Security Model

Security isn't about preventing what could happen.
It's about knowing what actually did.

The NABI Security Principle

Traditional security asks: "Can I prevent bad things from happening?" NABI answers a more powerful question: "Can I prove exactly what happened and hold agents accountable for it?"

This shift—from prevention-first to causality-first—is the foundation of NABI's security model.

Three Security Pillars

Cryptographic Proof

Every operation is signed with unforgeable cryptographic receipts. You can audit what happened down to the byte.

  • HMAC-signed operation logs
  • Merkle-chained state transitions
  • Tamper-evident audit trail
  • Breach detection by proof divergence

Deterministic Accountability

Replay any scenario. Reproduce every outcome. Assign accountability with mathematical certainty.

  • Complete execution replay
  • Root cause analysis, not guessing
  • Agent-level attribution (no blame sharing)
  • Provenance-based compliance evidence

Boundary Enforcement

Define egress budgets. Monitor in real time. Let agents move freely within guardrails.

  • Rate-limited operations
  • Resource usage quotas
  • Real-time anomaly detection
  • Automatic circuit breaking

Threat Model

NABI's threat model is different because the assumptions are different.

Malicious Agent (Tries to Exceed Budget)

Sandbox model: Pray the walls hold. If it escapes, you lose everything.

NABI model: Circuit breaker catches it immediately. Cryptographic proof shows exactly what was attempted. Agent is liable.

Data Exfiltration (Unauthorized Export)

Sandbox model: Hope the agent doesn't crack your isolation. Detection is post-mortem.

NABI model: Every export is logged and signed. You see it in real time. Budgets prevent bulk exfil. Receipts prove chain of custody.

State Manipulation (Tamper with System State)

Sandbox model: Isolation is supposed to prevent this. Evidence is weak.

NABI model: Merkle-chained transitions. Any tampering breaks the chain. Breach is cryptographically provable. Rollback is deterministic.

Timing Attacks (Inference via Execution Time)

Sandbox model: Harder to execute, but hard to detect.

NABI model: Deterministic snapshots eliminate timing variance. Every operation is logged. You see the information flow.

Built for Compliance Frameworks

SOC2 Type II

  • Complete audit logging
  • Change tracking (before/after)
  • User activity attribution
  • Logical access controls

GDPR / HIPAA

  • Data lineage tracking
  • Right to erasure proof
  • Processing justification
  • Consent verification

PCI-DSS / FedRAMP

  • Encryption in transit/at rest
  • Multi-factor authentication
  • Vulnerability scanning
  • Incident response readiness

Security Shouldn't Be Friction

NABI's security model is built for speed. Compliance is automatic. Performance is kept.

Read Bypass Mode Explore Architecture