eIDAS 2.0 Compliant / EU AI Act Ready

WISTERIA

The Trust Layer for the $2.6T Agent Economy.

Wisteria routes all AI agent requests through hardware-enforced gateways, providing deterministic execution, cryptographic proof of authorization, and complete secret isolation. Transform autonomous systems into legally-defensible, audit-ready infrastructure.

5ms
Verification Latency
100%
Secret Isolation
Zero
Trust Architecture
The $2.6T AI Agency Crisis

Enterprises Can't Safely Deploy Autonomous AI Agents

By 2030, AI agents will execute $2.6 trillion in transactions annually. Yet today's infrastructure forces a binary choice:

❌ Manual Approval
Human approval for every AI decision
• Defeats the purpose of AI autonomy
• Expensive, slow, unscalable
• Bottlenecks innovation
❌ Full API Access
Give agents unrestricted API keys
• No spending limits or time bounds
• If hacked, unlimited damage
• No legal proof of authorization

The Missing Infrastructure: Cryptographically-bounded autonomy with deterministic enforcement

The Wisteria Solution

Active Gateway Infrastructure
for AI Agent Requests

Wisteria sits between your AI agents and the outside world. Every request flows through the Gateway, which verifies cryptographic mandates, enforces constraints, and injects API keys—all while maintaining a complete audit trail.

REQUEST FLOW
1. AI Agent
Makes request with mandate
2. Wisteria Gateway
Verifies + enforces constraints
3. Upstream API
Executes authorized request
✓ Secret Isolation
AI Agents Never See API Keys
Gateway injects secrets at request time. If an agent is compromised, attackers gain zero access to your infrastructure.
✓ Deterministic Enforcement
Hardware-Backed Constraints
5-minute Session Mandates with spending limits, time bounds, and scope restrictions. Enforced by HSM/KMS for high-stakes operations.
✓ Legal Compliance
Cryptographic Proof of Authorization
eIDAS 2.0 compliant, EU AI Act ready. Every action carries non-repudiable proof that the principal authorized the agent.
✓ Complete Auditability
Full Request & Response Logging
Gateway provides tamper-evident audit trail. Optional anchoring to Hedera HCS for immutable evidence logs.
/// THE WISTERIA BRIDGE

Three-Layer Enforcement Stack

Identity → Authority → Enforcement. Each layer builds on cryptographic primitives to enable legally-defensible AI autonomy.
LAYER 1

Identity & Bootstrapping

Cloud-native identity binding via AWS/GitHub OIDC. eIDAS-compliant SD-JWT credentials with selective disclosure. DID:web anchoring for decentralized verification.

  • HSM-backed key generation
  • SD-JWT VC (vc+sd-jwt) format
  • X.509 trust anchor binding
LAYER 2

Authority & Delegation

Cryptographic mandates with bounded constraints. Master Mandates (long-lived) generate Session Mandates (5-min TTL) for stateless, high-speed verification.

  • Spending & time limits
  • Scope restrictions (domains, actions)
  • One-click revocation (Kill Switch)
LAYER 3

The Egress Gateway

Fastify-based reverse proxy. Routes all agent requests, verifies mandates statelessly, injects API keys from Secrets Manager, and logs evidence before forwarding.

  • 5ms verification latency
  • Secret injection (never exposed)
  • Tamper-evident audit logging
Zero-Knowledge Architecture

Deploy On Your Terms

Choose between cloud-hybrid or fully sovereign deployment. API keys never leave your VPC in either mode.

CLOUDBRIDGE

Hybrid Deployment

Wisteria Control Plane managed, Gateway self-hosted in your VPC. Real-time policy updates with complete secret sovereignty.

Automatic public key sync
Real-time revocation lists
Secrets stay in your VPC
Managed policy updates

SOVEREIGN

Air-Gapped Deployment

Complete data sovereignty. Gateway operates offline with cached public keys. Zero-knowledge: Wisteria Control Plane never sees requests, responses, or secrets.

Air-gapped operation
Local public key cache
100% data residency
GDPR/HIPAA/SOC2 compliant
Market Opportunity

The Agentic Economy Needs Infrastructure

$2.6T
AI Agent Transaction Volume by 2030
Gartner, McKinsey estimates

Every autonomous transaction needs authorization infrastructure. Wisteria captures value by enabling—and securing—the $2.6T agentic economy.

Regulatory Tailwinds

EU AI ACT (2026)

High-risk AI systems must maintain audit trails and human oversight. Wisteria provides both through cryptographic mandates.

EIDAS 2.0 (2024)

Digital identity framework requiring hardware-backed attestation. Wisteria is natively compliant with SD-JWT credentials.

GDPR / SOC 2

Data sovereignty and audit requirements demand cryptographic proof of access. Wisteria provides immutable evidence chains for compliance.

SM&CR (UK)

Senior Managers & Certification Regime requires liability bounding. Wisteria enables cryptographic proof of who authorized what.

Target Verticals

Financial Services

AI trading bots, automated refunds, payment processing agents

Healthcare

Diagnostic assistants, treatment scheduling, medical record agents

Enterprise SaaS

Workflow automation, procurement bots, customer service agents

Why Wisteria Wins

Active infrastructure, not passive verification. The Gateway routes all agent traffic.

vs. Traditional API Keys

API keys: No spending limits, no time bounds, no revocation
Wisteria: Cryptographic mandates with hardware-enforced constraints

vs. OAuth/RBAC

OAuth: Server-dependent, no legal proof, centralized control
Wisteria: Stateless verification, eIDAS-compliant, decentralized

vs. Policy Engines

OPA/Cedar: Passive verification, no secret isolation, no audit trail
Wisteria: Active Gateway routing, secrets never exposed, complete logs

vs. Blockchain Solutions

Smart contracts: High latency (>1s), expensive, public by default
Wisteria: 5ms verification, low cost, private with optional public evidence

Development Status

Completed (Feb 2026)
✓ Core Gateway Infrastructure
✓ SD-JWT Credential System
✓ Session Mandate Engine
✓ HSM/KMS Integration
✓ Evidence Logging (Hedera HCS)
✓ Docker Deployment
Q2 2026
→ Web Dashboard UI
→ Kubernetes Helm Charts
→ Multi-cloud Support
→ Usage Analytics
→ First Design Partners
→ Compliance Audit (eIDAS/AI Act)
Q3 2026
→ Enterprise SSO Integration
→ Advanced Policy Engine
→ Multi-region Deployment
→ General Availability
→ Terraform Provider
→ SOC 2 Type II

Why We Built This

Product Engineers Obsessed with Developer Experience

Wisteria was born from a frustration with the current agentic stack. While building autonomous consumer applications, we realized that delegating authority to AI agents was a binary choice: give them full root access or nothing at all.

We built Wisteria to fill the gap between rigid security policies and fluid AI autonomy. We are product engineers obsessed with Developer Experience, bringing consumer-grade usability to hardware-enforced security infrastructure.

Background
Deep experience in cryptography, distributed systems, and consumer product development
Approach
Hardware-first security philosophy meets developer-friendly abstractions
Vision
Make cryptographically-bounded autonomy the default for AI agents

Build the Infrastructure
for the Agentic Economy

Wisteria enables cryptographically-bounded AI autonomy at scale. Join the design partner program or schedule a technical deep-dive.