Skip to content

SENTINEL — External Surface Reference

SENTINEL is Sipher’s LLM-backed security analyst. Think of it as the security department of an office building: it watches every fund-moving action, flags suspicious wallets, can pause execution for human review, and logs every decision for audit. This folder is the integrator-facing reference for SENTINEL’s external surface.

SENTINEL has three modes selected via SENTINEL_MODE:

ModeBehavior on flagged actionUse when
yoloAllow the action; log the decisionDefault; trusted operator + own wallet
advisoryPause execution; require explicit human overrideProduction VPS; admin-supervised flows
offSkip preflight entirely; log nothingLocal dev; tests that bypass risk checks

Default: yolo (parsed in packages/agent/src/sentinel/config.ts:30-33).

flowchart TD
  A[SIPHER tool call] -->|fund-moving action| B[Preflight Gate]
  B -->|in scope| C[SENTINEL assess]
  B -->|out of scope| Z[Execute]
  C -->|allow| Z
  C -->|flag, mode=yolo| Z
  C -->|flag, mode=advisory| D[Pause + emit sentinel_pause SSE]
  D -->|admin override| Z
  D -->|admin cancel| X[Reject]
  C -->|block| X
  Z --> L[(Log to sentinel_decisions)]
  X --> L

Authenticate and run a one-shot risk assessment:

Terminal window
# Get a JWT (see /api/auth/nonce + /api/auth/verify for the full ed25519 flow)
JWT="<your-token>"
curl -X POST http://localhost:3000/api/sentinel/assess \
-H "Authorization: Bearer $JWT" \
-H "Content-Type: application/json" \
-d '{
"action": "vault_refund",
"wallet": "C1phrE76Wrkmt1GP6Aa9RjCeLDKHZ7p4MPVRuPa8x85N",
"amount": 1.5
}'

The response is a RiskReport (shape defined in packages/agent/src/sentinel/risk-report.ts):

{
"risk": "high",
"score": 100,
"reasons": [
"SENTINEL output failed schema validation"
],
"recommendation": "block",
"blockers": [
"schema-violation"
],
"decisionId": "01KQP24PG0KZCJVWJDQM8H3JAY",
"durationMs": 440
}