About Maelstrom AI
A privacy technology company building cryptographic infrastructure for regulated environments.
Data minimisation as a starting point
Most privacy solutions promise to protect data after collecting it. We build systems where the collection never happens. When data paths for personal information do not exist in the architecture, you do not need access controls, breach notifications, or retention policies for that data.
We work in areas where regulation is moving fast and existing approaches create the problems they claim to solve. Identity documents uploaded to third-party servers. Face scans stored in databases. Centralised records of who accessed which sites. Biometric templates held by private vendors. Our systems prove facts without transmitting them.
What we are building
Provii
Privacy-preserving age verification using zero knowledge proofs. Our flagship product, currently being prepared for iOS and Android release. Learn more →
Cryptographic Libraries
Open source Rust crates for ZKP generation and verification, Pedersen commitments, and constant-time cryptographic operations. WASM-compatible.
Protocol Specification
A standalone, implementation-independent specification for privacy-preserving age verification. Wire formats, state machines, error codes.
Integration SDKs
Server-side SDKs for Node.js, Go, Python, and Cloudflare Workers, and client-side libraries for web, iOS, and Android. Sandbox access with no account required.
How we work
Open source
Our cryptographic libraries, verification and issuance services, protocol spec, SDKs, and mobile apps are published at github.com/provii. Our ISMS documentation is public. Trust built on code, not promises.
Verifiable builds
SLSA Level 3 provenance on every artefact. Every release traceable to its exact source commit and build environment. Sigstore-signed.
Memory-safe foundations
Cryptographic core in Rust. Zeroisation of sensitive values. Constant-time comparisons enforced by static analysis. No C, no C++.
Multi-jurisdiction
Built for Australia's Online Safety Act, UK Children's Code, GDPR, COPPA, and CCPA. One architecture across every regulatory regime we target.
Founded by Tim O'Connor
Tim is a cybersecurity professional based in St Arnaud, a small town in regional Victoria, Australia. He currently works full-time as an Automation and Detection Engineering Lead, and founded Maelstrom AI to build the privacy infrastructure he saw missing from the regulatory landscape: systems that comply with age verification mandates without creating surveillance databases.
His background is in security operations, detection engineering, incident management, and information security leadership. Over the past fifteen years he has worked across managed security service providers, enterprise security teams, and government IT. He holds CISSP, CASP+, CySA+, PenTest+, Microsoft Cybersecurity Architect Expert, and Cloudflare security certifications. Outside of work, he volunteers with a Volunteer Bushfire Brigade.
| Entity | Maelstrom AI Pty Ltd ATF Maelstrom AI Holding Trust |
| ABN | 61 633 823 792 |
| Jurisdiction | Victoria, Australia |
| Address | PO Box 169, St Arnaud VIC 3478 |
Work with us
If you are building in regulated industries and need privacy-preserving infrastructure, or if you want to integrate age verification into your platform, we would like to hear from you.