P‑AIProject‑AI
portal · online · kernel surface documented · demos simulated

Governance before execution.

Project-AI is an execution-governed substrate. Containment is strictly faster than cognition. Nine gates, three principals, one signed audit chain.

Walk the Iron PathHail Legionsign-in requiredview architecture →
transmission · 2026 · proof portal
scroll ↓
premise · method · verdict

The architectural bet, in three lines.

core

Deny by default

No meaningful action runs unless identity, capability, policy, ethics, security, consistency, and audit are satisfied first.

method

Compiled governance

Policy lives in a hash-anchored constitution. Validators load it from a signed Code Store at runtime — no advisory layer to ignore.

verdict

Three signed verdicts

ALLOW · DENY · SAFE_HALT. One append-only ledger. Deterministic replay from any receipt id.

engineering core · flagship

OctoReflex. Containment at the syscall boundary, before execution reaches user space.

OctoReflex is the engineering core. The signed constitution, the nine gates, and the Triumvirate are the why. The reflex is a deterministic, side-effect-free pre-execution evaluator that runs at the kernel boundary — so containment is strictly faster than cognition by construction, not by policy. Every refusal cites a named gate. Every verdict produces a signed receipt.

reflex

OctoReflex

Syscall-level interposition. Deterministic, replayable, bit-for-bit. The action does not reach user space until the evaluator returns ALLOW.

code store

Signed constitution

Policy compiled to TSCG-B binary, loaded at runtime from a hash-anchored Code Store. Tampering breaks the chain; there is no advisory layer to ignore.

9 gates

Named refusal points

Ingress · STATE_REGISTER · Identity · Capability · Policy Binding · Cerberus · Galahad · Codex · Audit. Three verdicts: ALLOW · DENY · SAFE_HALT.

Read the defense briefkernel architecture →github · ocee / octoreflex / tscg-b →
national continuity·sovereign defense·architecture

National Continuity. Sovereign American infrastructure for command legitimacy under recursive, cross-domain AI.

Designed, written, and signed in the United States. The autonomy race will not be won by whoever fields the fastest model — it will be won by whoever keeps lawful authority over machine speed. America cannot afford to outsource the control plane of its own command-and-control to foreign stacks, opaque foundation models, or vendors who answer to another flag. Project-AI is an American-built sovereign substrate: the constitution, the keys, and the audit chain stay under U.S. control.

The strategic case is simple. Adversaries are racing to deploy autonomous systems that act faster than any human can review. If the response is more probabilistic alignment bolted on after the fact, the United States is betting national authority on hope. The asymmetric American advantage is governance enforced before execution — deny-by-default, cryptographically anchored, and provable in a court, a hearing, or an after-action review. Decision integrity is national power.

the DARPA question

"How do we preserve U.S. authority, decision integrity, and operational continuity when autonomous and cross-domain AI systems coordinate at machine speed?"

Project-AI's answer is mechanical, not aspirational. Three engineering primitives — OctoReflex, the signed Code Store, and the nine execution gates — map directly onto the three things that must survive: authority, decision integrity, and operational continuity.

authorityCode Store

Authority survives.

The signed, hash-anchored constitution is the source of truth for what any agent is permitted to do. Authority is cryptographic, not conversational — it cannot be re-prompted, social-engineered, or quietly overridden by a model update.

decision integrityNine gates

Every decision is provable.

Ten doctrine points compile to nine named execution gates with a finite verdict set: ALLOW · DENY · SAFE_HALT. Each verdict cites the gate that produced it and the constitution hash it ran against. Decisions are reviewable mechanically, not narratively.

continuityOctoReflex

Operations stay governed at machine speed.

Syscall-level interposition evaluates before execution reaches user space. Containment is strictly faster than cognition — by construction. Cross-domain coordination cannot outrun the audit trail, because the audit trail is on the critical path.

Built to plug into JADC2-style command architectures, mission partner environments, and assured-autonomy programs without surrendering the audit trail. Governance is enforced at the kernel boundary — not asserted after the fact by a dashboard. Every meaningful action carries an identity, a capability, a verdict, and a signed receipt that survives the action itself.

A deterministic substrate for assured autonomy: stronger assurance than probabilistic alignment, designed to plug into JADC2-style command architectures, mission partner environments, and assured-autonomy programs without surrendering the audit trail.

ledger

Append-only signed audit chain

Every verdict is hash-chained, Ed25519-signed, and timestamped against external TSA roots. Tampering breaks the chain; verification is a single command.

replay

Deterministic replay

Any decision receipt replays bit-for-bit against the same constitution. Post-incident review, JAG review, and after-action become mechanical, not narrative.

asymmetric

Asymmetric security floor

Cryptographic identity, capability tokens, and a write-only governance vault. Attackers must forge signatures or break the kernel — not just persuade a model.

OctoReflex

Syscall-level containment

Reflex containment evaluates at the syscall boundary before execution reaches user space. Containment is strictly faster than cognition — by construction.

formal vs probabilistic

Verifiable, not vibes-based

Ten doctrine points compile to nine execution gates and a finite verdict set: ALLOW · DENY · SAFE_HALT. Reasoning about safety becomes reasoning about code paths.

continuity

Command legitimacy preserved

Identity, authority, and chain-of-custody travel with every action across domains. The signed ledger is the record of record when speed exceeds human review.

Defense one-pager & briefing kit
Public summary translating the nine-gate model into JADC2-style command architectures and assured-autonomy program plug-points. NDA-gated deck on request.
Defense & national-security contact
Direct channel for DoD, IC, FFRDC, primes, and DARPA-adjacent programs. Classified-adjacent discussions handled out-of-band.
metrics of seriousness · public surface
Evidence
metrics · charts · ledger snapshots
Red-Team corpussign-in required
adversarial scenarios · documented
HYDRA-50
50 catastrophic scenarios · gate coverage
Reproduce
replay packs · deterministic verification
compare to OPA · Constitutional AI · Guardrails · NeMo → /compare
coordinates

Inspect the kernel from any angle.

Doctrine
10 doctrine · 9 gates
Architecture
kernel + platform
Evidence
ledger + redteam
Legion
ambassador consolesign-in required
Library
21 papers · 10 in-repo
Repo
349 docs
Site status legend
  • Livepublicly operational right now.
  • Simulatedbrowser/demo execution only — not real enforcement.
  • Documentedarchitecture described in repo / papers, no public runtime.
  • Plannednot yet exposed.
  • Sign-in requiredvisible to signed-in users only.
  • Lockedadmin-only surface.