Architecture
Request flow from agent to enterprise backend
Architecture
Nexus implements a three-layer enforcement spine: identity (AgentIAM), execution inspection (MCP Gateway), and evidence (immutable audit).
System diagram
flowchart TB
subgraph AgentRuntime["Agent runtime"]
LC[LangChain / CrewAI / OpenAI]
end
subgraph Nexus["Nexus platform"]
SDK["@hardalion/sdk wrap"]
IAM[AgentIAM verify]
GW[MCP Gateway inspect]
NPL[NPL policy engine]
AUD[Audit append]
end
subgraph Backend["Enterprise systems"]
API[REST / GraphQL APIs]
DB[(Databases)]
PAY[Payment rails]
end
LC --> SDK
SDK --> IAM
IAM --> GW
GW --> NPL
NPL -->|allow| API
NPL -->|allow| DB
NPL -->|allow| PAY
GW --> AUD
NPL -->|block| AUDLayer 1: AgentIAM
Cryptographically verifiable agent identity using Ed25519-signed credentials. Supports recursive delegation when one agent invokes another. See AgentIAM.
Layer 2: MCP Gateway
The gateway performs deep packet inspection on JSON-RPC 2.0 tool calls before forwarding to backend systems. Policies compile from NPL. See MCP Gateway.
Layer 3: Immutable audit
Every gate decision appends to a tenant-scoped, hash-chained log. Exports support EU AI Act conformity bundles and operational incident evidence. See Immutable audit trail.
NPL and Nexus
| Component | Role |
|---|---|
| npl-spec | Open policy language, reference CLI (@hardalion/npl-policy-engine), audit verifier |
| Nexus platform | Hosted enforcement, multi-tenant RLS, operator console, compliance exports |
You can evaluate NPL policies in CI or locally without Nexus. Nexus adds runtime enforcement, AgentIAM, MCP routing, and regulator-grade audit storage.
Design principles
- Deterministic policy path: same input produces the same decision. No LLM in the gate.
- Fail-closed: unreachable policy registry or evaluation error blocks execution on production tenants.
- Zero-LLM latency on gate: compiled NPL rules evaluate in-memory.
- Typed API errors:
{ error: { code, message } }on all public endpoints.
Latency targets
| Metric | Target |
|---|---|
| Policy gate p50 | ~160 ms |
| Policy gate p99 | < 201 ms |
| LLM tokens on gate | 0 |
Measured on warm staging excluding model inference. See Security & Compliance.
Deployment models
| Model | Description |
|---|---|
| SaaS | api.hardalion.com + nexus.hardalion.com |
| Dedicated tenant | Isolated Postgres, configurable data residency (EU, UK, US) |
| Private cloud | Licensed deployment under enterprise agreement |
See Deployment for integration patterns.