Skip to Content
Home

Dmitrii Zatona

Dmitrii Zatona

Principal Systems Architect (Security / Confidential Computing / Cryptography)

Cryptographic transparency, attested execution, and frame-bound observation. Open specifications paired with Rust reference implementations — from protocol design through hardened deployment.

Audit logs the DBA can silently rewrite. AI evaluations that stop being comparable the moment a prompt template changes. Sealed workloads where “the operator won’t peek” is a policy, not a proof. These are the failure modes I build against.

Author of two open standards designed as a pair: ATL Protocol proves what happened — cryptographically unforgeable history. APL Protocol proves what it means — every claim bound to its frame. Two open specifications (ATL, APL) with Rust reference implementations, one sealed-execution platform on Intel TDX (Thunderwind), and a managed integrity service (Evidentum).

Until recently most teams could ignore this. Then LLM outputs started being cited as evidence that disappears the moment the tab closes, deepfakes turned “I saw it” into a liability, and regulators started asking for proofs instead of policies.

ATL Protocol

When AI hallucinates, logs get wiped, or deepfakes blur reality — where do you look? ATL is the flight recorder: mathematically unforgeable history for defense supply chains, intelligence data integrity, ransomware forensics, court-admissible evidence, and AI accountability. Self-sufficient receipts verify offline. RFC 3161 timestamps, SHA-256 / Ed25519, Bitcoin anchoring. 5K+ RPS on a single node (reproducible benchmark ). Open standard, Apache-2.0.

APL Protocol

“94% accuracy” — on which eval set, which prompt, which temperature? “99.9% uptime” — measured how, over what window, excluding what? Every claim carries an implicit frame; strip it and the number is still verifiable but no longer means the same thing. APL ties every claim to an explicit frame — what was observed, how, and under which assumptions — and refuses to resolve the claim without it. Comparing claims from different frames requires an explicit bridge spelling out what’s preserved and what’s lost. Verifiers return one of two answers: valid or invalid — no hedging. Works on any substrate; ATL is the reference profile. Open standard.

Evidentum SaaS

The protocol is open. The infrastructure is hard. Managed integrity layer for SaaS, fintech, legaltech, and AI platforms — anchor your audit trails without running your own nodes. Optional data custody with retention tiers from 24 hours to 10 years.

Thunderwind

How do you prove that the code in the repo is exactly what’s running on the server — and that the data you receive actually came from that code? Thunderwind solves the “Last Mile” of trust: cryptographic proof that source → binary → runtime → output is an unbroken chain. Sealed execution environment with zero human access (no SSH, no console). Intel TDX + custom Remote Attestation CA.

Expertise

“How do we know it’s real?”
Cryptographic proof of history, provenance, and integrity. No trust required.

“Can we trust the runtime?”
Sealed execution, hardware attestation, environments where even admins can’t cheat.

“Will it hold up legally?”
Evidence chains that are timestamped, anchored, and court-admissible.

“Who’s going to build it?”
From protocol spec to production. Architecture → code → deployment.

Writing

Code

All reference implementations are open source under Apache-2.0.

  • atl-core  — pure cryptographic library for ATL Protocol v2.0
  • atl-server  — reference Log Operator implementation
  • atl-cli  — command-line verification tool
  • apl-core  — pure verification library for APL Protocol v1.0

Engagement

Remote, async-first. Weekly prepay. Scope freeze. One decision-maker on your side.

Contact

Ready to discuss your project?

Last updated on
ATL Protocol