Every node is a user.
Everything between is encrypted.

Bedrock is the foundational security layer for applications that handle sensitive data. Identity at every endpoint. Encryption at rest. Consent-gated access. Audit everything.

Start Free Trial View on GitHub
930 tests passing
Python 3.11+
TypeScript SDK
BSL-1.1 license
30-day free trial

Core Principles

Five pillars that make Bedrock different from every other security framework.

🔑

Identity-First

Every compute endpoint has a cryptographic identity. No anonymous access. No implicit trust.

🔒

Encrypted at Rest

Data exists in cleartext only at the consuming endpoint, only for the minimum time required. Everything else is encrypted.

🤝

Consent-Gated

No cross-silo data access without cryptographic proof of consent. Patients own their data. Systems enforce it.

📋

Audit Everything

SHA-256 hash chain. Tamper-evident. Tamper-resistant. Every access, every consent grant, every key rotation.

🏠

Self-Hosted

No Bedrock-operated infrastructure. Your data stays in your environment. Your keys never leave your network.

Quick Start

Up and running in 60 seconds. Free for 30 days. No credit card required.

$ pip install bedrock-core $ bedrock init ./my-project Initialized Bedrock project in ./my-project $ bedrock trial --licensee "you@example.com" License generated (TRIAL, 30 days) Key: 1:TRIAL:you@example.com:20260627:... Save to /etc/bedrock/license.key or set BEDROCK_LICENSE_KEY $ bedrock serve Bedrock API running on https://localhost:8443
Read the Docs

Architecture

Layered security from the mesh up.

Application Layer Python SDK | TypeScript SDK | CLI | REST API (FastAPI) Bedrock Core Encryption Engine | Identity Fabric | Data Silos Access Control | Audit Chain | Licensing Key Management (HKDF) Per-silo derivation | Key rotation | HSM support Mesh Transport Self-healing | mTLS | Node discovery | State machine

Pricing

Free to evaluate. Pay when you ship to production.

Trial

Free / 30 days
Evaluate Bedrock locally. Full developer features.
  • 3 local nodes
  • Self-signed certificates
  • All APIs and SDKs
  • No credit card required
Most Popular

Developer

$99 / year
Individual development. Self-signed certificates.
  • 3 local nodes
  • Self-signed certificates
  • All APIs and SDKs
  • Community support

Professional

$499 / year
Team development. Up to 10 nodes.
  • 10 nodes
  • Self-signed certificates
  • All APIs and SDKs
  • Priority support

Production deployment requires a separate license. Starter ($5K/yr) | Business ($20K/yr) | Enterprise (custom)

SDKs

First-class support for Python and TypeScript.

Python

from bedrock import BedrockClient client = BedrockClient( base_url="https://bedrock.example.com", license_key="1:...", ) node = client.nodes.register( name="my-service" ) silo = client.silos.create( name="patient-records", categories=["medical", "phi"], )

TypeScript

import { BedrockClient } from "@infill/bedrock-sdk"; const client = new BedrockClient({ baseUrl: "https://bedrock.example.com", licenseKey: "1:...", }); const node = await client.nodes .register({ name: "my-service" });