The Lokblok Zero Trust Ecosystem is a comprehensive, modular security solution composed of several interconnected components. Each component plays a vital role in providing end-to-end protection for digital assets, communications, and transactions. This modular design allows users to build a tailor-made security solution that adheres to Zero Trust principles, ensuring robust protection against a wide range of cyber threats in the constantly evolving digital landscape.


Key storage in a FIPS 140-2 Level 3 HSM

Securing private keys in silicon is the starting point for all Lokblok services. Whether they’re complete keys, key splits, or key shares from MPC applications, trust starts here. Your Lokblok HSM also acts as your key to unlock access to local OS and remote services.

Download the PDF


Encrypted data at rest solution for local storage

Whitelisted applications in the Toughlok platform reside within Toughvault and are run from the encrypted disk after the user is authenticated. The operating system does not mount the vault until authentication is completed using Toughkey, keeping its existence secret from outsiders.

Download the PDF


Secure application specific browser

Implemented using open-source Chromium, Toughbrowser is a web sandbox for accessing whitelisted web services in an environment free from 3rd party plugins. It restricts the applications and URLs a user can visit to only those approved for use.

Download the PDF


Secure data in transit and communications

Toughnet implements a Zero Trust Network architecture that splits up network traffic sending it over multiple paths though the cloud encrypted and authenticated along its way through each node in the mesh-like fabric.  Toughnet supports multi-path and multi-cloud architecture as well as fine grained security controls per application and keeps the applications dark when not active. Unlike VPNs, network communication is limited to whitelisted applications only when in use, otherwise the endpoint is kept dark on the Internet.

Download the PDF


Restricted workspace / operating environment for data at rest & in use protection

We call Toughlok our ‘Zero Trust Desktop’. Based on the same principles as Zero Trust Networking, i.e. don’t trust anything unless it’s been authenticated by an HSM, it incorporates Toughkey, Toughvault, Toughbrowser and Toughnet to provide an integrated security platform securing applications, data, communications, and transactions end-to-end.

Download the PDF


Secure multi-cloud storage for data, backup and recovery

Toughcloud is a sharding storage platform where data is split and stored on multiple cloud platforms in multiple regions creating a resilient and highly secure data storage, backup and recovery system. Data “blobs” are broken up and stored using a k of n algorithm similar to the way RAID storage uses Reed Solomon and other algorithms to securely store data across multiple storage systems. Stored digital assets cannot be accessed from a single cloud service but requires the recovery of digital asset pieces from multiple clouds to reconstitute the digital asset using the user’s private key (that is also reconstituted within a Toughkey hardware security module).


Secure private keys for any digital asset & BIP39 backup and recovery 

The Achilles heel of security for individuals who want to secure their private keys is being reliant on bits of paper or etching seed phrases into bits of metal and storing them somewhere ‘safe’. Toughbox provides developers with an easily implementable system to allow secure, non-custodial backup and recovery by assigning trusted ‘k of n’ recovery agents.


* Registered trademark in Australia

Get in touch to find out more about how Lokblok can secure your digital assets.

Get in touch