State-Embedded Investment Thesis (invest like the top 1%)

The Premise (revealed preference)

- Modern regimes optimize control → stability → optics → growth (in that order).

- When consent is scarce, systems substitute belief with infrastructure: digital ID, programmable money, audit/lineage, and AI-mediated decision consoles.

- Budgets, standards, and default surfaces - not speeches - tell you where value accrues. Incentives > ideals; control > fairness; stability > truth.

State-Embedded companies

Characteristics of State-embedded companies:

1. Make society legible: fuse cross-domain data and emit admissible, auditable decisions (provenance, consent lineage, rollback, access logs).

2. Sit at policy perimeters: identity, payments, clouds, app stores, ISPs, CDNs—places where rules are enforced without new laws.

3. Ship knobs, not sermons: configurable policy parameters (who can transact/post/ship; when; with revocation).

4. Are harmonization-ready: fast ATOs, regulator playbooks, cross-jurisdiction templates.

5. Default on by design: control is embedded in OS, cloud tenancy, network, and workflow—defaults drive behavior.

Canonical examples (today): Palantir (policy-grade operating layer), Microsoft (identity/compliance default), premium cyber (PANW).

In terms of stocks, this looks like PLTR > MSFT > PANW.

Own assets outside the system - hedge against “The Great Taking“ type scenarios:

1. Bitcoin: My base case is Paper Bitcoin dominates, self-custody tolerated but inconvenienced; Medium of Exchange pushed to CBDC/stablecoin rails. I will expand why I think this is long-term bullish for Bitcoin’s fiat price in another post.

2. Gold: it’s the prime Controlled Opposition Asset (to Bitcoin’s Medium of Exchange threat) - Gold can satisfy the public’s “store-of-value” impulse without granting a parallel, censorship-resistant payments rail; it trades in surveilled, gate-kept markets (London OTC/COMEX, custodian oligopolies).

3. Land without liens: location is key. Too complicated - deserves its own post.

In its totality, the thesis looks like: PLTR > Bitcoin > Gold > MSFT > PANW.

Why alpha exists

• Can’t-say thesis: Portfolio Managers can’t write “we’re buying the substrate of technocracy”. They underweight what will actually be purchased.

• Mandate boxes & optics: tracking error, ESG, consultant gatekeeping, VaR (Value at Risk) constraints → forced under-ownership of state-adjacent winners.

• Procurement opacity: multi-year, multi-agency spend is poorly modeled; classified wins surface late.

Core indicators

- PSC – Policy Synchronization Coefficient: speed of rule harmonization across allies. Up = global TAM for compliance vendors.

- LPI – Legibility Pressure Index: frequency of attest / prove / revoke / lineage / rollback in laws/RFPs (Request for Proposals). Up = buy lineage platforms.

- PTI – Perimeter Tightness Index: app-store, bank, cloud AUP (Authorized Use Policy) restrictiveness (wallets/nodes/content). Up = supervised rails gain share.

- PPR – Programmability Penetration Rate: share of payments on stablecoin/tokenized/CBDC rails. Up = middleware/ID winners.

- PR (BTC) – Paperization Ratio: ETF/custody share. Up = vol dampens.

- GCP – Gross Consent Product: low/falling = more spend on legibility/controls (PLTR, MSFT); front-run those budgets.

Playbook (how to buy/sell)

Add when:

• Panic headlines (hearings, “AI safety”, cyber/bio scares) lift PSC/LPI.

• Net liquidity improves (Fed BS – TGA – RRP ↑), bills favored over coupons, MOVE/VIX subside.

• Perimeter tightens (wallet/app-store/bank/cloud policy changes).

Trim/overwrite when:

• “Regulatory clarity” PR ramps post-award.

• Index inclusion or consultant frameworks arrive (tourists pile in).

Avoid/Underweight:

• Great tech, no default (Okta, Snowflake, CrowdStrike - invaluable, but not policy “substrates”).

• Great hype, no admissibility (open AI stacks without lineage/rollback).

• Great contracts, no software annuity (many primes/SIs).

• Great TAM (Total Addressable Market), misaligned with state-embedded spend (pure consumer apps).

• Great story, weak perimeter leverage (can’t be enforced via banks/app stores/cloud).

