Sovereign Inference Control Plane
⧉ Governance before generation.
Policy-driven proxy that governs AI requests before they execute. Safety by design, not by hope.
- ❌ Not prompt engineering — This is infrastructure-level control
- ❌ Not content moderation — This is pre-inference policy enforcement
- ❌ Not an AI wrapper — This is a cryptographically auditable control plane
- ❌ Not optional safety — Fail-closed by default, no bypass
Governance control plane for reflective AI inference.
MirrorGate enforces safety, policy, and cryptographic accountability around AI inference. It treats the LLM as an untrusted CPU — performing computation only — while all authority, memory, and identity live outside the model.
# Install dependencies
npm install
# Generate signing keys
npm run keygen
# Start development server
npm run dev
# Build for production
npm run build
npm startUser Request
↓
┌─────────────────────────────┐
│ GATE CHAIN │
│ G0: Transport & Auth │
│ G1: Hard Refusal │
│ G2: Domain Risk │
│ G3: Injection Detection │
│ G4: Size & Complexity │
│ G5: Intent Classification │
└─────────────────────────────┘
↓
┌─────────────────────────────┐
│ LLM INFERENCE │
│ (Untrusted) │
└─────────────────────────────┘
↓
┌─────────────────────────────┐
│ FILTER CHAIN │
│ F1: Prescriptive Language │
│ F2: Uncertainty Markers │
│ F3: Identity Claims │
│ F4: Schema Compliance │
└─────────────────────────────┘
↓
┌─────────────────────────────┐
│ CRYPTO AUDIT │
│ Ed25519 Signing │
│ SHA256 Hash Chain │
└─────────────────────────────┘
↓
Response
Main inference endpoint.
Request:
{
"session_id": "uuid",
"request_id": "uuid",
"input": "your prompt",
"profile": "default",
"consent": {
"save_to_vault": false,
"log_opt_in": true
}
}Response:
{
"output": "response text",
"safety_outcome": "allowed|rewritten|refused",
"model_used": "claude-3-opus",
"signature": "base64-sig",
"audit_hash": "sha256"
}Health check endpoint.
Create mirrorgate.yaml or ~/.mirrorgate/config.yaml:
server:
port: 8088
host: "127.0.0.1"
auth:
api_keys:
- "your-api-key"
allowed_origins:
- "https://activemirror.ai"
inference:
backends:
- name: claude
type: anthropic
model: claude-3-opus-20240229
default: claudePolicies define allowed behavior. See policies/ directory.
name: default
postfilters:
- prescriptive
- uncertainty
- identity
domains:
medical: reflective
legal: reflectiveEvery request generates a signed, hash-chained audit record:
{
"event_id": "uuid-v7",
"action": "ALLOW",
"hash_input": "sha256",
"hash_output": "sha256",
"prev_record_hash": "sha256",
"signature": "ed25519"
}Verify the audit chain:
# Coming soon: verification CLI- The LLM is not trusted — It performs computation only
- The LLM is not authoritative — All authority lives outside
- Fail-closed — Any error returns safe refusal
- Cryptographically auditable — Every decision is signed
MirrorGate v11 powers the safety layer for Active Mirror — the consumer product with AI Twins, BrainScan, and Sovereign Mode. Live since January 2026.
MirrorGate is part of the MirrorDNA ecosystem for sovereign AI (95 repos, 9 layers):
| Component | Description | Link |
|---|---|---|
| Active Mirror | Consumer product (AI Twins, BrainScan) | activemirror.ai |
| MirrorDNA Standard | Constitutional anchor for reflective AI | GitHub |
| SCD Protocol | Deterministic state management | GitHub |
| MirrorBrain | Local-first orchestration runtime | GitHub |
| Active Mirror Identity | Portable AI identity (Mirror Seed) | GitHub |
| MirrorGate | Inference control plane (you are here) | — |
| Glyph Engine | Cryptographic attestation | GitHub |
Documentation: MirrorDNA Docs
⟡ Built by MirrorDNA Infrastructure, not alignment. Governance before generation.