An open API service indexing awesome lists of open source software.

https://github.com/taurus-ai-corp/gridera

GRIDERA — Post-Quantum Compliance Platform. Scan. Comply. Migrate. ML-DSA-65 signing, Hedera HCS audit trails, EU AI Act compliance. By TAURUS AI Corp.
https://github.com/taurus-ai-corp/gridera

audit-trail blockchain compliance cybersecurity enterprise-saas eu-ai-act gdpr hashgraph hedera ml-dsa ml-kem monorepo nextjs nist-pqc post-quantum-cryptography pqc quantum-safe regulatory-compliance turborepo typescript

Last synced: about 16 hours ago
JSON representation

GRIDERA — Post-Quantum Compliance Platform. Scan. Comply. Migrate. ML-DSA-65 signing, Hedera HCS audit trails, EU AI Act compliance. By TAURUS AI Corp.

Awesome Lists containing this project

README

          


PQC Standards
Hedera
License
TypeScript
CI Status

GRIDERA


Post-Quantum Compliance Platform — Scan. Comply. Migrate.

Enterprise-grade PQC compliance platform with ML-DSA-65/ML-KEM-768 signing, Hedera HCS audit trails, and geo-routed regulatory compliance across NA, EU, IN, and UAE.


Website · Free PQC Scan · Quick Start · API Docs · Enterprise

---

## Why GRIDERA

NIST finalized post-quantum cryptography standards (FIPS 203/204/205) in August 2024. The EU AI Act mandates compliance by August 2026. Every organization running TLS, signing code, or managing certificates must migrate — but most have zero visibility into their cryptographic posture.

Quantum Grid is the first platform that combines automated PQC vulnerability scanning with blockchain-anchored audit trails and multi-jurisdictional regulatory mapping, giving enterprises a single pane of glass for the quantum migration.

## Key Features

**Automated PQC Scanning** — Scan any domain for quantum-vulnerable cryptography. Our Quantum Readiness Score (QRS) algorithm rates infrastructure across key exchange, signatures, certificates, and cipher suites.

**ML-DSA-65 / ML-KEM-768 Signing** — Every assessment, report, and audit event is signed with NIST-approved post-quantum algorithms using `@noble/post-quantum`. Signatures are verifiable and tamper-evident.

**Hedera HCS Audit Trails** — Immutable compliance records anchored to Hedera Consensus Service. Every assessment, status change, and report generation event gets a verifiable `hedera_tx_id`.

**Multi-Jurisdiction Routing** — Single codebase deployed across four geographic regions (NA/EU/IN/UAE), each with jurisdiction-specific regulatory rules: EU AI Act, OSFI B-13, RBI DPSC, TDRA.

**Sovereign AI Reports** — AI-generated compliance reports that can run entirely on-premises via Ollama/vLLM/TensorRT-LLM. Data never leaves your infrastructure.

**Six-Section Assessment Wizard** — Guided compliance assessment covering system classification, data governance, risk management, transparency, human oversight, and technical robustness.

## Architecture

```
quantum-grid-mesh/
├── apps/
│ ├── landing/ # Marketing site (q-grid.net) — Next.js 16, dark mode
│ └── comply/ # Compliance platform — Next.js 16, Clerk auth, Stripe billing
├── packages/
│ ├── pqc-crypto/ # ML-DSA-65 signing, ML-KEM-768 encapsulation, AES-256-GCM
│ ├── pqc-engine/ # SSL scanner, QRS scoring algorithm
│ ├── jurisdiction/ # Geo-detection (NA/EU/IN/AE), regulatory rule configs
│ ├── db/ # Drizzle ORM schema, 11 tables, Neon PostgreSQL
│ ├── hedera/ # HCS audit trail submission, HTS credential management
│ ├── ui/ # Shared brand components, Grid Mesh logo, design tokens
│ └── tsconfig/ # Shared TypeScript configurations
├── sales-engine/ # Lead scoring, outreach automation, competitive intel
├── scripts/ # Platform key initialization, migrations
├── docs/ # Architecture, API, deployment, and self-hosting guides
└── .github/workflows/ # CI/CD, CodeQL security scanning, release automation
```

```mermaid
graph TB
subgraph "Client Layer"
A[q-grid.net Landing] --> B[Free PQC Scan]
C[eu.q-grid.net] --> D[Dashboard]
D --> E[Assessment Wizard]
D --> F[Reports]
D --> G[Settings / Billing]
end

subgraph "Application Layer"
H[Next.js 16 + proxy.ts]
I[Clerk v7 Auth]
J[Stripe Billing]
end

subgraph "Core Engine"
K[@taurus/pqc-crypto
ML-DSA-65 · ML-KEM-768]
L[@taurus/pqc-engine
SSL Scanner · QRS Algorithm]
M[@taurus/jurisdiction
NA · EU · IN · UAE]
end

subgraph "Data Layer"
N[Neon PostgreSQL
Frankfurt eu-central-1]
O[Hedera HCS
Audit Trail]
P[Sovereign AI
Ollama / vLLM]
end

B --> L
E --> K
E --> M
F --> P
H --> I
H --> J
K --> N
K --> O
L --> K
```

## Quick Start

```bash
# Prerequisites: Node.js >= 20, pnpm >= 9
git clone https://github.com/Taurus-Ai-Corp/Quantum-Grid-Mesh.git
cd Quantum-Grid-Mesh

# Install dependencies
pnpm install

# Build all packages and apps (8 tasks)
pnpm build

# Run all tests (124+ tests)
pnpm test

# Start the landing site (dark mode, port 3000)
pnpm --filter landing dev

# Start the compliance platform (light mode, port 3000)
# Requires Clerk keys in apps/comply/.env.local
pnpm --filter comply dev
```

