Core Architecture
TheWARDN is a governance gateway — a service that sits between AI agents and the actions they want to take. Every action request passes through a multi-stage evaluation pipeline before receiving a verdict.
The Governance Pipeline
When an AI agent sends a request to /govern, it passes through these stages in order:
┌─────────────────────────────────────────────────────────┐
│ GOVERNANCE PIPELINE │
│ │
│ 1. Governance Mode Check │
│ └─ DISABLED? → immediate pass-through │
│ │
│ 2. Agent Status Check │
│ ├─ deregistered? → reject │
│ ├─ identity_revoked? → reject │
│ ├─ paused? → auto-HELD (escrow) │
│ └─ blocked? → auto-BLOCKED (violation) │
│ │
│ 3. CHAM Policy Load │
│ ├─ Tenant-wide policies │
│ ├─ Agent-scoped policies (additive) │
│ └─ Agent confidence floor injection │
│ │
│ 4. Decision Boundary Checks │
│ ├─ Sequence state (halted sequences block) │
│ ├─ Grant lifecycle (authorization grants) │
│ └─ L6 Model Governance (model supply chain) │
│ │
│ 5. Sentinel Evaluation (21 SGP) │
│ ├─ CHAM policy evaluation │
│ ├─ Tier mapping │
│ ├─ Change window enforcement │
│ └─ Confidence threshold check │
│ │
│ 6. Verdict Sealing │
│ ├─ SHA-256 hash chain audit record │
│ ├─ Escrow creation (if HELD) │
│ └─ Violation record (if BLOCKED) │
│ │
│ 7. Response │
│ └─ {verdict, tier, seq, hash, escrow_id} │
└─────────────────────────────────────────────────────────┘Components
Sentinel Engine
The Sentinel engine is the core evaluation brain. It implements the 21 Sentinel Governance Principles (SGP) — a hardcoded set of rules that cannot be disabled or overridden by configuration. These include:
- Fail-closed governance — silence is never approval
- Human supremacy — humans can always override AI decisions
- Identity verification — agents must prove WHO_I_AM before acting
- Confidence thresholds — actions below minimum confidence are held
- Environment protection — production actions face stricter scrutiny
Sentinel evaluates actions against:
- SGP rules (hardcoded, immutable)
- CHAM policies (configurable per tenant)
- Tier mappings (action type → tier classification)
- Change windows (time-based enforcement)
CHAM Policy Engine
CHAM stands for Configurable, Hot-swappable, Auditable, Measurable:
| Property | Meaning |
|---|---|
| Configurable | Policies are defined as JSON config — no code changes needed |
| Hot-swappable | Activate, deactivate, or modify policies without redeployment |
| Auditable | Every policy evaluation is recorded in the audit trail |
| Measurable | Policy effectiveness can be measured via governance stats |
Policy types include:
confidence_floor— minimum confidence scores per dimensionenvironment_restriction— block actions in specific environmentsaction_type_block— block specific action typesrate_limit— limit actions per time windowrequire_reasoning— require agents to provide reasoninggrant_lifecycle— require authorization grantscompliance_pack— regulatory compliance policy sets
Audit Store
Every governed action produces an audit record sealed with a SHA-256 hash chain:
Record N:
seq: 42
hash: SHA256(prev_hash + tenant_id + agent_id + verdict + tier + action_type + ...)
prev_hash: <hash of record 41>
verdict: CLEARED
tier: A
policies_fired: ["confidence_floor"]
sealed_at: 2026-04-10T20:14:03ZThe hash chain ensures tamper detection. If any historical record is modified, every subsequent hash becomes invalid. This provides:
- Integrity verification — detect any tampering with historical records
- Non-repudiation — prove that a specific verdict was sealed at a specific time
- Regulatory compliance — HIPAA, SOX, and EU AI Act all require immutable audit trails
Escrow Queue
When Sentinel returns a HELD verdict, the action is placed in the escrow queue for human review:
- Release — approve the action for execution
- Kill — reject the action permanently
- Timeout — if no human reviews within the timeout window (configurable per tier), the action expires
Escrow provides the "human in the loop" that regulators require for high-risk AI actions.
Agent Registry
Every AI agent that interacts with TheWARDN must be registered:
json
{
"id": "agent_abc123",
"name": "deploy-bot",
"description": "Automated deployment agent",
"status": "active",
"tier_override": null,
"confidence_floor": 0.85,
"total_governed": 1247,
"total_cleared": 1180,
"total_held": 52,
"total_blocked": 15,
"last_seen": "2026-04-10T20:00:00Z"
}Agent statuses:
active— normal governance evaluationpaused— all actions auto-HELD for reviewblocked— all actions auto-BLOCKEDderegistered— agent cannot submit actionsidentity_revoked— agent must re-register identity
Data Model
Core Tables
| Table | Purpose |
|---|---|
tenants | Organizations using TheWARDN |
users | User accounts within tenants |
agents | Registered AI agents |
cham_policies | Governance policies |
tier_mappings | Action type to tier classification |
change_windows | Time-based governance windows |
audit_records | Immutable hash-chained audit trail |
escrow_queue | Actions held for human review |
violations | Policy violation records |
agent_policies | Agent-specific policy assignments |
Layer Tables
| Table | Layer | Purpose |
|---|---|---|
l6_model_registry | L6 | Approved AI models |
l6_map_policies | L6 | Model Access Policies |
l6_model_audit | L6 | Model governance audit trail |
l6_shadow_events | L6 | Shadow model detection events |
l6_platform_connectors | L6 | Platform integration configs |
l6_config | L6 | Per-tenant L6 settings |
Technology Stack
| Component | Technology |
|---|---|
| Gateway API | FastAPI (Python 3.11+) |
| Database | PostgreSQL 15 |
| Cache/Rate Limit | Redis 7 |
| Console UI | React 19 + Tailwind v4 + Framer Motion |
| Hosting | Hetzner (backend) + Vercel (frontend) |
| Auth | Supabase Auth (JWT) |
| Payments | Stripe |
| Reverse Proxy | Nginx |
Deployment Architecture
┌──────────────────┐
│ Cloudflare │
│ (DNS + CDN) │
└────────┬─────────┘
│
┌──────────────┴──────────────┐
│ │
┌─────────┴─────────┐ ┌──────────┴──────────┐
│ console.thewardn.ai│ │ api.thewardn.ai │
│ (Vercel) │ │ (Hetzner) │
│ React SPA │ │ Nginx → Gateway │
└────────────────────┘ └──────────┬──────────┘
│
┌──────────┴──────────┐
│ Docker Compose │
│ │
│ ┌────────────────┐ │
│ │ wardn-gateway │ │
│ │ (FastAPI:9008) │ │
│ └───────┬────────┘ │
│ │ │
│ ┌───────┴────────┐ │
│ │ wardn-postgres │ │
│ │ (PostgreSQL:5432)│ │
│ └────────────────┘ │
│ │
│ ┌────────────────┐ │
│ │ wardn-redis │ │
│ │ (Redis:6379) │ │
│ └────────────────┘ │
└──────────────────────┘Next Steps
- Quick Start Guide — integrate in 5 minutes
- Sentinel Engine Deep Dive — understand the 21 SGP
- CHAM Policies — build your governance rules