Overview — federal blockchain, honestly
Federal blockchain is the technology discipline where the most money has been spent for the least operational outcome. That is not a secret. The Government Accountability Office, the National Institute of Standards and Technology, and the DHS Science & Technology Directorate have all written variations of the same sentence: "Most proposed blockchain uses in government would be better served by a conventional database." Precision Delivery Federal LLC agrees — and that agreement is exactly why we are the right small business for the federal blockchain work that remains.
Because for every ten federal ideas that should not be a blockchain, there is one that should. Supply-chain provenance where multiple non-trusting entities must agree on the state of a shared artifact. Credentialing where selective disclosure and portability across agencies is the product. Grant-making where traceability across sub-recipients is currently impossible. Digital evidence chain of custody where judicial admissibility requires an append-only, verifiable record. Those problems are real, they are expensive to solve with traditional architectures, and they are where distributed ledgers earn their keep.
We are a SAM.gov registered small business (UEI Y2JVCZXT9HP5, CAGE 1AYQ0, NAICS 541512) with the engineering depth to design, build, and operate federal blockchain pilots end-to-end. We will also tell you when your problem does not need one — because the worst outcome for a small business in federal is to ship a system the agency quietly retires in year two.
Our technical stack
We standardize on a small set of platforms and deviate only when the mission demands it.
| Layer | Primary | Alternates | When we use it |
|---|---|---|---|
| Permissioned ledger | Hyperledger Fabric 3.x | Besu (IBFT 2.0), Corda 5 | Multi-agency provenance, credentials, records. |
| Public / permissionless | Ethereum mainnet | Polygon, Arbitrum, Solana | Rare. Only when public verifiability is the product. |
| Smart contracts | Fabric Go chaincode | Solidity 0.8.x, Rust (CosmWasm) | Fabric first; Solidity when EVM interop is required. |
| ZK systems | Circom + snarkjs (Groth16) | halo2, arkworks, RISC0 | Selective disclosure, privacy-preserving credentials. |
| Identity | W3C DIDs + VCs | Hyperledger Aries, Indy, AnonCreds | Issuer / holder / verifier credential flows. |
| Storage | S3 (GovCloud) + hash on chain | IPFS, Filecoin, Arweave | Artifacts stay off-chain; commitments anchor them. |
| Indexing | The Graph (public) / custom Fabric block listener | Subsquid, Covalent | Query-grade views of chain state. |
| Key management | AWS CloudHSM, Azure Dedicated HSM | YubiHSM, agency PIV/CAC | Never store raw private keys on app servers. |
| Oracles | Custom signed oracle | Chainlink (public only) | Federal work = custom, auditable oracles. |
| Testing | Foundry, Hardhat, Fabric test harness | Echidna, Scribble, Certora | Fuzz + property-based from the start. |
Federal use cases
- DoD supply-chain provenance — microelectronics trust, counterfeit-parts detection, Trusted Supplier program modernization. Fabric + EPCIS + DoD-managed PKI. See our DoD page.
- DHS / USCIS verifiable credentials — digital visa and work authorization credentials, selectively disclosed by the holder, cryptographically verifiable by any authorized relying party. DHS page.
- FDA pharmaceutical track-and-trace (DSCSA) — ledger-backed serialization and chain of custody for prescription drugs under the Drug Supply Chain Security Act.
- USPTO patent provenance and prior-art timestamping — cryptographic timestamping of disclosures and prior-art submissions.
- DOE grid asset registry — cross-utility asset registry for grid modernization projects; commitments and events recorded to a shared permissioned chain.
- GSA grants traceability — sub-recipient accountability and fund-flow visibility across prime recipients, sub-recipients, and contractors.
- FBI digital evidence chain of custody — judicially admissible cryptographic attestations of acquisition, transfer, and access. FBI page.
- USDA organic and origin certification — commodity provenance from farm to processor to retailer. USDA page.
- State Department apostille and consular records — cross-border document authentication.
- VA benefits eligibility portability — veteran-held credentials portable across VA, DoD, and state agencies.
