Sentinel: Architecture

Understand how the Sentinel Agent monitors AI tool usage, enforces policies locally, and securely reports to TruthVouch Cloud.

Architecture Overview

┌─ Employee Device ───────────────────────────────────────┐
│                                                          │
│  ┌─ Sentinel Agent ──────────────────────────────────┐  │
│  │                                                    │  │
│  │  ┌──────────────────────────────────────────────┐ │  │
│  │  │  Application Monitor                          │ │  │
│  │  │  • Detects AI tool launches (ChatGPT,        │ │  │
│  │  │    Copilot, Gemini, Claude)                  │ │  │
│  │  │  • Hooks into application APIs               │ │  │
│  │  └──────────┬───────────────────────────────────┘ │  │
│  │             │                                      │  │
│  │  ┌──────────▼───────────────────────────────────┐ │  │
│  │  │  Local Policy Engine                          │ │  │
│  │  │  • Loads policies from disk cache             │ │  │
│  │  │  • Enforces DLP rules in real-time            │ │  │
│  │  │  • No cloud round-trip (offline-first)        │ │  │
│  │  │  • Blocks/warns based on policy               │ │  │
│  │  └──────────┬───────────────────────────────────┘ │  │
│  │             │                                      │  │
│  │  ┌──────────▼───────────────────────────────────┐ │  │
│  │  │  Local Database (SQLite)                      │ │  │
│  │  │  • Usage logs                                 │ │  │
│  │  │  • Policy cache                               │ │  │
│  │  │  • Encrypted at rest                          │ │  │
│  │  └───────────────────────────────────────────────┘ │  │
│  │                                                    │  │
│  │  ┌─ Telemetry Reporter ──────────────────────────┐ │  │
│  │  │ (Hourly or on-demand)                         │ │  │
│  │  │ • Sends usage summary to cloud                │ │  │
│  │  │ • Encrypted HTTPS                             │ │  │
│  │  │ • No user data or request contents            │ │  │
│  │  └──────────┬───────────────────────────────────┘ │  │
│  │             │                                      │  │
│  └─────────────┼──────────────────────────────────────┘  │
│                │ HTTPS (encrypted)                       │
│                │ (Hourly sync)                           │
└────────────────┼──────────────────────────────────────────┘
                 │
          TruthVouch Cloud
         ┌─────────────────┐
         │ • Dashboard     │
         │ • Policy Mgmt   │
         │ • Analytics     │
         └─────────────────┘

Key Components

1. Application Monitor

Detects when users launch or interact with AI tools:

Supported Tools:

OpenAI (ChatGPT, GPT-4)
Anthropic (Claude)
Google (Gemini)
Microsoft (Copilot, GitHub Copilot)
Local models (Ollama, LLaMA)

Detection Methods:

Process monitoring (detect exe/app launch)
Network inspection (detect API calls)
Clipboard monitoring (detect pastes to web apps)
Browser extension integration

2. Local Policy Engine

Real-time policy enforcement without cloud round-trip:

Enforcement Rules:

Allowlist/Blocklist — Permitted AI tools
DLP patterns — Block sensitive data (PII, secrets, credentials)
Time-based policies — Restrict access during work hours
Risk-based policies — Flag high-risk requests, block suspicious usage
Content filters — Prevent submissions to non-approved tools

Execution:

Policies loaded from encrypted local cache
Evaluated instantly (sub-100ms latency)
Cached results prevent repeated checks

3. Local Database

SQLite database stores:

Usage logs — Tool, timestamp, blocked status, reason
Policy cache — Last-synced policies with hash verification
Configuration — Agent settings, endpoints, credentials

Security:

Encrypted at rest with device key
Accessible only to Sentinel process
Automatic rotation of old logs

4. Telemetry Reporter

Securely reports usage to TruthVouch Cloud:

What is sent:

Tool name, timestamp, action (allowed/blocked)
Policy rule that matched (without user data)
Aggregate counts, not individual requests

What is NOT sent:

