Spec
RelayPlane Governance
When you run agent swarms commercially, for clients, for production systems, for anything that matters, cost tracking alone is not enough. You need provable isolation, verifiable output, a stop button that works in under one second, and an audit trail you can actually hand to an auditor.
This document specifies what governance means at RelayPlane and the four pillars the proxy implements to deliver it.
The four pillars
1. Tenant isolation
Every request is tagged with a tenant identifier. Budgets, rate limits, and credential pools are scoped per tenant. Client A's runaway agent cannot bleed into Client B's budget, ever, by construction.
Credential quarantine: pooled credentials that return two consecutive 401 auth failures are auto-quarantined for one hour. The proxy silently rotates to the next credential in the pool so a single revoked key cannot stall the swarm, and the audit trail records the quarantine event so you know why a credential went quiet.
Configured via: per-tenant policy files. See policy configuration.
2. Spec-match verification
Agents do not mark tasks done. The proxy compares the agent's output against the task specification before the work is accepted. Output that does not match the spec is rejected and the agent retries or escalates.
Why this matters: stops the failure mode where an agent confidently reports success on a task it actually botched. The proxy is the second set of eyes.
3. Kill-switch
One API call halts any tenant instantly. Sub-second response time. Works whether the agent is mid-request, queued, or in the middle of a multi-step plan. Designed for the moment you get a billing alert at 2am or a customer reports something is making decisions it should not be making.
POST /v1/governance/kill { tenant_id }
4. Audit trail
Every request, every decision, every spec-match verdict, every cost line. Exportable as a single signed bundle. When a compliance team or an auditor asks "what did the agents do for Client A in Q2," the answer is a single command.
Audit bundles are local by default, the same as the rest of the proxy. Nothing leaves the machine unless you opt in.
The local-only trust mechanic
RelayPlane runs locally by default. The free tier is the full proxy with all four governance pillars working. Your provider keys, your prompts, your audit data, all of it stays on your machine unless you explicitly enable cloud sync on Pro or Max. You can read every line of code, MIT licensed, and run the entire governance stack without ever sending us a request.
This is the entry point. Try it locally first. Pay only when you want the team-coordination features (network routing intelligence, multi-machine mesh, audit log retention beyond 90 days, approval flows). See pricing for the breakdown.
Implementation details
- Quickstart gets the proxy installed with default governance on in 30 seconds.
- Policy configuration walks through per-tenant budgets, routing, and isolation.
- Budget caps covers per-tenant spend limits and the alerting behavior when a tenant approaches them.
- Explainability covers how the spec-match verifier surfaces its decisions so you can audit them.
Questions about governance scope, audit format, or enterprise compliance asks? Email Matt.