VeilNet Guardian

VeilNet Guardian Server

VeilNet Guardian is a stateful API server designed specifically for authentication, identity, and control, rather than generic request–response workloads.

Unlike conventional stateless API services, Guardian maintains persistent, security-critical state across all instances. This statefulness is intentional and essential: it allows multiple Guardian instances to operate cooperatively, sharing awareness of recent actions and decisions.
By maintaining synchronized state, Guardians can coordinate activities such as VeilNet IP allocation, session intent, and command issuance, ensuring consistency and correctness across the system.

Guardian is implemented as a dedicated microservice with a strictly bounded responsibility:

• It authenticates users, and Conflux instances
• It issues secure remote commands to authenticated Conflux instances from the user

Importantly, Guardian does not participate in network management or data forwarding.
It has no visibility into traffic flows, routing decisions, or encryption keys. All networking logic remains fully decentralized and is handled by VeilNet Conflux itself.

By separating identity and control from transport and routing, VeilNet ensures a clean security boundary: Guardian establishes who is allowed to join the network, while the network autonomously determines how communication occurs.

This design allows Guardian to serve as a trusted control anchor—stateful, auditable, and policy-aware—without becoming a central network controller or single point of failure.