Security Posture Pack
Everything your security team needs to evaluate SatGate.
Security Model Overview
SatGate implements Economic Access Control (EAC) — a capability-based security model where every API request must present a cryptographically verified token with embedded access constraints.
Unlike identity-based systems (OAuth, API keys) that answer "who are you?", SatGate answers "what can you afford?" — enforcing budgets, scopes, and delegation limits at the request layer.
The gateway operates as a Policy Enforcement Point (PEP), sitting between AI agents and upstream APIs. No request reaches the upstream without passing cryptographic verification.
Authentication & Authorization
Macaroon tokens: Bearer tokens with embedded caveats (budget, scope, TTL, delegation). Cryptographically signed using HMAC-SHA256. Cannot be forged or tampered with.
SatGate Mint (Trust Broker): Exchanges workload identity tokens (OIDC JWTs from K8s, AWS IAM, or any OIDC provider) for gateway-native macaroons with policy-defined constraints.
Delegation: Parent tokens can create child tokens with tighter restrictions. Children are designed to stay within parent permissions; cascade revocation is verified through governed-request checks after revocation.
Scope enforcement: Fine-grained access control via scope caveats (e.g., api:read, api:write, api:capability:admin). Wildcard matching supported.
Encryption & Key Management
All traffic encrypted in transit via TLS 1.2+. HTTPS enforced for all Cloud endpoints.
Macaroon root keys are tenant-isolated. Each tenant has a unique root key that never leaves the gateway process.
Non-custodial architecture: SatGate never stores or accesses upstream API credentials. Tokens are verified at the gateway; upstream calls use the customer's own credentials.
Database encryption: Postgres with encrypted connections. Sensitive fields (tokens, keys) stored as salted hashes where possible.
JWT verification: JWKS endpoints fetched and cached with automatic rotation support.
Data Handling
Request bodies are NOT inspected or stored (except MCP tool call metadata for cost attribution).
Logged data: timestamp, token identifier, route, HTTP method, status code, latency, credits charged. No PII or request payloads.
MCP proxy: Parses JSON-RPC method and tool name for cost attribution. Does not log tool arguments or responses.
Tenant isolation: tenant data is scoped by tenant_id and guarded by tenant-boundary checks. Cross-tenant isolation claims require the current adversarial matrix and endpoint coverage evidence.
Data retention: Configurable. Default 90 days for audit logs, 30 days for usage metrics.
Audit & Compliance
55 event types across 12 categories tracked in immutable audit log.
Every token mint, revocation, delegation, budget change, config update, and login is recorded.
Audit log export: CSV/JSON export available via dashboard and API.
Webhook notifications: Real-time alerts to Slack, Discord, email, or custom HTTP endpoints.
RBAC: Role-based access control for dashboard users (admin, member, viewer).
Infrastructure & Deployment
Gateway: Single Go binary with no external runtime dependencies. Stateless — scales horizontally.
Cloud platform: hosted on Fly.io (US-East). SatGate SOC 2/customer audit claims are readiness-gated and require current artifacts.
Database: Postgres-backed Cloud storage. Backup/restore posture is readiness-gated and documented separately from this pilot security overview.
Redis: Used for real-time spend tracking and session state. Optional — gateway operates without it.
Self-hosted option: Deploy on-premises or in your own cloud. Same binary, same config.
Open source core: Gateway source code available at github.com/SatGate-io/satgate for security review.
Security Checklist
Need a custom security review or have compliance questions?
security@satgate.io · Audit Events Reference · Security Page