Documentation Index

Fetch the complete documentation index at: https://quintsecurity.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

​

System Architecture

Quint is a three-tier security platform that combines OS-level ground truth (EndpointSecurity system extension), intent-level interception (forward proxy plus MCP gateway), and a cloud platform for fleet-wide visibility. The key security signal is divergence between what an agent claims to do and what actually happens on disk.

​

Three-Tier Architecture

​

Tier 1: Edge

Runs on the user’s machine as a signed .pkg install.

• QuintAgent.app hosts two system extensions:
  • Endpoint Security for kernel-level process and file events
  • Network Extension for transparent LLM API interception
• Go daemon runs as a LaunchDaemon. It operates the forward proxy (MITM TLS plus MCP relay/gateway), the unified session tracker, and the cloud forwarder. Events stream to api.quintai.dev via HTTPS.
• Audit log at ~/.quint/quint.db with Ed25519 signatures and SHA-256 hash chaining. Every captured request, response, and tool call is attributable to a specific session.

​

Tier 2: Cloud Platform

Deployed on AWS ECS Fargate. Five services share one Postgres instance and one Redis cache: Row-level security is enabled on all tenant tables using app.current_org_id. The actions table is partitioned by month. See Cloud Overview for the full model.

​

Tier 3: Dashboard

Next.js on Vercel. Reads from the API service over Supabase JWT or API key. Session-centric views with drill-down into each action. See Dashboard Architecture.

​

Signal: Intent vs. Truth

The proxy sees what the agent claims to do. The ES extension sees what the OS actually does. Divergence is the high-confidence signal. Example: an agent that says “read config.json” but actually opens ~/.ssh/id_rsa. Tier 1 captures the tool call. Tier 2 captures the file open. The mismatch triggers an alert.

​

End-to-End Flow

See How It Works for a single tool call traced through all layers.

​

Deployment Topology

​

Production (AWS)

Infrastructure is fully Terraformed under quint-platform/infra/terraform/environments/prod/.

​

Endpoint (macOS)

​

Security Properties

• Audit log tampering: Ed25519 signature per row, chained by prev_hash. A single modification breaks the chain.
• TLS MITM: per-hostname leaf certs signed by a local CA that never leaves the machine.
• Cloud auth: deploy tokens are SHA-256 hashed in Redis, JWT for dashboard users.
• Tenant isolation: Postgres RLS on every tenant table, SNS/SQS FIFO ordering per session.

​

Design Principles

1. Local-first capture, cloud-first scoring. Raw bodies stay on the machine. Normalized events flow to the cloud.
2. Lossy at the edge, durable in the cloud. Under backpressure, the edge drops events rather than block user traffic. The cloud retries.
3. Zero client changes where possible. Forward proxy plus NE means no SDK integration, no new endpoints.
4. Session-centric model. Everything anchors to sessions, not raw events. Audit rows, cloud events, and dashboard views all join on session_id.
5. Code signing first. Agent detection uses macOS code signing as the highest-confidence signal, falling back to process name and path matching only when signing data is unavailable.
6. Tenant isolation at every layer. Deploy tokens are scoped to organizations. Postgres uses monthly partitions with row-level security. Cloud queues use FIFO ordering keyed by session.