PRIVATE.ME PLATFORM

xSentinel: AI Model Weight Integrity

Protect billions of dollars in AI intellectual property with information-theoretic security. XorIDA splits model weights across N storage nodes so no single breach exposes reconstructable parameters.

AI / ML COMING SOON XorIDA Powered

Section 01

The Problem

AI model weights represent the most valuable digital assets ever created. A single frontier LLM costs $100M+ to train. Yet these weights sit in centralized storage systems vulnerable to theft, tampering, and insider exfiltration.

Traditional encryption protects weights at rest, but the moment they are decrypted for serving, the entire parameter set is exposed in a single memory space. A compromised node, a rogue employee, or a sophisticated APT can exfiltrate the complete model in one operation.

Model marketplaces face a parallel crisis: when weights are transferred between organizations, no integrity guarantee survives the handoff. A tampered model checkpoint can introduce backdoors, degrade performance, or leak training data through adversarial weight modifications.

The Old Way

Section 02

The PRIVATE.ME Solution

xSentinel splits model weights into N shares using XorIDA over GF(2). Any K shares reconstruct the original weights. Fewer than K shares reveal zero information about the parameters. Per-chunk HMAC-SHA256 ensures integrity.

No single storage node holds reconstructable weights. An attacker must simultaneously compromise K independent nodes to extract the model. Each share is individually meaningless -- information-theoretic security means there is no key to steal, no encryption to break.

Model integrity is guaranteed at every stage: each chunk carries an HMAC tag that must verify before reconstruction begins. A single tampered byte is detected and rejected before any parameter is reassembled.

The New Way

Section 03

How It Works

The xSentinel pipeline processes model weights through chunking, XorIDA threshold splitting, HMAC tagging, distributed storage, verification, and reconstruction. Every stage is auditable and tamper-evident.

Key Security Properties

Information-theoretic confidentiality: fewer than K shares reveal zero bits of model parameters. Per-chunk HMAC-SHA256 integrity: a single tampered byte is detected before reconstruction begins. No encryption keys to manage, rotate, or protect. Security is unconditional -- it does not depend on computational hardness assumptions.

Section 04

Use Cases

AI Infrastructure

LLM Weight Protection

Split frontier model weights across geo-distributed storage. No single datacenter breach exposes the model. Reconstruction requires quorum from K nodes.

2-of-3 minimum

Model Marketplace

Marketplace Integrity

Guarantee that model checkpoints are untampered during transfer between organizations. Per-chunk HMAC verification catches any modification.

tamper-evident

Transfer Learning

Fine-Tuning Security

Protect fine-tuned model weights that encode proprietary domain knowledge. Split adapted layers independently from base model parameters.

layer-aligned

Edge Deployment

Edge Verification

Verify model integrity before loading on edge devices. Reconstruct from multiple sources and validate HMAC before inference begins.

verify-before-load

Section 05

Integration

Quick Start

import { protectModel, verifyModel } from '@private.me/xsentinel';

// Split model weights across 3 storage nodes (2-of-3 threshold)
const shares = await protectModel(modelWeights, {
  n: 3,
  k: 2,
  chunkSize: 1024 * 1024, // 1MB chunks, layer-aligned
});

// Store each share on an independent node
await Promise.all(shares.map((s, i) => storage[i].put(s)));

// Verify and reconstruct from any 2 shares
const result = await verifyModel([shares[0], shares[2]]);
if (result.ok) {
  // result.value contains verified, intact model weights
}

protectModel(weights: Buffer, config: { n: number, k: number }): Promise<Share[]>

Splits model weights into N shares using XorIDA threshold sharing. Each share is tagged with HMAC-SHA256 for integrity verification. Any K shares are sufficient for reconstruction. Fewer than K shares reveal zero information about model parameters.

verifyModel(shares: Share[]): Promise<Result<Buffer>>

Verifies HMAC integrity of each share, then reconstructs original model weights. Returns an error result if any share fails integrity verification. HMAC check always completes before reconstruction begins.

Section 06

Security Properties

Property	Mechanism	Guarantee
Confidentiality	XorIDA threshold sharing	Information-theoretic
Integrity	HMAC-SHA256 per share	Tamper-evident
Availability	K-of-N reconstruction	Fault tolerant
Weight Isolation	Layer-aligned chunking	No cross-layer leakage
Quantum Resistance	No computational assumptions	Unconditional security
DoS Resistance	Regex complexity limits + input validation	ReDoS-proof
Timing Safety	Constant-time pattern matching	Side-channel resistant

Denial of Service Protections

xSentinel implements multiple layers of defense against Regular Expression Denial of Service (ReDoS) attacks and resource exhaustion.

REDOS PREVENTION

Regex Complexity Limits: All user-supplied patterns (layer names, metadata filters, search queries) are validated against complexity bounds before execution. Nested quantifiers, excessive backtracking paths, and catastrophic patterns are rejected.

Linear-Time Engines: Critical path operations use RE2-compatible non-backtracking regex engines that guarantee O(n) time complexity relative to input size. Exponential backtracking is structurally impossible.

Input Length Validation: Model layer names, chunk identifiers, and metadata fields are bounded to reasonable maximums (256 bytes per field). Oversized inputs are rejected before pattern matching begins.

Resource Sandboxing: Regex-heavy operations (metadata search, layer filtering) execute in isolated worker contexts with strict CPU time limits. Runaway operations are terminated before system-wide impact.

Timing Side Channel Mitigations

Share verification and reconstruction operations execute in constant time to prevent information leakage via timing analysis.

CONSTANT-TIME GUARANTEES

HMAC Verification: Share integrity checks complete in constant time regardless of where mismatch occurs. Early-exit timing leaks are eliminated via full-width comparison.

Share Index Validation: Range checks and type validation execute in fixed time. Invalid indices do not trigger early returns that could leak index values via timing.

Reconstruction Paths: XorIDA reconstruction executes the same number of GF(2) operations regardless of share content or intermediate values. No data-dependent branching in hot paths.

Error Responses: All failure modes (invalid share, HMAC mismatch, insufficient shares, malformed metadata) return after the same fixed delay. Timing differences do not reveal error type to remote attackers.

Performance Impact

Security hardening introduces minimal overhead. Regex validation adds ~50µs per pattern. Constant-time HMAC verification adds ~200µs per share (negligible compared to network I/O). Total overhead for a typical 3-share reconstruction: <1ms.

Tests

94%

Coverage

Modules

Runtime Deps

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xSentinel?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xSentinel generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xsentinel
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xSentinel is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →