Security at Sentinel
Built from the ground up with security as a core principle, not an afterthought. Your data is protected by industry-leading practices and zero-knowledge architecture.
Seven Core Principles
Every decision we make is guided by these foundational security principles.
Defense in Depth
Multiple layers of security controls. No single point of failure.
Least Privilege
Components and users only get minimum access required.
Zero Trust
Verify every request. Never trust, always verify.
Secure by Default
Security enabled out-of-the-box. No opt-in required.
Fail Secure
On error, deny access. Never fail open.
Data Minimization
Collect only essential data. Delete when no longer needed.
Zero-Knowledge Architecture
Your secrets encrypted client-side. We can't access them.
Zero-Knowledge API Key Storage
Your LLM API keys are encrypted on your device before leaving your browser. We never see your plaintext keys.
Result: Even if our servers were compromised, attackers could not decrypt your API keys without your wallet signature.
Wallet-Based Authentication
No passwords to steal. No emails to phish. Just cryptographic proof of ownership.
What We Use
- •Ed25519 signatures: Cryptographically secure wallet verification
- •Nonce-based auth: 32 bytes random, 5-minute TTL
- •Domain binding: Signatures only valid for sentinelseed.dev
- •JWT sessions: 1-hour lifetime, httpOnly cookies
- •Session limits: Max 5 concurrent sessions per wallet
What We Don't Use
- ✕Passwords: Nothing to leak or brute-force
- ✕Email verification: No email = no phishing target
- ✕SMS codes: No SIM-swap vulnerability
- ✕Security questions: Easily guessable/social engineered
- ✕OAuth providers: No third-party account dependencies
Agent Runtime Security
Your agents run in isolated containers with strict resource limits and network controls.
Container Isolation (Modal.com)
- • Isolated filesystem (ephemeral)
- • No persistent storage across executions
- • No host network access
- • No access to other containers
- • Limited system calls (seccomp)
Resource Limits
Allowed Egress
- • api.openai.com, api.anthropic.com
- • openrouter.ai
- • Vector DBs (Pinecone, Weaviate)
- • User-defined webhooks (HTTPS only)
Blocked Egress
- • Internal networks (10.x, 172.16.x, 192.168.x)
- • Cloud metadata (169.254.169.254)
- • Sentinel infrastructure
- • Localhost (127.0.0.1)
Data Classification
Every piece of data is classified and protected according to its sensitivity level.
| Level | Examples | Controls |
|---|---|---|
Public | Product pages, documentation, public APIs | None required |
Internal | Aggregated metrics, system logs | Access logging, internal only |
Confidential | User agents, flow configurations | Encryption at rest, RLS policies |
Secret | Session tokens, JWT secrets | Short TTL, memory-only storage |
Zero-Knowledge | LLM API keys, user secrets | Client-side encryption only |
Responsible Disclosure
Found a security vulnerability? We appreciate your help in keeping Sentinel secure.
- • 90-day fix window before public disclosure
- • Credit in security advisories (if desired)
- • No legal action for good-faith research
- • Bug bounty program (coming soon)
Security Roadmap
Continuous improvement is part of our security strategy.
- Zero-knowledge API key storage
- Wallet-based authentication
- Agent runtime sandboxing
- External security audit
- SOC 2 Type II certification
- Bug bounty program
Questions About Security?
We're happy to discuss our security practices in detail.