A co-scientist you can trust with clinical and proprietary data
A research co-scientist is only useful if it's safe with your data. Nadhi works next to your files on your machine; only the prompt and the relevant excerpts go to the frontier model for inference, and no user data is collected or stored. Below is the honest technical detail of the data path and the compliance controls, including exactly what does and does not leave your device.
1. Access Control via Hardware License
HIPAA §164.312(a), Technical Safeguards
🔑 Hardware-Bound License Key
On first launch, Nadhi activates with a single license key. The key is bound to the machine's SHA-256 hardware fingerprint (CPU model, machine UUID, MAC address) so it cannot be reused on another device. No accounts, no passwords, no cloud login, activation puts the user straight into the dashboard.
🔐 Encrypted Local License Cache
The activated license is stored locally in ~/.agentos/license.dat, XOR-encrypted with the machine's hardware ID so a copied file cannot be redeemed on a different PC. The license is re-validated against the server on a 15-minute interval (with a short offline grace window) so revoked or expired keys are cut off in-session.
🖥️ One-Machine, One-User Model
Every license is one machine, one user, there are no shared credentials, no multi-tenant accounts, no password reset flows to phish. Physical control of the PC is the access boundary, which matches how clinical and research workstations are actually administered.
🛑 Server-Side Revocation
Licenses can be revoked centrally on the issuing server. Once a key is revoked, the next periodic check fails closed: the runtime stops, the dashboard re-gates, and the encrypted cache is wiped, even if the user pulls the network cable.
2. Audit Controls
HIPAA §164.312(b), Audit Logging & Monitoring
Tamper-Proof HMAC Chains
Each audit entry is cryptographically chained, the integrity hash of every entry includes the checksum of its predecessor. Any modification triggers an irreversible chain collision alert.
File-Level Verification
A separate HMAC file (.hmac extension) is maintained independently from the audit data. Integrity validation runs automatically on every system load.
On-Demand Integrity Validation
Administrators can invoke a one-click "Verify Integrity" button from the dashboard that performs root-to-tip HMAC chain verification across the entire log dataset.
Comprehensive Metadata
Every log entry captures: Event ID, UTC timestamp, severity, source, category, data classification (PHI/Confidential/Internal), authenticated actor, session ID, outcome, and per-row integrity hash.
Compliant Export
Audit logs can be exported as CSV or native PDF documents directly to disk. PDF reports include compliance headers, data classification summaries, severity breakdowns, and report-level integrity hashes.
3. Encryption & Data Integrity
HIPAA §164.312(c)(e), Data Protection
| Layer | Method | Details |
|---|---|---|
| License Cache | XOR + Hardware ID | Local license.dat encrypted with the machine's SHA-256 hardware fingerprint. Non-portable across devices. |
| Audit Logs | AES-256-GCM | Encrypted at rest in audit-log.enc. HMAC integrity validation. Legacy plaintext auto-migrated. |
| License API | TLS 1.2+ | All external license verification requests transmitted over HTTPS. |
| Native Execution | Process Isolation | Agent runs entirely via native TUI and tool calls. Restricted system-level access to host PC. |
4. Native Agentic Execution Environment
Defense-in-Depth Architecture
Unlike generic AI agents that execute directly on the host operating system with full unbounded permissions, Nadhi runs its entire AI stack via a native TUI, utilizing robust agentic tool calls to ensure secure operations.
Controlled Host Access
The AI accesses the host system strictly via permitted agentic tool calls.
Network Isolation
Networking is strictly port-forwarded or managed. No unapproved outbound access.
Ephemeral Sessions
The agent memory can be stopped and fully cleared from Settings at any time.
5. GDPR & DPDP Act Compliance
Data Protection by Design
Data Protection by Design
All proprietary data is processed locally. No cloud transmission, no third-party processing. The architecture inherently satisfies data minimization and purpose limitation.
Records of Processing
Comprehensive, tamper-proof audit logs document every processing activity with timestamps, actors, and data classification markers.
Security of Processing
AES-256-GCM audit-log encryption, hardware-bound license activation, server-side revocation, and secure native execution collectively implement appropriate technical and organizational measures.
Right to Erasure
The "Clear Session Data" function in Settings allows complete deletion of all proprietary data and session information.
Corporate NDAs
Local-only processing ensures no cross-border data transfer. The organization retains full control over all confidential data at all times.
Data Gateway Disclaimer
Crucial Rules for Telegram & WhatsApp Integrations
Highly Sensitive Clinical or Proprietary Information MUST NOT be transmitted via Telegram or WhatsApp.
While the connection between Nadhi and messaging gateways is TLS encrypted, third-party messaging platforms process and store attachments on their cloud servers. Telegram and WhatsApp do not sign strict NDAs or data processing agreements for standard bot usage.
Permitted Usage: Messaging gateways may be used for scheduling, non-sensitive communication, and transferring de-identified/anonymized data or generic research files.
Restricted Usage: Uploading raw clinical trial data, unredacted proprietary reports, or any documents containing sensitive IP via third-party messaging apps constitutes a compliance violation. Sensitive files should be imported directly through the Nadhi desktop application, which keeps the files on your disk and never uploads them wholesale to any third party.
How model inference works (be precise with your IRB): Nadhi reads files locally, but to reason over them it sends the prompt and the relevant excerptsto the frontier model provider for inference over an encrypted channel. No user data is collected or stored by Nadhi, and files are never uploaded in bulk, but this is cloud-assisted inference, not fully on-device processing. For workloads that cannot send any content off-device, a fully air-gapped, on-device deployment for institutions is in development, contact us before processing restricted data.