Questions we
actually get.
Deployment and architecture
Does the gateway add latency?
The gateway performs deterministic policy checks, not model calls. There is no LLM in the enforcement path, which is why overhead stays under 100ms in our benchmarks. Ask us for current figures for your specific deployment pattern.
What happens if the gateway goes down?
You choose the failure mode per policy: fail-closed for regulated workloads, fail-open for lower-risk traffic. Either way, the behavior is documented policy, not an accident.
Do my agents need to be modified?
No. Point your agent's base URL at the gateway with one environment variable. The agent continues to operate as before; the gateway intercepts transparently. No SDK, no code changes.
Does it work with any LLM provider?
Yes. One gateway instance proxies OpenAI, Anthropic, Gemini, Copilot, and local models via Ollama, vLLM or LM Studio, simultaneously. MCP-routed calls are also supported.
Data and privacy
Do you see our data?
No, not unless you turn it on. Prompts, responses and payload content stay on your infrastructure at all times. Telemetry is opt-in and off by default; when enabled, it transmits only pseudonymized aggregate counts, never message content. A fully air-gapped deployment is available on Enterprise.
Where does the audit ledger live?
Inside your own perimeter, on infrastructure you control. It is not a hosted service you have to trust with your evidence.
Compliance and evidence
What is the difference between Kyde and a SIEM?
A SIEM ingests logs your systems choose to emit. Kyde sits at the boundary and generates the record itself, independent of whether the agent or its vendor wanted to log the action. You can forward Kyde's ledger into your SIEM; it does not replace one, and a SIEM cannot replace it.
What is the difference between Kyde and an API gateway?
An API gateway routes and rate-limits calls between endpoints. It generally has no concept of agent identity, delegation, or policy tied to what an agent is allowed to do. Kyde adds that governance layer on top of the same network position.
Does the free tier satisfy audit requirements on its own?
The Starter tier records every action into a hash-chained, tamper-evident ledger, real evidence of sequence and content. Cryptographic signing (Ed25519) and managed key infrastructure, the piece auditors typically ask about for non-repudiation, are part of the Enterprise tier.
Why not wait until our AI provider builds this?
A provider's log lives on their infrastructure, under their control. In a dispute involving that provider's model, their own log is not independent evidence. Kyde is built to be independent of every model provider it governs, including the one under investigation.
Didn't find your question?
We answer every message, and questions from real sales calls get added here within a week.