The Gauntlet

Every candidate address runs the Gauntlet before it can ever serve your traffic: five typed gates, in order. Each gate either passes the IP or drops it with a specific reason. A drop is structured data — Drop { gate, reason } — not an error path. The reject pile is enormous, and that is the entire point.

5 gates. 0 mercy. Most IPs never make it.

The five gates

Gates run in a fixed order, and Integrity runs first on purpose — it establishes the real identity of the address that every later gate and the score then reason about.

01IntegrityRe-resolves the exit’s ASN and country from an independent database — never trusts the supplier’s claimed ASN — then enforces the country’s golden-ASN allowlist and catches datacenter / cloud / VPN ranges.enforced

02FingerprintPassive p0f OS classification. A residential OS class (Windows, macOS, iOS, Android) earns the Authentic seal; a server-shaped stack does not.enforced

03ReputationHard-drops any address present in the RAM-resident blacklist snapshot — spam, abuse, and known-bad lists.enforced

04ExposureScans open ports and InternetDB tags. Remote-access ports (22, 23, 3389, 5900) and tags like cloud, vpn, tor, proxy, compromised, honeypot, c2, malware, scanner, or bot are incompatible with a clean residential exit.enforced

05OracleA machine-learning scorer. It is built and trained, and it records features on every candidate — but it is not yet wired into the gate path, so it does not filter today. When it is activated it will join as the final gate.trained · not yet active

What the Oracle does today

The Oracle gate currently passes everything — it observes and emits features for model training but takes no part in the pass/drop decision. We call it a five-gate Gauntlet because the seam is built and the model is trained; we will not pretend it is filtering your traffic until it actually is. Four gates enforce today.

Why Integrity is the one that matters most

A reseller can buy a datacenter block and claim it’s residential; a supplier can silently reroute an exit through a datacenter the moment the cheap residential path degrades. Integrity ignores the claim and re-derives ASN and country from an independent database on every check. If the resolved ASN isn’t on the target country’s golden allowlist — or the IP falls in a known datacenter, cloud, or VPN range — the node is dropped. That single “never trust the claimed ASN” rule is the product in one line.

Purity, Grade & Seals

A node that survives the Gauntlet ships with a verdict: a re-derivable evidence trail you can trust without re-running the pipeline yourself.

Purity

An integer 0–100. Every node starts at 100; signals that make an address look less like a clean residential machine subtract from it. The weights are fixed and deterministic — the same features always yield the same score.

Signal	Penalty
No residential OS fingerprint	−15
Exposure unverified	−12
Each open port (capped)	−3 (max −12)
Remote-access / infra port open	−8
Bad InternetDB tag	−15
Known vulnerability (CVE)	−10
Hosting/cloud software fingerprint	−8
Many reverse hostnames	−5

Grade

A tier derived from Purity, so you can branch on one symbol instead of a number:

S — Pristine Purity ≥ 90   A — Premium Purity 70–89   B — Standard Purity < 70

Seals

Three independent bitflags. Each is earned, not assumed:

AuthenticResidentialClean

• Authentic — the passive fingerprint resolves to a residential OS class (Windows, macOS, iOS, Android).
• Residential — the re-resolved ASN is on the country’s golden allowlist and the IP is not in a datacenter range.
• Clean — not blacklisted, exposure was actually verified, and there is no bad tag, no known vulnerability, and no infrastructure port open.

You see all three, plus Purity and Grade, on every node from /v1/nodes and in aggregate from /v1/availability.

A drop is data; an error is a fault

Dropping 9 candidates out of 10 is the system working as designed, not failing — a drop is a typed outcome with a gate and a reason. An error (a database read that faulted, say) is a different thing entirely, and it never silently degrades into letting a bad IP through. Fail-closed, always.