TurtleShell Join waitlist

Self-sovereign personal data store

Your data, under your shell.

TurtleShell gives every DID a private store with clean authority, portable records, and room to move.

Join the waitlist Explore the platform
  • One DID, one store.
  • Delegation without surrender.
  • Portable by design.

Cryptographic authority

Delegate access without surrendering control.

Owners grant exactly what an app or teammate needs, then keep the root authority.

    Choose your angle

    Same shell, different uses.

    For people and product teams

    Bring records and permissions into a shell that belongs to the owner, not the platform.

      Security Manifesto

      Protected by cryptography and open standards, not promises.

      Five principles that govern how TurtleShell handles your data.

      I

      Sovereignty by Cryptography

      Your data is not protected by our "terms of service" — it is protected by the laws of mathematics. If you do not sign the request, the vault does not open. Even we cannot bypass this.

      II

      Isolation and Privacy as a Human Right

      In the physical world, you have a front door. In Turtle Shell, your data lives in a physically isolated compartment. There are no "shared tables" where a leak in one can lead to a flood in another.

      III

      The Shell is Portable

      You carry your shell; you are not trapped in ours. True sovereignty means you can pack your data, your identities, and your permissions and move to any node in the world without losing a single bit of authority.

      IV

      Authority is Not Identity

      We do not need to know who you are to know you are authorized. By using ZCAP-LD, we replace invasive profiles with cryptographic "hall passes" that grant specific access without requiring a name.

      V

      Zero-Trust Infrastructure

      We assume the infrastructure is compromised. Therefore, data is encrypted at rest, in transit, and gated by keys that never leave your control.

      Platform

      Strong boundaries. Simple feel.

      Owner first

      The DID holder stays in charge. No hidden platform superpowers.

      Scoped access

      Grant only the slice of power a workflow needs, then revoke it when done.

      Move when ready

      Identity, data, and history are built to travel across nodes and deployments.

      Early access

      Bring a stronger data ownership model into your product.

      Tell us what you are building See the platform