Skip to content
Candela
Candela — a candle with a neural-network flame

Candela — LLM Governance Platform

See everything. Enforce anything. Open-source governance for your AI infrastructure — trace every request, enforce budgets, control model access, and prove compliance.
Get Started View on GitHub

What You Get

Section titled “What You Get”

Policy Enforcement

Budget gates, rate limits, and model access controls enforced at the proxy layer in real time. Every policy violation logged to an immutable audit trail.

Cost Governance

Real-time cost calculation per request, per model, per tenant. Set per-user budgets, create time-bound grants, and get threshold alerts before spend is exceeded.

Full Observability

Every LLM request captured with OpenTelemetry — latency, TTFB, token counts, cache hits, and cost — all in a unified trace tree with W3C Trace Context propagation.

Drop-In Integration

Works with Google ADK, LangChain, Claude Code, Cursor, Zed, OpenCode — anything that talks to an LLM endpoint. Point base_url at Candela and you’re done.

Governance That Ships Today

Section titled “Governance That Ships Today”

Candela is not a roadmap — these enforcement controls are live in production:

Budget Enforcement

Per-user daily budgets with pre-flight gates. Requests that exceed limits get a 402 before they ever reach the LLM provider.

Rate Limiting

Per-user request throttling prevents runaway automation from draining budgets. Minute-window counters with configurable limits.

Immutable Audit Trail

Every request, every admin action, every policy decision — logged to BigQuery, DuckDB, or SQLite. Tamper-proof by design.

Tenant Isolation

Full multi-tenant attribution via X-Candela-Tenant-Id headers and W3C Baggage. Per-tenant cost tracking, leaderboards, and scoped views.

eBPF Enforcement

Kernel-level traffic interception via iptables redirect, Tetragon process enforcement, and Hubble observability. Zero SDK changes — every LLM request flows through the proxy, guaranteed.

Choose Your Component

Section titled “Choose Your Component”
candela Developer proxy + runtime manager. Run local & cloud models with built-in governance and observability.
candela-server Full backend with dashboard UI, BigQuery storage, budget enforcement, policy controls, and team RBAC.
candela-sidecar Lightweight < 5MB proxy for production containers. Pub/Sub + OTLP export with budget enforcement.
candela-desktop Desktop app for provider management, cost monitoring, and trace visualization.
Enrichment SDKs Lightweight SDKs for Python, TypeScript, Go, Kotlin, and Rust — propagate tenant and job metadata for governance attribution.