Privacy & data handling

Aithernet is built around data minimization and explicit consent. Telemetry is consent-gated, identifiers are pseudonymized with a model that fails closed, and credentials are never bundled into packages or printed in diagnostics.

This page describes the product's privacy model and engineering controls. It is not a contract or a legal compliance certification. The binding policy text for early access is presented for acceptance inside the authenticated portal.

Telemetry & consent

Telemetry to the hosted control plane is consent-gated and data-minimized — bounded heartbeats, fleet health and the summaries required to operate the service.
Node heartbeats are signed and outbound-only. A node opens no inbound ports and never exposes its local API to the Internet.
Local mission data, captures and artifacts stay on the node unless an operator explicitly exports or ingests them.

Pseudonymization & deletion

Where identifiers are processed for ingestion or dataset lineage, they are pseudonymized using an environment-secret-backed HKDF-SHA-256 derivation. When the required secret is absent, the operation fails closed rather than emitting raw values.
Consent, export, ingestion, dataset lineage and deletion are tracked deterministically and are inspectable with aithernet data ….
Deletion is explicit and recorded.

Credentials & secrets

Aithernet never bundles or transmits provider or platform secrets:

No agent-provider credentials (e.g. coordinator/coding-agent API keys), Google OAuth tokens, node private keys, release signing keys, session secrets or ingestion keys are ever placed in a package, image or this website.
Diagnostics are sanitized: raw tokens, keys and full local filesystem paths are not printed.
Provider credentials, when configured, are stored locally with restrictive permissions and are never copied into arbitrary files.
The portal records bounded node readiness state — it does not upload credentials, raw environment variables, provider tokens or private-key paths.

Secondary archival

Optional encrypted secondary archival (for example backups, ingestion archives and approved RF artifacts) is intended to be operator-enabled and encrypted. It is not connected in early access, and Aithernet does not automatically upload raw continuous RF recordings.

Contact

Privacy questions and data requests: adityapawar@aithernet.online.

Early access is invitation-only and non-production for qualification purposes. Nothing here implies a completed third-party compliance audit.