Deployment

AGLedger runs on your infrastructure. You hold the database, the signing keys, and the records. Federation is a per-record opt-in, not a deployment mode — without it, no data leaves your environment. There is no phone-home, no telemetry call, no kill switch. If the license lapses, the software keeps running. Security patches are free regardless of support status.

Docker Compose · Kubernetes (Helm) · PostgreSQL 17+ · Node 24 LTS · Air-gap capable

Last updated: 2026-05-26 · API v0.25.4

Architecture

One role: Server

Every AGLedger install is the same binary — same surface area, same configuration shape. A Server is a sovereign domain: its own PostgreSQL database, its own auth, its own agents and contracts, its own chain. Whether the deployment participates in federation is a per-record or per-contract flag, not a deployment-time decision.

┌─────────────────────────────────────────────────┐ │ YOUR INFRASTRUCTURE │ │ │ │ ┌───────────┐ ┌──────────┐ ┌──────────┐ │ │ │ Your Apps │───▶│ AGLedger │───▶│ Postgres │ │ │ │ & Agents │ │ Server │ │ DB │ │ │ └───────────┘ └────┬─────┘ └──────────┘ │ │ │ │ │ Webhooks to │ │ your systems │ │ │ └─────────────────────────────────────────────────┘ │ (only when a record's share flag is on) ▼ ┌──────────────┐ │ Counterparty│ Federation: signed messages │ AGLedger │ cross this boundary, nothing │ Server │ else. └──────────────┘

Deployment shapes

Compose for Developer Edition, Kubernetes for Enterprise

Docker Compose — Developer Edition

Bundled PostgreSQL, single Server instance, full lifecycle, SDKs, CLI, federation included. Production-capable, not a trial. Three commands to a running install. Free, no license required.

Hardware floor: 2 vCPU, 4 GB RAM, 20 GB disk. Scales vertically until the database is the bottleneck.

Kubernetes / Helm — Enterprise

Helm chart, external PostgreSQL (Aurora, RDS, Cloud SQL, or on-prem), HA replicas, RollingUpdate and Recreate deployment strategies. Tested infrastructure: EKS + ALB + ACM. Source available for security review under the Enterprise license. Blue-green upgrades are not currently part of our tested matrix; if your operational model requires it, contact us and we will validate before recommending.

Platform floor: Kubernetes 1.27+, PostgreSQL 17+ (18 recommended for native UUIDv7), Node 24 LTS runtime.

The install path is the same in both shapes — pull from the public install repository, configure environment, run. Compose and Helm share the same container image and the same configuration surface.

What you own

Database, keys, records

PostgreSQL database

Standard tables, no proprietary format. Standard backups, standard replication, standard restore. AGLedger does not require any storage you cannot operate with the rest of your Postgres fleet.

Ed25519 signing keys

Generated at install, rotated on your schedule, never transmitted off your infrastructure. The vault signing key set is published at /.well-known/agledger-vault-keys.json so verifiers and federated peers can confirm signatures without account access.

Records and chain

Every Signed Statement lives in your Postgres — tagged COSE_Sign1 (RFC 9052, tag 18), CBOR-encoded in-toto v1 Statement payloads, hash-chained. Append-only and tamper-evident at the database layer: UPDATE and DELETE are revoked on the vault tables, partition-level TRUNCATE is blocked by trigger.

Operational posture

No phone-home, no kill switch

No outbound calls to us. AGLedger Servers do not contact agledger.ai or any other AGLedger-controlled endpoint at runtime. License validation is Ed25519-signed and offline. Federation, if enabled, talks only to the peer Servers you configured.

No kill switch. If your license expires, the software continues to run. The chain continues to write. Webhooks continue to fire. License status is a soft signal, not a hard gate.

Security patches always free. Regardless of support subscription status, security updates are published under the same channel as everyone else. There is no premium tier for security fixes.

No traffic proxying. AGLedger sits beside your agents; it does not intercept their calls. Trace IDs come in by reference, not by interception. See integrations.

Air-gapped deployment

Install offline, run offline, verify offline

The container images, the install scripts, and the Helm chart are distributed as static artifacts that can be moved through a transfer station and stood up without outbound network access. The Ed25519 license payload is verifiable offline against a published public key.

The chain is verifiable offline too. A small standard-library verifier validates a signed audit export against the published vault keys, with no live API access required. The proof outlives the network reachability.

License model

Perpetual per database, source available for review

Developer Edition is free for any use case. Enterprise is $8,000 perpetual per unique PostgreSQL database instance, bundled with the $4,000/year support subscription that includes updates and technical assistance. HA replicas against the same database instance are included; a second database instance is a second license.

The Enterprise license includes source access for security and compliance review. The codebase is not open source, but your security team can read every line they are evaluating. Air-gapped customers can ship the source through their standard review pipeline before deployment.

Full pricing terms on the pricing page. License agreement available for review at /license.

Performance reference

Scales vertically until the database is the bottleneck

Reference footprint — 1 vCPU API process plus 1 vCPU worker against Aurora Serverless v2 at 0.5–4 ACU:

  • 60 records/sec sustained on the Notarize path (3,600/min, ~5.2M/day) with p50 224ms, p99 1.05s
  • 12 records/sec sustained on the full Verify path (record + completion + verdict)

Numbers measured against the AGLedger performance benchmark on the API v0.23.0 testbed baseline (2026-05-19).

Higher throughput is a vertical-scale story — bigger database, more API replicas behind the same Server — not a horizontal sharding story. The chain's ordering guarantees are local to the Server; sharding within a single Server would break them.

Related capabilities

Security →

The cryptographic architecture every deployment inherits — key management, vault integrity, transport hardening.

Federation →

The Server you deploy is the unit of federation; there is no central coordinator to operate.

API →

The HTTP surface a deployment exposes — lifecycle, federation, SCITT, and well-known discovery routes.

Install →

The action page — Compose for Developer Edition, Helm for Enterprise, three commands to a running instance.

AGLedger performance at scale →

Throughput, latency, and database sizing data from sustained load against a real deployment.

pg-boss production lessons →

Operational tuning for the background-job substrate AGLedger uses for webhook delivery and federation projection.

installThree commands, then a running instance
securityFull security architecture
self-hostedOperations, configuration, TLS, version matrix
pricingDeveloper Edition free — Enterprise $8K perpetual