Skip to content
Platform · The Vihaya Engine

One substrate, six capabilities Every engagement compounds

The Vihaya Engine is the substrate every engagement we ship deposits into. Customer N+1 gets the benefit of every pattern that came before. The customer keeps their data — the engine runs in their tenant — and we still get the data flywheel via shipped patterns. That is the intended moat.

Engine ships with the engagement. Prior-auth is the first productised vertical. Vihaya is pre-revenue with no completed pilot — what follows is the capability shape, not customer- validated performance. Implementation details are shared with the design-partner customer under NDA.

Architecture

The picture in one diagram

One engine. Six capabilities. Deployed inside the customer’s tenant.

Vihaya Engine architectureFour access surfaces — Code, API, Agent, Ops — connect to the Vihaya Engine, which fronts six capabilities: Context Mesh, Decisioning, Durable Agents, Compliance, Adaptive Guardrails, Agent Sandbox. All run inside the customer's own tenant.Codeembedded serviceAPIHTTP gatewayAgentMCP & tool callsOpsoperator consoleVIHAYA ENGINEone substrate · any sectorContextMeshDecisioningDurableAgentsComplianceAdaptiveGuardrailsAgentSandboxCUSTOMER'S TENANTtheir cloud · their region · their data stays with them
The six capabilities

Each capability is one well-scoped concern

Engineered to be useful on its own and load-bearing inside the engagement.

Context Mesh

Persistent knowledge graph + episodic memory for long-running agents.

A traversable mesh instead of a flat vector index. Typed entities with embeddings, typed directed relations with weight, and episodes — agent observations and actions written back to the mesh and recallable by subject or by similarity. Hybrid search: semantic match seeds a graph walk, the walk pulls in linked knowledge.

Decisioning

Immutable, cited decisions. Every output is a structured record linking back to source.

Where a chatbot returns prose, the decisioning primitive returns a typed record: outcome, rationale, confidence, citations pointing to the source passages the agent grounded on. The record is append-only — supersession is supported, mutation is not. Reviewable from cold storage years later.

Durable Agents

Stateful, resumable agent runs with checkpoints.

Long-running enterprise workflows can’t lose state when the host process dies. A durable run captures who the agent is, what input it received, where it is in its plan, and what tools it has called. If the process restarts, the run resumes from the last checkpoint — calls are idempotent on the decision identifier.

Compliance

Audit envelopes and controls evidence. Exportable.

Every step of every agent run writes one immutable record to an append-only log: actor, action, resource, outcome, metadata. Records are self-mapped to control frameworks (SOC 2 CC4.1 / CC7.2 by default; HIPAA / ISO mappings configurable). Audit-evidence collection becomes a side effect of normal operation, not a quarterly fire drill.

Adaptive Guardrails

Policy enforcement that learns from reviewer-override signal.

Every time a human reviewer overrides an agent decision, the override is signal. Adaptive Guardrails consumes that signal and tightens policy in the direction the customer’s experts actually disagree with the model — without rewriting the policy spec. The configured confidence floor stays the safety primitive; the learned behaviour stacks on top.

Agent Sandbox

Isolated execution for untrusted code and tool calls.

An agent that needs to run generated code, evaluate a query, or call an external tool runs it in an isolated environment with no access to the customer’s tenant data unless the policy explicitly allows it. Failure is contained; the audit trail captures every attempt.

Design principles

What the engine is opinionated about

These are the choices we will not negotiate during an engagement, because they are what make the audit chain credible to regulators and the engine credible to the customer’s CTO.

Runs inside the customer’s tenant

The engine deploys into the customer’s own cloud account and region — wherever data residency, procurement, and security review land. No data egress to Vihaya’s environment.

Decision-first, not chat-first

Every output is a typed, immutable record with citations and a confidence score. Procurement, legal, risk, and regulators understand decisions; they don’t understand ‘the model said so.’

Confidence floor as a safety primitive

Below the configured threshold, cases route to the customer’s existing human reviewers regardless of model verdict. There is no ‘100% automation’ path by design.

Audit chain is load-bearing, not a feature

Every state change writes one immutable record self-mapped to control frameworks. Reconstructable from cold storage years later; designed for regulator, auditor, and CISO inspection.

Model-agnostic

Use the foundation-model provider the customer’s security team has already cleared — OpenAI, Anthropic, Azure OpenAI India, Vertex Mumbai, or others. Switching providers does not change the audit chain or escalation behaviour.

Cost-aware model routing

Within the approved provider’s family, the engine matches each task to a model tier by scored complexity — frontier models for hard, high-stakes, or audit-grade decisions; faster, cheaper models for routine cases. Routing is deterministic and its rationale is written to the audit chain. A minimum tier can be pinned for compliance-sensitive flows.

Engagements compound into the engine

Patterns from each engagement — entity types, policy decompositions, eval scenarios — are written back as reusable primitives. Customer N+1 starts further down the curve than Customer N did.

Next step

Want to see the engine running?

A 30-minute walkthrough on a 1:1 call: live agent run, the decision record it produces, the audit envelope it writes, the citations it surfaces. Architecture and code-level detail shared with design-partner customers under NDA.

Book an engine walkthrough