Reference architectures
1. Multi-agency provenance network in GovCloud
Hyperledger Fabric 3.x deployed on EKS in AWS GovCloud, one peer per participating agency, two ordering service nodes per agency for BFT redundancy, and a shared Raft ordering cluster crossed through TransitGateway-connected VPCs. Every agency brings its own PKI under a federation MSP. Chaincode is Go, deployed via the Fabric lifecycle endorsement policy. Off-chain artifacts live in per-agency S3 buckets with object lock; on-chain records anchor the SHA-256 hash plus metadata. A REST gateway (Fabric Gateway SDK) fronts the mesh for application integration. Every transaction is logged to CloudWatch for ATO audit. The SSP inherits VPC, IAM, KMS, and logging controls from FedRAMP High boundaries; residual controls (SC-12 key management, AU-12 audit generation, SI-7 software integrity) are documented at the application level.
2. Verifiable credential issuer/verifier in Azure Government
Hyperledger Aries cloud agents running on AKS IL5 (for sensitive issuer workflows) and AKS IL2 for citizen-facing verification. Issuer anchors DIDs on a permissioned Indy ledger shared by authorized federal issuers. Holder wallets run on agency-approved mobile devices. Verifier integration with existing SAML and OIDC relying parties via a thin adapter. ZK selective disclosure through AnonCreds so a holder can prove "I am over 21" without revealing birth date.
3. Evidence chain-of-custody pilot (on-prem + IL5 cloud)
A private Besu network with IBFT 2.0 consensus across three field offices and one headquarters node. Every evidence acquisition event is signed by the officer's PIV card and submitted through a custom oracle that validates acquisition policy. Event payloads are Merkle-committed to chain; actual evidence artifacts stay in the forensic imaging vault. Tamper-evident exports for court presentation are generated on demand with full Merkle proof chains.
Delivery methodology
- Discovery (2-3 weeks) — NIST IR 8202 decision framework applied to the candidate use case. If the answer is "this does not need a blockchain," we document why and hand back time. If the answer is yes, we produce a trust model, a threat model, and a control mapping.
- Design (3-4 weeks) — network topology, MSP and identity federation, chaincode / contract design, off-chain integration points, key management plan, disaster recovery plan, ATO package outline.
- Build (8-16 weeks) — iterative 2-week increments. Chaincode, gateway, UI, integration adapters, reference client SDK, and test harness. Every increment demoable to the sponsor.
- Security & ATO support (overlapping) — SSP authoring support, control inheritance documentation, penetration test prep, third-party smart-contract audit coordination.
- Operations (optional, ongoing) — peer and orderer health monitoring, chaincode upgrade management, HSM rotation, observability dashboards.
Engagement models
- SBIR Phase I fixed-price (~$150-275K, 6 months) — feasibility + working prototype + transition plan. Ideal for agency innovation offices.
- SBIR Phase II fixed-price (~$1.25-2M, 24 months) — hardened pilot, ATO-ready deployment, early operational use.
- Direct contract fixed-price — scoped pilots under simplified acquisition thresholds or GSA Schedule.
- T&M for modernization — when the scope is genuinely open-ended, T&M under a pre-negotiated rate card.
- OTA through consortia — DIU, NSIN, Tradewinds, Consortium of Research Agreements for rapid prototyping.
- Sub to prime — specialist subcontractor role under a large prime for the blockchain component of a larger system.
Maturity model
- Level 1 — Concept: whiteboard trust model, pen-and-paper threat model, feasibility memo.
- Level 2 — Prototype: single-organization chain, single-node, chaincode + UI demoable against mock data.
- Level 3 — Pilot: multi-node permissioned network in GovCloud, real integration with at least one system of record, limited user population, SSP draft.
- Level 4 — ATO-ready: full SSP, control inheritance documented, pen-test clean, HSM-backed keys, DR tested, operations runbooks complete.
- Level 5 — Operational: production use across multiple organizations, chaincode upgrade governance in place, measurable mission outcomes reported to the sponsor.
Deliverables catalog
- Use-case suitability memo (NIST IR 8202 framework applied).
- Trust model and threat model documents.
- Network topology diagram + MSP federation plan.
- Chaincode / smart contract source (Go or Solidity) with unit, integration, and property-based tests.
- Reference client SDK (Python + TypeScript) with examples.
- Gateway API (REST or gRPC) with OpenAPI spec.
- Infrastructure as Code (Terraform + Helm charts).
- Key management plan + HSM integration.
- SSP control inheritance appendix.
- Penetration test report and remediation log.
- Operations runbooks and observability dashboards.
- Transition plan to agency ownership.
