Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.aethercitadel.cloud/llms.txt

Use this file to discover all available pages before exploring further.

What is Bharat-Shield?

Bharat-Shield is the verification gate inside Aether Citadel. Every AI response that passes through /v1/intent/verify is evaluated against the original intent signature. If the response doesn’t match the intent — or matches a known attack pattern — Bharat-Shield blocks it before it reaches your users.

What It Blocks

ThreatHow Bharat-Shield Stops It
Replay attacksTTL on every intent hash — expired signatures are rejected
Intent spoofingResponse must cryptographically match the original intent hash
Hallucination injectionResponse payload is verified against the signed context
Session hijackingIntent hash is single-use — can’t be reused across users
Man-in-the-middleHMAC-SHA256 on the response chain — tampering detected

The Verification Flow

generate_intent() → intent_hash (signed, expires in TTL)

                         ├── attached to AI request as X-Intent-Hash

              AI responds with ScaleResponse


             verify_response(response, original_intent_hash)

              ┌──────────┴──────────┐
              │   Bharat-Shield     │
              │                     │
         CLEARED               BLOCKED
              │                     │
       payload served         403 returned
       to user                to caller

Verdicts

When you call /v1/intent/verify, you get one of two verdicts:

Cleared

{
  "cleared": true,
  "reason": null,
  "payload": { "text": "AI output here..." }
}
The response is legitimate. Serve it to the user.

Blocked

{
  "cleared": false,
  "reason": "ExpiredIntent",
  "payload": null
}
The response was rejected. Do not serve it. Log the reason for your own audit trail.

Block Reasons

ReasonMeaning
ExpiredIntentThe intent hash TTL has passed
HashMismatchResponse doesn’t match original intent
SignatureInvalidHMAC verification failed — potential tampering
ReplayDetectedIntent hash was already used
MissingFieldsRequired fields absent from the response

India-First Design

Bharat-Shield is tuned for Indian AI workloads:
  • DPDP Act alignment — blocks responses that would expose personal data patterns
  • Low-latency verification optimised for India AWS/Azure regions
  • Hindi/regional language semantic context supported in intent classification
  • UPI / fintech intent classes (finance, commerce) with stricter thresholds

What Bharat-Shield Doesn’t Do

To be clear about scope:
  • It does not moderate AI content (offensive language, toxicity)
  • It does not rate-limit individual users (that’s your app’s job)
  • It does not store the AI output anywhere — verification is stateless
  • It does not make AI decisions — it only verifies integrity