Welcome
AI Governance Gateway & MCP Firewall β Policy Enforcement & Financial Accountability for AI Agents.
Last Updated: March 09, 2026 (Narrative Pivot & Architecture Clarity) Version: v2.0.4
ABS Core is a high-performance Governance Gateway and MCP Firewall designed for autonomous AI agents. It acts as a deterministic security perimeter, evaluating every intent against cryptographically versioned policies before execution.
2-Layer Architecture: Determinism & Auditability
The system separates synchronous enforcement from asynchronous auditing to maintain ultra-low latency without sacrificing compliance depth.
Layer 1: Enforcement (Sync)
Real-time blocking at the Edge (< 5ms).
- WASM Policy Engine: Low-overhead, Rust-powered rule evaluation.
- MCP Firewall: Deep inspection of Model Context Protocol tool calls.
- Financial Guardrails: Sync checks on budget limits and staking (Bond).
- Quorum: Forced human-in-the-loop for high-risk operations.
Layer 2: Compliance (Async)
Irrefutable Evidence & Reporting.
- Immutable Ledger: Cryptographic audit trail of all agent actions.
- Identity attribution (OID): Verified origin and intent tracking.
- Policy Transparency: Public (or private) evidence of compliance.
- Behavioral Telemetry: Async analysis of agentic patterns.
The Core Flow: From Intent to Enforcement
How ABS Core prevents unauthorized actions in milliseconds:
1. Interception
The Gateway intercepts the API call (OpenAI, Anthropic, or MCP) containing the agent's intent.
2. Fast Evaluation
The WASM Engine executes the active policy bundle. It checks permission, risk scores, and financial limits in < 5ms.
3. Deterministic Decision
If the action is unauthorized or exceeds safety limits, the Gateway returns a 403 Forbidden to the agent before the external tool is actually called.
4. Persistent Record
The decision (Allow/Block) and its evidence are sent to the Ledger asynchronously for auditing.
The 30-Second Hook: Secure Your Agents
The ABS Core BRIDGE stops rogue agents from dropping production tables or exposing secrets instantly.
Three Ways to Deploy
- Gateway Mode (Proxy): Just set the LLM's
base_urlto our gateway. - Sidecar Mode: Run the WASM engine locally for zero-latency enforcement on-prem.
- SDK Mode: Embed governance logic natively into your Python or Node.js application.
[!WARNING] Proxy Limitations: When running in "Gateway Mode", ABS Core intercepts Layer 7 (API) calls routed through it. It does not control the host runtime (CPU, memory, filesystem) and cannot prevent network calls that are coded to bypass the proxy. For full host isolation, use Sidecar Mode with restricted container environments.
Example: The 30-Second Gateway Setup
Point your existing LLM client to the ABS Gateway.
from openai import OpenAI
client = OpenAI(
api_key="your-openai-key",
base_url="https://api.abscore.app/v1" # Traffic is now routed through the Gateway
)
# Your autonomous tool calls are now governed by Zero-Latency policies.Ecosystem & Adapters
ABS Core provides unified governance for leading frameworks:
- LangChain Adapter: Plug-and-play middleware.
- Crew AI Extension: Consensus kernel for multi-agent swarms.
- Vercel AI SDK: Integration via custom model providers.
Technical Glossary
OID (Agent Identity)
Unique cryptographic identifier for agents, ensuring non-repudiation of actions.
WASM Policy Engine
High-security Rust-based execution layer for policy validation in < 5ms.
Bond / Slash
Financial accountability mechanism where agents stake collateral (Bond) which is "Slashed" upon policy violation.
Quorum
Consensus mechanism requiring M-of-N human or supervisor approvals for critical operations.
Immutable Ledger
A tamper-proof SHA-256 history of all audited agent interactions.
Policy as Code (DSL)
Declarative language to define complex governance rules for agent behavior.
Legal & Trust
Privacy Policy | Terms of Service | Security Ledger Explorer
Ready to deploy? Visit our Quickstart Guide to install the SDK.