AI Safety & Governance

An approval signed yesterday cannot run today,
because the nonce is single-use

Replay Guard binds every agent decision to a single-use signed nonce. The nonce is consumed when the action runs. Trying to replay the same decision later, or replaying an approval signature outside its window, fails. Stale decisions cannot leak into the future.

Get Started Talk to Sales
app.novaaiops.com / replay-guard
● LIVE
Single
Use per nonce
5min
Default TTL
Signed
with platform key
0
Successful replays
How a Nonce Works

Issue, sign, consume, retire

When an agent prepares an action, the platform issues a nonce: a random 256-bit value, signed with the platform key, bound to the action id, the agent, and a 5-minute window. The action runner verifies the nonce signature, checks the binding, marks the nonce consumed, and only then runs the tool call. After consumption, the same nonce never works again.

  • 256-bit random: never reused; issued from a CSPRNG; collision probability is negligible
  • Bound to action + agent: nonce only validates against the originally proposed action and proposing agent, cannot be lifted
  • Signed by platform key: tampered nonces fail signature verification immediately
app.novaaiops.com / replay-guard · lifecycle
TTL & Window

Old decisions do not get to run later

Default nonce TTL is 5 minutes. After expiry, the nonce is rejected even if it was never consumed. This catches the case where an agent prepares an action, the operator approves it, and then somehow the action does not run for an hour. By the time it gets dispatched, the world has changed; the original analysis is stale; the nonce expired prevents stale execution.

  • 5-minute default: long enough for normal approval flows, short enough that staleness cannot accumulate
  • Tunable per action class: destructive actions can set TTL to 60s; routine reads can extend to 30m
  • Expiry is final: expired nonces never re-validate; agent must request a fresh nonce after a fresh review
app.novaaiops.com / replay-guard · ttl
Approval Binding

A signed approval cannot move to another action

Approvals are signed nonces too. When you approve action-9421 from the Approval Queue, the platform creates a nonce bound to that exact action id and your user id. That signature does not work on action-9422, even if the actions look identical. Lifted signatures do not roam.

  • Bound to action id: approval signature is invalid against any other action, including identical-looking ones
  • Bound to approver: an approval issued for one approver cannot be used by another
  • Captured in bundle: the nonce + signature live in the Decision Bundle so audit can verify the binding
app.novaaiops.com / replay-guard · approval
Audit

Replay attempts show up loud

Successful replays should be zero. Replay attempts (presenting an already-consumed or expired nonce) are loud signals: someone is misusing the system, or there is a bug. The page shows attempts in red with the source IP and the action they tried to replay. Even one failed attempt warrants a look.

  • Zero is the target: successful replays = 0 always; we monitor it as an SLI on the platform itself
  • Attempts surfaced loudly: failed replays are not buried, they appear with source IP and action id
  • Auto-page on a streak: three attempts in a 5-minute window pages platform-admin
app.novaaiops.com / replay-guard · audit
Video walkthrough coming soon

Subscribe to Nova AI Ops on YouTube for demos, tutorials, and feature deep-dives.

Time-bound, identity-bound, single-use

A captured screenshot of an approval QR is harmless. A leaked decision bundle replayed tomorrow does not run. The nonce is the difference.

Get Started Request a Demo