Architected for hostile environments.

The AI Threat Vector

As AI agents gain access to organizational financial tools, they become prime targets for prompt injection and data poisoning. If an agent has direct access to a hot wallet or a cloud-hosted private key, a malicious prompt can instantly drain a company treasury.

Physical Decoupling ("Tetherware")

Pharos fundamentally separates the AI's "brain" from the "vault". The AI is permitted to analyze invoices, structure transactions, and draft JSON payloads. However, it cannot execute.

The drafted payload is sent to the offline Pharos client. Pharos requires a physical, local human action (the "Maker-Checker" validation) to cryptographically sign the transaction using AES-encrypted keys stored securely in local memory. Once signed, Pharos bypasses the AI entirely and broadcasts directly to the RPC endpoint.