This page is written for the engineer your CXO asks to check us out. Sections per 06-WEBSITE-AND-PRICING §4.
Two halves with a deliberate boundary:
┌──────────────────────────────────┐ ┌──────────────────────────────────────┐
│ YOUR DEVICE / POD │ │ JARVIS CONTROL PLANE (our SaaS) │
│ agent runtime · model gateway │ Tailscale/ │ ingest (verify sig + chain) │
│ local Postgres (memory, RAG, │────mTLS────▶│ fleet registry · policy studio │
│ documents, local audit) │ metadata │ cost analytics · anomaly engine │
│ governance daemon (signs every │ only* │ dashboards · approvals · alerts │
│ action; enforces policy) │ │ │
└──────────────────────────────────┘ └──────────────────────────────────────┘
* at the default telemetry dial
No public inbound ports on the device. Management traffic rides the tailnet; each device is ACL-tagged so it can reach only our ingest endpoint — never another customer's device.
Controlled by the telemetry dial, enforced on-device (client-side) before anything is sent:
| Dial setting | Leaves the device | Never leaves |
|---|---|---|
| metadata (default) | Action class, tool name, timestamps, cost, autonomy level, hash-chain headers, success/failure | Message bodies, document content, recipient lists, API keys |
| redacted | Metadata + redacted summaries (entities masked) | Raw content, API keys |
| full (explicit opt-in) | Metadata + action summaries for richer audit search | API keys — never, at any setting |
Your AI provider keys are entered by you, on your device, during onboarding. They are stored encrypted in the on-device model-gateway vault, are never transmitted to Demystify, never appear in logs or telemetry (CI-enforced scrubbing), and per-agent budget caps are enforced at the gateway.
Demystify support access to your tenant is scoped, time-boxed, requires a recorded reason, and emits a customer-visible audit event. You can see every access we ever made in your dashboard's support-access log. Our own support actions are hash-chained too.
| DPDP concern | Jarvis posture |
|---|---|
| Data fiduciary | You — your business data stays on your device/pod. |
| Data processor | Demystify, for governance telemetry only (metadata by default, minimizing scope). |
| Consent | Telemetry dial and channel communications consent captured at onboarding. |
| Breach notification | 72-hour internal SLA runbook. |
| Grievance | Grievance contact published on this site. |
Full DPA template available on request (DRAFT — pending legal sign-off).
Found a vulnerability? Email security@dmstfy.com. We acknowledge within 48 hours, commit to a fix timeline within 7 days, and credit researchers who report in good faith. Critical agent-runtime CVEs are patched fleet-wide within 72 hours of disclosure. DRAFT — policy text pending sign-off
The on-device stack is open source and inspectable. We only ship components under Apache-2.0/MIT-class licenses; local models are Apache-2.0 or MIT only. The full SBOM (generated per release) is published here alongside each golden-image version.
| Component | Role | License |
|---|---|---|
| Agent runtime (OpenClaw) | Agents + chat channels | OSS (see SBOM) |
| Org/governance layer (Paperclip) | Org chart, budgets, approvals | OSS (see SBOM) |
| Model gateway (LiteLLM) | BYOK routing, budget caps | OSS (see SBOM) |
| PostgreSQL + pgvector | Memory, RAG | PostgreSQL / OSS |
| jarvis-agent-sdk | Signing, hash chain, policy gate | Apache-2.0 |