Skip to main content

Security

Your AI infrastructure should never leave your control.

Our Security Philosophy

We reject the cloud-first model that dominates modern AI tooling. Instead, we embrace a local-first, zero-trust architecture where your models, adapters, and inference workloads remain entirely on your hardware.

When your AI runs locally, your attack surface shrinks to your own machine. You eliminate entire categories of risk: data exfiltration, man-in-the-middle attacks, vendor compromise, and unauthorized access through cloud provider vulnerabilities.

Data Sovereignty

Your models. Your hardware. Your control.

No Data Leaves Your Machine

Every adapter, every model weight, every inference request stays on your local system. We do not upload, sync, or backup your data to any external service.

No Vendor Lock-in

Your adapters are stored in standard formats on your local filesystem. You can inspect, copy, move, or delete them using any tool you choose.

No Hidden Dependencies

We do not require cloud accounts, subscription validations, or license servers. Once installed, AdapterOS operates entirely independently.

Encryption

At-Rest Encryption

All adapters managed by AdapterOS are encrypted when stored on disk using AES-256-GCM, providing both confidentiality and integrity verification. Adapter files on disk are never stored in plaintext.

User-Controlled Keys

You control your encryption keys. AdapterOS supports multiple approaches:

  • Passphrase-Derived Keys — Argon2id key derivation tuned for Apple Silicon
  • Hardware-Backed Keys — Secure Enclave integration on supported systems
  • Bring Your Own Key — Import from existing key management infrastructure

We never have access to your keys. There is no key escrow, no recovery backdoor, and no master key.

Local Execution Guarantees

No Telemetry

Zero analytics SDKs, no usage tracking, no crash reports. Your workflow is not our data product.

No Cloud Dependencies

No auth servers, no license validation, no update callbacks. Every byte runs locally.

Offline Operation

Fully functional without network. Airplane mode compatible. Your work never stops.

Audit & Compliance

Comprehensive audit logging of all adapter operations in structured JSON format. Logs include creation, modification, deletion events, model operations, and configuration changes.

Role-based access control, immutable audit trails, and air-gapped deployment support satisfy requirements for SOC 2, HIPAA, and data residency regulations.

Open Architecture

All network activity uses standard protocols you can monitor with conventional tools. Adapter storage formats, configuration files, and log structures are fully documented. Build from source to verify distributed binaries match published code.

Responsible Disclosure

If you discover a security issue in AdapterOS, we want to hear from you.

Contact us at security@adapteros.com with a description of the vulnerability, steps to reproduce, and potential impact. We acknowledge receipt within 24 hours and provide initial assessment within 72 hours.

We do not pursue legal action against security researchers acting in good faith.