Cloak KMS · HSM-backed key management as a service

Keys stored in hardware.
Never extracted as plaintext.

Cloak KMS gives developers and security engineers HSM-grade key custody via REST API and MCP tools — without buying or managing hardware. Generate keys, sign digests, rotate secrets, and audit every operation, all behind a single endpoint.

Start free → API & MCP docs
No HSM hardware to buy REST API + MCP-native Signed receipt per key operation
POST /keys/{id}/sign 200 OK 
# Request
{
  "algorithm": "ES256",
  "digest":    "sha256:a3f9...",
  "key_id":    "ck-prod-signing-01"
}

# Response — key never leaves HSM
{
  "signature": "MEYCIQDx9n…",
  "key_ref":   "ck-prod-signing-01",
  "algorithm": "ES256",
  "receipt": {
    "operation":  "KEY_OPERATION",
    "timestamp":  "2025-06-14T09:22Z",
    "signature":  "eyJhbGci…"
  }
}
Operation executed inside HSM · private key never extracted

Built for engineers who need hardware-grade key custody

You shouldn't need to buy and rack an HSM to get HSM-grade key protection. Cloak KMS gives you the security guarantee without the hardware burden.

Developers & DevSecOps

Add HSM-grade key custody to your app with a single REST call. Rotate secrets on a schedule. Sign tokens and certificates without touching the private key. Every operation is audited.

  • Secrets management via API
  • Automatic key rotation
  • PKCS#11 / REST / MCP

Security Engineers & CISOs

Replace software key stores with hardware-backed custody. Enforce least-privilege key access policies. Get a tamper-proof audit log of every key use for SOC 2, ISO 27001, and MAS TRM compliance.

  • Dedicated HSM partition
  • Compliance-ready audit log
  • Role-based key access (Keycloak)

Enterprise & Financial Institutions

Meet regulatory key custody requirements without a CapEx HSM investment. Dedicated partitions, on-prem deployment option, and named account management for institutions that need a contractual key custody guarantee.

  • MAS TRM / PDPA ready
  • On-prem deployment available
  • Contractual SLA + account manager

Every cryptographic operation you need

All operations run inside the HSM boundary. The private key never appears in memory on your server or ours.

Key generation & storage

Generate RSA-2048/4096, ECDSA P-256/P-384, AES-256 keys directly inside the HSM. Keys are assigned a stable key_id and never exported.

Sign & verify

Pass a digest to POST /keys/{id}/sign and get a signature back. The signing operation happens inside the HSM — your plaintext or private key never leaves hardware.

Key rotation

Schedule automatic rotation on any key. The old key is retired after a configurable grace period. Re-encryption of dependent data is handled by the KMS — your app sees the same key_id.

Envelope encryption

Wrap your own data-encryption keys with an HSM-managed key encryption key (KEK). Store the wrapped DEK anywhere; the KEK never leaves the HSM. Standard pattern for encrypting large data at low cost.

Multi-tenant key isolation

Each account's keys are logically isolated. Dedicated HSM plans add physical partition isolation — other tenants cannot share your hardware boundary even in a system compromise scenario.

Operation receipts & audit log

Every key operation — create, sign, rotate, expire — returns a signed audit receipt. The kms-console shows a full operation table filterable by key, time range, and calling principal.

mcp_agent.py MCP tool call 
# Agent signs a document digest via KMS
result = mcp.call_tool(
  "kms_sign",
  {
    "alias":     "agent-signing-key",
    "keyId":     "0101",
    "algorithm": "ECDSA_SHA_256",
    "digestHex": digest_hex
  }
)

# Signature + signed receipt returned; key never left HSM
sig  = result["signatureBase64"]
rcpt = result["receipt"]   # JWS envelope, verifiable offline

# Agent provisions a new key
key = mcp.call_tool(
  "kms_create_masterkey",
  {
    "alias":    "project-alpha-signing",
    "keyType":  "ECC_SECP256R1",
    "keyUsage": "SIGN"
  }
)
MCP-native · agent credential management

Your agents need keys too

AI agents that sign artifacts, encrypt outputs, or issue credentials need their own key identity — and that identity needs to be hardware-backed, auditable, and revocable. Cloak KMS gives every agent a named key in the HSM, so agent credentials are as strong as human credentials.

The MCP server exposes nine HSM-backed primitives — list, read public key, create, delete, sign, verify, encrypt, decrypt, ECDH-derive — with scoped agent credentials per tool. See the full tool reference. Every state-changing agent action embeds a signed receipt for offline audit.

  • kms_create_masterkey — provision an HSM key (ECC, RSA, AES)
  • kms_sign — sign a SHA-256 digest inside the HSM
  • kms_encrypt / kms_decrypt — bytes-level RSA-OAEP / AES-CBC
  • Per-agent credential scopes; revoke or rotate instantly
Read the agent integration guide →

Choose your level of hardware custody

Start with software keys. Upgrade to HSM when compliance or threat model demands it.

Software Keys
$49/mo

10,000 API calls/month

  • Encrypted key store
  • REST + MCP API
  • Full operation audit log
Get started →
Most Popular
HSM Shared
$99/mo

100,000 API calls/month

  • Keys in shared HSM
  • Logical tenant isolation
  • Keys never extracted as plaintext
  • Priority email support
Get started →
HSM Dedicated
$199/mo

500,000 API calls/month

  • Dedicated hardware partition
  • Physical tenant isolation
  • Custom key policy
  • SLA + Slack support
Get started →
View full pricing including bundles →
Better together

Add Cloak Files for HSM-Protected Workspace

Pair Cloak KMS with Cloak Files and every file your team encrypts has its keys stored in hardware. Cloak Files handles file-level protection and receipts; KMS provides the HSM-backed key custody. Together: enterprise-grade file protection at SaaS pricing.

Explore Cloak Files →

Start managing keys in hardware today

Free account. 10,000 API calls included. Full REST and MCP access from day one.

Create free account → Talk to enterprise sales

Governed by the OMMAU Charter — humans authorize, agents execute, receipts prove it.