Every decision logged. Every rule inspectable. Every verdict reproducible. TEOS Sovereign Sentinel is a deterministic, auditable governance engine — not a black box.
TEOS Sovereign Sentinel uses a purely deterministic regex-based rule engine. No ML inference. No probabilistic verdicts. Every rule is a named, versioned, publicly inspectable pattern with explicit severity and scoring. The same input will always produce the same output — guaranteeing reproducibility for audit and compliance.
5-category architecture: 64 Core · 29 Solana · 10 EVM · 8 Banking · 10 MENA
All endpoints return JSON. CORS enabled for cross-origin access. No authentication required for read endpoints.
Engine health check. Returns status, engine version, 121 Active Governance Controls count, uptime, and current time.
Engine version information. Returns version string (v4.0.0-rc1, Engine v4.0.0), rule count, test count, and component status.
Account tier and credit information. Returns tier, credits remaining, and expiry date for the requesting user.
Every POST /scan response follows this deterministic schema. Fields are guaranteed present for valid input.
| Field | Type | Description |
|---|---|---|
| verdict | string | "BLOCK" | "WARN" | "ALLOW" | "ERROR" |
| score | number | Risk score 0-100. Higher = more dangerous. |
| rule | string | Matched rule identifier. Format: "R{id}.{NAME}" e.g. "R01.DESTRUCTIVE_SHELL" |
| ruleId | string | Short rule ID: "R01" through "R121", or "R00" for clean. |
| severity | string | "critical" | "high" | "medium" | "none" |
| reasons | string[] | Human-readable explanations for the verdict. |
| command | string | The original input command (echoed back). |
| timestamp | string | ISO 8601 timestamp of the scan. UTC. |
TEOS Sovereign Sentinel is designed for environments that require provable, deterministic security decisions. Key compliance properties:
Same input always produces the same output. No randomness. No model drift. Fully reproducible for auditors.
All 121 Active Governance Controls, 596 test cases, and audit schemas are available as static JSON. Anyone can verify engine behavior.
Every scan decision is logged with timestamp, rule, score, and verdict. Rotating store capped at 500 entries.
Audit logs exportable as CSV or JSON. Compatible with SIEM ingestion and compliance review workflows.
Zero ML inference. No training data, no model weights, no probabilistic outputs. Pure pattern matching.
Engine version reported in every endpoint. Rule updates are additive — existing patterns are never silently changed.
Governance controls for payment rails, banking operations, and regulated financial environments. Every rule is deterministic, auditable, and publicly inspectable.
Real public-alpha adoption metrics. Updated manually. All numbers represent real Telegram bot interactions since alpha launch.
Importance: Every metric, even zero, is honest. Full report: CLOSED_ALPHA_REPORT.md Next update: Tracked in teos-sentinel-shield
Found a bypass? We reward responsible disclosure. If you can craft a command that matches a threat pattern but gets an ALLOW verdict, report it.