Sovereign CRM software

OSTRACON

Local/private operational release

Your customers’ relationship graph shouldn’t live in a database you don’t own.

What It Is

OSTRACON is a CRM your business actually owns. Contacts, companies, deals, and pipelines live on your machines — every sensitive field encrypted at rest, every sensitive change routed through an approval queue with no god mode, and sync carried by a relay that cannot read what it transports.

AI agents participate as architectural equals, under the same approval workflow as any human operator.

Why It Exists

CRM-as-a-service puts the most valuable business artifact — the relationship graph — on infrastructure the business does not control. OSTRACON is the sovereign alternative: the data lives where the team lives.

What Exists Today

  • Implemented and tested: passkeys, MFA, durable session revocation, break-glass recovery, centralized authorization decisions, server-side field redaction, step-up enforcement, and audit controls
  • Runtime zero-knowledge authorization gates: anonymous membership login, tier elevation without identity disclosure, proof-gated approvals
  • The full CRM domain proven end-to-end in two independent browser suites: contacts, companies, deals, pipelines, imports, reports, governance, and billing in USD and MCR
  • Deploys via Docker, from source, or as a single self-contained desktop binary with an embedded server
  • Content-blind federation envelopes; Shamir-sharded key recovery

Current Operational Boundary

Local/private operational release

Operational today for local and private deployments — self-hosted, encrypted by default — advancing toward multi-tenant public production.

Position in the Ecosystem

  • Runs on the same sovereign infrastructure lineage that began with Annex: zero-knowledge identity, field-level encryption, content-blind relays
  • AI-agent participation shared with Annex and MABOS
  • Billing in USD and MCR

Engage