TCrypt lets enterprises select and protect sensitive fields inside the application boundary before context is sent to an external model. It preserves useful format and structure where configured, and places every restoration behind identity-controlled threshold authorization.
The moment an agent queries a database, CRM, or file system, sensitive fields ride along into the model's context window.
Which records an agent pulls depends on the prompt and the tool calls the model chooses. You cannot enumerate in advance what will cross the boundary.
Once sensitive data enters an external context window, it can persist in vector memory, agent logs, and provider logs, outside your visibility and retention policies.
Replacing values with uniform blocks destroys the lengths, delimiters, and relationships that models and downstream systems depend on. Protection shouldn't cost utility.
Cleartext stays inside your boundary. Models work with structurally useful protected context. Restoration happens only inside a governed workflow.
Your application holds cleartext. Selector rules identify the fields to protect, exactly where they live.
Selected fields are tokenized locally before transmission. Length, delimiters, and structure are preserved where configured.
Reversing a token requires an authenticated identity and a threshold quorum. Each restoration leaves a tamper-evident record.
Protection applies to the fields you select and configure. Selector-driven rules are deterministic and auditable: a compliance team can read the rule set and know precisely what is protected.
TCrypt ships as a standard Model Context Protocol server: a native, discoverable tool for agent frameworks.
The agent retrieves records from an internal source, a database, CRM, file system, or API, before assembling the model's context.
The TCrypt MCP tool applies your JSONPath, XPath, or pattern rules in a local WebAssembly module using only the system's public key. Cleartext remains inside the application boundary during tokenization.
The agent sends the structurally intact, tokenized payload to the external model, which can validate formats and reference records without receiving the underlying values.
When the model's output references a token, the agent calls a secured gateway that enforces identity-based access control and triggers a threshold quorum to restore the value inside your workflow.
Four properties that separate a privacy substrate from string scrubbing.
Target nested fields in JSON payloads, traverse XML document and messaging structures, and isolate identifiers in plain text. Explicit selectors, not probabilistic detection, so the protected surface is knowable and auditable.
Format-preserving encryption keeps structured identifiers valid for downstream systems. Fixed-width tokens seal larger or variable-length content under threshold encryption. Choose per field, based on what the workflow needs.
The decryption capability is split into shares held by independent Sentinel nodes. Detokenization combines partial results without assembling the key in any single place, so no node, operator, or vendor can reverse a token alone. Weilliptic infrastructure receives tokens and ciphertext rather than cleartext.
Every detokenization requires a live, authenticated quorum operation, and each one produces a signed, tamper-evident record of who restored which data, and when. Non-repudiable evidence for compliance and incident response.
Strong early fits include healthcare, insurance, and financial services, but the boundary problem is universal.
An agent retrieves CRM records to resolve a case. Account numbers and personal identifiers are tokenized before the context reaches the model; the resolution workflow restores them under authorization.
Agents processing account, policy, or claims data present format-valid tokens to the model, so validation logic and downstream systems keep working without cleartext exposure.
Agents working with employee, customer, or transaction records reason over protected context, while every restoration back to cleartext is identity-gated and recorded.
TCrypt is the preventive half of the Weilliptic platform. Receipts is the evidentiary half. Both run on WeilChain.
Selected fields are tokenized inside your boundary, presented to models in useful form, and restored only through quorum-controlled, identity-gated operations.
Every prompt, tool call, and commit is cryptographically signed and anchored, giving security, legal, and finance teams independently auditable evidence.
Explore Receipts →See TCrypt tokenize, protect, and restore live against your own payload structures.