68 lines
1.4 KiB
Markdown
68 lines
1.4 KiB
Markdown
# Sovereign Cloud Infrastructure (SCI)
|
|
|
|
## Overview
|
|
|
|
SCI is DBIS' **planetary-scale sovereign cloud**, providing:
|
|
- High-security compute
|
|
- Isolated sovereign runtime environments
|
|
- Global redundancy
|
|
- PQC-secured compute fabric
|
|
|
|
## Architecture
|
|
|
|
### Sovereign Compute Zones (SCZs)
|
|
|
|
- One per SCB
|
|
- Zero-trust isolation
|
|
- PQ-HSM for key operations
|
|
|
|
**Service**: `sci-zone-manager.service.ts`
|
|
|
|
**API Endpoint**: `POST /api/v1/sci/zone/create`
|
|
|
|
### Global Replication Grid (GRG)
|
|
|
|
- DBIS-led multi-region replication
|
|
- Metadata hashing every 30 seconds
|
|
|
|
**Service**: `sci-replication.service.ts`
|
|
|
|
**API Endpoint**: `POST /api/v1/sci/replication/start`
|
|
|
|
### Sovereign EVM (SEVM)
|
|
|
|
Smart contract execution for:
|
|
- CBDC workflows
|
|
- FX swaps
|
|
- Commodity token redemptions
|
|
- Settlement contracts
|
|
|
|
**Service**: `sci-sevm.service.ts`
|
|
|
|
**API Endpoint**: `POST /api/v1/sci/sevm/deploy`
|
|
|
|
## Security Features
|
|
|
|
- TPM-backed nodes
|
|
- PQ-encrypted channels (Kyber)
|
|
- Cross-zone firewalls
|
|
- Continuous integrity attestations
|
|
|
|
**Service**: `sci-security.service.ts`
|
|
|
|
**API Endpoint**: `POST /api/v1/sci/security/attestation`
|
|
|
|
## Database Models
|
|
|
|
- `SovereignComputeZone` - SCZ configurations
|
|
- `SovereignReplication` - GRG replication records
|
|
- `SevmContract` - SEVM smart contract deployments
|
|
- `SovereignAttestation` - Integrity attestation records
|
|
|
|
## Integration Points
|
|
|
|
- Quantum crypto service (existing)
|
|
- HSM service (existing)
|
|
- Smart contract service (existing)
|
|
|