Runtime Governance for AI Agents

ABS Core: The Structural Interdiction Layer (SIL) delivering Non-Repudiation as a Service (NRaaS)

ABS Core (v4.5.0 — Intelligence Sovereignty & Privacy by Design) is the Sovereign WASM Kernel for autonomous AI systems. Engineered to satisfy Edital 2.2 & 5.3 institutional standards, it sits between your agent and every tool it wants to execute—intercepting, evaluating, and auditing every action inside an isolated evaluation cell before execution. Architecture Score: 10/10.

What's New in v4.3.3 Hardened

Architecture Score: 10/10 — Full modernization sprint completed 2026-05-17.

Security Hardening (15 fixes)

• IPC-HMAC (SI-003): HMAC-SHA256 with 60s replay protection on all inter-pillar HTTP calls. Constant-time comparison in Python and TypeScript. See IPC-HMAC Protocol.
• Ed25519 at rest: CORTEX signing key now encrypted with BestAvailableEncryption. OID FileSystemKeyProvider uses aes-256-cbc. Hard fail in production without password.
• CHI Fail-Closed (SI-004): CHI vaccination failure writes a CHI_VACCINATION_FAILURE ledger entry and blocks memorization — no silent fallback.
• Mythos Python Bridge (Gate 07): 42 adversarial patterns (9 MITRE ATT&CK categories) now evaluated in Python CORTEX world. Kill-switch patterns trigger DENY < 500ms. See Mythos Pattern Database.
• QUORUM/LEDGER constant-time auth: All API key comparisons use timingSafeEqual(). Hard fail (HTTP 503) in production when token not configured.
• 51 new tests across ledger, intuition, metabolism, IPC-HMAC, Mythos scorer, PII vaccination.

New Packages

• @abs-core/intelligence: Unified LLM+vector abstraction. Adapters: OpenAI (Azure/GitHub), Anthropic (with prompt caching), Ollama (local), Cloudflare Vectorize, pgvector, in-memory.
• @abs-core/feature-flags: KV-backed feature flags with per-tenant/per-agent overrides and percentage rollout. Zero external dependency.
• @abs-core/ipc-hmac: TypeScript + Python IPC-HMAC libraries with Hono middleware and FastAPI dependency.
• @abs-core/service-bindings: Cloudflare Service Bindings adapter — replaces IPC-HMAC with platform-native auth for Workers.
• @abs-core/policy-feedback: Policy learning loop — dissonances → LLM synthesis → human review → Mythos DB update.
• @abs-core/tsa-internal: Self-hosted RFC 3161 TSA — eliminates FreeTSA.org dependency for air-gapped deployments.

Privacy & Compliance

• Differential Privacy (LGPD Art.18 / GDPR Art.17): Laplace noise on similarity scores, k-anonymity validation, cryptographic erasure with zero-knowledge proof.
• Right-to-be-forgotten: cryptographic_erasure() preserves ledger chain integrity while removing personal data.

Developer Experience

• Root git repo with .gitignore covering all sensitive files.
• Changesets for coordinated multi-package releases.
• devcontainer.json with Docker Compose (pgvector, Redis). make dev starts all services.
• Makefile with 25+ targets: make test, make migrate, make deploy-all, make sbom.
• uv as Python package manager (10x faster than pip).
• Drizzle migrations for LEDGER/QUORUM. Alembic for CORTEX PostgreSQL.
• SBOM blocking in CI with Cosign keyless attestation.
• buf breaking detection for Protobuf contract changes.
• E2E pipeline testing all 11 gates in CI.
• Pact contract tests for gateway→LEDGER HTTP contract.
• OTLP configured for production (Grafana Tempo / Honeycomb / Datadog).
• Multi-language SDK generation from Protobuf (TypeScript, Python, Go).

CORTEX as Cloudflare Worker MCP

CORTEX now documented and deployed as a Cloudflare Worker MCP firewall. See CORTEX Worker Architecture.

Security Hardening Report

Full audit findings and fixes: Security Hardening v4.3.3.

Choose Your Track

Why Now: The Market Urgency

Enterprises are accelerating AI agent deployment without a governance layer. The EU AI Act (effective 2026), NIST AI RMF, and sector-specific regulations (LGPD, HIPAA, SOC2) are creating mandatory compliance requirements for autonomous AI operations. Companies that deploy agents without auditable enforcement face escalating regulatory and legal exposure.

ABS Core is the infrastructure layer that makes agent deployment defensible—turning compliance from a blocker into an accelerator.

Delivery Model: ABS Core operates as Non-Repudiation as a Service (NRaaS) — governance infrastructure with native cryptographic proof, designed for institutional compliance.

Business Value: What ABS Core Delivers

For the Business

• Reduces operational risk: Prevents unauthorized agent actions before they execute—not after the damage is done.
• Accelerates compliance: Cryptographic audit trails satisfy SOC2, HIPAA, LGPD, and EU AI Act requirements out of the box.
• Creates auditable trust: Every agent decision is signed, hashed, and chained—ready for regulators, auditors, or board review.
• Eliminates vendor lock-in: Self-hosted on your infrastructure. Air-gapped compatible. Your data never leaves your network.

Technical Architecture: The Octagon

The system follows the Octagon design pattern, enforcing security through 8 specific cryptographic gates.

Total Latency: The full governance loop (including interdiction and ledger sealing) adds 23ms median.

Sovereign Compliance: Regulatory Matrix

To satisfy institutional due diligence (Edital 2.2 & 5.3), the ABS Core maps its gates directly to global and regional governance frameworks.

Compliance Coverage: • Global: EU AI Act (Art. 10-15), NIST AI RMF, FIPS 140-3 • Brazil: Edital 2.2 & 5.3, PBIA 2024-2028, BNDES/FINEP Sector 6, LGPD • Institutional: SOC2 Type II, HIPAA, PCI-DSS ready

Technical Specification: SI-001 (Sovereign Invariant)

The core principle of the system is the Sovereign Invariant (SI-001):

"No autonomous action shall reside outside the cryptographic audit trail. An action without a signed SAR (Sovereign Audit Record) is technically impossible within the interdiction layer."

Invariant Properties:

1. Ledger-First: The hash of the intent MUST be written to the local ledger before the WASM engine releases the execution gate.
2. Deterministic Context: The evaluation context is isolated in a sterile WASM cell, ensuring that $f(intent, policy)$ is identical across all air-gapped nodes.
3. Non-Repudiation: Every decision is signed by the OID Ed25519 key, binding the action to the specific autonomous identity.

Quick Start: CLI Governance

Use the CLI to audit your local agents and verify sovereign compliance.

Free Security Scan (No Installation)

npx @oconnector/mcp-gateway init

Deployment Readiness: Production Hardening

To maintain absolute audit integrity, we disclose the status of our virtualization layers:

Sandbox Architectures (v4.3.3):

• Docker Sandbox: Operational — Container isolation with strict memory/CPU limits. [OPERATIONAL]
• Firecracker VMM: Operational — Micro-VM isolation for high-stakes execution. [OPERATIONAL]
• eBPF Interdiction: Kernel-level syscall interception. [ROADMAP] (Target: Q1 2027)

Ready to Deep Dive?

Architecture Deep Dive | Performance Benchmarks | Production Case Study | API Reference