We build technology that puts people first
Ionzero is a small, experienced team that has spent over two decades helping organizations and solving problems the industry hasn't gotten around to solving yet.
We build foundational technologies: open protocols, new models, working systems, that shift power away from fragile central infrastructure.
We all know centralization causes problems: outages, targets, attack surface. Historically, the industry has accepted this as the cost of doing business. We think differently. And then we prove it.
When organizations are in trouble, we help them get out of it too.
Why call us?
We joke that we have 100 years of development experience... because we skip the quiet years when everything is working. Organizations only bring us in when everything is on fire.
You know that meme:
Yeah. That's when they call us.
We've shipped production systems for global companies. We've brought legacy stacks back from the brink. We've stabilized teams that were days away from losing their best people. We've taken companies from daily production failures to their smoothest high-traffic season on record in eight weeks.
But the deeper reason to call us is this: we don't just fix symptoms. The problems in a technical system almost always originate in the organization itself. We address both.
Some of the companies we've worked with:
What we've built
Most consultancies implement other people's ideas. And when they have a problem that doesn't have an off the shelf solution, they stall or fail. We don't back down from hard problems. When we encounter a constraint that can't be solved using existing technologies we invent new ones, and then help others build with them.
The through-line across everything we build is the same: remove the central points of failure, distribute power to participants, keep the model honest and minimal. Then the most important part... make it easy to use.
Zero-Infrastructure Capability Graphs (ZI-CG)
The primary attack surface for traditional identity and access management systems is the infrastructure itself. Centralized servers, certificate authorities, identity providers, token registries... each one is a target. Each one is a single point of failure. If the network is down, authorization decisions fail. Each piece of infrastructure is something an attacker can compromise, a government can seize, or a corporation can shut down.
The unanswered question: What if you need identity and authorization to work even when the network is down or infrastructure is unavailable?
ZI-CG is our answer. It's a published model for identity, trust, and authorization that requires zero infrastructure to verify. Instead of depending on infrastrucure, ZI-CG depends on strong proven cryptography and math. Trust lives in the tokens themselves: mathematically self-proving, verifiable offline, portable across systems, and resilient to exactly the kinds of failures that traditional IAM systems can't survive.
Read the paper (arxiv) - for the research-minded.
Vouchsafe - ZI-CG in practice
Vouchsafe is the complete, working implementation of ZI-CG. It's an open protocol and specification for decentralized, cryptographically verifiable identity and trust, built on familiar standards (JWTs), deployable today, and requiring no servers, blockchains, or certificate authorities to verify.
Think of it as JWTs with superpowers. Your software only needs to know a Vouchsafe ID to validate tokens locally, instantly, with no network calls. It works online. It works offline. It works when the infrastructure is gone entirely.
Learn more at getvouchsafe.org - readable, technical, and open.
DTL - Data Transformation Language
Data transformation is one of those things that should be a solved problem, but it keeps getting redone manually in every project.
DTL (Data Transformation Language) is a declarative language for transforming structured data like JSON, YAML, CSV, and API responses. Instead of writing imperative code with loops and mutation, you describe the output structure you want, and DTL handles the transformation. What makes it different is its formula-like syntax, recursive transforms, and functional approach to data processing, which make complex restructuring and ETL tasks far simpler and easier to read than traditional transformation code. At its core, DTL treats data transformation like writing formulas for data structures — expressions, helpers, and transforms combine together to reshape, filter, calculate, and reorganize information in a concise and readable way.
Most importantly, it's easy to understand and use. It provides command line tools for slicing and dicing your data... think grep and awk for JSON, YAML, and CSV, plus arbitrary-precision math, and its embeddable library makes it easy to include into your own software.
PAN - a new model for multi-user applications (beta)
Every modern app stack assumes the same shape: clients, servers, databases, APIs. That model works, but it introduces enormous accidental complexity, infrastructure that exists not because your application needs it, but because the architecture demands it.
PAN is a decentralized communication layer for applications. Instead of every app building custom systems for realtime messaging, coordination, discovery, and synchronization, PAN provides a shared network where applications exchange typed messages through groups and events. Developers connect to a PAN node, subscribe to the information they care about, and communicate across local networks or the Internet without depending on centralized infrastructure.
The result is simpler, more resilient, more human-scaled software. PAN nodes run on ordinary hardware, can operate entirely within local networks, and continue functioning even when disconnected from the wider Internet. Small interactive multi-user applications stop requiring a full cloud stack before you can test the first feature. No blockchain, no massive infrastructure, just agents exchanging messages.
