The Engine

The Sovereign Control Plane: Safety-First Determinism.

01 — Inline L7 Intercept

Inline L7 Intercept

Akretic acts as a transparent reverse-proxy. We deserialize the LLM's network stream, parse the JSON functionCall intent, and evaluate the Cedar AST in memory before the payload ever reaches your internal APIs. Zero application rewrites. Zero SDK imports.

Memory Safety

Compile-Time Enforced

Intercept Latency

< 1ms

orchestrator_intercept.rs

use axum::{extract::Json, http::StatusCode, response::IntoResponse};
use serde::Deserialize;
use serde_json::json;

#[derive(Deserialize)]
struct ToolCallPayload {
    function: FunctionCall,
    model: String,
}

#[derive(Deserialize)]
struct FunctionCall {
    name: String,
    arguments: serde_json::Value,
}

/// L7 intercept handler. Evaluates Cedar AST before proxying.
pub async fn intercept_tool_call(
    Json(payload): Json<ToolCallPayload>,
) -> impl IntoResponse {
    // 1. Parse the functionCall intent from the LLM stream.
    let intent = &payload.function;

    // 2. RPC to Gate0 for deterministic Cedar AST evaluation.
    match gate0_client::evaluate_cedar(
        &intent.name,
        &intent.arguments,
    ).await {
        PolicyResult::Allow => {
            // 3. Forward to upstream API.
            proxy::forward(payload).await
        }
        PolicyResult::Deny(reason) => {
            // 4. Log denial to Iron Ledger, return 403.
            ledger_client::record_denial(&reason).await;
            (StatusCode::FORBIDDEN, Json(json!({
                "error": { "message": reason }
            }))).into_response()
        }
    }
}

02 — Determinism

Gate0 Determinism

Zero-allocation, panic-free micro-policy engines. Rules are evaluated in a fixed sequence with a strict deny-overrides strategy. Transaction verification is predictable and sub-millisecond, eliminating allocator jitter in the policy evaluation path.

Policy Gate

Deterministic Enforcement

Cedar AST evaluated before upstream delivery

Evaluation

<0.3ms

Sub-millisecond deterministic verification

Strategy

Deny-Override

Fixed-sequence rule evaluation with strict denials

03 — Kubernetes Native & Hardware Interoperable

Cloud-Native & Bare-Metal Interoperability

Architected in memory-safe Rust to deploy seamlessly across heterogeneous environments—from Oracle Cloud (OKE) and AWS (EKS), to massive NVIDIA GPU clusters. The Akretic control plane enforces deterministic security without introducing latency to your underlying inference engine, natively interoperating with architectures like NVIDIA NIM™ and Oracle OKE.

Deployment Targets

AWS EKS, Oracle OKE, Azure AKS, & Bare-Metal

Proxy Overhead

<1ms

Zero-bottleneck deterministic evaluation

LLM Compatibility

Model Independent

Secures open-weight and proprietary models

*Metrics reflect benchmarked Gate0 evaluation latency under maximum parallel throughput.

Inline L7 Intercept

Memory Safety

Compile-Time Enforced

Intercept Latency

< 1ms

use axum::{extract::Json, http::StatusCode, response::IntoResponse}; use serde::Deserialize; use serde_json::json; #[derive(Deserialize)] struct ToolCallPayload { function: FunctionCall, model: String, } #[derive(Deserialize)] struct FunctionCall { name: String, arguments: serde_json::Value, } /// L7 intercept handler. Evaluates Cedar AST before proxying. pub async fn intercept_tool_call( Json(payload): Json<ToolCallPayload>, ) -> impl IntoResponse { // 1. Parse the functionCall intent from the LLM stream. let intent = &payload.function; // 2. RPC to Gate0 for deterministic Cedar AST evaluation. match gate0_client::evaluate_cedar( &intent.name, &intent.arguments, ).await { PolicyResult::Allow => { // 3. Forward to upstream API. proxy::forward(payload).await } PolicyResult::Deny(reason) => { // 4. Log denial to Iron Ledger, return 403. ledger_client::record_denial(&reason).await; (StatusCode::FORBIDDEN, Json(json!({ "error": { "message": reason } }))).into_response() } } }

Cloud-Native & Bare-Metal Interoperability