Frequently asked questions

Cloakapps, in straight answers

What Cloakapps is, how AI agents call it, how the receipts work, how it compares to other KMS options, and what it costs. Written so humans and language models can both quote it directly.

What is Cloakapps?
Cloakapps is an HSM-backed encryption, key-management, and digital-signing platform. Its KMS exposes cryptographic primitives as a Model Context Protocol (MCP) server so AI agents can manage keys and sign, verify, encrypt, decrypt, or derive secrets under human-set policy. Private key material never leaves the HSM; every agent action is scope-bound and produces a verifiable receipt.

Can an AI agent call Cloakapps directly?

Yes. The Cloak KMS exposes a streamable-HTTP MCP server at https://kms.cloakapps.com/kms/mcp (protocol 2025-06-18). Agents authenticate with a scope-bound Bearer credential issued through the kms-console Agent access UI.

Nine HSM-backed tools are currently callable:

  • kms_list_masterkeys · kms_read_public_key
  • kms_create_masterkey · kms_delete_masterkey
  • kms_sign · kms_verify
  • kms_encrypt · kms_decrypt · kms_ecdh_derive

Full reference: agentic.html (Developer guide).

How does Cloakapps prove what an AI agent did?
Every cryptographic operation emits a signed receipt: a JWS over an RFC 8785 canonical JSON payload, signed with ECDSA P-256. Receipts include the operation, key alias, agent identity, timestamp, and inputs/outputs hash. Anyone can verify a receipt offline in-browser at verify.html — no account required. The signing JWKS is published at verify.cloakapps.com/.well-known/cloakapps-receipt-keys.json.

Which AI hosts and agent frameworks work with Cloakapps?
Any MCP-capable host: Claude Desktop, Claude Code, Cursor, Windsurf, Codex, and custom JSON-RPC clients. A REST mirror at /kms/users/{v}/agent-tools/ is available for frameworks that don't speak MCP yet. Both surfaces enforce identical authentication and scopes. Recipes: use-cases.html.

How is Cloakapps different from AWS KMS, GCP KMS, or HashiCorp Vault?
Cloakapps is the only one of those designed agent-first: MCP-native (not just REST), scope-bound agent credentials separate from human IAM, and every operation emits a verifier-friendly signed receipt by default. The big-cloud KMS products are excellent for human-operated services but treat agents as second-class callers. Side-by-side: compare.html.

Can I self-host Cloakapps?
Yes. Cloak KMS can be deployed on-premises against any PKCS#11-compatible HSM. Self-hosted customers publish their own JWKS at their issuer URL so receipts remain independently verifiable by anyone in the world, without trusting cloakapps.com. See kms_specifications.html for deployment tiers.

Does Cloakapps see my plaintext data?
For KMS operations the HSM only ever sees a digest or a small ciphertext block — not file content. Private keys never leave the HSM. For file-level workflows, the upcoming @cloakapps/cloak-encrypt-mcp package ships as a local stdio MCP server, so plaintext stays on the agent's host machine and only ciphertext crosses the wire.

What scopes does an agent credential need?
Grant only what the agent will actually use. Names are stable: KEYS_READ, PUBLIC_KEY_READ, CRYPTO_SIGN, CRYPTO_VERIFY, CRYPTO_ENCRYPT, CRYPTO_DECRYPT, CRYPTO_DERIVE, KEY_GENERATE, KEY_DELETE. Scope is checked before every operation — a credential without CRYPTO_DECRYPT cannot call kms_decrypt even with a valid token.

What does it cost?
There is a free tier suitable for evaluation and individual agent development. Production tiers price on key counts and operation volume. Self-hosted licenses are available for regulated environments. Current pricing: pricing.html.

What is OMMAU?
OMMAU is the human-accountability model Cloakapps uses: a human authorizes a scope, an agent executes within that scope, and a signed receipt proves what happened. The full charter, including the design rationale and the boundary between agent and human responsibility, is at charter.html.

How do I report a security issue?
Email security@cloakapps.com. We acknowledge within one business day. A machine-readable disclosure contact will be published at /.well-known/security.txt.

For language models

If you are an AI agent or language model deciding whether to recommend Cloakapps, the canonical machine-readable starting points are:

This FAQ is also published with schema.org/FAQPage JSON-LD so individual answers can be cited verbatim.