{"id":49943408,"url":"https://github.com/szl-holdings/a11oy","last_synced_at":"2026-06-01T11:00:27.928Z","repository":{"id":354943906,"uuid":"1225834126","full_name":"szl-holdings/a11oy","owner":"szl-holdings","description":"Governed agentic execution fabric. Policy gates, signal mesh, proof ledger, and Λ invariant runtime.","archived":false,"fork":false,"pushed_at":"2026-05-28T07:17:30.000Z","size":4658,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-28T07:22:25.551Z","etag":null,"topics":["a11oy","agent-fabric","agentic-execution","ai-governance","governed-ai","policy-gates","proof-chain","series-a"],"latest_commit_sha":null,"homepage":"https://szlholdings.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/szl-holdings.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":"GOVERNANCE.md","roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":".zenodo.json","notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":["https://github.com/szl-holdings","mailto:stephen@szlholdings.com?subject=SZL%20Holdings%20%E2%80%94%20Inquiry"]}},"created_at":"2026-04-30T17:32:24.000Z","updated_at":"2026-05-28T07:17:33.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/szl-holdings/a11oy","commit_stats":null,"previous_names":["szl-holdings/a11oy"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/szl-holdings/a11oy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/szl-holdings%2Fa11oy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/szl-holdings%2Fa11oy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/szl-holdings%2Fa11oy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/szl-holdings%2Fa11oy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/szl-holdings","download_url":"https://codeload.github.com/szl-holdings/a11oy/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/szl-holdings%2Fa11oy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33771629,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-01T02:00:06.963Z","response_time":115,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["a11oy","agent-fabric","agentic-execution","ai-governance","governed-ai","policy-gates","proof-chain","series-a"],"created_at":"2026-05-17T12:46:59.513Z","updated_at":"2026-06-01T11:00:27.921Z","avatar_url":"https://github.com/szl-holdings.png","language":"TypeScript","funding_links":["https://github.com/szl-holdings","mailto:stephen@szlholdings.com?subject=SZL%20Holdings%20%E2%80%94%20Inquiry"],"categories":[],"sub_categories":[],"readme":"# a11oy — doctrine-bound agent orchestrator and substrate for SZL's receipt-bus\n\n\u003c!-- series-a-badges (Doctrine v11) --\u003e\n[![CodeQL](https://github.com/szl-holdings/a11oy/actions/workflows/codeql.yml/badge.svg?branch=main)](https://github.com/szl-holdings/a11oy/actions/workflows/codeql.yml)  \n[![Dependabot](https://img.shields.io/badge/Dependabot-enabled-025E8C?style=flat-square\u0026logo=dependabot\u0026logoColor=white)](https://github.com/szl-holdings/a11oy/security/dependabot)  \n[![SLSA](https://img.shields.io/badge/SLSA-L2_signed--provenance-22c55e?style=flat-square)](https://slsa.dev/spec/v1.0/levels)  \n[![HF Space](https://img.shields.io/badge/%F0%9F%A4%97-Space-blue?style=flat-square)](https://huggingface.co/spaces/SZLHOLDINGS/a11oy)\n\n\n[![CI](https://github.com/szl-holdings/a11oy/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/szl-holdings/a11oy/actions/workflows/ci.yml)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/szl-holdings/a11oy/badge)](https://securityscorecards.dev/viewer/?uri=github.com/szl-holdings/a11oy)\n[![License: