SEAL Tooling Gateway

The SEAL Tooling Gateway is now documented as a first-class section. See SEAL Gateway for the full reference, including deployment, authentication, security contexts, tool authoring, the SEAL protocol, and the management and gRPC APIs.

Where It Sits in the Stack

The gateway is a standalone Rust binary (aegis-seal-gateway) that lives between agents and the external world. Every tool invocation an agent makes that targets a non-AEGIS resource — a REST API, a SaaS platform, a CLI binary — is wrapped in a signed envelope by the agent and dispatched to the gateway. The orchestrator itself is not in the hot path for these calls.

The gateway is responsible for four concerns at every invocation: it verifies the envelope's Ed25519 signature against the session's registered public key, enforces the session's bound security context against the requested capability, resolves any credentials the tool requires from OpenBao without ever exposing them to the agent, and audits the call as a structured domain event.

For how the orchestrator provisions SEAL sessions, chooses security contexts, and co-deploys with the gateway, see Integration with AEGIS.