Screens

• Revenue mix: gov/critical-infra; multi-agency; renewal > 90%; average contract term ↑.

• Compliance surface: signed artifacts, data rights, consent lineage, rollback, audit trails.

• ATO/clearance: speed and portability across jurisdictions.

• Perimeter hooks: OS/cloud/ID/payment integrations that ship as defaults.

• Procurement signals: pilots in health/safety/finance → convert into ratchets.

Macro view (why it persists)

• Low Gross Consent Product (GCP) pushes regimes to short shocks + fast patches, tolerating 3–4% CPI and channeling spend into rails of control.

• Paperization rises (ETFs/notes/futures) → lower realized vol in captured assets; “clarity pops” followed by managed corridors. Sovereign tails remain.

• Inflation: tolerance for 3–4% “repression band.” Long recessions avoided; mini-crises used to advance rails.

• Liquidity: choppy but net accommodative for state-embedded software; bill-heavy issuance, facility templates, quick pivots on vol spikes.

• Crisis cadence: run short, intense shocks (2–8 weeks) that justify new controls; slam in backstops so pain doesn’t birth alternatives.

Expected outcomes (next 3–5 years)

• Winners compound via standards becoming templates. Every new rule raises switching costs; embeds renewal annuities.

• Defaults expand: ID-bound payments/content provenance/AI governance become normal.

• Index migration: state-embedded names get larger weights; passive flows chase late.

Operating rules

1. Follow spend, not speeches. Read budgets, standards, AUPs (Acceptable Use Policies).

2. Defaults decide behavior. Own what ships as default.

3. Buy fear, sell clarity, keep core. VaR (Value at Risk) events create your entries; PR waves are for trimming/overwriting.

4. Trust policy verbs. Attest, revoke, prove, lineage, rollback in RFPs (Request for Proposals) → that’s your green light.

5. Never rely on ideals. Incentives write code; code writes law; law writes cash flow.

Expanding on the State-Embedded companies of the future

The State is industrializing legibility and control. Invest in the software and rails that make control cheap, fast, and defensible.

The thesis isn’t a story; it’s a procurement calendar with polite names taped over it.

My current outlook in terms of companies: PLTR > MSFT > PANW.

My current outlook in terms of assets: PLTR > Bitcoin > Gold > MSFT > PANW.

1. Palantir (PLTR) - policy-grade decision substrate

   • Incentive fit: Agencies and critical-infra operators need admissible decisions (who saw what, with which rights, under which policy) that survive audit, FOIA, and courts. “AI that works” without lineage/rollback/consent proofs is unusable.

   • Revealed preference: repeat classified and domestic renewals, crisis deployments that flip to annuities, fast ATO (Authorization to Operate) paths, modules shipped for public health/defense/finance - with lineage artifacts in the product, not bolted on.

   • Why it’s favored: It reduces political risk for buyers (you can show your work), shortens detect→decide→act, and ports across jurisdictions. It’s not just analytics; it’s governable automation.

2. Microsoft (MSFT) - default surface for identity/compliance

   • Incentive fit: The cheap way to raise compliance by default is to push policy into the software everyone already uses—OS, productivity, identity.

   • Revealed preference: Entra (ID), Purview/Compliance Center (records, e-discovery), Defender (EDR) are now baked into enterprise/Gov SKUs. Agencies and regulated firms buy “the suite”, not point tools.

   • Why it’s favored: One throat to choke, global accreditation, and admin consoles where policy toggles become defaults. It’s the platform lever for identity + data governance.

3. Palo Alto Networks (PANW) - policy-grade cyber - enforceable perimeter

   • Incentive fit: Liability is migrating to operators; insurers/regulators want named controls that can be attested.

   • Revealed preference: frameworks and insurers increasingly reference platform controls; big buyers standardize on 1–2 stacks.

   • Why favored: Evidence-emitting security - dashboards and logs regulators can accept - beats clever one-offs.

   • 🚨 NOTE: Competition in the space is heating up - you have PANW/MSFT/CRWD/FTNT/TENB. These companies differ in many ways of course. If I had to pick one it would be PANW.

   • My base case is PANW + MSFT as dual anchors (identity/device (MSFT) and network/cloud (PANW) knobs). In other words, MSFT as primary identity/endpoint SIEM backbone; PANW as network/SASE + AI-SOC automation. Both have public-sector ATOs, global EAs, and partner ecosystems.

