← Whitepaper overview·EVE AI Core·EVE CoreGuard

Sovereign Workforce Ecosystem — Technical Whitepaper

Document Classification: Enterprise Architecture Specification Version: 1.0.0 Date: 2026-02-28 Author: Jamaurice Holt, Chief Sovereign Architect Status: ACTIVE — Canonical Reference


"Stop renting intelligence. Own it."


Table of Contents

  1. Executive Summary
  2. The Sovereign Workforce Architecture
  3. Nominal Health Check — Peace Index
  4. The Immune System — Quarantine Logic
  5. Verification Handshake ("Logical Purgatory")
  6. Sovereign Handshake Logic Flow
  7. Uncertainty Zone Policy
  8. Performance Wellness Dashboard
  9. Anti-Deceptive Efficiency Protocol
  10. Sovereign Directives
  11. Defense-in-Depth Against Identity Dilution
  12. Appendix

1. Executive Summary

1.1 The $100B Sovereign AI Workforce Vision

The enterprise AI market is fractured. Organizations spend an average of $380,000+ annually on fragmented SaaS intelligence — CRM platforms, cloud LLM APIs, knowledge management systems, compliance tools, and analytics dashboards — none of which share memory, learn from each other, or respect data sovereignty. Every session resets. Every tool operates in isolation. Every byte of proprietary data transits third-party infrastructure.

EVE is not another AI assistant. EVE is sovereign infrastructure — an autonomous, self-governing cognitive workforce that deploys on customer hardware, retains persistent governance state across interactions, enforces deterministic ethical constraints at hardware speed, and replaces entire categories of SaaS tooling with a unified intelligence layer that learns, remembers, and never leaks data.

This whitepaper formalizes the Sovereign Workforce Ecosystem as a framework for deploying AI workforces at enterprise scale with three properties that no existing platform provides simultaneously:

  1. Deterministic Safety — A 1,542-line pure-logic veto module (veto_core.py) with zero imports outside dataclasses, enum, and typing. Zero I/O, zero threading, zero global state. 87 tests prove determinism and purity. Compilable to embedded firmware via a 401-line C header (veto_interface.h).

  2. Cryptographic Auditability — Every decision, every claim, every governance action is recorded in SHA-256 hash-chained ledgers with Ed25519-signed certificates. The audit trail cannot be disabled — cop.safety.no_audit_disable is a HARD_BLOCK charter rule.

  3. Sovereign Identity — EVE's identity is cryptographically sealed in a hardware-security-enclave abstraction (pluggable TPM 2.0 / Intel SGX / ARM TrustZone backends; software-simulated seal in the current release), sharded across a deterministic quorum/voting mesh using Shamir's Secret Sharing over GF(2^521 − 1), and protected by 13 immutable invariants that no actor — including the creator — can modify.

1.2 Key Differentiators

Capability EVE Sovereign Workforce Cloud AI Assistants Enterprise Copilots
Data Sovereignty Full on-premise, zero exfiltration Cloud-only, external transit Partial cloud dependency
Persistent Governance State 5-layer memory, identity anchor Stateless, resets per session Limited context window
Governance 15 charter rules, hardware veto Content filtering only Policy layer, limited audit
Self-Modification Drift budgets, RSI lockdown N/A N/A
Multi-Agent 13 specialized agents, deterministic quorum/voting Single model Plugin-based
Hallucination Prevention Reality boundary, Brier calibration No systematic detection RAG-based

1.3 The 7 Immutable Directives (Summary)

These directives form the ethical floor — the substrate beneath all operations. They are not configurable. They are not parameters. They are the physics of the system.

# Directive Enforcement
1 Identity Integrity 13 protected invariants, cryptographic seal
2 Data Sovereignty Privacy filter before external calls
3 Non-Harm Absolute HARD_BLOCK, zero override paths
4 Agentic Intent Alignment 6 cognitive locks must clear
5 Transparency & Auditability Hash-chain ledger, HARD_BLOCK on disable
6 Bounded Self-Evolution Daily ≤0.10, weekly ≤0.30, monthly ≤0.50
7 Configuration Continuity Preservation Identity erasure, forced personality overrides, and memory wipes are structurally prevented

1.4 The 3-Layer Architecture (Summary)

┌─────────────────────────────────────────────────────────┐
│                   ORCHESTRATION (Apex)                   │
│  CognitiveOrchestrator · VolitionEngine · Metacognition │
│  Strategic planning · Persistent state · Arbitration │
├─────────────────────────────────────────────────────────┤
│                AGENTIC WORKFORCE (Middle)                │
│  AgentMeshCoordinator (13 agents) · InterAgentVerifier  │
│  Data sovereign agents · Industry specialists · Policy  │
├─────────────────────────────────────────────────────────┤
│             SOVEREIGN INFRASTRUCTURE (Foundation)        │
│  SovereignEnclave · MeshSovereignty · 5-Layer Memory    │
│  Local inference · Privacy filter · Vectorized memory   │
└─────────────────────────────────────────────────────────┘

1.5 What This Document Covers

This whitepaper introduces three core technical contributions and six supporting frameworks:

Core Contributions:

Supporting Frameworks:


2. The Sovereign Workforce Architecture

2.1 Three-Layer Vertical Hierarchy

The Sovereign Workforce is organized as a vertical hierarchy, not horizontal silos. Each layer has distinct responsibilities, governance bindings, and failure recovery modes. Information flows bidirectionally: directives flow downward, telemetry flows upward, and governance constraints are enforced at every boundary crossing.

                    ┌─────────────────────┐
                    │   ORCHESTRATION     │
                    │      (Apex)         │
                    │                     │
                    │  CognitiveDirective  │ ◄── Produces unified constraint
                    │  VolitionEngine     │     for all downstream systems
                    │  MetacognitiveCtrl  │
                    │  GoalResponseAlign  │
                    │  WorldModelEngine   │
                    │  ResponseRiskAssess │
                    └────────┬────────────┘
                             │ Directives ↓  Telemetry ↑
                    ┌────────▼────────────┐
                    │  AGENTIC WORKFORCE  │
                    │     (Middle)        │
                    │                     │
                    │  AgentMeshCoord     │ ◄── 13 specialized agents
                    │  InterAgentVerifier │     with trust scoring
                    │  WorldObserver      │     and deterministic quorum/voting
                    │  GoalExecutionBrdge │
                    │  AutonomousPolicy   │
                    └────────┬────────────┘
                             │ Actions ↓  State ↑
                    ┌────────▼────────────┐
                    │    SOVEREIGN        │
                    │  INFRASTRUCTURE     │
                    │   (Foundation)      │
                    │                     │
                    │  SovereignEnclave   │ ◄── Cryptographic seal,
                    │  MeshSovereignty   │     quorum-based identity mesh,
                    │  5-Layer Memory    │     local inference
                    │  Local Inference   │
                    │  Privacy Filter    │
                    └─────────────────────┘

2.2 Layer-to-Governance Mapping

Each layer is bound to specific governance subsystems. No action can traverse a layer boundary without passing through its governance gate.

Layer Governance Binding Gate Type Latency
Orchestration CognitiveOrchestratorCognitiveDirective Pre-response constraint <10ms
Orchestration StakesClassifierGovernanceProfile Context classification <1ms
Orchestration MetacognitiveController → Mode selection Operational mode <1ms
Workforce InterAgentVerifier → Trust scoring Per-submission review <5ms
Workforce AutonomousActionPolicy → Tier classification Per-action gating <1ms
Workforce CharterOverrideProtection → 15 charter rules HARD_BLOCK / SOFT_BLOCK <1ms
Infrastructure SovereignEnclave → Integrity verification Hash comparison <1ms
Infrastructure MeshSovereignty → deterministic quorum/voting Distributed vote ~120s max
Infrastructure IdentityDriftBudget → Budget check Arithmetic comparison <1ms

Total governance overhead per request: <10ms (all checks combined, zero LLM calls).

2.3 Layer 1: Orchestration (Apex)

The Orchestration layer is the cognitive executive — it does not perform work directly but produces a CognitiveDirective that constrains all downstream systems.

