Security Posture Pack

SatGate implements Economic Access Control (EAC) — a capability-based security model where every API request must present a cryptographically verified token with embedded access constraints.

Unlike identity-based systems (OAuth, API keys) that answer "who are you?", SatGate answers "what can you afford?" — enforcing budgets, scopes, and delegation limits at the request layer.

The gateway operates as a Policy Enforcement Point (PEP), sitting between AI agents and upstream APIs. No request reaches the upstream without passing cryptographic verification.

Macaroon tokens: Bearer tokens with embedded caveats (budget, scope, TTL, delegation). Cryptographically signed using HMAC-SHA256. Cannot be forged or tampered with.

SatGate Mint (Trust Broker): Exchanges workload identity tokens (OIDC JWTs from K8s, AWS IAM, or any OIDC provider) for gateway-native macaroons with policy-defined constraints.

Delegation: Parent tokens can create child tokens with tighter restrictions. Children can never exceed parent permissions. Cascade revocation instantly invalidates entire delegation trees.

Scope enforcement: Fine-grained access control via scope caveats (e.g., api:read, api:write, api:capability:admin). Wildcard matching supported.

All traffic encrypted in transit via TLS 1.2+. HTTPS enforced for all Cloud endpoints.

Macaroon root keys are tenant-isolated. Each tenant has a unique root key that never leaves the gateway process.

Non-custodial architecture: SatGate never stores or accesses upstream API credentials. Tokens are verified at the gateway; upstream calls use the customer's own credentials.

Database encryption: Postgres with encrypted connections. Sensitive fields (tokens, keys) stored as salted hashes where possible.

JWT verification: JWKS endpoints fetched and cached with automatic rotation support.

Request bodies are NOT inspected or stored (except MCP tool call metadata for cost attribution).

Logged data: timestamp, token identifier, route, HTTP method, status code, latency, credits charged. No PII or request payloads.

MCP proxy: Parses JSON-RPC method and tool name for cost attribution. Does not log tool arguments or responses.

Tenant isolation: All data is scoped by tenant_id. Cross-tenant access is architecturally impossible.

Data retention: Configurable. Default 90 days for audit logs, 30 days for usage metrics.

55 event types across 12 categories tracked in immutable audit log.

Every token mint, revocation, delegation, budget change, config update, and login is recorded.

Audit log export: CSV/JSON export available via dashboard and API.

Webhook notifications: Real-time alerts to Slack, Discord, email, or custom HTTP endpoints.

RBAC: Role-based access control for dashboard users (admin, member, viewer).

Gateway: Single Go binary with no external runtime dependencies. Stateless — scales horizontally.

Cloud platform: Hosted on Fly.io (US-East). SOC 2 Type II certified infrastructure.

Database: Fly.io Managed Postgres with automated backups and point-in-time recovery.

Redis: Used for real-time spend tracking and session state. Optional — gateway operates without it.

Self-hosted option: Deploy on-premises or in your own cloud. Same binary, same config.

Open source core: Gateway source code available at github.com/SatGate-io/satgate for security review.