestation. All levels share the same API.

L0

Software

Live now
$0 — runs in any browser

What's included

  • Web Crypto API (ECDSA P-256) — non-extractable key in IndexedDB
  • browser.geolocation GPS (~10–50 m typical accuracy)
  • System clock via Date.now() (±1 sec drift)
  • AudioContext ADC entropy
  • Canvas PRNU optical entropy
  • DeviceMotion IMU entropy (mobile)

Stele level rules

  • Time ± > 100ms — L0 OK
  • Place ± ≥ 20m — L0 OK
  • No chip key required

Trust characteristics

Key security
Medium
Time accuracy
±1s
Location accuracy
±20–100m
Tamper resistance
Software only

Use cases

News reporting, personal journaling, location check-ins, timestamped media. Good enough for social verification — not court-grade.

Stele program (L0)
proof Session("my-session") {
  at Time(1716422400000 ± 2000ms) from Clock("system-clock")
  at Place(37.7749°N, 122.4194°W ± 100m) from GPS("gps-api")
  attested Score(65) by Chip("browser-key-01") level L0
}
L1

Chip Attested

Building now
~$135 hardware stack

Hardware stack

🔒
ATECC608B Click Board
Microchip secure element — hardware ECDSA P-256, non-extractable key in slot 0, true RNG. ~$30
🖥
Raspberry Pi 5
Host compute — runs ha-chip firmware. I²C/SPI to ATECC608B. ~$60
📡
u-blox NEO-M9N GPS
Concurrent GNSS, 1.5m CEP accuracy, 10Hz update rate. ~$25
📐
ICM-42688-P IMU
6-axis accel + gyro, IMU entropy source, motion anomaly detection. ~$20

Trust characteristics

Key security
Hardware key
Time accuracy
±200ms
Location accuracy
±5–20m
Tamper resistance
Chip-level

Use cases

Insurance claims, professional reporting, evidence in civil litigation, content provenance for media organizations. Chip key proves specific device recorded the moment.

Stele program (L1)
proof Session("my-session") {
  requires L1

  at Time(1716422400000 ± 200ms) from Clock("system-clock")
  at Place(37.7749°N, 122.4194°W ± 20m) from GPS("gps-api")
  captures Video(hash: "a3f8…64chars") signed Device("ha-chip-abc1")
  attested Score(85) by Chip("ha-chip-v1") level L1
}
L2

CSAC Atomic

Planned
~$3,000 hardware stack

Hardware stack

⚛️
Microsemi SA.45s CSAC
Chip Scale Atomic Clock — ±0.03 ppb drift, 10ms warm-up. ~$2,000
🔐
Infineon OPTIGA TPM SLB9670
TCG TPM 2.0, RSA-2048 + ECC-256, hardware measured boot. ~$15
🛰
u-blox ZED-F9P RTK GPS
Survey-grade RTK GPS, 1cm accuracy with correction stream. ~$250

Trust characteristics

Key security
TPM-backed
Time accuracy
±10ms atomic
Location accuracy
±1–5cm RTK
Tamper resistance
TPM measured

Use cases

Criminal evidence, regulatory compliance recording, scientific data provenance, high-stakes journalism. Sub-millisecond time proof enables synchronization with external reference signals.

L3

Sovereign PCB

Future
Custom hardware — TBD

Concept

All sensors — clock, GPS, camera interface, audio ADC, IMU — co-located on a single sovereign PCB with a secure enclave. No OS involvement. Sensor data goes directly from ADC to crypto core, never touching general-purpose RAM.


A Physical Unclonable Function (PUF) derived from manufacturing variations generates the device's root identity. Tamper-evident epoxy enclosure. Zeroization on breach.

Target specifications

  • PUF-derived device identity (no stored private key)
  • Atomic clock on-die or co-packaged
  • Tamper mesh + zeroization on breach
  • FIPS 140-3 Level 3 target
  • Sub-100μs signing latency
  • Air-gapped operation, offline proof generation

Phase 1 Build List — Get to L1 for ~$135

Everything you need to move from browser-only (L0) to chip-attested (L1).

ItemPart #WherePriceWhy
ATECC608B Click Board MIKROE-4656 MikroE ~$30 Secure element, hardware ECDSA, non-extractable key
Raspberry Pi 5 (4GB) SC1111 Pi Foundation ~$60 Host compute, I²C bus to ATECC608B
u-blox NEO-M9N GPS NEO-M9N SparkFun ~$25 Concurrent GNSS, 1.5m CEP, feeds GPS entropy
ICM-42688-P IMU ICM-42688-P SparkFun ~$20 IMU entropy, motion anomaly detection
Total ~$135 Full L1 stack
⏭ Skip CSAC for now. The Microsemi SA.45s runs ~$2,000 and is only needed for ±1ms time claims (L2). Everything you're building today works at L1. Add CSAC later.