Architecture

Architecture: controls outside the model

The model proposes actions. Akretic evaluates whether the requesting identity, policy context, retrieval source, tool call, egress request, or side effect should proceed.

Control Plane Role

Akretic sits between assistants, enterprise data, and connected tools.

Supported paths evaluate policy outside the model, filter restricted retrieval before model context release, route sensitive actions through approvals, and record material decisions in an evidence trail.

supported-control-flow

$ assistant request

$ -> authenticated identity context

$ -> Gate0 policy decision

$ -> RAG DMZ retrieval filtering

$ -> approval checkpoint for sensitive action

$ -> Iron Ledger evidence event

$ -> operator review

01 - Policy Evaluation Path

Evaluate sensitive reads, tool calls, egress, and side effects before release.

The supported goal is to minimize application changes on approved API and assistant paths, not to promise universal transparent interception across every agent framework. Gate0 policy evaluation is designed for low-latency decisioning. Engagement-specific performance depends on deployment profile, policy complexity, and integration path.

Gate0Supported v1

Policy decision service for identity, authorization, egress, retrieval, and approval-sensitive actions.

RAG DMZSupported v1

Permission-preserving retrieval boundary that filters restricted context before model release.

Iron LedgerSupported v1

Tamper-evident evidence trail for material policy decisions, approvals, denials, retrieval releases, and action events.

OrchestratorSupported paths

Gateway path for supported agent and API flows. Akretic avoids claiming universal transparent proxying across every framework.

GlasshouseScoped by engagement

Operator review and policy surface, scoped by engagement and deployment needs.

AirlockScoped by workflow

Constrained execution boundary for approved high-risk operations. It is not presented as arbitrary safe code execution.

Integration Boundary

Akretic is designed to work with supported assistant and API paths selected during pilot planning. Integration details are scoped to the customer environment, identity source, retrieval systems, tool surface, and evidence requirements.

Provider Flexibility

Model/provider flexibility is a design goal. Public claims are limited to supported integrations in the deployment scope.

Request Observation Mode AssessmentRead the Public Whitepaper