Velar is an innovative local HTTP/HTTPS proxy designed to protect sensitive data during AI interactions. It detects and masks PII or secrets before requests reach AI providers, while restoring original values in responses. With 100% local processing, no data is sent externally, ensuring complete control and compliance.
Velar is an innovative local HTTP/HTTPS proxy designed for AI traffic, equipped with Man-in-the-Middle (MITM) support. Its primary objective is to enhance privacy by preventing sensitive data from being transmitted to AI providers. By detecting and masking Personally Identifiable Information (PII) and other secrets before they leave the machine, Velar significantly reduces the risk of unintended data leaks.
Key Features
- Local Processing: All operations are performed on the local machine with no external data analysis or logging, ensuring maximum privacy.
- Sensitive Data Detection: Effectively identifies common PII such as emails, phone numbers, and names, as well as critical secrets including cloud credentials and private keys.
- Data Masking: Sensitive information is replaced with deterministic placeholders (for example,
alice@company.combecomes[EMAIL_1]), maintaining the functionality of your applications. - Seamless Integration: Works as a proxy between applications and AI providers, allowing developers to continue using tools without interruption while safeguarding sensitive data.
- Local Notifications: Sends notifications for important proxy and sanitization events on macOS.
- Streaming Compatibility: Designed to handle streaming requests without disrupting data flow.
- Performance Monitoring: Offers capabilities for tracking latency and request performance metrics.
Workflow Overview
The operation of Velar can be summarized in a straightforward sequence:
- Intercept Requests: Velar captures outbound requests sent by applications.
- Detect Sensitive Data: Utilizes configured rules to find and mask sensitive information.
- Mask Values: Places sensitive data in placeholders before forwarding requests.
- Sanitize Requests: Sends these sanitized requests to the intended AI provider.
- Restore Values: Original values are restored in responses, ensuring that applications function as intended.
- Notify Events: Key activities trigger local notifications.
Example Transformation
Below is a brief illustration of how Velar transforms a request:
{
"messages": [
{"role": "user", "content": "Contact me at alice@company.com"}
]
}
Behavior:
- Sensitive information is detected and masked:
alice@company.combecomes[EMAIL_1]. - Responses are restored, and local notifications are triggered if enabled.
Configuration and Usage
Velar offers a configurable setup through a simple YAML file, allowing users to specify proxy ports, logging, notification preferences, and more. Users can monitor proxy activity using CLI commands to keep track of request activity and performance.
Future Development
The roadmap for Velar includes enhancements such as broader secret detection capabilities, integration with advanced PII detection technologies, and the introduction of a local dashboard for better visibility and debugging.
In a landscape where data privacy is increasingly critical, Velar stands out as a robust solution for developers looking to leverage AI securely.
No comments yet.
Sign in to be the first to comment.