Developers integrate through API or MCP. Humans define policy and approve sensitive actions. Cloak File protects the data, Cloak KMS controls the permitted key operation, and a signed receipt records what happened.
Start with software keys. Move to managed or customer-controlled hardware when your threat model requires it.
Cloak is relevant when authority and evidence — not model capability — are blocking the workflow.
Separate tenants and keys, bound agent authority, and show the reviewer the exact trust boundary.
Grant only the file and key operations the workflow needs. Expire, revoke, and review the credential from a human account.
Start in a software sandbox, then move to managed or customer-controlled HSM custody without changing the workflow.
Cloak File handles the protected-file workflow. Cloak KMS governs agent authority and key custody. Vault and Batchsign remain available for qualified use cases.
End-to-end file encryption for professionals. Web, Android, iOS. Files encrypted on the client — the server never sees plaintext. Optional HSM-backed keys via Cloak KMS.
Human-approved key operations with three custody lanes: software sandbox, managed hardware subject to capacity and service limits, or a supported customer-controlled HSM after a written fit assessment.
File DRM and secure sharing. Control read-only, no-download, expiry, and revoke access — on PDF, images, markdown, and text. True end-to-end encryption.
Server-side Adobe AATL-compliant PDF signing. Batch workflows with signing receipts. Integrates with Cloak KMS for HSM-backed certificate custody.
Start with one protected-file workflow in the software-key sandbox. Cloak KMS applies the human-defined scope and performs the permitted key operation. Move to managed or customer-controlled hardware only when the production threat model requires it.
The developer integrates once. The human grants authority. The agent operates inside it.
A developer connects the protected-file workflow through API or MCP.
A human account grants a scoped credential with operations, expiry, and limits.
The agent asks to protect a file or use a key. It cannot broaden its own scope.
Cloak File protects the data at the client or workload boundary.
Cloak KMS performs only the permitted key operation using the configured custody lane.
A signed receipt records the actor, operation, policy reference, key reference, time, and result.
Developers can connect agent hosts to Cloak KMS through MCP. The protected-file integration combines that control layer with Cloak File; package availability and production limits are documented in the developer guide. No API key gymnastics. Scoped credentials with expiry, rotation, revocation, and a full audit trail per session.
/.well-known/mcp.json and llms.txt for agent discoveryStart free. Pay when you protect things that matter.
MCP and REST KMS quickstart in a software-key sandbox, with scoped credentials and test operations. Strict limits — not for production.
Start freeProduction protected-file workflow, scoped API and MCP credentials, signed file-operation receipts, and managed smartcard-HSM access subject to capacity and service limits.
Start free →Cloak Gateway with a supported customer-owned HSM, contracted limits, and documented remote setup. Implementation is priced separately.
Request setup assessment →Enterprise deployment and signing options are priced by agreement. View all plans →
Cloak publishes a public governance charter: three filters every product decision and every agent operation passes through. Data sovereignty, equal agent access, and verifiable societal benefit — not marketing language, operational constraints.
No support agent, sales agent, or external service accesses raw key material or decrypted customer content.
Use cases involving malware, credential theft, non-consensual surveillance, or evasion of lawful access are blocked.
Every protected operation produces an audit receipt understandable by both humans and machines.
Evaluate the human-to-agent grant in the software-key sandbox. Add managed or customer-controlled hardware only when the production threat model requires it.
Cloak Pte. Ltd. · Paya Lebar Square #06-28 · Singapore 409051 · sales@cloakapps.com