## Packages

| Package | Description | Tests |
|---------|------------|-------|
| `@taurus/pqc-crypto` | ML-DSA-65 signing, ML-KEM-768 key encapsulation, AES-256-GCM encryption | 13 |
| `@taurus/pqc-engine` | SSL/TLS scanner, Quantum Readiness Score (QRS) algorithm | 11 |
| `@taurus/jurisdiction` | Geo-detection (NA/EU/IN/AE), regulatory framework configs | 13 |
| `@taurus/db` | Drizzle ORM schema with 11 tables, Neon PostgreSQL connection | — |
| `@taurus/hedera` | Hedera Consensus Service audit trails, HTS credential management | — |
| `@taurus/ui` | Brand components, Grid Mesh logo, design tokens | — |
| `@taurus/tsconfig` | Shared TypeScript base configurations | — |

## Regulatory Coverage

| Jurisdiction | Region | Frameworks | Deployment |
|-------------|--------|-----------|-----------|
| European Union | `eu` | EU AI Act, GDPR, DORA, eIDAS 2.0 | eu.q-grid.net |
| North America | `na` | OSFI B-13, PIPEDA, CCCS PQC, NIST CSF | na.q-grid.net |
| India | `in` | RBI DPSC, IT Act, DPDPA 2023 | in.q-grid.net |
| UAE | `ae` | TDRA, NESA, ADGM | ae.q-grid.net |

## Enterprise

### Pricing

| Tier | Price | Includes |
|------|-------|----------|
| **Starter** | €399/mo | 5 systems, PQC scanning, basic reports, email support |
| **Growth** | €899/mo | 25 systems, continuous monitoring, AI reports, priority support |
| **Enterprise** | Custom | Unlimited systems, sovereign AI, SSO/SCIM, dedicated CSM, SLA |

### Enterprise Features

**Sovereign AI Deployment** — Run the entire platform on your own infrastructure. AI report generation via self-hosted Nemotron, Mistral, or any OpenAI-compatible endpoint. Zero data egress.

**Clerk Organizations + SCIM** — Enterprise SSO with SAML/OIDC, team management, role-based access (CISO, CTO, Auditor, Viewer roles), and SCIM directory sync.

**CycloneDX CBOM Generation** — Automated Cryptographic Bill of Materials from your codebase. Integrates with GitHub, GitLab, and Bitbucket for continuous crypto inventory.

**Regulatory Submission Pipeline** — One-click submission to EU AI Database, OSFI reporting portal, and RBI compliance registry.

Contact: [enterprise@taurusai.io](mailto:enterprise@taurusai.io)

## Tech Stack

| Layer | Technology |
|-------|-----------|
| Mono-repo | Turborepo + pnpm workspaces |
| Framework | Next.js 16 (proxy.ts routing) |
| Language | TypeScript 5.8 (83.7% of codebase) |
| Auth | Clerk v7 (SSO, Organizations, SCIM) |
| Database | Neon PostgreSQL v17 (Frankfurt) + Drizzle ORM |
| PQC | @noble/post-quantum (ML-DSA-65, ML-KEM-768) |
| Blockchain | Hedera Consensus Service (HCS) |
| Payments | Stripe (EUR billing, webhooks) |
| AI | Sovereign: Ollama/vLLM — Cloud: AI Gateway |
| Hosting | Vercel (Edge Functions, ISR) |
| CI/CD | GitHub Actions (build, test, CodeQL, SBOM) |

## Security

All artifacts are ML-DSA-65 signed. Every mutation triggers a Hedera HCS audit trail. See our [Security Policy](https://github.com/Taurus-Ai-Corp/.github/blob/main/SECURITY.md) for vulnerability reporting.

Security headers enforced: CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Strict-Transport-Security.

Zod validation on all API mutation routes. OWASP-enhanced XSS escaping on all user inputs.

## Contributing

We welcome contributions. Please read our [Contributing Guidelines](https://github.com/Taurus-Ai-Corp/.github/blob/main/CONTRIBUTING.md) and sign the [Contributor License Agreement](https://github.com/Taurus-Ai-Corp/.github/blob/main/CLA.md) before submitting PRs.

## License

This project is licensed under the [Business Source License 1.1](LICENSE) (BSL 1.1). The licensed work is Quantum Grid Mesh. The licensor is TAURUS AI Corp. The change date is April 1, 2030. On the change date, the license converts to Apache 2.0. Additional use grants are available for evaluation, development, and non-commercial use. Commercial deployment requires a paid license — see [Enterprise](#enterprise).

## Links

| Resource | URL |
|----------|-----|
| Website | [q-grid.net](https://q-grid.net) |
| Free PQC Scan | [q-grid.net/scan](https://q-grid.net/scan) |
| EU Comply Platform | [eu.q-grid.net](https://eu.q-grid.net) |
| Documentation | [docs/](docs/) |
| Security Policy | [SECURITY.md](https://github.com/Taurus-Ai-Corp/.github/blob/main/SECURITY.md) |
| Status | [status.q-grid.net](https://status.q-grid.net) |

---


Built by TAURUS AI Corpa> · Wyoming, USA

Post-quantum compliance infrastructure for the enterprises that can't afford to wait.sub>

p>