Skip to content

FAQ

Jump to bottom
Akshay Sharma edited this page Mar 14, 2026 · 2 revisions

๐Ÿ› ๏ธ Kavach Technical FAQ

The definitive guide to the architecture, security, and protocols of the Kavach Firewall.

๐Ÿ“‚ Table of Contents

  1. Core Architecture
  2. The Phantom Workspace
  3. Zero-Cloud Privacy
  4. The Turing Protocol
  5. OS Warnings & Security

๐Ÿ—๏ธ Core Architecture

Is Kavach a Sandbox or a Firewall? (Click to expand)

Kavach operates as a hybrid security layer. While a traditional firewall blocks network traffic, Kavach blocks unauthorized state changes.

It utilizes low-level Rust OS hooks to monitor file system events and process spawns in real-time, acting as a tactical gatekeeper between your AI agent and your Kernel.

๐Ÿ‘ป The Phantom Workspace

How does it actually work? When an agent is flagged as Untrusted, Kavach utilizes Dynamic Path Redirection.

Feature Description
The Intercept If the agent attempts to write to C:/Projects/..., Kavach catches the syscall.
The Redirect The write is moved to a hidden directory: AppData/Local/Kavach/Phantom/.
The Spoof The agent receives a "Success" signal from the OS, unaware it's been ghosted.

Tip

This allows you to "test" an AI agent's destructive potential without risking your actual production code.

๐Ÿ”’ Zero-Cloud Privacy

Does Kavach send any of my data to the cloud? No. Kavach is built on a Zero-Cloud Architecture.

  • Local Storage: All telemetry and file caches are stored in an encrypted SQLite database on your disk.
  • Offline First: The app requires zero internet connection to protect your machine.
  • Open Source: You can audit exactly where every byte of your data goes.

๐Ÿง  The Turing Protocol

How do you stop an AI from clicking "Approve" on its own alerts? Modern multimodal AI can "see" your screen. Kavach counters this with:

  1. Synthetic Input Blocking: Our Rust backend rejects all input events flagged as LLMHF_INJECTED.
  2. Visual Blinding: The UI uses adversarial noise patterns. It's readable to you, but looks like "static" to an AI vision model.

โš ๏ธ OS Warnings & Security

Why is the installer flagged by Windows or macOS? This is a False Positive. Because Kavach monitors other processes, OS security identifies this as "suspicious" for an unsigned binary.

  • Windows: Click More Info -> Run Anyway.
  • macOS: Go to System Settings -> Privacy & Security -> Open Anyway.

๐Ÿ›ก๏ธ Kavach Wiki

๐Ÿ”— Resources

Status: PERIMETER SECURED

Clone this wiki locally