Sentinel (Validator)
Sentinel - The Validator
256MB RAM · $25 · IoT-scale protection
Sentinel is the lightweight validation tier designed for IoT gateways, LTE devices, and other constrained environments.
What Sentinel Enables
Role: DSM validation and health monitoring with minimal footprint.
| Capability | Description |
|---|---|
| DSM Validation | Participate in mesh consensus |
| Health Monitoring | Track device and network health |
| TER Generation | Create temporal event records |
| Mesh Participation | Contribute to collective defense |
Best For
- IoT deployments
- LTE/5G gateways
- Edge validators
- Minimal footprint needs
- Constrained devices
Hardware Requirements
| Resource | Minimum | Recommended |
|---|---|---|
| CPU | 1 core | 2 cores |
| RAM | 256MB | 512MB |
| Storage | 4GB | 8GB |
| Network | 100Mbps | 1Gbps |
Recommended Hardware
- ESP32-based gateways (with Linux)
- Raspberry Pi Zero 2 W
- OpenWrt-compatible routers
- Industrial IoT gateways
Approximate cost: ~$25
Installation
sudo ./install.sh --tier sentinelInstallation Options
# Basic installationsudo ./install.sh --tier sentinel
# With LTE modem supportsudo ./install.sh --tier sentinel --enable-lte
# With custom mesh bootstrapsudo ./install.sh --tier sentinel --bootstrap-nodes "node1.mesh:7946,node2.mesh:7946"What’s Included
| Component | Purpose |
|---|---|
| TER Generator | Sensor data collection |
| DSM Node | Microblock creation and gossip |
| Health Agent | System monitoring |
| HTP Client | Secure mesh communication |
What’s NOT Included
| Component | Reason |
|---|---|
| L2-L7 Detection | Requires more RAM |
| dnsXai | Not enough memory for ML |
| WiFi Hotspot | Different use case |
| Web Dashboard | Minimal footprint |
Functionality
DSM Validation
Sentinel participates in the Decentralized Security Mesh:
# Sentinel creates microblocks for:- Health status changes- TER chain updates- Attestation events- Network anomaliesHealth Monitoring
Continuous monitoring of:
- CPU usage
- Memory utilization
- Network connectivity
- Disk space
- Process health
TER Generation
Temporal Event Records capture system state:
TER (64 bytes):├── H_Entropy (32 bytes): SHA256(system metrics)├── H_Integrity (20 bytes): RIPEMD160(critical files)├── Timestamp (8 bytes): Unix microseconds├── Sequence (2 bytes): Monotonic counter└── Chain_Hash (2 bytes): CRC16(previous TER)Configuration
Basic Config
TIER=sentinelMESH_ENABLED=trueBOOTSTRAP_NODES="validator1.hookprobe.mesh:7946"TER_INTERVAL_MS=1000Advanced Options
sentinel: node_id: "${HOOKPROBE_NODE_ID}" role: "edge"
tpm: enabled: false # Not required for Sentinel fallback: "software"
health: check_interval: 30 report_interval: 300
mesh: bootstrap_nodes: - "validator1.hookprobe.mesh:7946" gossip_port: 7946Management
Status Commands
# Check Sentinel statushookprobe-ctl status
# View health metricshookprobe-ctl health
# Check mesh connectivityhookprobe-ctl mesh statusLog Locations
| Log | Path |
|---|---|
| Agent | /var/log/hookprobe/agent.log |
| Health | /var/log/hookprobe/health.log |
| Mesh | /var/log/hookprobe/mesh.log |
Resource Usage
Typical resource consumption:
| Resource | Usage |
|---|---|
| RAM | 150-200MB |
| CPU | 5-10% |
| Disk I/O | Minimal |
| Network | ~10KB/s |
Transparency Features
Even at the smallest tier, you get:
| Feature | Available |
|---|---|
| Full visibility into DSM decisions | Yes |
| Auditable health logs | Yes |
| TER chain verification | Yes |
| Mesh contribution stats | Yes |
Upgrade Path
Ready for more capability?
# Upgrade to Guardiansudo ./install.sh --tier guardian --migrateGuardian adds:
- L2-L7 threat detection
- dnsXai DNS protection
- WiFi hotspot creation
- Full web dashboard
Sentinel vs Guardian
| Feature | Sentinel | Guardian |
|---|---|---|
| RAM Required | 256MB | 1.5GB |
| Cost | $25 | $75 |
| DSM Validation | Yes | Yes |
| L2-L7 Detection | No | Yes |
| dnsXai | No | Yes |
| WiFi Hotspot | No | Yes |
| Dashboard | Health only | Full |
Use Cases
IoT Gateway Monitoring
Deploy Sentinel on IoT gateways to:
- Monitor device fleet health
- Detect anomalous behavior
- Participate in mesh consensus
- Report to central Nexus
LTE Failover Validator
Use Sentinel on LTE modems for:
- Connection health monitoring
- Failover event detection
- Mobile network trust assessment
- Backup link validation
Edge Validation
Deploy Sentinel at network edges:
- Minimal resource impact
- Continuous health attestation
- Early warning detection
- Mesh participation
Next Steps
- Guardian - Upgrade for full L2-L7 protection
- DSM Protocol - Understand consensus
- NEURO Protocol - Learn about TER generation
AI Intelligence (HIP)
Sentinel reports hardware capabilities via the HookProbe Intelligence Platform:
- Hardware Detection: Reports accelerator type and capabilities in heartbeat data
- Rule-Based Classification: Lightweight threat scoring without ML overhead
- No LLM: Too memory-constrained for local inference — uses mesh intelligence instead
See Brain & NPU Detection for the hardware detection system.