AlfaNest Labs — Analytics

Lab metrics

Analytics dashboard

Real-time performance metrics and AlfaNest Labs experiments — same layout language as Plans & pricing.

What you will find here

This page consolidates public metrics from every AlfaNest Labs product: API Risk Monitor, AI Agent Security, Machine Identity with vault encryption, GLOWMIN on Solana, SafeKey roadmap, Clearance verification, and WASTE.LAND marketplace.

Security products

Three production systems run on app.alfanestlabs.com. API Risk scans OpenAPI specs for auth gaps. Agent Security provides policy and approval layers for AI agents. Machine Identity manages non-human credentials with AES-256-GCM vault encryption powered by SafeKey.

Token & charts

DexScreener powers the GLOWMIN candle charts below. Live price, volume, and market cap tiles pull from the DexScreener and Jupiter APIs. WASTE.LAND (alfanest.digital) covers the abandoned-repo marketplace.

Who this page helps

Builders and partners skim status across all products without opening multiple subdomains. The security-products section shows live operational status, crypto stack details, and pricing links. Use footer links to reach contact or the full projects list.

Lab surfaces

Lab Systems

Online

GLOWMIN

Live

AlfaNest Compta

Desktop

Clearance

Live

WASTE.LAND

Live

SafeKey Engine

Integrated

Security products

API Risk Monitor

Live

Agent Security

Live

Machine Identity

Live

Vault Encryption

Active

Stripe Billing

Live

Email Alerts

Resend

Services & integrations

Public APIs

Healthy

PostgreSQL DB

Online

DexScreener

Embeds OK

App hosting

Online

Resend email

Active

Next.js + PM2

Running

Live data & embeds

Charts, engine status, and product snapshots

GLOWMIN/SOL

GLOWMIN/USD1

Price

Loading...

--

Market Cap

Loading...

--

24h Volume

Loading...

--

Holders

Loading...

Live on Solana

SafeKey — Crypto Engine

Active

Integrated into Machine Identity

SafeKey Integration Log

Core

Key Shield (PBKDF2 600k)

Password-derived shield key wraps random data key. Ported from sfk-core into Machine Identity vault.

Vault

AES-256-GCM Encryption

Client-side manifest encryption via Web Crypto API. 12-byte nonce, 16-byte auth tag. Zero-knowledge storage.

Chain

HMAC + SHA-256 Hash Chain

Tamper-evident linking of every sealed snapshot. Server-verifiable without knowing the vault password.

Pro

Shamir Secret Sharing

GF(256) polynomial split — 5 shares, any 3 recover the vault password. Available on Pro tier.

Verification · Free · cl.alfanestlabs.com

Clearance

Check project status by Project ID against the public snapshot feed. Up to five lookups per hour from this page.

Open Clearance hub →

WASTE.LAND

alfanest.digital — marketplace for abandoned repos: The Overseer audit, Vault escrow, listings, Scraps economy, and Wasteland ranks.

alfanest.digital →

API Risk Monitor

Static analysis of OpenAPI 3.x specs. Risk score, auth gaps, sensitive routes, remediation hints.

Starter: ~100 scans/mo — €39
Team: ~500 scans/mo — €99
Bundle (+ Agent Security): €99

Open scanner →

AI Agent Security Layer

Control layer for AI agents: policies, human approval, audit trail. Decision API before side effects.

Dev free → Starter → Growth → Pro
Policy engine + approval workflows
Append-only event log

Product page →

Machine Identity + Vault

Non-human identity governance with client-side AES-256-GCM encryption. SafeKey crypto engine integrated.

Manifest upload (dashboard + CI keys)
Risk scoring + queue governance (ownerless, stale, over-wide)
Vault: Key Shield + AES-256-GCM + HMAC chain
Shamir 3-of-5 secret recovery (Pro)
Encrypted .sfk export
Email alerts via Resend

Product page → Dashboard → Pricing →

Machine Identity – Crypto Stack

Cryptographic layers ported from SafeKey (sfk-core) into Machine Identity.

Layer 1

Key Shield

PBKDF2 (600k iterations) derives Shield Key from password. Random 256-bit data key encrypted with SK.

Layer 2

AES-256-GCM

Manifest encrypted with data key. 12-byte nonce + 16-byte auth tag. Runs in browser via Web Crypto API.

Layer 3

HMAC-SHA256 + Hash Chain

Each sealed envelope has HMAC for tamper detection. SHA-256 chain links snapshots — server-verifiable.

Layer 4

Shamir Secret Sharing

GF(256) polynomial split: 5 shares, any 3 reconstruct the vault password. Pro tier only.

SafeKey engine — overview

Same cryptographic core across Machine Identity vault and related security products. All heavy crypto runs client-side.

AES-256-GCM + Key Shield (PBKDF2)
HMAC-SHA256 tamper detection
SHA-256 hash chain for audit trail
Shamir over GF(256)
Web Crypto API in the browser

Open vault in app →

Lab Infrastructure Performance