Secure Secrets Management
Protect your most sensitive data with a secrets management system that keeps encryption keys and credentials secure across distributed environments.
Built on threshold cryptography, Orbis distributes secret management across the trust protocol infrastructure, eliminating single points of failure and keeping secrets secure.
Use it to run multiparty encryption workflows, share secrets without ever exposing them, and define custom recovery and access policies. Orbis brings cryptographic guarantees to the systems, teams, and environments that need them most.
Eliminate Central Risk
Store and use secrets, secured by the trust protocol and threshold cryptography. Orbis handles encryption, so your sensitive information never needs to be entrusted to third parties.
View DocsPerform multiparty cryptographic operations securely across your network
Share Secrets Securely
Distribute sensitive information across your infrastructure with cryptographic sharding.
View DocsRequire multiple authorized parties to combine their shares before a secret can be reconstructed.
Under the hood
Orbis secures your secrets in distributed environments without central servers; here's what's happening behind the scenes.
Splitting Secrets for Safety
Orbis uses advanced math to keep secrets safe by splitting them up.
Distributed Trust
Threshold proxy re-encryption and distributed key generation ensures your secrets are always safe
Configurable thresholds
Set how many nodes are needed to recover secrets.
Homomorphic operations
Perform select cryptographic functions without decryption.
Smarter Key Management
Managing encryption keys becomes more reliable with Orbis.
Verifiable generation
Create keys using provably secure random sources.
AuthN/Z
Identity and authorization to fit your goals, from cryptographic DIDs, OAuth, or even passkeys.
Distributed operations
Perform critical functions with multiple nodes sharing responsibility.
Resilient availability
Reconstruct keys even when some participating components are unavailable.
Working With Your Hardware Security
Orbis gets stronger by working with your existing security hardware.
Hardware integration
Leverage secure elements and trusted platform modules (TPMs).
Protected storage
Generate and store keys in tamper-resistant hardware.
System attestation
Verify hardware and software integrity before extending trust.
Controlling Who Gets Access
Orbis gives you fine-grained control over who can access which secrets.
Relation-based access control
Assign permissions based on relations and functions, using the same Zanibar authz as SourceHub.
Time-bounded grants
Provide temporary access that automatically expires.
Multi-party authorization
Require approval from multiple entities for sensitive operations.
Contextual security
Adjust access conditions, using system and environment status, like request IP or user capabilities.