Question 1

What is the actual measured overhead of the Nvidia hook?

Accepted Answer

Design target is sub-1% on H100-class nodes running mixed inference and training workloads. The hot path is small: an Aya uprobe on libcuda.so:cudaLaunchKernel and a syscalls:sys_enter_ioctl tracepoint, each writing a fixed-size POD into a per-program ring buffer. Customer-specific benchmark numbers are produced during the integration window and shared in the integration report.

Question 2

How does Arca avoid the verifier-stall problem most eBPF tools hit on hot syscalls?

Accepted Answer

The probes are intentionally minimal — they read a small set of fixed offsets, build a POD struct, and submit one ring-buffer entry per event. That keeps the BPF programs short and easy for the in-kernel verifier to accept on every supported kernel. No dynamic codegen, no third-party verifier fork.

Question 3

Does the hook ever drop events under load?

Accepted Answer

The hot path is non-blocking: ring-buffer reservations that fail (because the consumer is behind) are skipped rather than blocking the probe. Inside user space, the heuristic gate forwards qualifying ioctl events to an async SLM worker over a bounded channel; if that channel is full, events are dropped and the arca_exfil_events_dropped_total counter increments. Zombie detection uses kernel timestamps from the original event, so it remains accurate even when the SLM channel is shedding load.

Question 4

What kernel and hardware do I need?

Accepted Answer

Linux 5.10 LTS or later with standard tracing primitives, plus an Nvidia GPU and CUDA 11.4+ for the libcuda.so uprobe. Bare metal, AWS EC2, GCP Vertex, and private cloud are all first-class — anywhere you run a Linux host. ARM64 support is in flight with our enterprise customers; today's deployments target x86_64.

Question 5

Is Arca.Vision patent-pending?

Accepted Answer

Yes. Arca.Vision is a proprietary, patent-pending governance layer. Filings cover the kernel-side interception pattern, the on-host SLM gate at the GPU memory boundary, and the integration tooling our engineers use to deploy and tune it. Filing references are shared under NDA.

Question 6

Are you trying to patent eBPF itself? That feels broad.

Accepted Answer

No. eBPF is upstream Linux. Aya is upstream Rust. Both prior art. Our filings are on the specific composition: GPU-driver observer plus non-invasive attach plus on-host SLM gate at the cudaMemcpyDeviceToHost boundary. The novelty is the cascade and the deployment pattern, not the underlying primitives.

Question 7

Will customers be exposed if competitors challenge the patents?

Accepted Answer

No. Customer rights to run Arca.Vision on their fleet are contractual and decoupled from patent status. Even if a filing is narrowed, your deployment continues. Indemnification terms are part of the master services agreement.

Question 8

Do you publish anything?

Accepted Answer

We publish at the level of executive summaries, deployment briefs, and customer reference architectures. Architectural deep-dives, threat models, and the engineering brief are available under NDA. We do not ship source code.

Question 9

When the gate inspects an ioctl event, does any of that content leave the host?

Accepted Answer

No. Ever. The pipeline is two stages, both on host. Stage 1 is a kernel-side heuristic on the hot path: estimate transfer size from the ioctl args, drop everything below the configured byte threshold, reservoir-sample the rest. Stage 2 hands the survivors to an on-host Phi-3 mini that scores intent against a learned exfil profile and returns a 0–100 risk rating with a reason. No HTTP. No external IPC. Air-gap deployments are first-class.

Question 10

How do you update the model without phoning home?

Accepted Answer

Signed model bundles delivered through whatever channel you already use for OS packages or AI artifacts — your internal mirror, an air-gapped USB rotation, your existing artifact registry. The Sentry verifies the bundle signature against a pinned key our engineers install during deployment, and refuses anything else. We never call out from your fleet.

Question 11

What happens to events the gate flags?

Accepted Answer

Flagged events land in your turn-key Grafana pane and in Prometheus counters on loopback (arca_exfiltration_risk_score, arca_exfil_events_dropped_total, arca_slm_eval_duration_seconds). When policy is set to kill, the Sentry signals SIGKILL to the offending PID — with PID 0, PID 1, the Sentry itself, and any operator-listed protected PIDs excluded. Arca.Vision never aggregates, mirrors, or analyzes customer events centrally.

Question 12

Can the gate itself be a side channel? Could a malicious agent learn anything from flagged-vs-clean?

Accepted Answer

It is the right question to ask. The Sentry is fundamentally an observer plus after-the-fact enforcer: the ioctl tracepoint does not return EFAULT to the caller, so there is no inline block path whose timing you can probe. When policy is kill, the offending PID is signaled out of band; when policy is alert, only a log line is written. The agent's syscall return path is unchanged in both cases, so syscall-boundary timing inference does not apply.

Engineering
questions, plainly
answered.

eBPF Overhead

Architecture & IP

Local SLM Privacy

Got a deeper question?
Ask the engineer who wrote it.

Engineeringquestions, plainlyanswered.

eBPF Overhead

01What is the actual measured overhead of the Nvidia hook?

02How does Arca avoid the verifier-stall problem most eBPF tools hit on hot syscalls?

03Does the hook ever drop events under load?

04What kernel and hardware do I need?

Architecture & IP

01Is Arca.Vision patent-pending?

02Are you trying to patent eBPF itself? That feels broad.

03Will customers be exposed if competitors challenge the patents?

04Do you publish anything?

Local SLM Privacy

01When the gate inspects an ioctl event, does any of that content leave the host?

02How do you update the model without phoning home?

03What happens to events the gate flags?

04Can the gate itself be a side channel? Could a malicious agent learn anything from flagged-vs-clean?

Got a deeper question?Ask the engineer who wrote it.

Engineering
questions, plainly
answered.

Got a deeper question?
Ask the engineer who wrote it.