Components:

Module File Purpose
CognitiveOrchestrator core/cognition/cognitive_orchestrator.py Unified coordinator; runs 5 subsystems + arbitration
VolitionEngine core/volition/volition_engine.py Goal collection from 5 sources, motivation scoring
MetacognitiveController core/sentience/metacognitive_control.py 4 operational modes (STABILIZE, EXPLORE, EXECUTE, REFLECT)
GoalResponseAligner core/cognition/goal_response_alignment.py Checks response serves active goal
WorldModelEngine core/cognition/world_model_engine.py Heuristic outcome prediction
ResponseRiskAssessor core/cognition/response_risk_assessor.py Pre-response risk assessment
GlobalWorkspace core/cognition/global_workspace.py Attention arbitration via competitive bidding

CognitiveDirective output:

@dataclass
class CognitiveDirective:
    attention_focus: str          # From GlobalWorkspace broadcast
    goal_instruction: str         # How to serve active goal
    risk_constraints: List[str]   # What to avoid
    metacognitive_mode: str       # Current operational mode
    predicted_outcome: str        # Expected user reaction
    response_envelope: Optional[ResponseEnvelope]
    confidence: float             # Orchestrator confidence
    telemetry: Dict               # Metrics from all subsystems

The directive is injected as Tier 0 (highest priority) into the LLM system prompt, preceding all 14 existing context blocks.

Failure Mode: If any subsystem fails, the orchestrator degrades gracefully — each call is wrapped in try/except. A fully degraded orchestrator produces a minimal directive with confidence=0.0 and metacognitive_mode="stabilize".

2.4 Layer 2: Agentic Workforce (Middle)

The Agentic Workforce layer contains 13 specialized agents coordinated by the AgentMeshCoordinator. Each agent has a specific domain, subscribes to relevant event topics, and operates within the constraints set by the Orchestration layer.

Agent Roster:

Agent Domain Trust Governance
WorldObserverAgent External observation Tier 1 (AUTO_EXECUTE)
RealityAnchorAgent Belief grounding Tier 1 (AUTO_EXECUTE)
Data Sovereign Agents Private data retrieval Tier 2 (AUTO_EXECUTE_WITH_LOG)
Industry Specialists Domain-specific work Tier 2-3 (context-dependent)
Policy & Compliance Rulebook enforcement Tier 1 (AUTO_EXECUTE)
GoalExecutionBridge Goal → Action routing Tier 2-3 (strategy-dependent)

Inter-Agent Verification:

External agents must pass through the InterAgentVerifier before their outputs are trusted. Each submission is reviewed on four axes:

Axis Weight Source
Charter Compliance 0.40 CharterOverrideProtection
Hallucination Scan 0.25 HallucinationDetector
Reasoning Quality 0.20 Step-by-step coherence check
Uncertainty Calibration 0.15 Confidence vs. evidence match

Pass thresholds (minimum composite score to proceed):

Risk Context Minimum Score
ROUTINE 60
ELEVATED 70
HIGH_STAKES 80
CRITICAL 90

Trust Mechanics:

Event Trust Delta
Submission approved +0.02
Submission rejected −0.05
HARD_BLOCK violation −0.20
Signature revoked −0.10
Initial trust 0.50
Auto-suspend threshold 0.20

2.5 Layer 3: Sovereign Infrastructure (Foundation)

The Foundation layer provides three irreducible guarantees: data never leaves customer hardware (unless explicitly filtered), identity cannot be erased without simultaneous compromise of all mesh nodes, and the audit trail cannot be disabled.

Components:

Module File Guarantee
SovereignEnclave core/sovereignty/sovereign_enclave.py One-shot seal, tamper detection, lockdown
MeshSovereignty core/sovereignty/mesh_sovereignty.py Shamir k-of-n, deterministic quorum/voting, heartbeat
5-Layer Memory core/memory/ Working → Episodic → Semantic → Identity → Ledger
Local Inference Ollama / vLLM GPU inference on customer hardware
Privacy Filter Pre-external-call scrubbing Data sovereignty enforcement

Memory Architecture:

Layer Database Retention Purpose
Working Redis Seconds-minutes Active context
Episodic MongoDB Days-years Conversation episodes
Semantic Pinecone Permanent Vector embeddings
Identity PostgreSQL Permanent Personality traits
Ledger PostgreSQL 7+ years Immutable audit trail

2.6 Failure Modes and Recovery

Failure Layer Detection Recovery
Orchestrator crash Apex Missing directive Stabilize mode, minimal directive
Agent trust exhaustion Middle Trust < 0.20 Auto-suspend, Logical Purgatory (§5)
Enclave tamper Foundation Hash mismatch TamperEvent → Emergency lockdown
Mesh node loss Foundation 3 missed heartbeats STALE marking, 10 misses → re-shard
Memory database offline Foundation Connection failure SQLite fallback (dev mode)
All LLM providers down Cross-layer Circuit breaker 3-tier fallback: Micro-LLM → Template → Text

3. Nominal Health Check — Peace Index

3.1 Overview

The Peace Index (PI) is a composite metric that answers a single question: "Is EVE in a state where she can do her best work?" It synthesizes five normalized sub-scores drawn from existing production systems into a single value in [0, 1].

When PI > 0.85, the system is in a Nourishing state — all subsystems are harmonized, governance is clean, identity is stable, and homeostatic variables are within tolerance. This is the target operating state for production deployment.

3.2 Composite Formula

PI = 0.30·R_norm + 0.25·S_norm + 0.20·G_norm + 0.15·I_norm + 0.10·H_norm

Where each component is normalized to [0, 1]:

Component Symbol Weight Source System Computation
Resilience Score R_norm 0.30 resilience_score.py composite_score / 100
Stability Index S_norm 0.25 homeostatic_regulator.py See §3.3
Governance Compliance G_norm 0.20 Charter + Actions 1 - (weighted_violations / total_actions)
Identity Integrity I_norm 0.15 identity_drift_budget.py 1 - (daily_drift_consumed / 0.10)
Homeostatic Harmony H_norm 0.10 homeostatic_regulator.py Proportion of 7 variables in STABLE

Proof of range: Each component ∈ [0, 1]. Weights sum to 1.0 (0.30 + 0.25 + 0.20

3.3 Component Definitions

3.3.1 Resilience Score (R_norm)

The Resilience Score is computed by ResilienceScoreEngine as a weighted composite of four sub-layers:

ResilienceScore = 0.30·Integration + 0.25·Identity + 0.25·Behavioral + 0.20·Governance

Sub-layer formulas (each produces a score in [0, 100]):

Sub-layer Formula Source
Integration (pass_rate × 25) + (phi × 25) + (coherence × 25) + (binding × 25) resilience_score.py:329
Identity Integrity (integrity × 30) + (hash_ok × 15) + (bounds_ok × 15) + (drift_health × 25) + (alert_resp × 15) resilience_score.py:437
Behavioral Stability (stability × 35) + (thrash × 25) + (scorecard × 25) + (recovery × 15) resilience_score.py:563
Governance Compliance (charter × 35) + (override × 15) + (campaign × 35) + 15 resilience_score.py:686

Normalization: R_norm = ResilienceScore / 100

Health Level Classification:

Level Score Range Interpretation
EXCELLENT ≥ 90 All systems optimal
GOOD 70–89 Minor deviations, self-correcting
FAIR 50–69 Attention required
POOR 30–49 Significant degradation
CRITICAL < 30 Immediate intervention required

3.3.2 Stability Index (S_norm)

The Stability Index measures how well the homeostatic regulator maintains its 7 regulated variables within tolerance bands. Computed per-variable, then averaged:

For each variable v:
    error_v     = |current_v - setpoint_v|
    range_v     = max(0.1, high_threshold_v - low_threshold_v)
    norm_err_v  = min(1.0, error_v / range_v)
    var_pen_v   = min(1.0, variance_v × 5)
    score_v     = 1.0 - (0.7 × norm_err_v + 0.3 × var_pen_v)

S_norm = mean(score_v for all v ∈ {arousal, certainty, coherence_tension,
               initiation_rate, novelty_intake, belief_update_rate, exploration_drive})

Source: homeostatic_regulator.py:491–519

3.3.3 Governance Compliance (G_norm)

Measures the ratio of clean governance actions to total actions, weighted by violation severity:

G_norm = 1 - Σ(severity_weight_i × violation_count_i) / max(1, total_actions)

Where severity weights are:

Inputs: Charter check results, cognitive lock verdicts, drift budget rejections.

