Design Partner Program

Build post-quantum encryption
before you have to.

We are onboarding a small cohort of design partners. You get early access to the live platform, direct influence on the roadmap, and a team that responds when something breaks.

What you get

Everything you need to ship — nothing you don't.

Live hosted KMS

The VellumGuard KMS API is live at https://api.vellumguard.com. Workspace and API key provisioned manually — no waiting for a self-serve portal.

TypeScript SDK

@vellumguard/sdk is published on npm. Install it, point it at your API key, and you have hybrid post-quantum encrypt/decrypt in five lines.

Proven key rotation lifecycle

The full v1 → v2 DEK rotation — generate, register, promote, rewrap, retire — has been executed in production. You are building on infrastructure that has been exercised, not just designed.

Prioritized support

P0 issues get a same-business-day response. You have a direct line to the founding team, not a ticket queue. Beta is free unless otherwise agreed.

Monthly feedback call

30 minutes each month. Your use case and blockers feed directly into what we build next. Design partners shape the product in ways later users cannot.

Early access, no lock-in

The ciphertext format is open with reference test vectors. Your encrypted data remains decryptable with any conforming implementation — regardless of what happens to VellumGuard.

Platform status

What is live today.

Hosted KMS APILive · https://api.vellumguard.com
TypeScript SDKLive · @vellumguard/sdk on npm
Hybrid cryptoX25519 + ML-KEM-768 · Ed25519 + ML-DSA-65
Cloud KMS DEK wrappingLive · Google Cloud KMS
Production key rotationv1 → v2 rewrap executed · v1 retired
Audit & security eventsEvery operation recorded and queryable
Backup restoreVerified · Cloud SQL automated backups
Uptime monitoringGCP uptime check on /healthz/
Be clear-eyed

What is not ready yet.

Design partners work with us on real limitations, not around them.

TypeScript only

The SDK is TypeScript/Node. Python and Go are on the roadmap. If your stack requires a different language today, we want to hear about it.

No compliance certifications yet

Not currently SOC 2 certified. Not currently HIPAA compliant. No BAA is currently available. No formal SLA during beta. Use test or synthetic data unless separately agreed in writing.

No self-serve portal

No dashboard, no developer portal, no billing UI. Workspaces and keys are provisioned manually. That is exactly why this is the design-partner phase.

Quick start

Five lines to post-quantum encryption.

quickstart.ts
import { VellumGuard, HttpKmsClient } from "@vellumguard/sdk"; const kms = new HttpKmsClient({ baseUrl: "https://api.vellumguard.com", apiKey: process.env.VELLUMGUARD_API_KEY!, }); const vg = new VellumGuard({ kms }); const ciphertext = await vg.encrypt({ data: "patient note: BP 120/80", recipient: "user_abc123", signAs: "user_abc123", }); const { data } = await vg.decrypt(ciphertext, "user_abc123");

Full quickstart →    Security model →

Apply

Tell us what you are building.

Healthcare, defense, long-lived-data, and AI training-data use cases prioritized. Beta is free unless otherwise agreed in writing. No charges without a written agreement before GA.

Please do not submit PHI, regulated production data, API keys, passwords, or sensitive customer data through this form.
You can also contact us at beta@vellumguard.com · Privacy Policy · Terms of Service (draft / under legal review).