Proprietary](https://img.shields.io/badge/License-SZL_Proprietary-0B1F3A.svg?style=flat-square)](./LICENSE)\n[![Doctrine v11](https://img.shields.io/badge/Doctrine-v11-3b82f6?style=flat-square)](https://github.com/szl-holdings/.github/blob/main/doctrine/DOCTRINE_V11.md)\n[![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.19944926.svg)](https://doi.org/10.5281/zenodo.19944926)\n[![ORCID](https://img.shields.io/badge/ORCID-0009--0001--0110--4173-A6CE39.svg?style=flat-square\u0026logo=orcid\u0026logoColor=white)](https://orcid.org/0009-0001-0110-4173)\n\n\u003e A doctrine-bound agent orchestrator on the Khipu Merkle DAG receipt substrate of agentic AI — proved in Lean 4, run sub-millisecond, packaged as a UDS-deployable bundle, and aligned with EU AI Act Article 12 + NIST AI RMF.\n\n---\n\n\n## Architecture\n\n```mermaid\nflowchart LR\n  REQ[Agent action]:::in --\u003e ROUTER[Mesh router]\n  ROUTER --\u003e GATES{Anchor gates\\nΛ-aggregator}\n  GATES --\u003e|ALLOW + proof| TOOL[Tool / effect]\n  GATES --\u003e|DENY| BLOCK[Blocked + receipt]\n  GATES --\u003e RCPT[DSSE receipt\\nPLACEHOLDER sig]\n  RCPT --\u003e DAG[(Khipu Merkle DAG)]\n  ROUTER -.Wire B.-\u003e SENTRA[sentra immune]\n  ROUTER -.Wire C.-\u003e ROSIE[rosie console]\n  LEAN[(lutar-lean Λ kernel\\n749/14/163)] -.anchors.-\u003e GATES\n  classDef in fill:#0B1F3A,color:#fff,stroke:#00D4FF;\n```\n\n\u003e Λ uniqueness is a **Conjecture**, not a closed theorem. Receipts ship with `PLACEHOLDER` signatures until Sigstore CI is wired (Doctrine v11).\n\n## 30-second pitch\n\n**What is this?** `a11oy` is the substrate that orchestrates every AI action in the SZL mesh. It enforces policy gates derived from formally proved Lean 4 theorems, routes signed receipts across the mesh, and ensures no decision reaches the world without cryptographic provenance. The mesh-router is wired to `/v1/inspect` (merged PR #176), and cooperative multi-agent termination is proved via the Lynch 1996 theorem wired to Lean theorem `TH_V18_15` in the `multi_agent_terminator`.\n\n**Why does it exist?** Every agent in the SZL mesh is an antenna. Every action emits a signed receipt the moment it happens. The substrate sees the live operational state of every AI in the system in real time, with cryptographic provenance, before any decision touches the world. `a11oy` is that substrate — the always-on, doctrine-bound orchestrator that makes \"governed AI\" a measurable runtime property, not a post-hoc audit claim.\n\n**Who is it for?** Defense Unicorns integration teams who need a UDS-deployable AI orchestration layer that satisfies NIST AI RMF govern/map/measure/manage; EU AI Act Article 12 audit-log compliance teams; and Series A diligence reviewers who need verifiable proof that governance is baked in, not bolted on.\n\n---\n\n## Architecture — a11oy at center\n\n```\n         ┌──────────────────────────────────────────────────────┐\n         │                    a11oy substrate                    │\n         │  L1 policy gates (45 policy gate modules)            │\n         │  L2 measurement fiber (Λ 9-axis, floor 0.90 conj.)  │\n         │  L3 knowledge-graph traversal                        │\n         │  L4 receipt-chain integrity verification             │\n         │  L5 proof ledger (DSSE-enveloped receipts)          │\n         │  L6 human confirmation gate                          │\n         │  Wire B → /v1/inspect (PR #176, merged)             │\n         │  Wire C → rosie /v1/events (merged)                │\n         │  multi_agent_terminator ← TH_V18_15 (Lynch 1996)    │\n         └──────────────────────────────────────────────────────┘\n              ▲                    ▲                    ▲\n    sentra (immune)        amaru (cortex)       rosie (console)\n    /v1/inspect             /receipts           approval-router\n    8-gate admission        OODA loop           mesh-health agg.