Atlas Q · 11/11 IPFS · Demo Flow
How a single object moves through 11/11 IPFS
The goal of the demo is simple: take one high-value object a medical document, a contract, a system log and show how Atlas Q encrypts, distributes, and audits it without exposing plaintext to the network. The steps below mirror what a full pilot environment performs using the same architecture shown on the main site.
Demo steps (conceptual pipeline)
Client-Side Only
No Plaintext in Transit
QHASH Manifest
Audit Anchors
1 · Select a sample object
Choose a representative file (PDF, structured JSON, image, or log bundle). In a real
pilot, this would be a de-identified medical record, contract, or system export.
2 · Encrypt locally
The client generates an ephemeral AES-256-GCM key and encrypts the object in memory.
Plaintext never leaves the device; only ciphertext is prepared for upload.
3 · Chunk and pin
The encrypted object is chunked and sent to the appropriate residency pinsets
(US / EU / APAC / private) according to the bucket policy. Each chunk receives a CID.
4 · Build manifest and QHASH
The client assembles encrypted CIDs, owner DID, policy IDs, and metadata into a manifest.
A deterministic QHASH is computed over the manifest for long-term integrity.
5 · Wrap keys for identities
The AES-GCM key is wrapped with Kyber for each authorized DID (owner, support team,
regulator, or delegated service) and recorded in the catalog.
6 · Anchor the event
A Dilithium-signed audit anchor is written capturing the QHASH, actor DID, and action
type (CREATE / UPDATE / ACCESS), giving a non-repudiable trail.
In a live environment these steps are invoked by a thin client or SDK. For the purposes of a boardroom demo, they can be walked through visually while the underlying endpoints run in a controlled environment.