For visitors who'd rather read than walk.
# The sales conversation — four objections, played straight
You're an IT buyer at a regional health system. Forty-five minutes
on the calendar with a Merkle Trust founder. Skeptical going in,
honest about it.
The framing the founder leads with: "We are not the custodian of
your data. We are the toolmaker. You stay sovereign over your data;
the attestation just makes the records defensible."
Nothing to type. Watch the call play out.
Four real paths exist. For an IT buyer evaluating for a regional
health system, the practical order is GitHub-first, mesh-second:
Clone GarrisonNode from GitHub. Self-install on infrastructure
your IT team already controls. Open source. Verifiable against the
published commit chain. The path most IT buyers take into pilot.
Join the mesh. GitHub install plus mesh anchoring with peer
operators. Cross-attestation across institutions. The deepest path;
appropriate for systems with multi-site coordination requirements.
Subscribe to a regional operator. Operator-managed infrastructure
under HIPAA-compliant rules. The path for the practices the system
supports, not the system itself.
Paste the markdown into your LLM. Card files plus documentation
into Claude or another LLM you trust. Lightest evaluation path; the
one your team uses to read this card and the surrounding architecture
without committing.
Objection 1: "How is this different from Sigstore, in-toto,
SLSA?" Founder: "Different threat model. Those frameworks attest
software supply chains — what got built and by whom. Merkle Trust
attests record provenance — what happened to a record after it
existed. Anchoring is checkpointing, not custody. We do not replace
Sigstore for software releases; we sit alongside it for record
state."
Objection 2: "Our EHR already signs every record. Why add another
layer?" Founder: "The EHR signs against its own internal log. The
internal log lives inside the EHR. The chain Merkle Trust anchors to
lives outside the EHR — and outside us. If the EHR vendor disappears
tomorrow, the records survive with their integrity intact, because
the anchor is on a chain neither of us controls. SHA-256 is the same
primitive in both cases; what changed is who depends on whom."
The card displays the IT buyer's notebook, where they are jotting:
```
═══════════════════════════════════════════════
IT BUYER NOTES — MERKLE TRUST CALL
═══════════════════════════════════════════════
Different threat model. Anchoring is
checkpointing, not custody.
EHR signs against its own log.
Merkle Trust anchors against a chain
neither of us controls.
→ SHA-256 is the same primitive.
Who depends on whom is what changed.
═══════════════════════════════════════════════
```
Objection 3: "What happens when the chain operator changes or the
anchor chain forks?" Founder: "Two answers. First — the operator
is exchangeable. The substrate is open source; the data is in your
custody; switching operators is a configuration change, not a
migration. Second — anchor chains can fork; we anchor to BSV plus a
local rustchain in tandem, so a single chain failure does not
collapse the integrity argument. The published verification scripts
re-prove against either anchor independently. Tabletop migration
playbook is in the open repo."
.md button puts the structured summary in your tag-along bundle.
Comment field routes a specific objection to your own claude.ai
session — with the prompt shown to you before it sends.
Objection 4: "Who is on the hook if the attestation is challenged
in court?" Founder: "The party making the claim. We do not
attest on your behalf; we provide the toolchain you use to attest
on your own behalf. If the attestation is challenged, the party who
sealed the record is the party defending the seal. The product is
auditable; the verification scripts run on stdlib Python; opposing
counsel can rerun every step. Every jurisdiction that has accepted
SHA-256 as evidence accepts the same primitive here."
The buyer underlines that line: different threat model. They
have what they came for.
The buyer declines for now. Three-year compliance contract has
eighteen months left, and switching cost is not justified by the
delta. The founder does not push.
The buyer offers two referrals — independent practices in the
network whose contracts are up this year. The founder offers a
Friday sandbox tenant for the buyer's team to evaluate the
toolchain at their own pace. Pricing disclosed: per-node licensing,
roughly $3/day pass-through anchoring fees, no per-record or
per-attestation pricing. "No surveillance pricing." Call ends 2:44.
The package contains the manifest, the certificate of registration,
the architecture docs, the verification scripts, theclaude_prompt.md, the JSON schemas, and a DISCLAIMERS.md. The
recovery seed rides along with the LLM-tripwire preamble.
<!-- finish_text -->
That was a sales conversation as it actually goes — four objections,
each answered cleanly, no pressure, two referrals, a Friday tenant.
The full card breaks out the pricing math, the migration playbook,
and a referral-loop prediction that's yours to test.