Skip to main content

Encrypted compute layer for AI agents

Project description

NXD

NXD is an encrypted compute layer for AI agents. It wraps fully homomorphic encryption, credential vaulting, and privacy primitives behind a single Python import — so developers can run agents on sensitive data without exposing client records, credentials, or proprietary code to models, clouds, or MCP servers.

Three guarantees

  1. The agent works fully — capability unchanged; scores, matches, charges, and aggregates complete normally.
  2. The agent sees nothing — sensitive values stay encrypted; agents handle opaque tokens and references only.
  3. The operator holds the keys — keys stay local, auditable, and revocable.

Install

pip install nxd

Requires Python 3.10 or 3.11 (Concrete ML FHE dependency).

Quick start

import nxd

# FHE compute on encrypted data
results = nxd.score(model, clients)
matched  = nxd.match(model, record_a, record_b)
average  = nxd.aggregate(model, records)

# Credentials — agent never sees plaintext keys
vault = nxd.Vault(agent_id="billing-agent")
vault.store("stripe_key", "sk_live_xxxx")
result = vault.use("stripe_key", stripe_charge_fn)
vault.audit_log()

# Agent-to-agent encrypted context
handoff = nxd.Handoff()
token = handoff.pack(clients)
scores = nxd.receive(model, token, handoff)

# Code and text privacy before any AI call
protected = nxd.shield(source_code)
original = nxd.unshield(protected)

# Encrypted search, identity, tokenization, PII redaction
index = nxd.build_index(records)
token, hits = nxd.search(index, "diabetes")
nxd.register("user_123", "credential")
nxd.verify("user_123", candidate)
safe = nxd.redact("Patient John Smith, SSN 432-12-6789")
token = nxd.tokenize("4532-1234-5678-9010")

# Documents, channels, state, signatures
nxd.seal("contract.pdf")
ch = nxd.channel("agent-a", "agent-b")
nxd.checkpoint.save("agent-123", state)
nxd.sign("agent-a", "approve payment")

# Privacy analytics, key control, audit
nxd.blur(47230.0, sensitivity=1000, epsilon=1.0)
shares = nxd.split("master_key", n=5, m=3)
locked = nxd.bind(data, recipient="agent-compliance-7")
nxd.audit.verify()

Benchmarks (MacBook Air, Python 3.11, Concrete ML 1.9.0)

Operation Latency Notes
FHE score (1 record) ~183 ms First-call cold start
FHE score (1k records, parallel) 1.6 s 8 cores, ~1.6 ms/record
FHE match (single pair) 352 ms Cross-system comparison
FHE aggregate (1k records, parallel) 1.8 s ~0.009% quantization error
Credential vault use <1 ms Decrypt in memory only
Proof suite 85/85 passed python3 prove.py

What NXD does not protect against

NXD protects credentials and sensitive data from AI providers, model context, and ordinary cloud exposure. It does not remove the need for normal endpoint security and key management discipline.

If your local machine is compromised, master.key can be stolen. NXD protects credentials in transit and keeps them out of agent-visible plaintext, but it does not protect against local machine compromise.

NXD can prevent a model from seeing plaintext inputs. It does not control what a model does with the encrypted or redacted results it receives, so output handling still matters.

NXD uses FHE for specific compute operations such as score, match, and aggregate. It does not run the full LLM context window under FHE. For prompt and code protection, use redact() and shield().

The local master.key model is suitable for development and small deployments. Production systems should use a managed key system such as HashiCorp Vault or AWS KMS. Hosted key management is on the NXD roadmap.

NXD helps protect against external providers and cloud exposure. It does not protect against a trusted operator with physical access, because that operator holds the keys by design.

Current encryption choices are not presented as quantum-resistant. Post-quantum primitives are on the roadmap, but they are not part of the current release.

Development

git clone https://github.com/Nexploraai/nxd
cd nxd
pip install -e ".[dev]"
python3 prove.py
python3 agent.py
python3 demo.py

License

Proprietary — Nexplora Labs. Free to use in projects, but the source may not be modified, redistributed, resold, or used to build a competing encryption or agent-protection product. See LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nxd-0.2.0.tar.gz (25.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nxd-0.2.0-py3-none-any.whl (27.3 kB view details)

Uploaded Python 3

File details

Details for the file nxd-0.2.0.tar.gz.

File metadata

  • Download URL: nxd-0.2.0.tar.gz
  • Upload date:
  • Size: 25.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for nxd-0.2.0.tar.gz
Algorithm Hash digest
SHA256 abea9a5a2625a02cfe0131993b9a90296340609a92de4591be35df2013eb6e64
MD5 3a67727cdad929e35d4b7e25f024093f
BLAKE2b-256 c30c030293f22d283a997f09c8d3800a7f219f12e8d1433328fc8fe37fbc75ab

See more details on using hashes here.

File details

Details for the file nxd-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: nxd-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 27.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for nxd-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b2d7d61ee663607eb2c98bd19048b6dfaf3b3a5988595c134abaeec46493b9f9
MD5 0ad01d7c461e84bc9739a6780bf34e99
BLAKE2b-256 be583ff573fd2faad279016cfe5c6fb34938fc8333f7833ffa769a8b89e47de7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page