- What it does - Agent → Envoy (mTLS per-agent cert) → OPA (policy check) → Target - Each agent gets a short-lived cert, rotated automatically - Policies constrain domain + time window; outside-window requests are denied and logged (<5ms median in demo) - Audit logs are hash-chained; here’s how to verify the chain: https://github.com/j-raghavan/ChronoGuard#verify-audit-chain
- Why not SPIFFE/Boundary/etc.? They handle identity; ChronoGuard adds enforced time windows + tamper-evident audit (“agent X can only hit api.example.com 9–5 UTC”).
- Try it (pick one) - Live demo (2 min): https://j-raghavan.github.io/ChronoGuard/ — see 9–5 allowed, after-hours denied, with audit trail - One-click Codespaces: https://codespaces.new/j-raghavan/ChronoGuard — brings up Envoy+OPA; follow the 3-step README - Repo: https://github.com/j-raghavan/ChronoGuard
- Scope - Covers: per-agent identity (mTLS issuance/rotation), time-bounded access control, tamper-evident audit - Not yet: model jailbreak defense, data loss prevention—this is access control + audit
- Looking for contributors Envoy filters/hot-reload certs, OPA policy packs, language SDKs (LangChain/AutoGen), audit verification tooling. Good first issues: https://github.com/j-raghavan/ChronoGuard/labels/good%20firs...
- Best starting point: the live demo. Feedback or PRs welcome.