Glossary · ironclad-tier

Ironclad tier

Definition

Ellul's hardened security tier. Each agent runs inside an isolated VPS image with LUKS2-encrypted persistent storage, a locked-down init chain that disables `su` after provisioning, kernel-level ptrace restrictions, and seccomp/AppArmor profiles around every adapter. The agent has no path to its own credential broker, the host network, or other tenants' data.

Context

The Ironclad tier is the basis of Ellul's claim that the agent cannot leak credentials even if it tries. The guarantee is enforced at multiple kernel layers, not just by application logic. Full Ironclad applies to paid plans; a partial Ironclad mode applies to free / hobby tiers with looser network egress rules. The tier is set at provisioning time and cannot be changed without re-provisioning.

Also known as

Ellul Ironcladironclad modehardened tierfull ironcladpartial ironclad

Related terms

Sovereign Shield →
Agent workstation →
Passkey approval →