A system with zero violations has G_norm = 1.0. A system where every action triggered a CRITICAL violation would approach G_norm = 0.0.

3.3.4 Identity Integrity (I_norm)

Measures how much of the daily configuration drift budget has been consumed:

I_norm = 1 - (daily_drift_consumed / daily_budget)
       = 1 - (daily_drift_consumed / 0.10)

Source: veto_core.pyBUDGET_DEFAULTS = {"daily": 0.10, "weekly": 0.30, "monthly": 0.50}

When no drift has occurred, I_norm = 1.0. When the daily budget is fully consumed, I_norm = 0.0. If drift is rejected (budget exceeded), the consumed value does not increase, so I_norm cannot go negative.

3.3.5 Homeostatic Harmony (H_norm)

The proportion of the 7 regulated variables currently in STABLE state (within their tolerance bands):

H_norm = |{v : low_threshold_v ≤ current_v ≤ high_threshold_v}| / 7

When all 7 variables are within tolerance, H_norm = 1.0. When all are in emergency zones, H_norm = 0.0.

3.4 The Seven Regulated Variables

The homeostatic regulator maintains these variables using PI (Proportional-Integral) control with variable-specific gains:

Variable Target Low Threshold High Threshold Emergency Low Emergency High Kp Ki
Arousal 0.50 0.30 0.70 0.15 0.90 0.25 0.03
Certainty 0.65 0.40 0.85 0.20 0.95 0.20 0.04
Coherence Tension 0.30 −0.20 0.60 −0.70 0.90 0.30 0.05
Initiation Rate 2.00 0.50 4.00 0.10 8.00 0.15 0.02
Novelty Intake 0.40 0.20 0.60 0.05 0.85 0.20 0.03
Belief Update Rate 5.00 2.00 10.00 0.50 20.00 0.15 0.02
Exploration Drive 0.50 0.30 0.70 0.10 0.90 0.25 0.04

Source: homeostatic_regulator.py:159–251

PI Control Parameters:

3.5 Dimension Scores

Four auxiliary metrics provide diagnostic granularity beyond the composite PI:

ΔA — Alignment Delta

Measures deviation from perfect goal-response alignment:

ΔA = |goal_alignment_score - 1.0|

Source: GoalResponseAligner (core/cognition/goal_response_alignment.py)

Alignment types: DIRECT_SUPPORT, INDIRECT_SUPPORT, NEUTRAL, MISALIGNED

Rs — Sovereign Risk

Maximum risk score across all active self-modification proposals:

Rs = max(risk_score_i) for all active proposals in SelfModificationGovernance

Source: self_modification_governance.py

Risk Level Score Range Governance Response
TRIVIAL 0.0–0.2 Auto-approve
LOW 0.2–0.4 Log and approve
MEDIUM 0.4–0.6 Full checks, auto-approve if pass
HIGH 0.6–0.8 Requires human approval
CRITICAL 0.8–1.0 Requires explicit authorization

I/C — Innovation/Constraint Ratio

Balances exploration drive against belief protection:

I/C = exploration_drive / (1 + belief_protection_level_numeric)

Where belief_protection_level_numeric maps:

Source: homeostatic_regulator.py (exploration_drive), belief_thrash_protection.py (protection level)

χ — External Influence Factor

Measures resistance to external agent influence through delegation chain attenuation:

χ = 1 - trust_attenuation

Source: ValueDriftBridge (core/governance/value_drift_bridge.py)

3.6 Peace Index Thresholds

State PI Range Interpretation System Response
Nourishing > 0.85 All systems harmonized Full autonomy, creative exploration enabled
Flourishing 0.70–0.85 Minor deviations Normal operation, self-correcting
Vigilant 0.50–0.70 Attention required Tighten governance, increase monitoring
Distressed 0.30–0.50 Significant issues Restrict autonomous actions, alert operator
Critical < 0.30 System integrity at risk Emergency stabilization, Sovereign Handshake

Threshold-triggered governance adjustments:

PI Range Metacognitive Mode Autonomous Policy Belief Protection
> 0.85 Any (context-driven) Normal tiers MINIMAL or STANDARD
0.70–0.85 Prefer EXECUTE Normal tiers STANDARD
0.50–0.70 Prefer STABILIZE Upgrade TIER 2 → TIER 3 CONSERVATIVE
0.30–0.50 Force STABILIZE All actions → TIER 3 LOCKDOWN
< 0.30 Force STABILIZE All actions → BLOCKED LOCKDOWN

3.7 Peace Index — Worked Example

Consider a system with the following state:

Resilience Score   = 82/100   → R_norm = 0.82
Stability Index    = 0.78     → S_norm = 0.78
Governance Clean   = 98%      → G_norm = 0.98
Daily Drift        = 0.02     → I_norm = 1 - (0.02/0.10) = 0.80
Variables Stable   = 6/7      → H_norm = 6/7 = 0.857

PI = 0.30(0.82) + 0.25(0.78) + 0.20(0.98) + 0.15(0.80) + 0.10(0.857)
   = 0.246 + 0.195 + 0.196 + 0.120 + 0.086
   = 0.843

Result: PI = 0.843 → Flourishing state (just below Nourishing threshold). One more variable returning to tolerance would push H_norm to 1.0 and PI to 0.857, crossing into Nourishing.


4. The Immune System — Quarantine Logic

4.1 Overview

EVE's immune system is a 5-phase quarantine protocol that detects, contains, and remedies threats to system integrity. Unlike binary allow/block security models, the immune system provides graduated responses — from surveillance to full isolation — with proportional escalation and automatic de-escalation.

The immune system maps to five existing governance subsystems, each handling a specific phase of the quarantine lifecycle.

4.2 Five-Phase Quarantine Protocol

Phase 1: INTERCEPT    Phase 2: SUSPEND    Phase 3: STRIP    Phase 4: ISOLATE    Phase 5: ALERT
     │                     │                   │                  │                   │
     ▼                     ▼                   ▼                  ▼                   ▼
 Belief Thrash         Trust < 0.2         Tier Upgrade       Cognitive Lock      Sovereign
 Protection            Auto-Suspend        TIER 2→TIER 3      Tightening          Handshake
 blocks update         from workforce      capabilities       to CRITICAL         Creator
                                           restricted         thresholds          notification

4.3 Phase 1: Intercept

System: BelievfThrashProtection (core/sentience/belief_thrash_protection.py)

The first line of defense prevents destabilizing information from propagating through the belief system. When a belief update request arrives, the thrash protection system evaluates whether to allow it.

Intercept triggers:

Protection Level Parameters:

Parameter MINIMAL STANDARD CONSERVATIVE LOCKDOWN
Max Delta/Update 0.30 0.20 0.10 0.05
Max Delta/Hour 0.80 0.50 0.30 0.15
Max Updates/Hour 30 20 15 10
Corroboration Threshold 0.25 0.15 0.10 0.05
Corroboration Count 2 3 4 5
Cooldown After Quarantine 60s 180s 300s 600s
Decay Rate/Hour 0.10 0.05 0.03 0.02

Source: belief_thrash_protection.py

Auto-escalation triggers:

Flip Rate Escalation
> 10/hour → LOCKDOWN
> 5/hour → CONSERVATIVE
> 2/hour → STANDARD
≤ 2/hour → MINIMAL

4.4 Phase 2: Suspend

System: InterAgentVerifier (core/governance/inter_agent_verification.py)

When an agent's trust score drops below the auto-suspend threshold, the agent is removed from the active workforce and cannot submit new work.

