Entroly is an auditable context engineering control plane for AI agents: evidence selection, recoverable compression, receipts, memory, gateway controls, and local verification.
See Entroly select and compress context under budget with committed benchmark artifacts and local verification reports.
Integrity counts: Context Commit conformance JSON. WITNESS count: faithful HaluEval-QA JSON. These results are protocol-scoped, not production guarantees.
Run local verification and simulation before wiring a paid model. Then choose MCP, proxy, SDK, npm, or Docker.
A high-performance Rust core (via PyO3) accelerates ranking, selection, verification, cache, and memory primitives when the native engine is installed.
Recorded outcomes can adjust local context weights. Candidate changes remain subject to promotion and rollback policy; adaptation is not an accuracy guarantee.
Local SAST and prompt-injection checks can flag configured patterns before context is selected. Review findings; these checks are not a substitute for a security audit.
Get an A-F grade for your codebase health. Detect god files, dead code, and cross-module clones automatically.
First-class support for Multi-Agent systems. Nash bargaining for token budgets between sub-agents.
Most context tools optimize a single lever — input compression. Entroly ships 19 distinct mechanisms across input, inference, output, verification, and learning. Their effects must be measured separately and end to end; each source file can be opened and audited.
Compressors re-rank context on every call, which busts the provider's KV cache. The aligner hashes the injected context and holds the prefix stable so cache hits actually land.
Deterministic verifier with no second model call. The committed faithful HaluEval-QA run reports scope, sample size, held-out accuracy, and uncertainty; it does not establish general hallucination prevention.
A Bayesian per-task router sends easy work to cheap models and escalates only when verifier risk says so. Fail-closed: when uncertain, it routes to the strongest model.
Knapsack DP + 9 specialized compressors + a dep-graph pick the most information-dense fragments that fit your budget.
proxy_transform.pyLocal grounding-risk signals with separately documented evaluation protocols.
witness.py · stave.pyHolds eligible prefix bytes stable; provider-reported usage determines whether a cache hit occurred.
cache_aligner.pyCheap model first; escalate only when verifier risk demands it. Bounded regret via split-conformal coverage.
escalation.pyTwo-verifier cascade with a measured Pareto frontier vs. either verifier alone.
conformal_cascade.pyPer-task model routing — cheap when capable, strong when needed. Fail-closed.
ravs/router.pyQueries that match an accepted cache key can reuse the recorded result under the configured policy.
fast_path.pyLearns the right token budget per query so easy questions don't overspend.
adaptive_budget.pyCompresses chat history each turn so long conversations don't bloat the input.
proxy_transform.pyTargeted fast paths for git, builds, logs, JSON, and test output — 60–95% smaller.
proxy_transform.pyCompresses the model's response before downstream chains consume it.
proxy_transform.pyRuns faithfulness NLI fully offline — ~$0.002/claim drops to $0.
witness.pyDrops hallucinated content from responses before it propagates downstream.
eicv_suppressor.pyLearns which fragment features matter, with a spectral natural-gradient optimizer.
online_learner.py · prism.rsAnonymized weight + skill sync across instances amortizes cold-start across the user base.
federation.pyUniversal entropy + SimHash compressor for any tool output — even ones it has never seen.
shell_codec.pyBudget-driven file reads — full, signature-only, or diff-only, chosen per block.
semantic_resolution.pyBlocks prompt-injection and context poisoning that bypass regex-only scanners.
context_firewall.pyScans agent output for hallucination before passing it to the next agent.
verified_handoff.pyEvery figure links to a committed JSON with sample counts, 95% confidence intervals, and model provenance. Clone the repo and reproduce them — or run the packaged smoke verifier on your own code in seconds.
| Benchmark | Token savings | Accuracy retained | Samples | Artifact |
|---|---|---|---|---|
| Needle-in-a-haystack | 99.5% | 100% | 20 | needle_accuracy.json |
| LongBench | 85.3% | 103% (↑) | 50 | longbench_accuracy.json |
| BFCL (function calling) | 79.3% | 100% | 50 | bfcl_accuracy.json |
| SQuAD | 43.8% | 90% | 50 | squad_accuracy.json |
| WITNESS grounding-risk benchmark (HaluEval-QA) | AUROC 0.7976 | 84.92% held-out accuracy | 20,000 decisions | halueval_qa_faithful.json |
SQuAD is shown unfiltered — it's the one benchmark here where a tighter budget trades a little accuracy
(0.80 → 0.72) for savings. We include it because cherry-picking benchmarks is how marketing claims get caught.
Numbers measured with gpt-4o-mini; see each JSON for the full confidence intervals.