Security Model

Ephos is designed around a Zero-Knowledge, Zero-Trust philosophy. This means that we do not trust our own servers with your raw credentials, and we don't trust agents with them either.

Zero Knowledge Encryption

When you register a Phantom Key, your browser encrypts the data locally using your Master Passphrase. Because this process happens entirely on your device, Ephos never receives your passphrase or your unencrypted keys, ensuring a true zero-knowledge architecture.

Ephemeral Execution Layer

During a proxy request, your secret is decrypted only into the Ephemeral RAM of an isolated Worker Enclave. Credentials are never persisted to disk, logs, or secondary storage. The memory space is destroyed immediately after the request cycle completes.

Delegated Identity (NHI)

Ephos separates the Identity (Ephos Token) from the Key (Token Secret). When you delegate access to an agent, your browser re-encrypts the Phantom Key using a unique Token Secret. This ensures that even if the Enclave is compromised, your secrets remain safe because the decryption key only exists in the agent's memory during the request.

Intelligent Credential Redaction

Ephos scans every response from target APIs for the presence of your raw secrets. If an API accidentally "echoes" a key back in a response (a common vulnerability), Ephos redacts it before it reaches the agent.

Domain Whitelisting

Ephos Tokens can be restricted to specific hostnames (e.g., `api.openai.com`). Even if a token is stolen via prompt injection, it cannot be used to exfiltrate data from other domains or your own internal services.

Forensic Auditing

Every execution is logged with immutable metadata. While we cannot see your secrets, we maintain a forensic record of which token was used to access which domain, providing full accountability and audit transparency for agent actions.