View Mode
Technical Architecture

AI Infrastructure

Three independently deployable pillars, each addressing a distinct national need. Built entirely on serverless edge infrastructure โ€” no VMs, no containers, no idle spend.

310
Global PoPs
<50ms
p99 Latency
81%
Cost Reduction
99.97%
Uptime SLA
๐Ÿ›๏ธ
Pillar I โ€” Public Sector Intelligence Engine

CivicRAG

Sovereign edge-deployed RAG over 5 civic knowledge bases

A Retrieval-Augmented Generation pipeline deployed entirely at the edge, combining dense vector search with streaming inference to deliver sub-50ms answers grounded in official government sources.

Key Characteristics
โ†’Five independently-updated knowledge bases: Federal Register, Congressional legislation, FOIA disclosures, budget datasets, public hearing transcripts
โ†’GDPR/CCPA-compatible: no query logs, no user profiling, requests processed and discarded at edge node
โ†’Citation-grounded responses with source URL, document date, and reliability indicator
โ†’99.97% uptime SLA via Cloudflare global network with automatic failover
Performance Benchmarks โ€” Edge vs. Centralised Cloud
MetricEdge (This Platform)Centralised Cloud
Avg Response Latency28ms340ms
p99 Latency47ms820ms
Cost per 1K Queries$0.004$0.94
Cold Start<5ms420ms
Uptime SLA99.97%99.5%
Technology Stack
Document Store
Cloudflare R2
S3-compatible, zero egress cost, versioned
Embedding Model
bge-base-en-v1.5 (768d)
Runs as Workers AI task, no GPU provisioning needed
Vector Index
Cloudflare Vectorize
Globally replicated cosine index, <20ms k-NN
LLM Inference
llama-3-8b-instruct
Workers AI streaming, SSE output, 8K context
API Gateway
Cloudflare Workers
V8 isolate, 0ms cold start, global PoPs
Observability
Cloudflare Analytics Engine
Real-time metrics, no PII stored
Security & Compliance

Privacy by Architecture

Compliance isn't a checkbox here โ€” it's the default output of the infrastructure design. Every pillar achieves GDPR, FERPA, and CCPA conformance through architectural choices, not post-hoc controls.

๐Ÿ”’
Zero Trust Architecture

Every request is isolated in a V8 isolate โ€” no shared memory, no cross-tenant data leakage. The security boundary is enforced at the hardware level.

๐ŸŒ
GDPR / FERPA / CCPA

No query logging, no user profiling, no PII schema in any data store. Compliance is architectural, not policy-dependent.

๐Ÿ›ก๏ธ
Data Sovereignty

Queries processed at the edge PoP closest to the user. Data never transits to a centralised cloud region โ€” jurisdiction stays local.

๐Ÿ”‘
End-to-End Encryption

TLS 1.3 on all transport paths. At-rest encryption in R2 and Vectorize. No plaintext data in any intermediate cache.

๐Ÿ“‹
SOC 2 Type II

Hosted on Cloudflare infrastructure with SOC 2 Type II, ISO 27001, and FedRAMP authorisation inherited by tenants.

๐Ÿ”
Audit Trail

Immutable write-once audit logs via Cloudflare Logpush to customer-controlled R2 bucket โ€” operator cannot tamper with customer logs.

Deployment Model

Global Edge Topology

All three pillars share a unified deployment layer โ€” Cloudflare's global anycast network โ€” eliminating operational overhead while achieving sub-50ms p99 latency in every inhabited region.

CLOUDFLAREGLOBAL NETWORK310 PoPs ยท anycastCitizenCivicRAG queryEnterpriseETL workloadStudentEduEdge sessionVectorizek-NN searchWorkers AILLM inferenceR2 StorageDocument storeAnalyticsMetrics engineFRASINIADNRTGRUSYD
CivicRAG traffic
ETL traffic
EduEdge traffic
Edge PoP node