verified_user The Digital Sentinel is Live

The Identity Firewall for AI Agents.

Sphyr provides cryptographic, financial, and behavioral boundaries for autonomous agents. Deploy with confidence knowing your agents are bounded by iron-clad security policies.

Start Shielding for Free Read the Specs

Autonomous Boundary Control

AI agents operate in milliseconds. Manual security can't keep up. Sphyr enforces hard-coded limits on agent behavior, from wallet spend caps to rate limits.

currency_exchange

Financial Limits

vpn_lock

Network Guardrails

shield_person

Identity at the Edge.

Verified cryptographic signatures for every agent instruction, globally distributed.

language
terminal

Request Forensics

Every proxied request is logged with salted hashes, session grouping, and outcome classification for post-incident analysis.

Deep JWT & Entropy Scanning

Recursively scans JWT payloads and request bodies for encoded secrets. High-entropy strings are flagged before they leave your perimeter. Minimal latency overhead at the edge.

shield_with_heart

The "Seat Belt" Philosophy

"Security is not a final destination, but a persistent layer of friction designed to protect speed. We build the seatbelts for the AI revolution."

In a world of defense-in-depth, Sphyr operates as the final immutable layer. If the agent's logic fails, the firewall holds. Our architecture ensures that even a compromised LLM cannot exceed the hard boundaries defined in the Sphyr console.

Technical Specification

Optimized for human readability and LLM context window injection.

hub
HMAC Signature Verification

Every request is cryptographically signed. Unsigned or tampered requests are rejected before DNS resolution.

header: x-sphyr-hmac-sig
data_object
SSRF Protection

Hardened request sanitization for agent-initiated fetch requests, preventing internal network exposure and exfiltration.

scope: egress_restrict_v1
security
Deep JWT & Entropy Scanning

Recursively scans JWT payloads and request bodies for encoded secrets. High-entropy strings are flagged before they leave your perimeter.

verify: nested_claims_auth

Built for the Modern Edge

cloud Cloudflare Workers
key Unkey Auth
database Cloudflare D1

Performance isn't an afterthought. We serve policies in under 10ms from 300+ locations worldwide.

Ready to shield your
Agentic Future?

Get Started for Free

No credit card required. Start with a 1,000 request free grant.