Enable True
Device Autonomy
The trust protocol and verifiable distributed transparency log frees you from worrying about data access, privacy, and governance while you focus on shipping software that’s secure by design.
SourceHub is a distributed trust protocol that brings unbeatable security to edge environments.
It empowers devices to verify identities, provide auditability, control access to resources, and establish trust without relying on central servers, which often become central points of failure.
SourceHub works alongside DefraDB within the Source stack to secure your data and software at the edge. While DefraDB handles storage and synchronization, SourceHub ensures that only authorized users and devices can access specific information. Together with Orbis, it forms a comprehensive security framework that maintains protection even in disconnected or intermittently-connected environments.
Define Precise Access
Set granular permissions once and enforce them everywhere. Create context-aware rules that apply consistently across your distributed network, from edge devices to the cloud.
View DocsDefine sophisticated permissions based on relations, resource properties, and environmental conditions.
Authorize Offline
Keep your software secure, even without internet access. SourceHub's distributed authorization model works entirely at the edge, maintaining security during network outages.
View DocsLight clients validate access rights directly on edge devices without constant contact with a central server, enabling true offline security.
Audit With Confidence
Track every access decision across your network with cryptographically verified logs. SourceHub provides immutable records that meet compliance requirements without compromising performance.
View DocsMaintain cryptographically secured logs that cannot be altered, ensuring the integrity of your security records.
Under the hood
SourceHub enables true device autonomy; here's what's happening behind the scenes.
Identity That Works Everywhere
SourceHub lets users and devices prove who they are without relying on a central server.
Self-sovereign Identity
Devices create and manage their own cryptographic identities using DIDs.
Direct Verification
Self-managed credentials empower edge devices to verify and share without a central authority.
Cryptographically secure
Identities and credentials founded on public key cryptography.
Security Without the Cloud Dependency
SourceHub takes a local-first approach to access management.
Consensus driven
Distributed consensus enables high availability and reliability.
Data-centric Permissions
Access rights travel with the data instead of living on servers.
Local Verification
Authorize at the edge, not through distant services.
Auditability You Can Trust
When security matters, you need to know what happened and when.
Tamper-Evident Logs
Security events are recorded in cryptographically-secured ledgers.
Distributed Verification
Multiple devices can validate log integrity independently
Complete Timeline
Preserve full history of security events for compliance and auditing.
Granular Control
Set precise permissions at the field level.
Modular Deployment
SourceHub meets your preferences to deliver the trust how you like it.
Permissionless
Decentralized hosting handled by trusted members of our community.
Private
Self-hosted, on-prem, within a single or across several cloud regions and providers, or even a combination of them all.
Shared
Distribute infrastructure responsibilities across multiple entities and organizations, using their infrastructure of choice, creating a consent-based trust model.
Interoperable
Interprotocol message passing enables communication between the varied deployment types.