PAN is currently in beta. We're building with it internally and we're interested in talking to people who want to build with it too.
Get in touch if PAN sounds like what you've been looking for
Where we most want to work
We're selective. We've proven ourselves across the standard arenas: enterprise scale, fintech, media, education, aviation. We're not chasing that work anymore.
What we're genuinely excited about is deploying this technology where it matters most.
Humanitarian organizations, NGOs, and civic infrastructure
ZI-CG and Vouchsafe were designed, at their core, for exactly the environments where traditional identity systems fail the people depending on them:
- Disaster response - when connectivity is intermittent or gone and field workers still need to verify who has authority to do what, right now, offline
- Refugee and displaced populations - when people need portable, self-sovereign identity that doesn't depend on a government server, a corporate database, or an institution that may no longer exist
- Conflict zones and adversarial environments - when centralized infrastructure is a liability rather than an asset, and the wrong people gaining control of the identity system has catastrophic consequences for the people it's supposed to protect
- Underserved communities - where connectivity is unreliable and trust in centralized institutions is, often reasonably, low
If you're building for any of these contexts, if you're a humanitarian org, an international NGO, a civil society organization, or a government agency trying to serve people in fragile or high-risk situations, we especially want to hear from you.
If we do nothing else, this work is enough.
What we do for organizations
Fractional CTO & Strategic Technical Leadership
Sometimes organizations don't need a full-time CTO. They need someone who has seen enough things break, and enough things get fixed, to know exactly what's wrong and what to do about it, and who can lead a team through it.
We've stepped into organizations experiencing daily production failures, teams without effective leadership, morale at an all-time low, and no clear picture of how the system actually fits together. One engagement: a fintech company going from critical production failures every single day to their smoothest high-traffic season on record, in eight weeks. We've done it multiple times, across industries. The pattern is consistent.
We fix the systems. But more importantly, we fix the conditions that created them. When we leave, the team can sustain what we built because the team is better, not just the code.
You need more than project management. You need senior technical leadership that understands what you need and gets you there.
Talk to us about fractional CTO work
Identity & Trust Infrastructure
We design and implement Vouchsafe and ZI-CG-based systems for organizations that need strong, portable, offline-capable identity and authorization, without the attack surface that comes with traditional IAM.
This means integration into existing systems (Vouchsafe is drop-in compatible with standard JWTs), architecture for fully decentralized trust networks, and building applications that stay functional when connectivity fails or when the infrastructure is actively hostile.
Talk to us about identity and trust
Architecture & System Design
Not every organization needs the infrastructure model that originated in a ten-thousand-engineer company. Most will never reach that scale. Many are already suffering under the weight of complexity they adopted before they understood the cost.
We help you understand what you actually need. Design for that. And build your way out of the hole that over-engineering digs.
How we think
The tools that are "the only way to go" today are the "OMG you built it using that?" of tomorrow. We've watched this cycle enough times to have stopped being surprised by it.
Overcomplexity and maintenance costs now routinely dwarf the cost of the actual application. Much of the tooling in common use only ever made sense inside the mega-corp engineering teams that invented it... and will likely never make sense for the organizations that don't reach that size.
On AI: AI coding tools are real, and we use them. But there's a meaningful difference between vibe-coding a flappy-bird clone and building production systems that people depend on. Using AI blindly today is how you create expensive problems tomorrow. You have to understand what it's good at, what it isn't, and how to use it in a way that supports rather than undermines your work.
We know how. It's the same principle that's always applied: understand your tools. Use them in the right situations. Don't import yesterday's hype into tomorrow's architecture.
A note on IZU - Ionzero University (community project)
AI is eating junior developer roles faster than the ladder is being rebuilt. The gap between "junior dev" and "engineer who can operate independently" has never been harder to cross without support and the traditional path through entry-level work is narrowing.
IZU is our community project to help bridge it. A place for junior developers to talk with each other and with senior engineers, and to learn the things that actually accelerate that transition, the stuff that rarely shows up in tutorials.
It's a side project, not a service. But if it's something you'd find valuable either as a junior developer trying to level up, or as a senior engineer who wants to contribute, we'd love to have you involved.
More details coming soon.
What we're not
We're not another dev shop for hire.
We're not interested in pitch-deck sizzle.
We're not building engagement traps, dark patterns, or systems designed to extract from the people who use them.
What we are is a small team that cares deeply about building things that matter.
If this resonates with you...
Let’s talk
We're selective about the work we take on... Because our best work happens when the fit is right.
Tell us what you’re working on and why it matters.
If it's a good match, we’ll make time.