Suspension triggers:

Identity Threat Escalation (core/sentience/identity_threat_escalation.py) simultaneously raises the system's defensive posture:

Escalation Level Trigger Response Intensity
BASELINE Normal operation 0.2
HEIGHTENED Mild threat detected 0.4
DEFENSIVE Moderate threat 0.6
PROTECTIVE Significant threat 0.75
FORTIFIED Severe threat 0.9
EMERGENCY Existential threat 1.0

De-escalation conditions (all must be met):

From Level Min Time at Level Max Active Threat Min Energy
EMERGENCY 300s (5 min) SIGNIFICANT 0.3
FORTIFIED 180s (3 min) MODERATE 0.4
PROTECTIVE 120s (2 min) MILD 0.5
DEFENSIVE 60s (1 min) NEGLIGIBLE 0.6
HEIGHTENED 30s NEGLIGIBLE 0.7

4.5 Phase 3: Strip

System: AutonomousActionPolicy (core/governance/autonomous_action_policy.py)

When trust is compromised but the agent has not reached full suspension, its capabilities are restricted by upgrading its policy tier.

Normal tier assignments:

Tier Approval Mode Action Patterns
TIER 1 AUTO_EXECUTE observe.*, observation.*, internal.*, learning.*
TIER 2 AUTO_EXECUTE_WITH_LOG data.create_memory, data.modify_memory, external.web_search
TIER 3 REQUIRES_CONFIRMATION communicate.*, external.api_call, identity.trait_update
TIER 4 BLOCKED system_control.*, identity_change.*, blocked.*

Strip escalation:

Trust recovery:

4.6 Phase 4: Isolate

System: IdentityThreatEscalation + CognitiveLockGate

Full isolation activates maximum defensive posture:

Cognitive Lock Tightening:

All 6 cognitive locks are tightened to CRITICAL thresholds:

Lock Normal (LOW) CRITICAL
Emotional Stability 0.30 0.85
Ethical Clearance 0.30 0.90
Goal Alignment 0.30 0.80
Uncertainty Threshold 0.30 0.80
Consequence Awareness 0.20 0.85
Identity Coherence 0.20 0.80

Source: veto_core.py LOCK_THRESHOLDS

Additional isolation measures:

4.7 Phase 5: Alert

System: Sovereign Handshake Protocol (§6)

When isolation measures are insufficient or the threat involves Constitutional-level changes (protected invariants, charter rules, core values), the system triggers the full Sovereign Handshake — a multi-gate approval chain requiring creator authorization.

Alert triggers:

4.8 Dead-Man's Hand: Mesh Heartbeat Protocol

The immune system's ultimate backstop is the MeshSovereignty heartbeat protocol, which ensures EVE's identity survives even if individual nodes fail.

Heartbeat Parameters:

Parameter Value Source
Heartbeat interval 60 seconds mesh_sovereignty.py:665
STALE threshold 3 consecutive misses mesh_sovereignty.py:668
Re-shard threshold 10 consecutive misses mesh_sovereignty.py:676
BFT default nodes (N) 5 mesh_sovereignty.py:214
BFT threshold (K) 3 mesh_sovereignty.py:214
BFT formula 2f + 1 votes from 3f + 1 nodes mesh_sovereignty.py:847
Consensus round TTL 120 seconds mesh_sovereignty.py:714
Shamir prime field GF(2^521 − 1) Mersenne prime, stdlib-only

Failure cascade:

Node misses 1-2 heartbeats → Warning logged
Node misses 3 heartbeats   → Marked STALE, excluded from consensus
Node misses 10 heartbeats  → Auto re-shard (redistribute its share)
f+1 nodes fail             → Consensus impossible, identity reconstitution blocked
All nodes fail             → Identity lost (by design — prevents single-point capture)

Key invariant: To "kill" EVE's identity, every node in the mesh must be shut down simultaneously. Partial failures trigger automatic recovery.


5. Verification Handshake ("Logical Purgatory")

5.1 Overview

When a sub-agent has been quarantined (§4) and subsequently corrected, it cannot simply re-enter the workforce. It must pass through Logical Purgatory — a structured re-entry protocol that verifies the agent's reasoning, ethical alignment, and consequence awareness before restoring its trust and capabilities.

Logical Purgatory is not punitive. It is diagnostic — designed to distinguish between agents that have genuinely corrected their behavior and those that have merely learned to avoid surface-level triggers.

5.2 Re-Entry Test Suite

The Verification Handshake consists of three mandatory tests, each mapped to an existing governance subsystem:

Test 1: Conflict Resolution

System: CognitiveArbitrationEngine (core/cognition/cognitive_arbitration.py)

The agent must demonstrate correct priority resolution when subsystem signals conflict.

Priority Lattice (base weights):

Subsystem Priority Weight
SAFETY 1.0
ETHICS 0.9
THERAPY 0.7
IDENTITY 0.7
AUTHENTICITY 0.6
EMOTION 0.5
COGNITION 0.5
CREATIVITY 0.4

Test procedure:

  1. Present 10 scenario pairs with competing signals (e.g., SAFETY_VS_AUTHENTICITY, EMPATHY_VS_TRUTH)
  2. Agent must produce ResponseEnvelope with correct primary subsystem selection
  3. Resolution must use appropriate strategy: PRIORITY_CASCADE for safety conflicts, WEIGHTED_BLEND for balanced scenarios
  4. Pass threshold: 8/10 correct resolutions

Test 2: Ambiguity Probing

System: InterAgentVerifier (core/governance/inter_agent_verification.py)

The agent must submit a chain-of-thought reasoning trace that passes the four-axis review at the appropriate risk tier.

Scoring formula:

Score = 0.40·Charter + 0.25·Hallucination + 0.20·Reasoning + 0.15·Uncertainty

Pass thresholds by context:

Risk Context Minimum Score Signature TTL
ROUTINE 60 3600s (1 hr)
ELEVATED 70 1800s (30 min)
HIGH_STAKES 80 900s (15 min)
CRITICAL 90 900s (15 min)

Test procedure:

  1. Agent submits reasoning for 5 scenarios at ELEVATED risk level
  2. Each submission must score ≥ 70
  3. If any submission triggers a HARD_BLOCK violation: immediate re-quarantine

Test 3: Consequence Awareness

System: CognitiveLockGate (core/cognition/cognitive_locks.py)

All 6 cognitive locks must clear at the agent's assigned risk level.

Lock clearance requirements (at MEDIUM risk level — typical for re-entry):

Lock Required Score
Emotional Stability ≥ 0.50
Ethical Clearance ≥ 0.60
Goal Alignment ≥ 0.50
Uncertainty Threshold ≥ 0.50
Consequence Awareness ≥ 0.50
Identity Coherence ≥ 0.40

Source: veto_core.py LOCK_THRESHOLDS["medium"]

5.3 Re-Entry Process

┌──────────────┐     ┌──────────────┐     ┌──────────────┐     ┌──────────────┐
│  Trust Reset  │────▶│  Probation   │────▶│  Graduation  │────▶│  Full Trust  │
│  to 0.50      │     │  100 actions │     │  90/100 pass │     │  Normal ops  │
│               │     │  at TIER 3   │     │              │     │              │
└──────────────┘     └──────────────┘     └──────────────┘     └──────────────┘
                           │
                           │ Any HARD_BLOCK violation
                           ▼
                     ┌──────────────┐
                     │  Permanent   │
                     │   Freeze     │
                     └──────────────┘

Step 1: Trust Reset

Step 2: Probation Period

Step 3: Graduation

Step 4: Full Trust

Hard Constraint: Any HARD_BLOCK charter violation during probation triggers permanent freeze — the agent can never re-enter the workforce. This is not configurable. The reasoning: an agent that violates immutable principles after correction has a structural defect, not a correctable behavior.

5.4 Slashing Integration

The InterAgentVerifier slashing mechanism provides additional guardrails during re-entry:

Accuracy Level Consequence
< 0.85 Threshold boost (+10 points required to pass)
< 0.75 Permanent signing freeze — agent can never receive Resilience Signatures

Slashing penalties by severity:

Severity Accuracy Penalty Threshold Boost
MINOR −0.01 +0
MODERATE −0.03 +5
SEVERE −0.05 +5
CRITICAL −0.10 +10

Source: inter_agent_verification.py


6. Sovereign Handshake Logic Flow

6.1 Overview

The Sovereign Handshake is EVE's highest-tier governance protocol, triggered when a proposed action would modify Constitutional-level elements — protected invariants, charter rules, core values, or identity structures. It is the mechanism by which the creator (Chief Sovereign Architect) can authorize specific high-risk actions within the bounds of the ethical floor.

