PRODUCT · SOVEREIGNROUTER

OpenAI-compatible. Provider-agnostic. Cryptographically attested.

A drop-in replacement for the OpenAI API endpoint that adds tier-gated routing, BYOK tenancy, automatic provider fallback, and per-call attestation written to your audit log. Every other change to your code is zero.

How it works Schedule demo

drop-in replacement

Change the base URL. Get tier gating, fallback, BYOK, and audit, free.

Existing OpenAI client code, unmodified except for one URL. The router speaks the OpenAI chat-completions schema bit-for-bit, plus an X-SF-Policy header for the trust tier and an _sf_attestation field on the response.

Python
TypeScript
curl
# before — vanilla OpenAI client = openai.OpenAI() # after — SovereignRouter, with policy + attestation client = openai.OpenAI( base_url="https://router.your-org.com/v1", api_key="sk-router-...", # your tenant key, BYOK to providers default_headers={"X-SF-Policy": "clinical-strict"}, ) resp = client.chat.completions.create( model="mayo-jhu/meridian-med-13b-v2", messages=[...], ) # Same response shape. Plus: attestation with rekor index. print(resp.attestation.rekor_index) # 4218 print(resp.attestation.provider_id) # mayo-internal print(resp.attestation.tier_observed) # sealed

how it works

Six things happen between your call and your provider.

1. Tenant resolution

Your sk-router-... key resolves to a tenant with allowed policies, spend cap, and rate limits. Multi-tenant by design; one router instance serves the whole org.

2. Credential leak scan

Inbound prompt scanned for OpenAI / Anthropic / AWS / GitHub / Slack / Stripe key formats. Findings logged to rekor; redacted in-place before the prompt reaches any provider.

3. Policy evaluation

Policy specifies required tier, required witness scopes, allowed origins, drift posture, latency cap, cost cap, and preferred provider chain. Models that don't qualify are rejected before any cost is incurred.

4. Fallback chain walk

Eligible providers ordered by health score (rolling p50/p95 + success rate). First failure walks to the next; second failure walks again. Audit row records every attempt.

5. Provider call

Real adapter for Anthropic, OpenAI, Bedrock (with SigV4), Vertex, Ollama, vLLM. Your BYOK provider keys are read from the keystore chain (LocalFile → Env → KMS) and never appear in logs.

6. Attestation & audit

Response augmented with _sf_attestation containing model hash, provider ID, policy ID, route decision ID, rekor index, mirror ID, and tier observed. Audit row appended to the Merkle log atomically.

at the numbers

Built to drop into production.

7
provider adapters
Anthropic, OpenAI, Bedrock, Vertex, Ollama, vLLM, Mock — all real HTTP, all signed.
3
SDKs ship at parity
TypeScript, Python, Rust. Each with chat, streaming, and full management API.
100%
OpenAI-compatible schema
Drop-in replacement. Existing clients work unchanged save the base URL.
SSE
streaming with attestation
Custom sf_attestation event lands at the end of the stream alongside [DONE].

how it differs

What OpenRouter and the gateway category miss.

Trust tier as a routing primitive

Other gateways route by latency, price, or capability. SovereignRouter routes by tier. clinical-strict won't pick a non-FDA-witnessed model even if it's cheaper. Policy is a first-class object, not a config flag.

Attestation per call

Every response carries a rekor index. Your audit pipeline can prove what model produced what output, what witnesses signed it, what tier it was at the moment of the call. Other gateways don't even know.

BYOK with key-fingerprint isolation

Provider keys never appear in routing decisions, telemetry, logs, or fallback chain inspection. Keystore chain (LocalFile → Env → KMS) keeps them out of the dataplane entirely. Tenant keys are short-lived and rotatable.

pricing

Percentage of inference spend. No per-seat fees.

You pay providers directly through your BYOK keys. We charge a margin on the inference passing through. Self-hosted, you pay nothing — the binary and Helm chart are yours.

Self-hosted
$0/ mo

Run the binary in your own VPC. Full feature set. Source available, Apache 2.0.

  • Full Rust binary
  • Helm chart for Kubernetes
  • Terraform module for AWS
  • All three SDKs
  • Community Discord
View on GitHub
Managed Cloud
8%of inference spend

We host. We monitor. You point your clients at our endpoint and bring your own provider keys.

  • Multi-region managed deployment
  • SLA-backed uptime (99.9%)
  • Per-call attestation included
  • Audit log retention 7 years
  • BYOK across all 7 providers
  • SOC 2 Type II
  • Email + Slack support
Start trial
Enterprise
Custom

Dedicated tenancy, private network connectivity, bespoke witness panel integration.

  • Single-tenant deployment
  • PrivateLink / IPsec connectivity
  • Custom policy onboarding
  • Direct rekor anchor in your VPC
  • FedRAMP / IL5 path
  • Dedicated TAM
Contact sales

Drop-in replacement. Drop-in audit trail.

Run it yourself with the open-source binary. Or let us host it. Either way, the trust substrate is yours.

Try the live demo Other products