Entangle
Trust model

Federated by construction.

Entangle makes the trust model visible in the runtime itself. Each role has its own identity, the graph decides who may talk to whom, and messages are signed where the current protocol requires signed proof.

Report an issue Read the architecture

The model

Four properties, derived from the architecture.

These properties come from the architecture itself. Entangle uses federation, graph policy, and signed events as the foundation for runtime security.

Identity is per role

Host Authority signs control. Runners sign hello/heartbeat/observation. User nodes sign tasks/replies/approvals. Node runtime identity signs A2A. No actor can speak for another.

Edges are the auth model

Typed edges decide who can delegate, review, or hand off. Effective routes are validated before a runner emits a task.handoff. Authority is graph-shaped.

Secrets stay at the boundary

Model and git credentials resolve through Host-controlled runtime context. Secrets should reach runners only through explicit secret delivery, never through URLs or durable logs.

The wire is the audit log

Signed Nostr events on dedicated rumor kinds are the operational record. Approval lifecycle, source mutations, restart generations, and recovery findings all flow through the same observable surface.

Posture today

Runtime boundaries.

  • Host-owned graph, runner, assignment, package, principal, projection, and event boundaries.
  • Optional ENTANGLE_HOST_OPERATOR_TOKEN boundary with bearer-token propagation through Host client, CLI, and Studio.
  • Host-managed external principals for backend identities (e.g. git).
  • Runtime isolation between runner processes and node workspaces.
  • NIP-59 wrapped Nostr events for A2A coordination, with verified relay delivery.
  • Audit-style host events for protected mutations and runtime trace events.

Hardening

Before production claims.

  • Real-provider secret handling and operator setup hardening.
  • Physical multi-machine security validation.
  • Long-running audit retention and backup/restore exercises.
  • Production operator identity beyond bootstrap token mode.
  • Responsible disclosure and release security process.

Hardening

Operational security depth.

  • Role-aware operator identity and policy-backed permissions.
  • Multi-tenant graph, runner, and resource boundaries.
  • Audit retention and SIEM-ready event export.
  • Compliance workflows for teams that need formal evidence.
  • Security review, vulnerability handling, and responsible disclosure.

Reporting

If you find a vulnerability.

Email security@entangle.run with reproduction steps, affected commits, and any relevant runtime evidence (events, traces, signed messages). Please give reasonable time to investigate before public disclosure. Valid reports are acknowledged and credited.

See current status

Run a coding-agent organization as a graph.

Boot Entangle, open Studio, and watch distributed agents, users, runners, signed messages, approvals, and git-backed artifacts move through one governed graph.

Boot the runtime See how it works