User input or prompts
Request/response contents
Clipboard data
Browsing history
File contents

Frequency:

Default: Hourly sync
Configurable: 5 minutes to 24 hours
On-demand: Via dashboard or local API

Platform-Specific Details

Windows

Service: Runs as Windows Service (LOCAL SYSTEM)
Hooks: WinAPI process monitoring, network interception
Storage: C:\ProgramData\TruthVouch\Sentinel\
Logs: Event Viewer → Applications and Services → TruthVouch

macOS

Service: Runs as LaunchDaemon
Hooks: System Extensions (URLFilter, NetworkFilter)
Storage: /Library/Application Support/TruthVouch/Sentinel/
Logs: /var/log/TruthVouch/sentinel.log

Linux

Service: Systemd service
Hooks: netlink sockets, process monitoring
Storage: /etc/truthvouch/sentinel/
Logs: /var/log/truthvouch/sentinel.log

Policy Sync Architecture

┌─ Device ────────────────┐
│  Sentinel Agent         │
│  ┌──────────────────┐   │
│  │ Policy Cache     │   │
│  │ (Version: v42)   │   │
│  └────────┬─────────┘   │
│           │ (Hourly)    │
└───────────┼─────────────┘
            │ HTTPS POST
            │ /api/v1/policy?version=v42
            │
         Cloud
    ┌─────────────────┐
    │ Policy Database │
    │ (Version: v42)  │
    └─────────────────┘

If version matches: 304 Not Modified
If newer exists: 200 OK + policies.json (compressed)

Offline Mode

Sentinel continues functioning without cloud connectivity:

Capabilities:

All policies enforced from cache
Usage logs accumulated locally
Cloud features disabled (analytics, real-time alerts)

Restoration:

On reconnect, syncs accumulated logs
Checks for new policies
Resume real-time features

Log Retention:

Default: 30 days of local logs
Configurable: Up to 365 days
Auto-cleanup of oldest logs

Security Model

End-to-End Encryption

Device Key          Cloud Key
(stored on device)  (stored in cloud)
        │                │
        └────────────────┘
             Shared
             Secret
              │
        Used to encrypt
        telemetry payloads
             │
        Encrypted ──HTTPS──▶ Cloud
        (double encryption)

Certificate Pinning

Sentinel pins TruthVouch API certificate
Prevents man-in-the-middle attacks
Certificate updated via secure channel

Code Signing

Sentinel executable signed by TruthVouch
Signature verified on launch
Tampering detected immediately

Performance Characteristics

CPU Usage

Idle: <1% (no AI tools active)
Monitoring: 1-3% (watching for AI tool launch)
Enforcing: <1ms latency per policy check
Sync: <2% for 30 seconds (hourly)

Memory Usage

Baseline: 50-100MB
With policies loaded: 150-200MB
Policy cache limit: 500MB (configurable)

Disk Usage

Agent binaries: 30MB
Local database: 10-50MB (logs)
Cached policies: 5-10MB

Network Usage

Idle: ~1KB/hour (keep-alive)
Hourly sync: 5-50KB (depends on policy size)
Usage reports: 1-5KB/sync

Threat Model

Protected Against

User bypassing policies (enforced locally)
Local policy modification (signed, encrypted)
Eavesdropping (encrypted HTTPS)
Policy injection (hash verification)

Not Protected Against

Privileged user with admin/root access
Hardware keylogger
Physical device theft (encrypted data)

Architecture Decisions

Why Local Enforcement?

Offline capability — Works without cloud
Low latency — Sub-100ms enforcement
Privacy — No request contents sent to cloud
Compliance — Meets air-gap requirements

Why Hourly Sync?

Freshness — New policies within 1 hour
Overhead — Minimal bandwidth and CPU
Scalability — Millions of devices sustainable
Configurable — Adjust per organization

Why Encrypted Cache?

Data residency — Policies stay on device
Compliance — Meets GDPR/HIPAA requirements
Offline operation — Cache survives reboots

See Policy Synchronization for detailed policy sync process.