Parsimoni deployed a pure-OCaml CCSDS protocol stack called Borealis on DPhi Space's ClusterGate-2 payload module in low Earth orbit on April 23, 2026. The daemon runs end-to-end encrypted command and control with post-quantum key rotation via OTAR using ML-DSA-65, all written in safe OCaml.

The satellite operates as a tenant on shared Linux hardware, vulnerable to kernel CVEs like DirtyFrag and Copy Fail. Borealis wraps every bundle in BPSec cryptographic envelopes — encrypting payloads and authenticating them with pre-shared keys rotated via OTAR. On a hosted payload, kernel patching isn't feasible in orbit, making the crypto envelope the only durable guarantee.

Borealis polls telemetry and an onboard camera from a 5-10 MB statically linked daemon on an Arm SoC. OCaml's type system enforces exhaustive command dispatch via ADTs, so adding a new command flags every unhandled case at compile time. The master key has no rotation path once installed pre-launch — an honest failure mode for long missions without hardware-backed key storage.