Security | InferLayer AI — Tamper-Evident LLM Audit Gateway

Architecture

InferLayer is an OpenAI-compatible LLM gateway that sits between your application and the language models that serve it. Requests enter over HTTPS and are authenticated per tenant. The gateway classifies each request by complexity, serves what it can from a semantic cache, routes simpler work to local models and complex work to frontier providers, enforces per-tenant spend limits, and records every request in a tamper-evident audit log.

Security is built around a few principles: authenticate every request, isolate every tenant, encrypt data in transit and at rest, and make the audit trail verifiable rather than merely trusted.

Key controls

API key hashing

API keys are stored only as salted SHA-256 hashes. Plaintext keys are shown once at creation and never persisted — a database compromise does not expose usable keys.

Tamper-evident audit chain

Every request is recorded in an append-only audit log linked by a SHA-256 hash chain. Any retroactive edit or deletion breaks the chain and is detectable on verification.

Multi-tenant isolation

Keys are bound to a tenant at creation. Stats, logs, audit, and budget endpoints are scoped to the requesting key's tenant on every request — cross-tenant access is denied by design.

Encryption

TLS 1.3 protects data in transit. Data at rest is encrypted with AES-256 using AWS-managed keys.

Secrets management

Provider and infrastructure credentials are held in AWS Secrets Manager and delivered to compute via scoped IAM roles — not static files. Access is least-privilege.

Rate limiting & spend caps

Per-key rate limiting and per-tenant spend governance bound abuse and runaway cost before requests reach a model backend.

Data handling

Prompts and responses are processed in the request path and logged for audit, billing, and dispute resolution. Logs are encrypted at rest with restricted IAM access. We do not use customer prompt content to train models, and we do not sell data. For full detail on what is collected and retained, see our Privacy Policy.

Requests classified as complex may be routed to frontier providers (such as OpenAI or Anthropic), which then process that prompt under their own terms. Simpler requests are served by local models and are not sent to third parties.

Deployment options

For customers with stricter data-residency requirements, InferLayer offers a self-hosted (BYOC) deployment in which all prompt and response content, API key material, tenant identity, and audit data remain entirely within the customer's own infrastructure.

Compliance posture

Cryptographic audit-trail integrity available today. Every inference is signed into a tamper-evident hash chain that your auditors can independently recompute — no certification framework required to verify what was billed. The integrity claim is the product, not a future deliverable.

SOC 2 Type I: compliance-automation platform (Drata) selected and pre-positioned; contract activates on conversion of the first paid design partner. Target Type I report: 90 days from activation. Type II observation window begins immediately after.

This sequencing — verifiability shipped, certification gated on revenue — keeps the cryptographic claim defensible without forcing a $60K compliance spend before the product has a paying customer. We are happy to share our current roadmap and the certification timeline with customers under evaluation: contact@inferlayer.ai.

Vulnerability disclosure

We welcome reports from security researchers. If you believe you have found a vulnerability in the Service, please email security@inferlayer.ai with enough detail to reproduce the issue. Please give us a reasonable opportunity to investigate and remediate before any public disclosure, and avoid accessing or modifying data that is not yours during testing. We will acknowledge legitimate reports and keep you updated on remediation.

Contact

General security questions: security@inferlayer.ai. For everything else, reach us at contact@inferlayer.ai.