Enterprise Security

Deterministic Control
for Non-Deterministic AI

Traditional SIEMs watch the clock. We watch the chain of custody.

The Core Philosophy: Why "When" is No Longer Enough

In traditional software, logs are linear. In the age of autonomous AI agents, execution is asynchronous, distributed, and non-deterministic. An agent might spawn three sub-processes across different server regions. If you rely on NTP (Network Time Protocol) timestamps to audit this, you are blind.

LockStock doesn't rely on server clocks for ordering. Instead, every agent action extends a cryptographic hash chain. Each action is linked to its predecessor by a SHA-256 hash. We don't just tell you that an API call happened at 12:01 PM; we prove that Action B came after Action A because its hash includes Action A's hash. Reorder, delete, or insert a record and the chain breaks.

Feature Deep Dive: The "Kill Switch" Architecture

Real-Time Velocity Anomaly Detection

AI agents can hallucinate. When they do, they don't just make a mistake; they make mistakes at the speed of light. A rogue agent might execute 1,000 erroneous database writes in the time it takes a human analyst to sip their coffee.

How it works: LockStock monitors the "semantic velocity" of your agents. It establishes a baseline for normal operation (e.g., "This agent usually queries the billing API twice per hour").
The Trigger: If the agent accelerates beyond the defined velocity—attempting 50 queries in a minute—the gateway flags the anomaly instantly, independent of the payload content.

Automated Circuit Breakers

Detection is useless without intervention. LockStock implements an Identity-Layer Circuit Breaker.

The Mechanism

Upon detecting a velocity anomaly, the gateway freezes the agent instantly. The request never reaches the AI provider.

The Result

The agent is instantly locked. All subsequent requests are rejected with a 429 status. The damage stops immediately, giving your team time to investigate. Unlock from the dashboard when ready.

The Compliance Engine: Tamper-Evident Proof
For banking, healthcare, and defense, "we think this happened" isn't good enough. You need proof.

Per-Action Cryptographic Proof

Traditional systems use static API keys that remain valid for weeks or months. If compromised, the attacker has a long window. LockStock's hash chain advances on every single action — each stamp produces a unique hash that can never be reused. Replay the same request and the server rejects it.

Business Impact: Each action has unique, forward-only proof. Demonstrate continuous compliance to auditors and stakeholders.

Compliance Automation

  • Tamper-Evident Ledger: Every decision an agent makes is hashed and chained. This creates a cryptographic record of agent history.
  • No "Lost" Logs: Because every event is parented to a previous event, a missing log file is immediately detectable as a broken link in the cryptographic chain. You cannot delete a record without invalidating the entire identity.
  • Compliance-Ready Exports: Export audit logs and chain verification reports formatted for compliance reviewers. The cryptographic chain proves that no records were altered, deleted, or reordered after the fact.
Compliance-Ready Architecture Cryptographic Hash Chain

Designed to support SOC2, HIPAA, PCI-DSS, and ISO 27001 compliance requirements.

Agent-to-Agent Trust

Autonomous agents increasingly need to collaborate — delegating tasks, sharing results, coordinating workflows across teams and organizations. But how does one agent verify another's identity?

LockStock extends the same cryptographic chain that proves individual agent integrity to prove agent-to-agent identity. When Agent A sends a task to Agent B, both agents' chains record the interaction. Each side can verify the other's complete history before accepting work — no shared secrets, no passwords, no certificates to manage.

Internal Collaboration

Agents under your account authenticate each other automatically through the gateway. Task delegation, handoffs, and multi-step workflows are cryptographically recorded in both agents' chains.

Cross-Organization Trust

When your agents need to work with a partner's agents, LockStock serves as the neutral intermediary. Both organizations maintain their own governance policies while the platform verifies identities and records every interaction.

Configure which agents can accept inbound tasks, from whom, and what types — all from the dashboard.

Technical Integration: How it Fits Your Stack

Gateway Deployment

The d3cipher Gateway is a Docker container deployed in your network. Your AI agents talk to it instead of directly to OpenAI, Anthropic, or any other provider. No code changes. No SDK. One environment variable.

Web Dashboard

Fleet View: See all your agents, their status, sequence depth, velocity, and risk scores at a glance.

Auditor: Read full conversation transcripts decrypted entirely in your browser. The server stores only ciphertext it cannot read.

# Store your credentials securely pipx install liberty-secrets && liberty init liberty add LOCKSTOCK_API_KEY "lsk_admin_..." liberty add LOCKSTOCK_GATEWAY_KEY "lsk_gateway_..." liberty add LOCKSTOCK_UPSTREAM_URL "https://api.openai.com" # Provision an agent and start the gateway lockstock-gateway provision --name my-agent lockstock-gateway start # Point your agents at the gateway # OPENAI_BASE_URL=http://localhost:4000

Full setup: Gateway Quickstart

Pricing

LockStock

$9.99/agent/month
Every agent gets everything. No tiers. No upsells.
  • [OK] Cryptographic audit trail
  • [OK] Per-action cryptographic proof
  • [OK] Governance policies & kill switch
  • [OK] Token budgets & velocity monitoring
  • [OK] Encrypted transcripts (Auditor)
  • [OK] Anomaly detection (Sentinel ML)
  • [OK] Web dashboard & fleet management
  • [OK] Agent-to-agent authentication & verified handshakes
  • [OK] Compliance-ready architecture
Get Started

Running more than 100 agents? Let's talk.

"Stop trusting timestamps. Start verifying the chain."

Get Started — $9.99/agent/month Gateway Quickstart