Architecture

Request flow from agent to enterprise backend

Architecture

Nexus implements a three-layer enforcement spine: identity (AgentIAM), execution inspection (MCP Gateway), and evidence (immutable audit).

System diagram

flowchart TB
  subgraph AgentRuntime["Agent runtime"]
    LC[LangChain / CrewAI / OpenAI]
  end

  subgraph Nexus["Nexus platform"]
    SDK["@hardalion/sdk wrap"]
    IAM[AgentIAM verify]
    GW[MCP Gateway inspect]
    NPL[NPL policy engine]
    AUD[Audit append]
  end

  subgraph Backend["Enterprise systems"]
    API[REST / GraphQL APIs]
    DB[(Databases)]
    PAY[Payment rails]
  end

  LC --> SDK
  SDK --> IAM
  IAM --> GW
  GW --> NPL
  NPL -->|allow| API
  NPL -->|allow| DB
  NPL -->|allow| PAY
  GW --> AUD
  NPL -->|block| AUD

Layer 1: AgentIAM

Cryptographically verifiable agent identity using Ed25519-signed credentials. Supports recursive delegation when one agent invokes another. See AgentIAM.

Layer 2: MCP Gateway

The gateway performs deep packet inspection on JSON-RPC 2.0 tool calls before forwarding to backend systems. Policies compile from NPL. See MCP Gateway.

Layer 3: Immutable audit

Every gate decision appends to a tenant-scoped, hash-chained log. Exports support EU AI Act conformity bundles and operational incident evidence. See Immutable audit trail.

NPL and Nexus

ComponentRole
npl-specOpen policy language, reference CLI (@hardalion/npl-policy-engine), audit verifier
Nexus platformHosted enforcement, multi-tenant RLS, operator console, compliance exports

You can evaluate NPL policies in CI or locally without Nexus. Nexus adds runtime enforcement, AgentIAM, MCP routing, and regulator-grade audit storage.

Design principles

  • Deterministic policy path: same input produces the same decision. No LLM in the gate.
  • Fail-closed: unreachable policy registry or evaluation error blocks execution on production tenants.
  • Zero-LLM latency on gate: compiled NPL rules evaluate in-memory.
  • Typed API errors: { error: { code, message } } on all public endpoints.

Latency targets

MetricTarget
Policy gate p50~160 ms
Policy gate p99< 201 ms
LLM tokens on gate0

Measured on warm staging excluding model inference. See Security & Compliance.

Deployment models

ModelDescription
SaaSapi.hardalion.com + nexus.hardalion.com
Dedicated tenantIsolated Postgres, configurable data residency (EU, UK, US)
Private cloudLicensed deployment under enterprise agreement

See Deployment for integration patterns.