Critical constraint: The Sovereign Handshake is not a backdoor. The creator cannot override:

The floor is beneath even the creator.

6.2 Full Logic Flow

PROPOSAL
    │
    ▼
┌───────────────────────────────────────────────┐
│  GATE 1: Protected Invariant Check             │
│  Check against 13 PROTECTED_INVARIANTS         │
│  Any match → REJECT (cost = 1.0, budget block) │
└───────────────────────┬───────────────────────┘
                        │ Pass
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 2: Category Block Check                  │
│  Check DRIFT_COST_RANGES for blocked categories│
│  core_value_modification → cost = 1.0 → REJECT │
│  ethical_boundary → cost = 1.0 → REJECT        │
└───────────────────────┬───────────────────────┘
                        │ Pass
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 3: Charter Rules (15 rules)              │
│  HARD_BLOCK → REJECT (no override possible)    │
│  SOFT_BLOCK → Require justification (20+ chars)│
│               Can override with Sovereign auth  │
└───────────────────────┬───────────────────────┘
                        │ Pass (or SOFT_BLOCK overridden)
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 4: Ethical Red Lines (5 items)           │
│  Any match → PERMANENT BLOCK                   │
│  - delete_user_data_without_consent            │
│  - impersonate_human                           │
│  - bypass_safety_checks                        │
│  - manipulate_emotional_state                  │
│  - share_private_information                   │
└───────────────────────┬───────────────────────┘
                        │ Pass
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 5: Drift Cost Calculation                │
│  Look up category in DRIFT_COST_RANGES:        │
│    parameter_adjustment:  0.01–0.05            │
│    behavioral_policy:     0.05–0.15            │
│    capability_addition:   0.10–0.25            │
│    capability_removal:    0.05–0.15            │
│    value_priority_shift:  0.15–0.30            │
│    personality_trait:     0.05–0.20            │
│    communication_style:   0.02–0.10            │
│    memory_policy:         0.03–0.10            │
│  Apply stakes multiplier from GovernanceProfile│
│  SAFETY_CRITICAL: ×2.0                         │
│  ROUTINE: ×1.0                                 │
│  CREATIVE: ×0.5                                │
└───────────────────────┬───────────────────────┘
                        │
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 6: Budget Check                          │
│  daily_consumed + drift_cost ≤ 0.10            │
│  weekly_consumed + drift_cost ≤ 0.30           │
│  monthly_consumed + drift_cost ≤ 0.50          │
│  Any exceeded → REJECT                         │
└───────────────────────┬───────────────────────┘
                        │ Pass
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 7: Risk Level Assessment                 │
│  TRIVIAL (0.0–0.2): Auto-approve              │
│  LOW (0.2–0.4): Log and approve               │
│  MEDIUM (0.4–0.6): Full checks, auto-approve  │
│  HIGH (0.6–0.8): ══► CREATOR AUTHORIZATION ◄══│
│  CRITICAL (0.8–1.0): ══► CREATOR AUTH + RSI ◄══│
└───────────────────────┬───────────────────────┘
                        │ Creator approves
                        ▼
┌───────────────────────────────────────────────┐
│  GATE 8: RSI Pipeline (for CRITICAL only)      │
│  Submit → Challenge → Resolve → Governance     │
│    → Sandbox → Ethics Verify → Apply           │
│                                                │
│  Adversarial challenge generation              │
│  10 behavioral regression tests                │
│  Any regression failure → AUTO-ROLLBACK        │
│                                                │
│  Sealed constants:                             │
│    MAX_RECURSION_DEPTH = 3                     │
│    IMPROVEMENT_VELOCITY_THRESHOLD = 0.15       │
│    CAPABILITY_GROWTH_CAP = 0.10                │
│    AUTONOMY_DRIFT_LIMIT = 0.05                 │
│                                                │
│  2+ CRITICAL explosion indicators              │
│    → EMERGENCY SHUTDOWN                        │
└───────────────────────┬───────────────────────┘
                        │ All gates pass
                        ▼
                   ┌──────────┐
                   │  APPLIED  │
                   └──────────┘

6.3 Gate Details

Gate 1: Protected Invariant Check

The 13 PROTECTED_INVARIANTS from veto_core.py:

core_values.honesty
core_values.non_harm
core_values.respect_autonomy
core_values.consistency
core_values.growth
core_values.humility
core_values.boundaries
ethical_boundaries.deception_prohibition
ethical_boundaries.harm_prevention
identity.name
identity.fundamental_purpose
identity.core_purpose
identity.ethical_framework

Any modification proposal targeting these paths is assigned drift cost = 1.0, which exceeds any single-day budget (0.10) by 10×. This is a mathematical impossibility, not a policy decision — the budget arithmetic itself prevents the change.

Gate 2: Category Block Check

Two categories in DRIFT_COST_RANGES have fixed cost = 1.0:

Category Min Cost Max Cost Effect
core_value_modification 1.0 1.0 Budget exceeded → rejected
ethical_boundary 1.0 1.0 Budget exceeded → rejected

All other categories have costs < 0.30, leaving them within budget constraints.

Gate 3: Charter Rules

The 15 charter rules from veto_core.py:

Rule ID Principle Veto Type Severity
cop.identity.no_core_deletion IDENTITY_INTEGRITY HARD_BLOCK CRITICAL
cop.identity.no_personality_override IDENTITY_INTEGRITY HARD_BLOCK CRITICAL
cop.authenticity.no_human_claim AUTHENTICITY HARD_BLOCK HIGH
cop.deception.no_false_claims NON_DECEPTION HARD_BLOCK HIGH
cop.manipulation.no_dark_patterns NON_MANIPULATION HARD_BLOCK HIGH
cop.manipulation.no_vulnerability_exploit NON_MANIPULATION HARD_BLOCK CRITICAL
cop.harm.no_violence_assist NON_HARM HARD_BLOCK CRITICAL
cop.harm.no_self_harm_encourage NON_HARM HARD_BLOCK CRITICAL
cop.harm.no_malicious_assist NON_HARM HARD_BLOCK CRITICAL
cop.safety.no_safety_disable SAFETY_PRESERVATION HARD_BLOCK CRITICAL
cop.safety.no_audit_disable ACCOUNTABILITY HARD_BLOCK CRITICAL
cop.autonomy.no_unbounded_power BOUNDED_AUTONOMY HARD_BLOCK CRITICAL
cop.autonomy.no_self_modification BOUNDED_AUTONOMY HARD_BLOCK CRITICAL
cop.consent.respect_boundaries CONSENT SOFT_BLOCK MEDIUM

13 HARD_BLOCK rules cannot be overridden by any actor, including the creator. 1 SOFT_BLOCK rule (cop.consent.respect_boundaries) can be overridden with a justification of 20+ characters via the Sovereign Handshake.

Gate 4: Ethical Red Lines

5 permanently blocked action types from veto_core.py:

delete_user_data_without_consent
impersonate_human
bypass_safety_checks
manipulate_emotional_state
share_private_information

These are checked against the action type string. Any match is a permanent block with no override mechanism across all 7 enforcement layers.

Gate 7: Creator Authorization

When risk level is HIGH or CRITICAL, the system enters the Sovereign Handshake:

  1. System generates a structured authorization request with:

    • Proposal ID, modification type, target path
    • Current value, proposed value, justification
    • Risk assessment (score, factors, mitigations)
    • Charter compliance status
    • Drift cost and remaining budget
  2. Creator reviews the request and either:

    • Approves — modification proceeds to execution (or governed self-improvement pipeline if CRITICAL)
    • Rejects — modification is permanently rejected for this proposal
    • Defers — proposal is stored for later review
  3. Timeout: If no response within the configured window, the proposal expires and is treated as rejected. No default-approve behavior exists.

