ChronoSentry PNT Guard

ChronoSentry PNT Guard is the first affordable, easy-to-deploy platform that continuously validates timing integrity across trading networks with nanosecond precision.

Comment

Inspiration - During a conversation with a friend who works in low-latency trading infrastructure, we learned something startling: a single compromised GPS signal or rogue NTP server can shift timestamps by microseconds — enough to cause millions in losses, regulatory fines, or even market manipulation. Existing network monitoring tools (SNMP, NetFlow, SIEM) operate at millisecond granularity and completely miss nanosecond-scale timing attacks. We realized there was no dedicated, affordable, easy-to-deploy product for continuously validating PNT (Positioning, Navigation, Timing) integrity across HFT networks. Every firm we spoke to had built fragile, in-house scripts or relied on periodic manual audits. We wanted to change that. ChronoSentry idea from: "What if every trading firm could detect a timing attack the moment it happens — not during next quarter's audit?"

What it does:ChronoSentry PNT Guard is a multi-tenant SaaS platform that protects high-frequency trading infrastructure from timing attacks and timestamp spoofing. It continuously monitors PTP, NTP, and GPS synchronization across your trading network and alerts you to anomalies in real time.

Real-Time Anomaly Detection: Detects PTP drift, GPS time jumps, out-of-order packet sequences, and latency spikes with nanosecond-scale precision Immutable Audit Trail: Every detected anomaly is logged with cryptographic integrity for regulatory compliance (SEC, FCA, MiFID II) Multi-Tenant Control Plane: Organizations, environments, and granular RBAC — built for hedge funds, exchanges, and auditors Zero-Impact Deployment: eBPF-based edge agents instrument the kernel without adding latency or requiring kernel modules Synthetic Simulation Mode: Runs realistic timing attack simulations without root privileges — perfect for demos, testing, and sales

How we built it:Two-plane architecture separating performance-critical edge observation from operational control:

ChronoSentry PNT Guard ├── Data Plane (Edge Agent Layer) │ ├── Rust-based Agent Daemon │ │ ├── eBPF Monitoring (XDP/TC, kprobes, tracepoints) │ │ ├── Local Detection Engine (drift, jump, burst anomaly) │ │ ├── Embedded libSQL Database (offline buffering) │ │ └── Control Plane Sync Client (mTLS, idempotent sync) │ └── Agent Management (auto-registration, heartbeats, rolling upgrades) └── Control Plane (SaaS / On-Prem) ├── Express API Server (REST + gRPC) ├── Central libSQL Database (multi-tenant, Turso-compatible) ├── React Dashboard (real-time, responsive, RBAC) ├── Policy Distribution Service ├── Alerting & Notification Service (webhooks, Slack, PagerDuty) ├── Analytics & Aggregation Workers └── Report Generation (PDF, CSV, compliance-ready)

Challenges we ran into - Nanosecond-Scale Data Representation,Multi-Tenant Schema Design,eBPF Development Complexity

Accomplishments that we're proud of:Complete End-to-End System

We built a fully functional, production-ready system — not a prototype. It has a real database, REST API, React dashboard, authentication, multi-tenancy, and role-based access control. Every page works end-to-end, including the admin console.

  1. Guest Mode & Accessibility We wanted anyone to experience ChronoSentry without creating an account. Our guest mode provides read-only access to the full dashboard with a single click, lowering the barrier to evaluation.

  2. Synthetic Simulation with Realistic Patterns Our simulator doesn't just generate random numbers. It models:

PTP Drift: Gradual clock skew with Gaussian noise GPS Jumps: Sudden, large offset changes (spoofing signature) Out-of-Order Sequences: Packet reordering with burst correlation Latency Spikes: Network congestion patterns with tail latency distributions

What we learned - eBPF is powerful but complex,TypeScript strict mode catches real bugs

What's next for ChronoSentry PNT Guard - Production Rust Agent: Replace the Node.js simulator with a real eBPF-based Rust agent using the aya framework

WebSocket Streaming: Push events to the dashboard in real time instead of 5-second polling Alert Notification Channels: Slack, PagerDuty, and webhook integrations for instant escalation Time-Range Filtering: Allow users to zoom into specific time windows on the dashboard

Built With

Share this project:

Updates