Skip to main content

Architecture: The Sovereign Governance Engine

ABS Core is not a proxy; it is a Governance Kernel. It sits between your Agent Runtime and the External World (APIs, Databases, Users).

The Flow of a Governed Transaction

  1. Intent Interception (The Magic Proxy)
    • The Agent constructs a request (e.g., POST /api/refund { amount: 500 }).
    • Instead of hitting the API directly, the request is routed to ABS Core via the Magic Proxy.
  2. Risk Assessment (Shannon Entropy + Semantic Analysis)
    • The CHI Engine (Capable Hash Identity) analyzes the payload.
    • It calculates the Shannon Entropy to detect obfuscated data (encrypted payloads, base64 tunnels).
    • It performs a semantic scan using a specialized small language model to understand the intent (“Is this a refund? Is this a deletion?”).
  3. The Sovereign Kernel (The Decision)
    • This is the heart of ABS Core. It loads the Policy Contract for that specific agent.
    • Policy Verification: Does the action violate any hard rules (e.g., “PII detected”, “Unauthorized prompt injection”)?
    • Risk Assessment: How much risk does this action pose to the organization?
    • Output: ALLOW or DENY.
  4. Execution and Auditing
    • ALLOW: The request is signed by the ABS Core Kernel and forwarded to the destination.
    • DENY: The request is dropped, and a 403 Forbidden is returned to the agent.
    • Enterprise (SLACH/BOND): For high-stakes deployments, agents can be tied to a financial bond. Violations trigger immediate slashing.
  5. Forensic Ledger (Merkle Tree)
    • The Input, The Decision, and The Outcome are hashed (SHA-256).
    • This hash is added to the Merkle Tree, linking it to the previous state.
    • This cryptographic proof is stored in D1 (Cloudflare’s SQL database) and is immutable.
The ABS Kernel is a high-performance governance runtime built on Rust and compiled to WebAssembly (WASM). It is designed to run at the edge with near-zero overhead.

The Sovereign Flow

Every interaction follows a synchronous, cryptographically verified path:
  1. Ingress: The request hits the Magic Proxy (Cloudflare Edge).
  2. Telemetry Injection: Request headers and payloads are extracted for entropy analysis.
  3. Kernel Execution: The WASM engine evaluates the Governed Policy against the active Security Rules.
  4. Verdict: The engine returns ALLOW, DENY, or SLASH.
  5. Receipt: If allowed, the request proceeds to the model provider; a signed Execution Receipt is logged to the Ledger.

Technical Stack

  • Kernel: Pure Rust (no-std compatible), WASM target.
  • Ledger: Hash-chained records stored in Cloudflare Durable Objects.
  • Database: Global metadata and RBAC stored in Cloudflare D1.
  • Compute: Distributed across 300+ edge locations via Cloudflare Workers.

Hardware Enforcement

For maximum security, the ABS Kernel can be deployed in AWS Nitro Enclaves or Apple Secure Enclave logic (TEE), ensuring that policy logic is protected even from the infrastructure owner.
[!TIP] This architecture ensures that even if an agent is hacked, its impact is capped by the hardware-enforced policy logic.

Security Model

ABS Core operates on a Zero Trust model for Agents. We assume every Agent is potentially compromised or hallucinating.
  • No Implicit Trust: Previous good behavior does not grant future permissions.
  • Least Privilege: Agents only get the budget they need for the current task.
  • Defense in Depth: Even if the Semantic Analyzer is fooled, the Entropy check and Hard Rules provide fallback layers.