Skip to main content
ARCNAT
How It WorksDocumentationSecurityContact
Sign inSign upDashboardGet Started
ARCNATARCNAT

Legal & Privacy

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Security

Architecture

  • Architecture Overview
  • API Documentation

Documentation

  • Documentation

Contact

  • Contact
  • Support

ARC-OS: Evidence-first operating system for regulated environments

Built for organizations where mistakes are not forgiven and proof is required years later. Vendor-neutral architecture. Deterministic replay. Complete audit trails.

Privacy•Terms•Cookies

© 2026 ARC-OS. All rights reserved.

System Architecture

ARCNAT Architecture

An operating kernel designed for regulated environments.
Evidence-first. Deterministic. Vendor-neutral.

Full Technical DocumentationRequest Architecture Brief

The 7-Pillar Architecture

Seven foundational pillars that ensure ARCNAT operates with deterministic proof, vendor neutrality, and long-term survivability.

1. Canonical Spine

Single source of truth for all data
Complete data model with 20+ entity categories
Tenant isolation at database level (RLS)
Event sourcing with outbox pattern
Digital twin for plan state representation

2. Event Backbone

Kafka-driven event streaming architecture
Immutable event log for audit trail
Outbox pattern for reliable delivery
Event schema registry
Workflow event correlation

3. Policy Engine

Single canonical policy-as-code system
ABAC (Attribute-Based Access Control)
Entitlement management
Tier enforcement
Hard-stop policy gates

4. Agent Runtime

MCP-gated AI agents with proof-gated orchestration
29 specialized AI agents
Model Context Protocol (MCP) gates
Multi-agent collaboration
Proof-gated orchestration

5. Experience Surfaces

Multiple interfaces for different user types
Internal UI (Next.js App Router)
PSL (Plan Sponsor Link) portal
GraphQL API with subscriptions
REST API v1

6. Ops Intelligence

Full observability and monitoring
OpenTelemetry tracing
Structured logging
Metrics collection
Agent evaluation and monitoring

7. Platform Reliability

Multi-region disaster recovery and graceful degradation
Multi-region disaster recovery ready
Health check endpoints
Graceful degradation
Cost-efficient design

Core Architectural Principles

The design decisions that make ARCNAT suitable for regulated environments.

Evidence-by-Default

Every decision produces proof. Every workflow step generates evidence. Every agent action is logged. Evidence is bundled automatically, sealed, and export-ready for audits, litigation, and regulatory defense.

  • Immutable event logs
  • Automatic evidence bundling
  • Legal hold and redaction support
  • Deterministic replay capability

Vendor Neutrality

Vendors are adapters. The kernel never changes. When you switch vendors, integrations, or AI models, your evidence, workflows, and data remain intact. The architecture survives vendor changes.

  • Model/provider abstraction layer
  • Adapter pattern for integrations
  • Portable evidence format
  • Kernel-vendor separation

Deterministic Replay

Reconstruct any outcome from the past. Given inputs, rules, approvals, and timestamps, ARCNAT can replay any workflow deterministically. Essential for audits, litigation, and proving correctness years later.

  • Event-sourced architecture
  • Immutable state snapshots
  • Rule versioning
  • Complete audit trail

Canonical Truth

One data spine. One workflow truth. One evidence truth. No synchronization issues. No data conflicts. No ambiguity about what happened or why.

  • Single source of truth
  • Event-driven state updates
  • Digital twin representation
  • Consistent data model

AI & Agent Architecture

Proof-gated orchestration ensures AI autonomy is compatible with regulated environments.

Proof-Gated Orchestration

AI proposes, ARCNAT proves and enforces

Deterministic Calculation Services

Source of truth - LLM cannot be the calculator. All financial calculations use deterministic services.

Hard-Stop Policy Gates

Can block execution - cannot be bypassed. Policy enforcement happens before execution.

Event-Native Evidence

Automatically collected from event streams. No manual evidence gathering required.

Model/Provider Abstraction

Vendor-neutral, portable evidence. Switch AI models without losing evidence.

29 Specialized AI Agents

Each agent has a specific responsibility:

  • Workflow orchestration agents
  • Compliance testing agents
  • Document processing agents
  • Data extraction agents
  • Risk assessment agents
  • And 24 more specialized agents

Multi-Model Support

18+ LLM models supported:

  • GPT-5.2, Claude 4.5, Gemini 2.5
  • 17 reasoning patterns
  • Advanced RAG systems
  • Knowledge graphs
  • Predictive analytics
  • Model Context Protocol (MCP)

Security & Compliance Architecture

Built for environments with zero tolerance for failure.

Zero-Trust Security Model

Every access verified, every action logged
RBAC / ABAC enforcement
End-to-end encryption
Row-level security (RLS) for tenant isolation

Compliance-Ready Exports

Evidence bundles (sealed and export-ready)
Audit reports with deterministic replay
Regulatory filings (formatted and sealed)
Legal hold and redaction support

Explore the Full Architecture

For detailed technical documentation, API references, database schemas, and implementation guides, see the complete architecture documentation.

View Full DocumentationRequest Architecture Brief