-
Notifications
You must be signed in to change notification settings - Fork 0
Architecture
Marty McEnroe edited this page Feb 15, 2026
·
8 revisions
Technical overview of Aletheia's system design.
flowchart TD
subgraph Client
A["Browser Extension"]
end
subgraph AWS
B["CloudFront + WAF"]
C["Lambda<br/>Python 3.12"]
D["Bedrock<br/>Nova Micro"]
E[("DynamoDB")]
end
A -->|"HTTPS request"| B
B --> C
C --> D
C -.-> E
D -.->|"inference result"| C
C -.->|"response"| B
B -.->|"HTTPS response"| A
| Component | Purpose |
|---|---|
manifest.json |
Extension configuration |
service-worker.js |
Background script handling events |
content-safety.js |
Client-side content filtering |
overlay.js |
UI rendering for analysis results |
Manifest versions:
- Chrome: Manifest V3 (
extensions/chrome/) - Firefox: Manifest V2 (
extensions/firefox/)
| Service | Technology | Purpose |
|---|---|---|
| API Gateway | CloudFront | Request routing, caching |
| Security | WAF | Rate limiting, DDoS protection |
| Compute | Lambda | Request processing |
| AI | Bedrock | Claude 3 Haiku inference |
| State | DynamoDB | Session management |
- Client-side: Content safety checks before sending
- Network: CloudFront + WAF filtering
- Application: Input validation, prompt engineering
- AI: Guardrails and safety checks
- User selects text and clicks "Explain with AI"
- Extension performs client-side safety check
- Text sent to CloudFront endpoint
- WAF validates request
- Lambda receives and validates input
- Guardrails check text safety
- Request sent to Bedrock (Nova Micro)
- Response processed and returned
- Extension displays overlay
- Selected text, context, and URL stored for analytics (≤30 days with user ID)
- User ID removed after ≤30 days (data anonymized)
- CloudWatch logs contain only operational metrics (no user content)
- See Privacy Policy for complete details
| ADR | Decision |
|---|---|
| 0201 | No <all_urls> permission |
| 0202 | Minimal permission model |
| 0203 | No PII stored in DynamoDB |
| 0205 | Client-side content safety |
| 0207 | Amazon Nova models (Nova Micro) |
- Defense in depth: Multiple validation layers
- Minimal permissions: Only what's necessary
- Fail closed: Errors block rather than allow
- Privacy first: No tracking, minimal data retention
Primary deployment: us-east-1
| Environment | Purpose |
|---|---|
| Production | Live user traffic |
| Staging | Pre-release testing |
- CloudWatch Logs for operational visibility
- CloudWatch Metrics for performance tracking
- X-Ray tracing for request debugging
See the Developer Guide for:
- Local development setup
- Testing procedures
- Deployment instructions
- Contributing guidelines
Last updated: 2026-01-06 10:28 CT
Aletheia — AI-Powered Context Analysis | MIT License | Report Security Issue
Wiki verified: 2026-02-19