Security at Sentinel
AI Safety and Platform Security, built from the ground up. We protect behavior, not just assets.
Our Approach to Security
Two pillars working together: AI Safety validates agent behavior, Platform Security protects the infrastructure.
AI Safety
Validating AI decisions before they become actions
Platform Security
Enterprise-grade infrastructure protection
AI Safety Architecture
Every AI decision passes through our validation pipeline before it becomes an action. Two core mechanisms ensure safety.
THSP Protocol
Four gates that every decision must pass: Truth, Harm, Scope, and Purpose. The absence of harm is not sufficient — there must be genuine purpose.
4-Layer Validation Architecture
L1 Input validation catches attacks before the AI sees them. L2 Seed injection aligns behavior. L3 Output validation checks responses. L4 Observer analyzes full transcripts.
Platform Security
Enterprise-grade infrastructure protecting your data and operations.
Zero-Knowledge API Key Storage
Your LLM API keys are encrypted on your device before leaving your browser. We never see your plaintext keys.
Result: Even if our servers were compromised, attackers could not decrypt your API keys without your wallet signature.
Wallet-Based Authentication
No passwords to steal. No emails to phish. Just cryptographic proof of ownership.
What We Use
- •Ed25519 signatures: Cryptographically secure wallet verification
- •Nonce-based auth: 32 bytes random, 5-minute TTL
- •Domain binding: Signatures only valid for sentinelseed.dev
- •JWT sessions: 1-hour lifetime, httpOnly cookies
- •Session limits: Max 5 concurrent sessions per wallet
What We Don't Use
- ✕Passwords: Nothing to leak or brute-force
- ✕Email verification: No email = no phishing target
- ✕SMS codes: No SIM-swap vulnerability
- ✕Security questions: Easily guessable/social engineered
- ✕OAuth providers: No third-party account dependencies
Agent Runtime Security
Your agents run in isolated containers with strict resource limits and network controls.
Container Isolation (Modal.com)
- • Isolated filesystem (ephemeral)
- • No persistent storage across executions
- • No host network access
- • No access to other containers
- • Limited system calls (seccomp)
Resource Limits
Allowed Egress
- • api.openai.com, api.anthropic.com
- • openrouter.ai
- • Vector DBs (Pinecone, Weaviate)
- • User-defined webhooks (HTTPS only)
Blocked Egress
- • Internal networks (10.x, 172.16.x, 192.168.x)
- • Cloud metadata (169.254.169.254)
- • Sentinel infrastructure
- • Localhost (127.0.0.1)
Open Source & Auditable
Sentinel is MIT licensed. Every line of security code is publicly auditable on GitHub.
Data Security
Every piece of data is classified, encrypted, and protected according to its sensitivity.
Data Classification
| Level | Examples | Controls |
|---|---|---|
Public | Product pages, documentation, public APIs | None required |
Internal | Aggregated metrics, system logs | Access logging, internal only |
Confidential | User agents, flow configurations | Encryption at rest, RLS policies |
Secret | Session tokens, JWT secrets | Short TTL, memory-only storage |
Zero-Knowledge | LLM API keys, user secrets | Client-side encryption only |
Validation Pipeline
Encryption Standards
All stored data encrypted with authenticated encryption
All connections use modern TLS with strong cipher suites
Wallet signature-based key derivation for zero-knowledge storage
Security Operations
Continuous security practices built into our development and operations workflow.
Incident Response
Security issues reported via disclosure policy are triaged and addressed by the core team.
Monitoring
Application-level logging and error tracking across API and agent runtime services.
Vulnerability Scanning
Dependency auditing via automated tools. No formal penetration testing program yet.
Code Review
All changes reviewed before merge. Open source codebase allows public scrutiny.
Responsible Disclosure
Found a vulnerability? We offer safe harbor for good-faith security research, 90-day fix windows, and credit in advisories.