Technology comparison — honest tradeoffs
| Platform | Strengths | Weaknesses | Federal fit |
|---|---|---|---|
| Hyperledger Fabric | Permissioned by design, rich access control, pluggable consensus, Go/Java chaincode. | Operational complexity, steep learning curve, upgrade pain. | High — default federal choice. |
| Besu (EVM, permissioned) | Ethereum tooling ecosystem, Solidity, IBFT 2.0 BFT consensus. | EVM gas model is noisy in permissioned setting. | High when EVM interop matters. |
| Corda 5 | UTXO-style privacy, notary model, JVM. | Smaller ecosystem, vendor concentration. | Medium — strong in FinCEN / Treasury patterns. |
| Ethereum mainnet | Maximal decentralization, public verifiability. | Cost, privacy exposure, regulatory uncertainty. | Low for federal, case-by-case. |
| Solana | Throughput, low latency. | Historical outages, Rust learning curve. | Low. |
| Hyperledger Indy / Aries | Purpose-built for SSI. | Narrower scope, less active development. | High for credential use cases. |
Federal compliance mapping
We map every component of the pilot to NIST 800-53 rev 5 controls and surface the residual application-level controls in the SSP. Representative coverage:
- AC-2, AC-3, AC-6 — Fabric MSP-driven RBAC, contract-level ABAC, principle of least privilege at the chaincode function level.
- AU-2, AU-3, AU-12 — every transaction produces an immutable, signed audit record. Peer-level logs forwarded to CloudWatch / Sentinel.
- SC-12, SC-13, SC-28 — FIPS 140-2/3 validated HSMs (CloudHSM or Azure Dedicated HSM), TLS 1.3 for peer gossip, at-rest encryption for ledger files.
- SI-7 — chaincode hash commitments recorded at deployment; drift detection via periodic peer polling.
- CM-2, CM-3 — chaincode upgrade governance via Fabric lifecycle endorsement policy; every upgrade signed by the required majority of MSPs.
- IA-2, IA-5 — PIV/CAC-backed enrollment where applicable; HSM-sealed admin keys with quorum release policies.
We also align with NIST IR 8202 (blockchain overview), NIST IR 8419 (blockchain and smart contracts), and FedRAMP control baselines.
Sample technical approach — supply-chain provenance pilot
A hypothetical DoD microelectronics provenance pilot. The sponsor wants to trace chips from wafer fabrication through assembly, test, distribution, and ultimate installation in a weapon system. The current system is a patchwork of Excel spreadsheets and PDFs exchanged over email. Chain of custody is unenforceable.
Week 1-2: Discovery. We validate the trust model: wafer fabs, assembly houses, test facilities, depots, and the program office do not all trust each other fully, but they are all bound by the Trusted Supplier program framework. Existing identity: each organization has DoD CA-issued certificates. Decision: permissioned Fabric 3.x network, one organization per participating supplier tier, the program office as the default orderer operator.
Week 3-5: Design. Chaincode models a wafer lot, die, assembled part, and system installation as first-class entities. Events include fabrication, test pass/fail, packaging, shipment, receipt, installation, and decommissioning. Every event is signed by the originating organization's MSP identity. Off-chain artifacts (test reports, DPAs, certificates of conformance) stored in a per-organization S3 bucket with object lock; the chain holds the SHA-256 hash plus metadata.
Week 6-14: Build. Iterative 2-week increments. Increment 1: chaincode happy-path and Fabric Gateway. Increment 2: oracle for EPCIS event ingestion. Increment 3: React-based tracing UI. Increment 4: alerting on anomalous flows. Every increment demoable to the sponsor's innovation office.
Week 15-18: Security and pilot. Pen test engagement, third-party chaincode audit, SSP delivery, controlled pilot with 3 real suppliers, 1 real depot, 1 real program office.
Week 19-24: Transition. Training, operations runbooks, maintenance hand-off plan to the agency's preferred sustainment vehicle.
Related capabilities, agencies, contract vehicles, and insights
- Capabilities: Cybersecurity & DevSecOps, Cloud Infrastructure, API Design, Microservices.
- Agencies: DoD, DHS, FBI, USDA, HHS.
- Contract vehicles: SBIR, OTA, GSA MAS.
- Insights: When federal agencies should not use blockchain, Verifiable credentials for federal identity, Zero-knowledge proofs for federal privacy.
- Resources: NIST IR 8202 decision framework worksheet, Fabric on GovCloud reference deployment.
- Case studies: SAMHSA production ML (confirmed PP), Supply-chain provenance pilot.