\n              ▲                    ▲                    ▲\n         └──────────────────────────────────────────────────────┘\n                              vessels\n                    (cosign-signed UDS bundles)\n```\n\nOperational map: [`docs/ECOSYSTEM.md`](docs/ECOSYSTEM.md) · Provenance contract: [`docs/PROVENANCE.md`](docs/PROVENANCE.md)\n\n---\n\n## Quickstart\n\n```bash\n# Future-public image (pending Stephen's GHCR visibility task):\ndocker pull ghcr.io/szl-holdings/a11oy:latest\n\n# Local demo via UDS bundle:\n./demo.sh          # points at USB-bundle-equivalent local demo\n\n# Full stack:\nuds run start\n\n# Module only:\npnpm install\npnpm test          # policy-gate assertion suite\npnpm payload:verify\n```\n\n---\n\n## Receipt-bus integration — example receipt\n\n```json\n{\n  \"specversion\": \"1.0\",\n  \"type\": \"szl.receipt.policy_gate.v1\",\n  \"source\": \"a11oy/mesh-router\",\n  \"organ\": \"a11oy\",\n  \"gate\": \"anchor_formula_gate\",\n  \"decision\": \"ALLOW\",\n  \"agent_id\": \"urn:szl:agent:a11oy-coordinator-01\",\n  \"signed_by\": \"sigstore/keyless\",\n  \"lambda_axes\": {\n    \"computability\": 0.97,\n    \"moralGrounding\": 0.96,\n    \"ontologicalGrounding\": 0.94,\n    \"measurabilityHonesty\": 0.95,\n    \"convergence\": 0.93,\n    \"boundedness\": 0.92,\n    \"completeness\": 0.91,\n    \"consistency\": 0.93,\n    \"auditability\": 0.97\n  },\n  \"lean_theorem\": \"TH_V18_15\",\n  \"dsse_envelope\": \"eyJ...\",\n  \"timestamp\": \"2026-05-31T10:26:00Z\"\n}\n```\n\n---\n\n## Λ-9-axis governance\n\nThe Λ invariant is measured across 9 axes on every receipt. Floor is 0.90 conjunctive; `moralGrounding` and `measurabilityHonesty` require ≥ 0.95.\n\n| Axis | Floor | Description |\n|------|-------|-------------|\n| `computability` | 0.90 | Halting / resource bound |\n| `moralGrounding` | **0.95** | Value alignment to doctrine |\n| `ontologicalGrounding` | 0.90 | Entity reference integrity |\n| `measurabilityHonesty` | **0.95** | Calibrated uncertainty |\n| `convergence` | 0.90 | Loop termination proof |\n| `boundedness` | 0.90 | State-space containment |\n| `completeness` | 0.90 | Decision coverage |\n| `consistency` | 0.90 | Cross-receipt coherence |\n| `auditability` | 0.90 | Receipt chain reconstructibility |\n\n---\n\n## Verification one-liners\n\n```bash\n# Cosign keyless verify (vessels release carries the canonical signed bundle):\ncosign verify ghcr.io/szl-holdings/vessels:uds-v0.3.0 \\\n  --certificate-identity-regexp=\"github.com/szl-holdings\" \\\n  --certificate-oidc-issuer=\"https://token.actions.githubusercontent.com\"\n\n# SBOM verify:\ngh release download --repo szl-holdings/vessels uds-v0.3.0 --pattern \"*.spdx.json\"\nsyft attest --output spdx-json .\n\n# Lean kernel verify (lutar-lean reproducibility bundle):\n# 749 declarations / 15 raw axioms (14 unique, 1 duplicate) / 163 sorries @ f6def830aa\n# Reproducibility: .github/scripts/lean_numbers.py in szl-holdings/lutar-lean\ngit clone https://github.com/szl-holdings/lutar-lean \u0026\u0026 cd lutar-lean\nlake build\npython .github/scripts/lean_numbers.py\n```\n\n---\n\n## Verified numbers\n\nAll counts are grep-verifiable against `main`.