As of now, I am not interested in investing in any of the state-embedded companies sitting in the periphery, however, I will cover them for completeness sake.

4. OKTA + KYC bureaus (RELX/EFX/TRU/EXPN) - person/entity binding

   • Incentive fit: Programmable money, online safety, AML all require strong ID linking people and entities to actions.

   • Revealed preference: waves of age-gating, travel-rule, and sanctions controls using these bureaus/IDPs under the hood.

   • Why favored: Lowest-friction way to make anonymity the exception.

5. AAPL/GOOGL + AKAM/NET - device attestation & network policy

   • Incentive fit: App stores and CDNs are quiet law. Changing store policy or CDN provenance checks reshapes behavior faster than statutes.

   • Revealed preference: malware/abuse policies upgraded into identity + provenance checks; traffic filtered by origin trust.

   • Why favored: Global distribution + instant policy rollout.

6. V/MA - programmable settlement rails

   • Incentive fit: To normalize programmable money without CBDC backlash, use card/processors and tokenized deposits/stablecoins with tax-split and risk rules.

   • Revealed preference: pilots for instant disbursements, chargeback/liability shifts, and merchant incentives when using supervised wallets.

   • Why favored: They already touch the point of settlement; adding policy parameters is incremental.

7. ADBE (C2PA) + chip/OS secure enclaves (AAPL/QCOM/ARM) — provenance

   • Incentive fit: Managing deepfakes means signing content at creation and verifiable chains of custody.

   • Revealed preference: C2PA baked into creative tools and devices; media/CDNs verify signatures.

   • Why favored: It makes revocation and take-down administratively cheap.

NVIDIA deserves its own subheading

Why I omitted NVIDIA:

• Not under-owned; not under-described. NVDA is already the crowd’s “AI war stock”. It is state-embedded (export controls, CHIPS money, defense demand), but alpha ≠ popularity. The “technocracy substrate” edge is less asymmetric here because everyone already agrees it’s core.

• Control vs compute. The knob that governs societies is policy + identity + lineage + targeting, not FLOPS per second.

• Single point of policy risk. A lot of NVDA’s incremental growth sits at the mercy of export regimes and cloud CAPEX cycles.

• Palantir and Microsoft are the non-optional spend. They are scarcity in a crisis; GPUs are scale in a boom.

Why a Palantir near-monopoly is more “allowable” than chip/security monopolies

This is a very nuanced topic, so I’ll only scratch the surface here:

• Palantir’s layer = “policy OS” (fusion → decision → audit).

  It sits above data centers, clouds, chips, and point apps, and outputs admissible, parameterized decisions (lineage, consent, rollback, evidence). This layer must be consistent across agencies/allies or coordination breaks. Consistency beats diversity here.

• Chips (NVDA/AMD) are commodity-adjacent scale hardware. Redundancy and second sourcing are national-security requirements (yield risk, export controls, supply shocks). The Controllers need multiple fabs, ISAs, supply chains.

• Security stacks (MSFT/PANW/CRWD/ZS) benefit from defense in depth: overlapping controls, segmented responsibilities, mutual auditing. One throat to choke in security is undesirable.

• Conclusion: The decision/lineage layer is a natural single standard; compute and perimeter are natural multi-vendor domains.

Bottom line

“Buy the control stack” sounds conspiratorial in a vacuum - even though it is exactly what budgets, standards, and defaults are doing.

The safer phrasing (“regulated-sector platforms”) hides the simple truth: these companies monetize low consent by turning policy into software.

If you ignore the euphemisms and follow revealed preference, the same names keep showing up because they sit on enforcement choke-points and sell governable defaults.

That’s why Palantir and Microsoft are the core, and the rest are surrounding identity/cyber/provenance/payments rails.

It isn’t about ideals; it’s about who can turn policy into push-button settings at scale - and get paid every year for it.

To summarize:

• My current outlook in terms of companies: PLTR > MSFT > PANW.

• My current outlook in terms of assets: PLTR > Bitcoin > Gold > MSFT > PANW.

None of this is investment advice.

Make sure to subscribe for free:

And share:

Share