Sovereign Tier
Ki! Sovereign is the full-suite tier for teams, professionals, and regulated enterprises who need audit-grade privacy, custom detection rules, and verifiable compliance evidence.
Community vs. Sovereign
Section titled “Community vs. Sovereign”| Feature | Community (Free) | Sovereign (€79/mo) |
|---|---|---|
| Local PII detection (Tiers 0–1.5) | ✅ | ✅ |
| Works with Claude, GPT, Ollama | ✅ | ✅ |
| Vault & Egress Log | ✅ | ✅ |
MCP server (ki-mcp) | ✅ | ✅ |
| Single device | ✅ | ✅ |
| Custom redaction rules (regex + dict) | — | ✅ |
| Tier 2 local SLM NER | — | ✅ |
| Ed25519-signed audit receipts | — | ✅ |
| Multi-device licence sync | — | ✅ |
| Team policy configuration | — | ✅ |
| Batch document scrubbing | — | ✅ |
| Air-gap mode (local LLM only) | — | ✅ |
| Priority support | — | ✅ |
| Annual compliance report export | — | ✅ |
Custom Redaction Rules
Section titled “Custom Redaction Rules”Sovereign lets you define organisation-specific masking rules that fire before any built-in detection:
Regex Rules
Section titled “Regex Rules”Write a regex pattern and Ki! masks every match with a custom token:
Pattern: \bPROJ-[A-Z]{2,4}-\d{4,6}\bToken: CUSTOM_PROJECT_IDExample: "Working on PROJ-EU-1042" → "Working on [CUSTOM_PROJECT_ID_3a4b]"Dictionary Rules
Section titled “Dictionary Rules”Upload a list of sensitive terms (internal codenames, executive names, client identifiers). Ki! does greedy longest-match at Tier 0, catching them before any regex or NER stage runs.
Rules are stored locally in your vault and synced (encrypted) across your authorised devices.
Tier 2 — Local SLM NER
Section titled “Tier 2 — Local SLM NER”Sovereign includes access to the local Small Language Model (SLM) NER engine. The SLM runs as a sandboxed sidecar on your device — no network call. It catches entity types that rule-based tiers miss: unusual names, contextual references, semantic PII.
If the SLM sidecar fails or exceeds the 5-second timeout, Ki! blocks the prompt (fail-closed). The SLM never degrades silently.
Ed25519-Signed Audit Receipts
Section titled “Ed25519-Signed Audit Receipts”Every AI interaction on Sovereign produces a cryptographically signed receipt:
- What was detected (entity types, count)
- That the prompt was masked (hash of the masked form)
- When (RFC 3339 timestamp)
- Signed with your organisation’s private Ed25519 key
The receipt chain is independently verifiable. Your DPO, CISO, or external auditor can validate entries without involving Ki!. See Compliance & Audit Logs for the full schema.
Multi-Device Sync
Section titled “Multi-Device Sync”A Sovereign licence covers all your authorised devices. Your settings, custom rules, and vault token mappings sync end-to-end encrypted across devices. The sync payload is encrypted with your Sovereign key — Ki!‘s servers see only ciphertext.
Team Policy
Section titled “Team Policy”Sovereign team licences include a policy configuration that applies to all seats:
- Shared custom rule sets (deployed to all team members)
- Shared never-mask allowlist (e.g., your company name, product names)
- Centralised audit log aggregation
- Admin console for seat management
Activating Your Licence
Section titled “Activating Your Licence”- Purchase Sovereign at getki.ai/pricing.
- You receive a signed licence file by email (
.ki-licence). - In Ki! desktop: Settings → Licence → Import Licence — or see the Import a Licence guide.
- Restart Ki!. Sovereign features activate immediately.
Beta Access
Section titled “Beta Access”During the private beta, beta testers receive 3 months of Sovereign free. Join the beta →