Architecture

Architecture: authorization and evidence outside the model

The model proposes actions. Akretic is preparing a Q3 design-partner control layer to evaluate identity, policy context, retrieval source, MCP-connected tool surface, egress request, or side effect before release.

Control Plane Role

Akretic sits between assistants, enterprise data, and connected tools.

Target paths evaluate policy outside the model, filter restricted retrieval before model context release, route sensitive actions through approvals, and record material decisions in an evidence trail.

supported-control-flow

$ assistant request

$ -> authenticated identity context

$ -> Gate0 policy decision

$ -> RAG DMZ, public-web fetch, or tool surface

$ -> approval checkpoint

$ -> Iron Ledger evidence event

$ -> review or export

01 - Policy Evaluation Path

Evaluate sensitive reads, tool calls, egress, and side effects before release.

The design goal is to minimize application changes on approved API and assistant paths, not to promise universal transparent interception across every agent framework. Gate0 policy evaluation is intended for low-latency decisioning, with real performance claims reserved for scoped design-partner integrations.

Gate0Target v1

Policy decision service for identity, authorization, egress, retrieval, and approval-sensitive actions.

RAG DMZTarget v1

Permission-preserving retrieval boundary that filters restricted context before model release.

Iron LedgerTarget v1

Tamper-evident evidence trail for material policy decisions, approvals, denials, retrieval releases, and action events.

OrchestratorSupported paths

Gateway path for supported agent and API flows. Akretic avoids claiming universal transparent proxying across every framework.

GlasshouseScoped by engagement

Operator review and policy surface, scoped by engagement and deployment needs.

AirlockScoped by workflow

Constrained execution boundary for approved high-risk operations. It is not presented as arbitrary safe code execution.

Integration Boundary

Akretic is designed to work with supported assistant and API paths selected during design-partner planning. Integration details are scoped to the environment, identity source, retrieval systems, tool surface, and evidence requirements.

Provider Flexibility

Model/provider flexibility is a design goal. Public claims are limited to supported integrations in the deployment scope.

Discuss Q3 Design Partner Workflow Read the Public Whitepaper See this control plane in the A2A Trust Gateway demo