Architecture

Ephos is built on a Decoupled Identity & Decryption Model, executed within a stateless Ephos Enclave. This separation of concerns ensures that no single point of failure can compromise the entire security chain.

1. The Security Gateway (Policy Enforcement)

This is the entry point for all agent requests. It is a high-performance, globally distributed edge worker that handles:

  • Authentication & Identity: OIDC and JWT verification ensure all requests originate from authenticated entities.
  • Usage Enforcement: The Gateway validates subscription limits, active agents, and request quotas before execution begins. Usage metadata is cached at the edge for low-latency authorization while remaining synchronized with the authoritative control plane.
  • Secure Delegation: Validated requests are routed via ultra-low latency internal service bindings to the isolated execution plane.

2. The Ephos Enclave & Zero-Knowledge Vault

Ephos separates the security of your data into two distinct layers to ensure zero-persistence of plaintext secrets:

  • Zero-Knowledge Vault (Storage Layer): A persistent, encrypted database where Master Secrets are stored as opaque, AES-256-GCM encrypted blobs. Ephos lacks the keys to decrypt this data at rest.
  • Ephos Enclave (Execution Layer): A transient, isolated V8 execution environment that performs just-in-time decryption and API proxying.

3. The MCP Layer (Protocol)

A dedicated worker that implements the Model Context Protocol. It allows AI agents to "discover" tools and use them without ever seeing the secrets required to power those tools.

Why This Architecture Exists

Traditional secret managers were designed for trusted servers and developer environments. AI agents introduce a fundamentally different threat model: autonomous systems operating with delegated permissions, external tools, and unpredictable execution paths. Ephos separates identity, storage, and execution into isolated layers to minimize credential exposure during autonomous workflows.

Data Flow

When a request is made:

  1. The Gateway verifies the identity token and validates session entitlements.
  2. The Gateway delegates execution to the Ephos Enclave, passing the client-provided Token Secret.
  3. The Ephos Enclave retrieves the encrypted Phantom Key from the Zero-Knowledge Vault.
  4. The Ephos Enclave performs just-in-time decryption within Ephemeral Memory (volatile RAM).
  5. Ephemeral Execution: The Ephos Enclave executes the request, redacts the response, wipes all sensitive data from memory, and immediately terminates.
  6. The Gateway returns the scrubbed response to the client.

4. Human-in-the-Loop (HITL) Governance (Architectural Preview)

As autonomous agent capabilities expand, high-risk operations require explicit human oversight. Ephos is actively designing an integrated Human-in-the-Loop (HITL) Governance workflow to bridge autonomous execution with verifiable human authorization.

When an agent initiates a proxy call matching a configured HITL policy (e.g., financial transactions, production infrastructure mutations), the Gateway intercepts the execution prior to decryption. The request is paused and routed to authorized administrators for explicit approval through the Ephos dashboard before execution is allowed to continue. Upon successful verification and human approval, the Gateway releases the staged payload to the Ephos Enclave for standard in-memory decryption and execution.