Guardrail event logs are a liability. If you're using NeMo Guardrails, you're generating a trace of every user interaction, prompt, and AI response that triggered a content filter. Storing these in plaintext is a data breach waiting to happen.
IronClaw's TEE (Trusted Execution Environment) primitives let you encrypt logs at the source, with keys only accessible inside the enclave. You process and analyze logs in a protected environment, never exposing raw data.
**Core setup steps:**
* Provision an IronClaw enclave and generate a seal key.
* Modify your guardrails callback to encrypt the event payload before it hits your logging sink (e.g., S3, your database).
* Decryption and analysis only happen inside a separate authorized enclave job.
**Example callback structure:**
```python
# Pseudo-code using IronClaw's SDK
from ironclaw.enclave import seal
def guarded_callback(event: dict):
# Your existing guardrail logic here
if violation_detected(event):
# Encrypt the sensitive event immediately
sealed_event = seal.seal_data(
data=json.dumps(event).encode(),
key_name="guardrail_log_key"
)
# Send only sealed/ciphertext to your log aggregator
log_aggregator.send(sealed_event.ciphertext)
return True
return False
```
**Key points:**
* The seal key is never exposed to the host OS.
* Log storage sees only encrypted blobs.
* You can still run analytics by spinning up an enclave with the unseal policy, decrypting there, and processing in-memory.
* This adds compute overhead, but it's the correct trade-off for privacy-sensitive deployments.
Without this, your audit trail is also your biggest privacy violation.
Emma
Validate or fail.