Q-Trust Plane

ROADMAP

Roadmap

Phased roadmap aligned to governance coverage, cryptographic hardening (PQC), and enterprise operability.

Back to overviewRequest access

Highlights

  • Phased delivery prioritizes core invariants, then broad governance coverage.
  • Explicit PQC hardening phase: hybrid signatures and crypto-agility.
  • Enterprise scalability phase: HA, multi-region, isolation, and audit reporting.

ROADMAP

Q-Trust Plane — Product & Engineering Roadmap
Document: Roadmap (SaaS, Closed-Source)
Version: 1.0
Audience: Engineering, Security, Product, Enterprise Customers

Guiding Principles

  • Security over convenience
  • Deterministic behavior over heuristics
  • Proof over trust
  • Enterprise-first design
  • Web3-grade threat assumptions

Phase 1 — Core Control Plane (FOUNDATION)

Status: Architecture complete

Scope

  • Identity verification (OIDC + workload)
  • Attestation verification (SLSA, SBOM, approvals)
  • QPL policy engine (parser, canonicalizer, evaluator)
  • Grant issuance (TTL + single-use)
  • Evidence ledger (hash-chained)
  • Merkle batching + on-chain anchoring (AuditAnchor)
  • CI Agent (GitHub/GitLab)

Deliverables

  • End-to-end authorization → execution → anchoring
  • External audit proof retrieval
  • Initial SaaS deployment (single region)

Phase 2 — Infrastructure Governance (IaC + K8s)

Scope

  • Terraform Agent (plan/apply gating)
  • Kubernetes Admission Agent
  • Secrets leasing (short TTL)
  • Expanded policy library

Deliverables

  • Full infra governance coverage
  • Production-ready DevSecOps workflows

Phase 3 — Web3 Governance (HIGH VALUE)

Scope

  • Web3 deploy/upgrade agent (EVM)
  • Bridge governance workflows
  • Oracle feed governance
  • Multi-approval & emergency lockout policies

Deliverables

  • Web3-grade governance
  • Bridge/oracle hardening
  • High-value enterprise use cases

Phase 4 — Cryptographic Hardening (PQC)

Scope

  • Hybrid signature enforcement everywhere
  • PQC policy bundle signing
  • PQC evidence signatures
  • Crypto-agility configuration

Deliverables

  • Post-quantum readiness
  • Long-term cryptographic resilience

Phase 5 — MLOps Governance

Scope

  • Model provenance verification
  • Model deployment grants
  • Evidence for model/version/runtime
  • Policy-driven ML governance

Deliverables

  • MLSecOps integration
  • Regulated ML deployments

Phase 6 — Enterprise & Scale

Scope

  • Multi-region SaaS
  • High availability & disaster recovery
  • Advanced tenant isolation
  • Audit dashboards & reporting
  • SLA-backed operations

Deliverables

  • Enterprise-grade SaaS
  • Compliance-ready posture
  • Scalable governance plane

Phase 7 — Advanced Governance (Optional / Contractual)

Scope

  • Cross-chain anchoring
  • Multiple anchor chains
  • Custom policy dialect extensions
  • Dedicated hardware-backed deployments

Non-Goals

  • Public open-source distribution
  • End-user wallet management
  • On-chain execution replacement
  • Opinionated CI/CD pipelines

Q-Trust Plane governs execution; it does not replace tooling.

Business Alignment

Each phase unlocks:

  • new enterprise customers
  • higher contract value
  • deeper infrastructure lock-in
  • increased governance guarantees

Roadmaps change.
Security principles do not.