A system where nothing is trusted until proven.
Secure Terminal™ is a locked-down execution environment where all access is enforced by hardware, identity, and cryptography. Not policy. Not passwords. Proof.
The Problem
Security fails at the environment level.
Even with strong cryptography, the environment where operations happen is rarely secured to the same standard. Cryptographic keys and operations can be sound, and the system can still fail.
Even with strong cryptography
Endpoints get compromised
Malware and process injection operate beneath the cryptographic layer.
Browsers leak data
Shared browser environments expose sensitive operations to untrusted contexts.
Malware bypasses controls
Software-only controls can be circumvented before operations reach the security boundary.
The Lokblok Approach
A Zero Trust execution environment.
Secure Terminal™ doesn't assume any part of the environment is safe. Every element, including access, applications, network, and data, is controlled by hardware and cryptographic enforcement.
What It Includes
Every layer of the environment is secured.
Encrypted Virtual Vault
The vault mounts after user authentication using Toughkey™, secures the whitelisted applications, and prevents users from exploring unapproved URL sites.
Whitelisted Application Environment
Only approved, verified applications can execute. No unvetted processes can operate within the terminal boundary.
Phantom Gate™
Client and server mutually attest to each other before any data moves. Authentication keys are created inside the Toughkey™ secure element, used once, and immediately destroyed. No stored credentials, no persistent session tokens.
Distributed Secure Storage
Storage can be centralized or decentralized, with all data encrypted in both models. In the decentralized model, the SDK supports Self-Recovery or Assisted Recovery of files and digital assets, where reconstruction requires a cryptographic quorum.
Phantom Secrets™ Integration
Key operations are handled through the Phantom Secrets™ protocol: reconstructed on demand, used, and immediately destroyed.
How It Works
Nothing runs until everything is verified.
Authenticate via Toughkey™
The user authenticates using their Toughkey™ hardware device. No hardware, no access. Credentials alone are insufficient.
Environment Unlocks After Verification
The Secure Terminal™ environment only becomes available after hardware authentication is confirmed. The locked state is the default.
Applications Run in Controlled Space
All applications operate within the verified, whitelisted environment. Unapproved processes cannot execute or interfere.
Data Remains Encrypted Unless Active
Data is only decrypted for the instant it is actively in use. At rest, in transit, or idle, it is encrypted. Always.
Key Capabilities
Environment-level security.
Where It Wins
High-stakes environments.
Cold storage environments
Hardware-enforced isolation for assets that require the highest security posture.
Warm and hot wallets
Cryptographic controls and policy-enforced access for wallets that require operational availability without sacrificing security.
Enterprise secure workspaces
A controlled, verified workspace for employees handling sensitive operations or regulated data.
High-value data handling
Any environment where the data itself demands cryptographic-grade protection at the access layer.
Regulated operations
Auditability, access control, and cryptographic attestation built in, for industries where compliance is non-negotiable.
Secure Terminal™ in the Lokblok® ecosystem
Secure Terminal™ is the execution layer. Toughkey™ with Phantom Secrets handle the reconstruction of keys. ToughID™ handles the identity. Phantom Gate™ handles access. Together, they form a complete Zero Trust architecture.
