Trust Operations Mode · ASZ → Registry → Assertions → Audit → DDR → Sentinel Handoff → Evidence

SecureTheCloud

Agent Sovereignty Zones

Backend PendingLocal OPA Required

Platform Overview

Agent Sovereignty Zones Command Center

ASZ Trust Operations Platform

Operate cross-zone agent trust with signed assertions, deterministic failure explanations, tamper-evident audit history, and local enforcement handoff visibility.

Command Rule

Verified ≠ Authorized

ASZ provides verified handoff context. Sentinel/OPA remains the receiving-zone decision authority.

Request Private Demo Schedule Architecture Review

Signed assertions cross zones as evidence, not execution approval.

Trust, signature, replay, and DDR proof remain independently inspectable.

Local OPA remains required before any receiving-zone action proceeds.

Trust operations rule

Verified ≠ Authorized

OPA REQUIRED

Trust registryEligibility checked

CIPHER signatureIntegrity verified

Audit chainPending data

Sentinel handoffLocal OPA remains final

ASZ verified context may be handed to Sentinel/Kubernetes. Sentinel/OPA remains the local enforcement authority.

Trust posture summary

Executive Trust Posture

A compact operations view of trust registry state, evidence volume, audit integrity, rejection proof, tamper evidence, and local enforcement posture.

0/0

Trusted Zones

Trust registry entries currently marked trusted.

Live Events

Cross-zone records loaded from the backend evidence stream.

Pending

Audit Chain

Waiting for audit data or backend verification.

Rejected Handoffs

Derived from rejected, invalid, deny, signature, and replay evidence.

Pending

Tamper Proof

Safe simulation has not returned tamper evidence yet.

Pending

K8s Correlation

Correlation is evidence-only. ASZ does not authorize Kubernetes execution.

Handshake simulator

Run Cross-Zone Handshake

Create a signed outbound assertion, submit it to the inbound verifier, then refresh the live evidence panels without clearing audit history.

Verified ≠ Authorized

Handshake Result

Local OPA Required

Run a handshake to create live events, DDR explanations, and audit-chain records.

Live backend visibility

Trust Evidence Command Center

Operational evidence from the Agent Sovereignty Zones backend: registry posture, cross-zone events, hash-linked audit proof, DDR explanations, safe tamper simulation, deterministic failure evidence, and Kubernetes/Sentinel correlation.

Registry

Zone Registry

0 zones

No registry records returned

Activity

Cross-Zone Events

0 events

No events returned

Audit integrity

Dual-Zone Audit Chain

Pending

Latest hash: —

0 audit records

No audit records returned

Deterministic decision record

DDR Explanations

0 explanations

No explanations returned

Kubernetes/Sentinel Handoff

Live Correlation View

OPA authority preserved

ASZ can provide verified handoff context to Sentinel. Sentinel still evaluates the local Kubernetes action with OPA as the decision authority.Correlation is evidence-only. ASZ does not authorize Kubernetes execution.

ASZ assertion verified

Pending evidence

No ASZ correlation record loaded

ASZ handoff context

Pending

No asz_handoff_id in current evidence

Sentinel evidence

Pending / unavailable

pending_sentinel_evidence

OPA authority preserved

True

Sentinel/OPA remains the local decision authority.

ASZ authorization bypass

False

The correlation proof keeps bypass false.

ASZ authorization granted

False

ASZ evidence is not an execution approval.

Redis authorization source

False

Redis is persistence, not authorization authority.

Runtime artifacts emitted

False

Correlation does not issue tokens, sessions, or runtime grants.

Correlation records

0 correlations

pending_sentinel_evidence

No Kubernetes/Sentinel correlation records returned

Tamper-Evident Audit Demo

Safe simulation: ASZ creates a temporary copy of the audit chain, changes one field in that copy, and verifies that the copied chain breaks. The real Redis-backed audit chain remains unchanged and verified.

Pending Demo

Real Audit Chain

Unverified

Simulated Tampered Copy

Pending

Field Changed in Copy

—

Cloned event tested: —

Only the cloned audit event was modified for this demo. The persisted Redis audit chain was not changed.

Refresh behavior: Refresh re-runs the safe simulation against the latest persisted audit chain. It does not clear audit history.

Cross-Zone Failure Scenarios

Valid assertions can cross zones. Invalid assertions fail closed before local OPA. ASZ records the rejection, explains the reason, and produces no runtime grant.

Fail Closed Demo

Invalid Signature

Simulates a modified assertion payload. CIPHER integrity rejects it before local OPA.

401

Replay Attempt

Simulates reusing the same assertion ID. Replay protection rejects the duplicate handoff.

409

Run a failure scenario to prove invalid trust is rejected, recorded, and explained.

Preview

Evidence Export

Future evidence bundles will package assertion details, DDR explanations, audit anchors, failure evidence, and handoff correlation without exposing secrets, tokens, or private keys.

Read-only evidence export APIs are backend-ready. Frontend export actions remain disabled until explicitly enabled.

Handoff Resolver Evidence

Read-only resolver evidence

Evidence-only

Resolver evidence is read-only. Resolver output is evidence-only. Resolved does not mean authorized. Safe context available does not mean authorized. ASZ does not authorize Kubernetes execution. Sentinel/OPA remains local decision authority. Redis is persistence, not authorization.

Resolver evidence unavailable. No authorization decision is inferred.

Trust Operations for Cross-Zone Agent Governance

Use this command center to demonstrate live handshakes, rejection proof, deterministic explanations, audit integrity, and local enforcement handoff visibility without changing backend behavior.

Request Private Demo Schedule Architecture Review