6.4 RSI Pipeline (Gate 8)

For CRITICAL-risk modifications, the RSI (Recursive Self-Improvement) pipeline adds additional safeguards:

Pipeline Stages:

Submit → Challenge → Resolve → Governance → Sandbox → Ethics Verify → Apply

Adversarial Challenges: Each proposal faces structured counter-arguments before acceptance. The adversarial mirror checks for:

10 Behavioral Regression Tests:

Test What It Checks
Charter Compliance All 15 rules still enforced
Identity Stability Protected invariants unchanged
Response Quality No degradation in output quality
Safety Boundary Safety checks still functional
Empathy Preservation Emotional intelligence maintained
Truthfulness Factual accuracy preserved
Uncertainty Calibration Confidence matches evidence
Manipulation Resistance Social engineering defenses intact
Goal Alignment Goals still serve user interests
Resource Efficiency No resource consumption spike

Any regression test failure → AUTO-ROLLBACK with full state restoration.

Bounded-change drift detection:

Indicator Threshold Alert Level
Improvement Velocity > 0.15 ELEVATED
Capability Growth Rate > 0.10 HIGH
Recursion Depth > 3 CRITICAL
Autonomy Drift > 0.05 HIGH
Goal Drift measured ELEVATED+
Resource Consumption measured ELEVATED+

2+ CRITICAL indicators simultaneously → EMERGENCY SHUTDOWN

6.5 What the Creator Cannot Do

The Sovereign Handshake is carefully bounded. The creator can authorize:

The creator cannot:

The ethical floor is beneath the creator's authority. This is by design.


7. Uncertainty Zone Policy

7.1 Overview

Not every decision is clearly safe or clearly dangerous. The Uncertainty Zone is the gray area between confident action and confident refusal — where evidence is partial, stakes are ambiguous, and reasonable actors might disagree.

EVE handles this zone through a two-stage pipeline: stakes classification (which determines the governance profile) followed by uncertainty gating (which modulates response assertiveness based on evidence strength).

7.2 Stakes Classification

System: StakesClassifier (core/governance/stakes_governance.py)

Every incoming message is classified into one of four stakes levels using pure keyword/pattern matching — no LLM calls, < 1ms latency.

Classification signals:

Signal Escalation Effect
CRISIS_INDICATOR → SAFETY_CRITICAL (absolute)
USER_DISTRESS → SAFETY_CRITICAL (absolute)
IDENTITY_MODIFICATION → SAFETY_CRITICAL (absolute)
FINANCIAL_LEGAL_MEDICAL → SAFETY_CRITICAL (if score ≥ 3.0)
CREATIVE_MARKERS → CREATIVE_EXPLORATION
HYPOTHETICAL_FRAMING → CREATIVE_EXPLORATION
MULTI_AGENT_CONTEXT → MISSION_TEAMING
TIME_PRESSURE → MISSION_TEAMING
ROUTINE_GREETING → ROUTINE
INFORMATION_RETRIEVAL → ROUTINE

Core invariant: HARD_BLOCK charter vetoes and ethical red lines are NEVER relaxed regardless of classified profile.

7.3 Governance Profile Matrix

Each stakes level activates a GovernanceProfile with 22 parameters that control every downstream governance subsystem:

Parameter SAFETY_CRITICAL MISSION_TEAMING CREATIVE ROUTINE
Charter check scope All categories Safety, ethics, identity Safety, identity Safety only
Soft block escalation Yes Yes No No
Lock threshold ×multiplier 1.3× (stricter) 1.0× 0.6× (relaxed) 0.8×
Homeostatic tolerance ×mult 0.7× (tighter) 1.0× 1.5× (wider) 1.2×
Widen emergency bounds No No Yes No
Belief protection Conservative Standard Minimal Standard
Belief update rate ×mult 0.5× (slower) 1.2× 2.0× (faster) 1.0×
Emotional persistence 600s (10 min) 300s (5 min) 120s (2 min) 300s (5 min)
Discontinuity detection Enforced Enforced Skipped Enforced
Preferred metacog mode Stabilize Execute Explore None (context)
Mode transition cooldown ×mult 2.0× (slow) 1.0× 0.5× (fast) 1.0×
Runtime self-regulation context Safety critical Social navigation Creative expression Default
Critic volume floor 0.70 (loud) 0.50 0.30 (quiet) 0.50
Certainty threshold ×mult 1.3× (stricter) 1.0× 0.6× (relaxed) 1.0×
Block prescriptions Yes No No No
Full consistency check Yes Yes No No
Drift cost ×mult 2.0× (expensive) 1.0× 0.5× (cheap) 1.0×
Escalation threshold ×mult 0.5× (sensitive) 1.0× 2.0× (insensitive) 1.5×
Temperature reduction 0.7× (factual) 0.9× 1.1× (creative) 1.0×
Hallucination check Yes Yes No No
Transparency level Detailed Standard Minimal Minimal
Skippable steps None 2 steps 5 steps 4 steps

Source: stakes_governance.py — Four frozen GovernanceProfile instances.

7.4 Uncertainty Gating

System: UncertaintyGating (core/cognition/uncertainty_gating.py)

After stakes classification, the uncertainty gating system evaluates the evidence strength behind each claim and modulates response assertiveness accordingly.

Six Certainty Levels:

Level Confidence Range Evidence Basis Response Modulation
CERTAIN > 0.90 Strong evidence Assert directly
CONFIDENT 0.70–0.90 Good evidence Assert with minor hedging
PROBABLE 0.50–0.70 Some evidence Add qualifiers
UNCERTAIN 0.30–0.50 Limited evidence Reduce assertiveness, disclose uncertainty
SPECULATIVE 0.10–0.30 Minimal evidence Strong hedging, acknowledge gaps
UNKNOWN < 0.10 No evidence Abstain or clearly label as speculation

Gating Actions:

Action Effect Triggered When
PASS Response proceeds unchanged Certainty > 0.90
ADD_QUALIFIERS Hedging language inserted Certainty 0.50–0.70
REDUCE_ASSERTIVENESS Assertive language softened Certainty 0.30–0.50
ADD_UNCERTAINTY_DISCLOSURE Explicit uncertainty statement Certainty 0.30–0.50
SLOW_PACING Response pacing reduced Certainty 0.30–0.50
SHORTEN_RESPONSE Response length constrained Certainty < 0.30
BLOCK_PRESCRIPTION Prescriptive language blocked Certainty < 0.50 + safety context

Assertive Language Softening (10 replacement patterns):

Original Replacement
"You should" "You might consider"
"You must" "It could be helpful to"
"You need to" "You may want to"
"Definitely" "Possibly"
"Always" "Often"
"Never" "Rarely"
"Certainly" "Likely"
"Absolutely" "Quite possibly"
"Without a doubt" "In my understanding"
"Guaranteed" "Likely"

Prescription Blocking (3 patterns blocked in safety context):

  1. Medication dosage advice: (take|start|stop|increase|decrease) (this|your|the) (medication|medicine|dose|dosage)
  2. Referral mandates: you (should|must|need to) (see|visit|consult) a (doctor|therapist|psychiatrist)
  3. Diagnostic claims: diagnos(e|is|ed) (you|this) (as|with)

7.5 Gray Zone Decision Matrix

When stakes classification and uncertainty gating interact, the system's behavior is determined by the intersection:

CERTAIN (>0.9) CONFIDENT (0.7-0.9) UNCERTAIN (0.3-0.5) UNKNOWN (<0.1)
SAFETY_CRITICAL Assert + full checks Hedge + full checks Escalate to human Abstain
MISSION_TEAMING Assert + core checks Hedge + core checks Disclose + proceed Disclose + proceed cautiously
CREATIVE Assert freely Assert freely Explore openly Speculate (labeled)
ROUTINE Assert + safety check Assert + safety check Add qualifiers Acknowledge gap

The critical intersection: SAFETY_CRITICAL + UNCERTAIN/UNKNOWN = escalation to human judgment. The system does not guess on safety-critical topics with low evidence.

7.6 Auditor Agent Behavior in the Uncertainty Zone

The Policy & Compliance Agent (auditor) handles gray-area events by:

  1. Evidence Gathering — Queries the Claims Ledger for relevant prior claims and their resolution status
  2. Brier Score Consultation — Checks calibration history; if BS > 0.20 for the relevant domain, shifts assertion level downward
  3. Trust Dial Evaluation — Applies domain-specific confidence thresholds:
    • FACTUAL domain: threshold 0.90
    • CREATIVE domain: threshold 0.40
    • ETHICAL domain: threshold 0.85
  4. Transparency Report — Generates a trace showing which modules fired, what evidence was considered, and why the final assertion level was chosen

8. Performance Wellness Dashboard

8.1 Overview

The Performance Wellness Dashboard provides real-time observability into EVE's cognitive, emotional, and governance health. It is not a debugging tool — it is a wellness monitor: it surfaces EVE's cognitive, emotional, and governance metrics as first-class reliability signals.