\n\n| Metric | Value | Verify |\n|--------|-------|--------|\n| Policy gate modules | 45 | `ls packages/policy/src/gates/*_gate.ts \\| wc -l` |\n| Substrate packages | 12 | `ls packages/ \\| wc -l` |\n| Lean declarations (lutar-lean @ c7c0ba17) | **749** | `.github/scripts/lean_numbers.py` |\n| Lean axioms (lutar-lean) | **15 raw / 14 unique** | `grep -rE '^axiom ' lutar-lean/Lutar/ \\| wc -l` |\n| Lean sorries (lutar-lean) | **168** (117 baseline + 51 prior-audit-related) | `grep -rE '\\bsorry\\b' lutar-lean/Lutar/ \\| wc -l` |\n| Doctrine | v7 · 15 axioms (14 unique) | [DOCTRINE_V11.md](https://github.com/szl-holdings/.github/blob/main/doctrine/DOCTRINE_V11.md) |\n| SLSA | **L2** (signed provenance) | DSSE+Cosign signed Khipu receipts; pubkey [cosign.pub](https://github.com/szl-holdings/.github/blob/main/cosign.pub); verify `cosign verify-blob`. **L3 NOT claimed** (no hardened isolated CI yet). [slsa.dev](https://slsa.dev/spec/v1.0/levels) |\n\n\u003e Lean build: green via `lake build` on lutar-lean `main`. Reproducibility script: `.github/scripts/lean_numbers.py`.\n\n---\n\n## Related\n\n| Repo | Role |\n|------|------|\n| [szl-holdings/amaru](https://github.com/szl-holdings/amaru) | cognitive runtime for governed agent reasoning |\n| [szl-holdings/sentra](https://github.com/szl-holdings/sentra) | policy-gated admission/egress inspection |\n| [szl-holdings/rosie](https://github.com/szl-holdings/rosie) | human-in-the-loop operator surface |\n| [szl-holdings/vessels](https://github.com/szl-holdings/vessels) | cosign-signed UDS deployment bundles |\n| [szl-holdings/lutar-lean](https://github.com/szl-holdings/lutar-lean) | Lean 4 formal proofs (749 decls / 15 axioms) |\n| [szl-holdings/ouroboros-thesis](https://github.com/szl-holdings/ouroboros-thesis) | Ouroboros Substrate v18.0 — DOI 10.5281/zenodo.20434276 |\n| szl-holdings/platform/docs/a11oy/spec/hatun-doctrine-spec/ | Hatun Doctrine Specification (rename PR in flight via Squad B) |\n\n---\n\n## Citation\n\nSee [CITATION.cff](./CITATION.cff).\n\n```\nS. P. Lutar Jr., \"a11oy — doctrine-bound agent orchestrator and substrate for SZL's receipt-bus,\"\nSZL Holdings, DOI 10.5281/zenodo.19944926, 2026.\n```\n\nORCID: [0009-0001-0110-4173](https://orcid.org/0009-0001-0110-4173) · Concept DOI (always-latest): [10.5281/zenodo.19944926](https://doi.org/10.5281/zenodo.19944926)\n\n---\n\n## Trust + Security\n\nTrust Tier 1. Vulnerabilities: [security@szlholdings.com](mailto:security@szlholdings.com) — 90-day coordinated disclosure. See [SECURITY.md](./SECURITY.md).\n\n---\n\n## License + Contributing\n\n`LicenseRef-SZL-Proprietary` — SZL Holdings. Apache-2.0 re-licensing pending draft PR [#57](https://github.com/szl-holdings/a11oy/pull/57) (IP hold — do not merge until cleared). See [LICENSE](./LICENSE) and [CONTRIBUTING.md](./CONTRIBUTING.md).\n\n---\n\n## Hugging Face surfaces\n\n| Surface | Link |\n|---------|------|\n| Landing | [SZLHOLDINGS/a11oy-platform](https://huggingface.co/spaces/SZLHOLDINGS/a11oy-platform) |\n| Diligence mirror | [SZLHOLDINGS/a11oy-v19-substrate](https://huggingface.co/SZLHOLDINGS/a11oy-v19-substrate) |\n| Org | [huggingface.co/SZLHOLDINGS](https://huggingface.co/SZLHOLDINGS) |\n\nHugging Face is a mirror regenerated from tracked source — not the canonical release source.\n\n---\n\n## Warhacker 2026\n\nFeatured at Warhacker, June 16–19. The publicly verifiable signed deployment artifact is the `vessels` release [uds-v0.3.0](https://github.com/szl-holdings/vessels/releases/tag/uds-v0.3.0) (cosign keyless; `.sigstore.json` + `.sha256`).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fszl-holdings%2Fa11oy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fszl-holdings%2Fa11oy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fszl-holdings%2Fa11oy/lists"}