Zero-Egress Design
GLACIS is designed so sensitive evidence never leaves your infrastructure.
The Problem
Traditional compliance solutions require sharing evidence with third parties:
- Audit logs sent to external services
- Request/response data stored externally
- Sensitive data exposure risk
The Solution
GLACIS uses cryptographic commitments:
┌─────────────────────────────────────────────────────────────┐│ Your Infrastructure ││ ┌─────────────────────────────────────────────────────┐ ││ │ Evidence (request, response, PII) │ ││ │ STAYS HERE - never transmitted │ ││ └─────────────────────────────────────────────────────┘ ││ │ ││ ▼ Commitment = sha256(evidence) │└───────────────────────────┼─────────────────────────────────┘ │ ▼┌─────────────────────────────────────────────────────────────┐│ GLACIS Services ││ ┌─────────────────────────────────────────────────────┐ ││ │ Receives: Commitment hash only │ ││ │ Cannot: Reverse hash to get evidence │ ││ │ Can: Verify proofs mathematically │ ││ └─────────────────────────────────────────────────────┘ │└─────────────────────────────────────────────────────────────┘How It Works
- Sidecar processes request/response in your infrastructure
- Generates commitment (SHA-256 hash)
- Sends only commitment to GLACIS
- GLACIS validates and issues Merkle proof
- Evidence stays local
Verification Without Access
Auditors can verify compliance without seeing evidence:
- Request attestation and Merkle proof
- Verify Ed25519 signature
- Verify Merkle inclusion
- Confirm commitment was issued
Use Cases
- HIPAA: PHI never transmitted
- GDPR: Personal data stays local
- Financial: Transaction data protected
- Enterprise: Intellectual property safe
Kubernetes Enforcement
Use NetworkPolicy to enforce zero-egress:
apiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: glacis-zero-egressspec: podSelector: matchLabels: app: glacis-sidecar policyTypes: - Egress egress: - to: - ipBlock: cidr: 0.0.0.0/0 ports: - port: 443