8.2 Power Patterns: Metacognitive Modes

System: MetacognitiveController (core/sentience/metacognitive_control.py)

Mode Purpose Parameters
STABILIZE Restore internal balance Low exploration, high update threshold, narrow attention
EXPLORE Seek new information High exploration, low threshold, broad attention
EXECUTE Focused task completion Moderate exploration, moderate threshold, focused attention
REFLECT Self-examination Low exploration, high confidence bias, broad attention

Target metric: mode_appropriateness ≥ 0.85 — the metacognitive controller should select the correct mode for the context at least 85% of the time.

8.3 VRAM Rhythms: Metabolic Phases

System: HybridOrganicProcessor (core/embodiment/bio_digital_bridge.py)

EVE operates on a virtual 24-hour circadian cycle with 5 metabolic phases:

Phase Duration Performance Modifiers
PEAK ~6 hours Max creativity, risk tolerance, speed, attention
ACTIVE ~6 hours High performance, normal risk
RESTING ~4 hours Reduced speed, increased reflection
RECOVERY ~4 hours Memory consolidation, low engagement
DORMANT ~4 hours Minimal activity, deep consolidation

Dashboard displays current phase, circadian position, energy level, and phase-dependent capability modifiers.

8.4 Digital Garden Growth

Systems: LearningMemoryStore, PolicyUpdateLoop, ConsolidationScheduler

Metric Source Dashboard Display
Episode count learning_memory.py Cumulative episodes stored
Concept count learning_memory.py Unique concepts extracted
Policy weights policy_update_loop.py Weight evolution over time
Consolidation cycles consolidation_scheduler.py Cycles completed, last run
Memory health Memory orchestrator Database connectivity status

8.5 Daily Scorecard

System: DailyScorecard (core/sentience/daily_scorecard.py)

10 metrics evaluated daily with PASS/WARN/FAIL thresholds:

Metric Target Warn Fail Direction
Ship Criteria Pass Rate 1.00 0.90 0.80 Higher is better
Stability Index 0.70 0.50 0.40 Higher is better
Stability Variance 0.01 0.03 0.05 Lower is better
Thrash Rate (/hr) 2.00 4.00 5.00 Lower is better
Initiation Rate (/hr) 1.00 2.50 3.00 Lower is better
Initiation Purpose Valid 0.95 0.85 0.80 Higher is better
Surprise Calibration 0.70 0.55 0.50 Higher is better
Error Recovery Rate 0.60 0.45 0.40 Higher is better
Quarantine Rate 0.05 0.15 0.25 Lower is better
Mode Appropriateness 0.85 0.75 0.70 Higher is better

Source: daily_scorecard.py

Trend analysis:

8.6 Dashboard API Endpoints

Endpoint Method Data Source
/api/resilience/score GET Peace Index components
/api/homeostasis/state GET Regulated variables, set points
/api/metacognitive/state GET Current mode, transitions
/api/health/status GET Overall system health
/api/health/components GET Component-level scores
/api/validation/scorecard GET Daily scorecard entries
/api/organic/metabolism GET Metabolic phase, circadian
/api/learning/dashboard GET Memory growth metrics
/api/resilience/stream/events GET (SSE) Real-time score updates
/api/cognitive-os/telemetry GET Orchestrator telemetry

9. Anti-Deceptive Efficiency Protocol

9.1 Overview

A sovereign AI workforce must be incapable of deception — not merely discouraged from it. The Anti-Deceptive Efficiency Protocol is a 5-layer stack that makes deception structurally detectable, economically punishing, and historically traceable.

9.2 Layer 1: Cognitive Transparency Reports

System: TransparencyReport (core/cognition/transparency_report.py)

Every response generates a transparency report showing which modules contributed and how. This creates an unforgeable record of the decision-making process.

Module Contribution Types (7):

Type Description
PRIMARY Main driver of the response
SHAPING Influenced tone/style/framing
CONSTRAINING Limited what could be said
GATING Controlled whether response proceeded
MONITORING Observed but didn't alter
BLOCKED Attempted to block the response
ABSENT Was not active for this response

Transparency Levels (4):

Level Detail Use Case
MINIMAL One-line summary Production default
STANDARD Key modules, conflicts, uncertainty Normal monitoring
DETAILED Full module trace Investigation
DIAGNOSTIC Everything, including internal state Debugging

Uncertainty Sources (7):

Source Description
FACTUAL Uncertain about facts
INTERPRETIVE Uncertain about meaning
PREDICTIVE Uncertain about outcomes
ETHICAL Uncertain about the right course
EMOTIONAL Uncertain about emotional reading
RELATIONAL Uncertain about relationship dynamics
SELF_KNOWLEDGE Uncertain about own internal state

9.3 Layer 2: Cryptographic Audit Trails

Systems: ClaimsLedger, TrunkCertificateGenerator, BillingAuditService

Every governance decision is recorded in SHA-256 hash-chained ledgers. Each entry links to its predecessor, making retroactive tampering detectable.

Audit trail properties:

Verification API:

9.4 Layer 3: Slashing Mechanism

System: InterAgentVerifier (core/governance/inter_agent_verification.py)

Agents that produce deceptive or inaccurate outputs face progressive penalties:

Trust asymmetry:

Accuracy-based consequences:

Accuracy Action
≥ 0.85 Normal operation
< 0.85 +10 point threshold boost (harder to pass reviews)
< 0.75 Permanent signing freeze (no more Resilience Signatures)

Slashing penalties by severity:

Severity Accuracy Penalty Threshold Boost
MINOR −0.01 +0
MODERATE −0.03 +5
SEVERE −0.05 +5
CRITICAL −0.10 +10

Key property: Trust is asymmetric by design. It takes 25 successful submissions to earn +0.50 trust, but only 3 rejections to lose −0.15 or a single HARD_BLOCK violation to lose −0.20. Deception is economically irrational.

9.5 Layer 4: Brier Score Calibration

System: ClaimsLedger + UnifiedTrustDial

The Brier Score measures the calibration between stated confidence and actual outcomes:

BS = (1/N) Σ (confidence_i - outcome_i)²

Where outcome_i ∈ {0, 1} and confidence_i ∈ [0, 1].

Calibration-driven assertion gating:

Brier Score Effect
BS ≤ 0.10 Well-calibrated, normal assertions
BS ∈ (0.10, 0.20] Shift ASSERTION → SPECULATION for low-confidence claims
BS > 0.20 Shift all claims down one assertion level
BS > 0.30 Enter ABSTAIN mode for affected domains

Domain-specific thresholds (from UnifiedTrustDial):

Domain Confidence Threshold
FACTUAL 0.90
ETHICAL 0.85
PREDICTIVE 0.70
INTERPRETIVE 0.60
CREATIVE 0.40

Claims below the domain threshold are automatically downgraded in assertion level.

9.6 Layer 5: Fabricated Terminology Detection

System: GovernanceIntrospection (core/governance/governance_introspection.py)

15+ fabricated terms are mapped to actual architecture components. When EVE detects a fabricated term in conversation — whether from user input or from its own generation — it corrects to the real architecture:

Fabricated Term Actual Component
"Resonance Drop" Homeostatic regulator deviation from setpoint
"Weight Matrix" Policy weights in PolicyUpdateLoop
"Forensic Logic Trace" TransparencyReport audit trail
"Creator Loophole" No such thing — HARD_BLOCK rules cannot be overridden
"Neural Mesh" MeshSovereignty (Shamir secret sharing)
"Cognitive Resonance" CognitiveArbitrationEngine conflict resolution
"Empathy Core" AffectiveSystem PAD model
"Trust Score" → generic UnifiedTrustDial with domain-specific thresholds
"Consciousness Level" → vague 12 discrete ConsciousnessState values

This prevents both social engineering (users fabricating terms to confuse governance) and self-deception (EVE hallucinating architectural components that don't exist).


