When organisations share sensitive data — purchase orders, patient records, credentials, compliance reports — they rely on trust, email, and hope. Sorcha replaces hope with cryptographic proof.
Purchase orders, patient referrals, compliance reports, credentials — your most valuable data crosses organisational lines every day. What if every exchange was provable, private, and permanent?
You send a spreadsheet to a partner. They only need three columns, but they can see all twenty. Every forwarded email, every shared drive link — it widens the exposure.
A supplier disputes the terms. A regulator asks for the original. Version control says "last modified by: unknown". The audit trail is a folder of attachments with no chain of custody.
A server fails. A retention policy expires. A departing employee deletes a mailbox. The records you need for a dispute, an audit, or a compliance review are gone — and no one noticed until it mattered.
Four guarantees that transform how you collaborate across organisational boundaries.
Every action signed. Every claim verifiable.
Participant wallets cryptographically sign every transaction. You can prove exactly who did what, when, and what data they submitted — no he-said-she-said disputes.
Share what's needed. Nothing more.
JSON Schema-driven selective disclosure ensures each participant sees only the fields they need. A buyer sees product and quantity. A supplier sees product and price. Neither sees the other's sensitive data.
No one can rewrite history.
SHA-256 chain-linked transactions sealed into dockets. Validator consensus before finalization. Any attempt to alter a record breaks the chain and triggers detection.
Data survives because the network does.
Peer-to-peer replication means no single point of failure can destroy records. If one node goes down, others maintain the complete ledger. No vendor lock-in, no central authority.
Three pillars that address the three ways data is compromised in multi-party processes: unwanted exposure, undetected changes, and permanent loss.
Every party sees only what they should
JSON Schema-driven selective disclosure controls exactly which fields each participant can access. SD-JWT Verifiable Credentials enable selective claim presentation without revealing your full identity.
Every change is permanent and provable
All actions are cryptographically signed by participant wallets and hash-linked into an immutable chain. You cannot alter history without detection — the maths won't allow it.
Data survives because the network does
Peer-to-peer replication across the network means no single point of failure. If one node goes down, others maintain the complete ledger state with automatic sync and recovery.
Not a proprietary black box. Sorcha implements internationally recognised standards so your data and credentials are portable, verifiable, and future-proof.
Issue and verify electronic attestations aligned with the European Digital Identity framework for cross-border recognition.
Selective Disclosure JWTs allow holders to present only the claims needed — prove you're qualified without revealing your full transcript.
Self-sovereign did:sorcha identifiers give every wallet a globally resolvable identity without a central authority.
Hierarchical deterministic wallets derived from a single seed phrase. Create unlimited addresses from one recovery phrase.
Government-grade cryptography: NIST P-256 for signing, SHA-256 for hashing, AES-256-GCM for encryption at rest.
Post-quantum cryptography deployed today: ML-DSA-65 signatures, ML-KEM-768 key encapsulation, SLH-DSA-128s hash-based signatures.
Records you create today must survive threats that don't exist yet. Sorcha's CNSA 2.0 compliant cryptography protects against both current and future quantum computer attacks.
Classical + PQC dual signatures. Protected today by proven algorithms and tomorrow by quantum-resistant ones — simultaneously.
ML-KEM-768 key encapsulation with AES-256-GCM. Confidential payloads stay confidential even against future quantum computers.
BLS12-381 t-of-n distributed validation. No single validator holds the complete signing key — consensus requires a threshold of participants.
Pedersen commitments with Schnorr proofs. Auditors verify transaction properties without seeing underlying data.
Any process involving multiple organisations, sensitive data, and the need for an auditable record is a fit for Sorcha.
Your intellectual property lives in the blueprint. The platform handles the cryptography, the ledger, and the workflow execution.
Your workflow, defined and versioned
Blueprints define participants, actions, data schemas, routes, conditions, and disclosure rules. They are the intellectual property of your process — reusable, composable, and publishable to any register.
Describe your process. We'll build it.
Chat with the AI assistant to design workflows in natural language. It understands schema standards, disclosure patterns, and routing logic — and generates production-ready blueprints.
Drag, drop, deploy.
For non-technical users: a visual workflow builder with live preview. Define actions, connect participants, set disclosure rules, and deploy directly to the ledger — no code required.
Your identity. Your keys.
Hierarchical deterministic wallets with classical and post-quantum algorithm support. BIP32/39/44 compliant with quantum-safe ws2 Bech32m addresses alongside standard ws1 addresses.
Issue. Store. Present. Verify.
eIDAS-aligned SD-JWT credentials that gate workflow actions on credential proof. Chain credentials across multiple blueprints for complex multi-step processes.
Know instantly when it's your turn.
SignalR-powered live notifications for action submissions, workflow progress, and transaction confirmations. Push notifications across all connected clients.
Use the visual designer, AI chat, or JSON/YAML to define participants, actions, schemas, routes, and disclosure rules.
The blueprint is validated for correctness, cycle-free routing is confirmed, then it's published to a register. Participants are notified in real time.
Each participant submits their data, signs with their wallet, and the engine validates, routes, and discloses — all in a single atomic operation.
Every step recorded on the immutable ledger. Verifiable credentials issued as proof. The full audit trail is always available to authorised parties.
Built on .NET 10 with .NET Aspire orchestration. Seven microservices with full observability, health checks, and horizontal scaling.
Sorcha is open source. Explore the code, file issues, read the API docs, or contribute to the platform.
39 projects, 30 test projects, 2700+ tests. Browse the full codebase on GitHub.
Report bugs, request features, or follow the development roadmap.
Interactive OpenAPI docs powered by Scalar. Try endpoints directly from your browser.
Docker Compose, .NET Aspire, or CLI — get running in under 5 minutes.
Design secure, multi-party processes with cryptographic guarantees and verifiable credentials — no blockchain expertise required.