ROOTKey's Blockchain Verification Layer Lands at Portugal's Defense Accelerator

The 2022-founded startup is building a tamper-evident data integrity platform for regulated sectors, starting with a spot in a national security program.

By

About ROOTKey

Published

ROOTKey's pitch is a technical one: use a blockchain as a verification layer, not a currency. The Lisbon-based startup is building a platform that generates immutable cryptographic proofs for data, aiming to guarantee its integrity before and after a cyberattack. For banks, defense contractors, or any regulated entity, the value proposition is an audit trail that survives the breach itself.

Founded in 2022 by CEO Gonçalo Gil and CTO Luís Costa, the company has operated with a low public profile. Its early history includes a period of operating from a converted bathroom in a Felgueiras apartment before moving to a Lisbon co-working space [Gonçalo Gil personal site]. The current focus is more strategic. ROOTKey recently graduated from Portugal's first defense-focused accelerator, securing a spot as one of 30 companies selected from over 230 applicants [Portugal Startup News, Jan 2026]. This provides a structured path into the exact high-compliance sectors it targets.

The product wedge: integrity after the attack

The platform is modular, split into three core offerings aimed at different user levels. The foundational ROOTKey Platform acts as a unified verification layer. ROOTKey Developers provides SDKs and APIs for integrating verifiable data pipelines into existing infrastructure. The top tier, ROOTKey Enterprise, adds private environments, advanced monitoring, and a compliance dashboard for full audit trail visibility [Portugal Startup News, Dec 2025].

The technical breakdown is straightforward. The system hashes data and writes the proofs to a blockchain, creating a timestamped, immutable record. This allows any party to later verify that a document, transaction log, or system state has not been altered since it was certified. The differentiation lies in focusing on post-attack resilience,ensuring that even if systems are compromised, the historical record of what happened remains trustworthy.

Traction through institutional backing

Public customer names and deal sizes are not disclosed, which is common for early-stage companies in sensitive security verticals. The traction signals are instead institutional. Beyond the defense accelerator, ROOTKey has been recognized as one of the top three cybersecurity companies in Portugal [Prospeo]. The company is reportedly targeting a 200% growth in its customer base, with plans to expand its presence into the U.S. and German markets in 2026 [Portugal Startup News, Dec 2025].

The team remains small, listed at 2-10 employees on LinkedIn [LinkedIn]. Gil's background includes studies at Instituto Superior Técnico and experience at the World Trade Center Lisboa, while technical details on CTO Luís Costa's expertise are not publicly elaborated [Gonçalo Gil LinkedIn].

The scaling hurdles

For all its conceptual promise, ROOTKey faces the classic scaling challenges of any infrastructure play targeting enterprises. The platform's success hinges on performance and integration depth at a scale the company has not yet publicly demonstrated.

  • Throughput and latency. Continuously writing cryptographic proofs for high-volume enterprise data streams is computationally expensive. The system's practical limits for real-time validation in a large, distributed environment are unproven.
  • Integration burden. The value is only realized if the verification layer is deeply embedded into critical data pipelines. Convincing a security team to retrofit this into legacy systems is a significant sales and engineering motion.
  • Blockchain skepticism. Despite the technical distinction from cryptocurrencies, the word "blockchain" still carries baggage in conservative enterprise IT departments. ROOTKey must overcome a perception hurdle to be evaluated purely on its utility as a tamper-evident logging system.

The sober assessment is that the architecture is sound in theory, but the real test is operationalizing it under load. A major bank's transaction logging system or a defense contractor's sensor data feed would generate proof volumes orders of magnitude beyond what a small team has likely stress-tested. The failure mode at scale isn't a breach of the cryptography, but a degradation of system performance that leads operators to bypass the verification layer entirely.

Sources

  1. [Portugal Startup News, Dec 2025] ROOTKey blockchain-powered cyber resilience platform plans U.S. and Germany presence | https://portugalstartupnews.com/2025/12/10/rootkey-blockchain-powered-cyber-resilience-platform-plans-u-s-and-germany-presence-in-2026/
  2. [Portugal Startup News, Jan 2026] Portugal’s first defense-focused accelerator graduates 30 companies into investment phase | https://portugalstartupnews.com/2026/01/29/portugals-first-defense-focused-accelerator-graduates-30-companies-into-investment-phase/
  3. [Prospeo] ROOTKey - Cyber Resilience with Blockchain | https://prospeo.io/c/rootkey-cyber-resilience-with-blockchain-revenue
  4. [Gonçalo Gil personal site] Learn more about Gonçalo and what drives him | https://goncalopedrogil.com/about/
  5. [LinkedIn] ROOTKey Company Page | https://pt.linkedin.com/company/rootkey
  6. [Gonçalo Gil LinkedIn] Gonçalo Gil Profile | https://www.linkedin.com/in/goncalogil0/

Read on Startuply.vc