Permissionless
chain.
Permissioned access.
SymmetriQ is the trust layer between enterprise IAM and decentralized ledgers — bridging Azure AD and Keycloak to permissionless EVM networks, without changing the chain.
Latency
< 100ms
per HSM signature
Custody
Zero
keys never leave silicon
Networks
Any EVM
L1 · L2 · private
Who is allowed
to sign?
When a smart contract sits on a permissionless EVM network, anyone holding a private key can call it.
For an enterprise, that is not access control — it is the absence of it.
SymmetriQ turns a public blockchain into a private, governed surface — without changing the chain.
Two worlds. One signature.
Every authorized user receives a Decentralized Identifier cryptographically bound to their corporate identity and roles — scoped to a versioned signing policy.
Azure AD / Entra
Corporate identity
SSO · MFA · device signals
Keycloak
Roles & policies
Realms · groups · scopes
SymmetriQ
DID + signing policy
Bound to HSM / TPM
Smart contract
Permissioned execution
ERC-1271 / 4337 verifier
The chain stays permissionless and open. Access to your contracts does not.
Built for regulated execution.
01
Identity bridging
Native connectors for Azure AD / Entra ID and Keycloak. No replacement of your IAM.
02
Privileged access
Fine-grained mapping of corporate roles to on-chain actions and contract methods.
03
Policy enforcement
Approvals, quorum, rate limits and time windows enforced before signing.
04
Key custody
Keys generated and held in HSM, TPM 2.0 or Secure Enclave. Never exported.
05
Revocation
Instant revocation of a user's on-chain authority without touching the contract.
06
Auditability
Tamper-evident log of every signature, decision and policy evaluation.
The identity layer
for your smart contracts.
Three phases. Discovery in 2–3 weeks. Pilot in 6–8 weeks. Production at quarterly cadence.