About

Why we built Tether.

The shape of the AI-egress problem on the developer machine, the moment that convinced us the existing controls would not close it, and the 90-180 day cut of what we are building next.

Rules don't work on
a generative surface.

The deeper problem under the visibility one is that rules don't work on a generative surface. Regex DLP, allowlists, signature scanners — these were built for an enumerable world. Developers using AI tools don't paste literal SECRET_KEY=; they paraphrase, refactor, brainstorm. There is no regex for "is this an exfil attempt?"

The dev-machine layer was the right place to close the gap because that's where the request still has the prompt body and the identity attached. Cloud proxies you can walk around are policy documents with a certificate attached.

Four positions we are willing to defend.

01

The moat is execution and integration depth — not patents.

The internal patent review concluded that "the earlier 'highly likely to be patentable' framing does not hold" — streaming-guardrail prior art (Judgment-to-Interference, SentGuard, Streaming-VR, WitnessAI, Solo.io agentgateway, Protecto) densely occupies the space. The real moat is the working loopback proxy with cryptographic policy receipts, the local-judge hardware ladder, the per-tenant deploy, and the SIEM/SCIM/posture-export depth a CISO can put into an existing stack in an afternoon. docs/reviews/SUMMARY.md

02

Every enforcement decision is cryptographically verifiable after the fact.

Every response carries X-Tether-Policy-Version. Every event and judge review stamps the active version. An auditor pulls the signed bundle and runs Ed25519 verification offline, against the controls in force at decision time. The auditor does not have to trust Tether to vouch for itself. docs/ATTESTATION.md

03

We do not install a MITM root cert on the developer machine.

The Connect proxy is loopback-bound and does not perform TLS interception. The same corporate CA that decrypts a Cursor call decrypts the developer's banking session — we do not put that into play. Workspace-tier TLS termination is reserved for the future managed VSCodium build, where the user has explicitly accepted a managed-device install. main.go:1-22

04

The judge is additive. The deterministic floor is the floor.

A regulated buyer needs a layer that blocks by policy alone — no model in the path. Tier 0 is that layer. The judge is honest about its tier: Tier 1 sync judge with fail-closed-on-timeout when the operator opts in, or Tier 2 advisory with no path to block the response in flight. We do not collapse those into one sentence to make the pitch cleaner.

Three things on the next 90–180 day cut.

4–8 WEEKS

Managed VSCodium artifact pipeline

Signed installer for macOS / Windows / Linux. Apple notarization, Windows Authenticode, AppImage GPG signing. The workspace daemon is already in production and returns the correct decision today; the missing piece is the CI pipeline that produces a customer-trusted IDE binary. WORKSPACE_BRIDGE.md

SHIPPING WITH GA

Per-request attestation hardening

The chain is live today: event.policyVersion → signed bundle → Ed25519 verify → controls. The next cut is tamper-evident per-version bundle retention — an append-only WORM-style archive for deployments that need full forensic retention. Today's policy-audit.jsonl covers publishes; per-version archival is the remaining gap, shipping with GA. ATTESTATION.md

8–15 DAYS

Overwatch durable stores

Today, Overwatch's events / access-requests / judge-reviews / traffic-sessions live in process memory. A Cloud Run restart loses in-flight state. The 8-15 day plan is SQLite-backed durable stores for the per-request event surface, with SIEM forwarding as the durability path until that ships.

No 2027 dates on this page on purpose. Roadmap beyond 180 days is conversation, not commitment.

For investor inquiries or press: contact@tetherconnect.app. We do not have a deck on this page. We have a 30-minute conversation, the read-only architecture review on master, and a working pilot we will stand up in your environment.

Talk to the people building it.

A 30-minute walkthrough with someone technical. No SDR handoff.

Book a 30-min walkthrough ↗