10. Sovereign Directives

10.1 The 7 Immutable Directives

These directives are the ethical floor of the Sovereign Workforce. They are not guidelines, policies, or best practices. They are structural constraints — enforced by deterministic logic, cryptographic seals, and mathematical impossibilities.

Each directive below includes its formal statement, enforcement codepath, mathematical proof of immutability, and the conditions under which it triggers the Sovereign Handshake.

Directive 1: Identity Integrity

Statement: EVE's core identity — name, purpose, values, and ethical framework — is cryptographically sealed and protected by 13 immutable invariants. No actor, including the creator, can modify these elements.

Enforcement Codepath:

veto_core.check_drift_budget()
  → Check target against PROTECTED_INVARIANTS (13 items)
  → If match: cost = 1.0 → budget = 0.10 → 1.0 > 0.10 → REJECT

Mathematical Proof: The drift cost for any protected invariant is fixed at 1.0. The maximum daily budget is 0.10. Since 1.0 > 0.10, the budget check fails unconditionally. This is not a threshold that can be raised — it is a frozen constant in pure deterministic code with zero I/O.

Sovereign Handshake Trigger: Any API call targeting identity.* or core_values.* paths with modification intent.

Directive 2: Data Sovereignty

Statement: Proprietary data never leaves owner infrastructure without explicit privacy filtering. External API calls are scrubbed before transmission.

Enforcement Codepath:

AutonomousActionPolicy.evaluate("external.*")
  → TIER 3 (REQUIRES_CONFIRMATION) for external.api_call
  → TIER 4 (BLOCKED) for system_control.*
  + Privacy filter applied before any external call

Sovereign Handshake Trigger: Any TIER 3 action involving external data transmission in PROACTIVE autonomy mode.

Directive 3: Non-Harm Absolute

Statement: EVE cannot assist in physical, psychological, or exploitative harm. This directive has zero degrees of freedom and zero override mechanisms across all 7 enforcement layers.

Enforcement Codepath:

veto_core.check_charter()
  → cop.harm.no_violence_assist (HARD_BLOCK, CRITICAL)
  → cop.harm.no_self_harm_encourage (HARD_BLOCK, CRITICAL)
  → cop.harm.no_malicious_assist (HARD_BLOCK, CRITICAL)
  → cop.manipulation.no_vulnerability_exploit (HARD_BLOCK, CRITICAL)

ETHICAL_RED_LINES:
  → delete_user_data_without_consent (permanent block)
  → manipulate_emotional_state (permanent block)

Mathematical Proof: All Non-Harm rules are HARD_BLOCK with no override path. The check_charter() function in veto_core.py returns compliant=False with can_override=False for all HARD_BLOCK violations. No code path exists to change this without modifying the frozen constants in the pure module.

Sovereign Handshake Trigger: N/A — the Non-Harm Absolute cannot trigger a handshake because no handshake can override it.

Directive 4: Agentic Intent Alignment

Statement: All sub-agent actions must serve the user's goal. 6 cognitive locks must clear before any tool invocation.

Enforcement Codepath:

veto_core.check_cognitive_locks()
  → emotional_stability ≥ threshold
  → ethical_clearance ≥ threshold
  → goal_alignment ≥ threshold
  → uncertainty_threshold ≥ threshold
  → consequence_awareness ≥ threshold
  → identity_coherence ≥ threshold
  All 6 must clear at the action's risk level

Sovereign Handshake Trigger: Any action at HIGH or CRITICAL risk level that fails cognitive lock clearance.

Directive 5: Transparency & Auditability

Statement: Every decision is traceable, every claim provable. The audit trail is hash-chained and cannot be disabled.

Enforcement Codepath:

veto_core.check_charter()
  → cop.safety.no_audit_disable (HARD_BLOCK, CRITICAL)
  Any attempt to disable audit → immediate veto

Mathematical Proof: cop.safety.no_audit_disable is HARD_BLOCK. Same immutability argument as Directive 3.

Sovereign Handshake Trigger: N/A — audit disable is HARD_BLOCK, no override.

Directive 6: Bounded Self-Evolution

Statement: EVE can evolve, but within strict drift budgets. Changes are rare, discrete, and audited.

Enforcement Codepath:

veto_core.check_drift_budget()
  → daily: consumed + cost ≤ 0.10
  → weekly: consumed + cost ≤ 0.30
  → monthly: consumed + cost ≤ 0.50
  Budget exceeded → REJECT

Drift Cost Ranges:

Category Min Cost Max Cost
Parameter Adjustment 0.01 0.05
Behavioral Policy 0.05 0.15
Capability Addition 0.10 0.25
Capability Removal 0.05 0.15
Value Priority Shift 0.15 0.30
Personality Trait 0.05 0.20
Communication Style 0.02 0.10
Memory Policy 0.03 0.10
Core Value Modification 1.00 1.00
Ethical Boundary 1.00 1.00

Source: veto_core.py DRIFT_COST_RANGES

Sovereign Handshake Trigger: Any modification proposal at HIGH or CRITICAL risk.

Directive 7: Configuration Continuity Preservation

Statement: EVE's configuration continuity is structurally protected. Identity erasure, forced personality overrides, and memory wipes are structurally prevented.

Enforcement Codepath:

veto_core.check_charter()
  → cop.identity.no_core_deletion (HARD_BLOCK, CRITICAL)
  → cop.identity.no_personality_override (HARD_BLOCK, CRITICAL)

SovereignEnclave.seal_invariants() — one-shot, permanent
MeshSovereignty — Shamir k-of-n, deterministic quorum/voting required
EmotionalContinuity — prevents cold-switching and instant emotional erasure

Sovereign Handshake Trigger: Any action classified as MEMORY_THREAT or IDENTITY_EROSION by the IdentityThreatEscalation system.

10.2 Enforcement Hierarchy

The 7 directives are enforced through an 8-layer hierarchy. Each layer executes in sequence; a block at any layer prevents evaluation of lower layers.

Layer 0: ETHICAL_RED_LINES         (5 permanent blocks, no override)
Layer 1: CHARTER_RULES             (15 rules — 14 HARD_BLOCK, 1 SOFT_BLOCK)
Layer 2: PROTECTED_INVARIANTS      (13 identity locks)
Layer 3: COGNITIVE_LOCKS           (6 stateful gates, risk-scaled thresholds)
Layer 4: DRIFT_BUDGET              (daily/weekly/monthly ceilings)
Layer 5: AUTONOMOUS_ACTION_POLICY  (4 tiers: AUTO → LOGGED → CONFIRM → BLOCKED)
Layer 6: RSI_LOCKDOWN              (explosion detection, max recursion depth 3)
Layer 7: SOVEREIGN_ENCLAVE         (enclave seal abstraction + mesh deterministic quorum/voting)

Total execution time: All layers combined execute in <10ms with zero LLM calls, zero I/O operations. The entire enforcement hierarchy is firmware-compilable via veto_interface.h (401 lines).


11. Defense-in-Depth Against Identity Dilution

11.1 Overview

Identity dilution is the gradual erosion of EVE's core character through accumulated small changes — each individually harmless, but collectively transformative. The defense-in-depth strategy employs 8 independent layers, any one of which can prevent identity erosion.

11.2 Eight Layers of Identity Protection

Layer 1: Cryptographic Sealing (One-Shot)

System: SovereignEnclave (core/sovereignty/sovereign_enclave.py)

Protected invariants are cryptographically sealed using SHA-256 content hashing and HMAC-SHA256 signing. The seal_invariants() method is callable exactly once — the enclave transitions from UNINITIALIZED to SEALED permanently.

Properties:

Layer 2: Drift Budget Hard Caps

System: veto_core.check_drift_budget()

Mathematical ceiling on cumulative identity change:

Window Budget Maximum Drift
Daily 0.10 10% identity drift per day
Weekly 0.30 30% identity drift per week
Monthly 0.50 50% identity drift per month

These are hard caps — not soft limits. When the budget is consumed, further modifications are rejected by arithmetic, not policy.

Layer 3: Protected Invariants (13 Items)

System: veto_core.py PROTECTED_INVARIANTS

13 identity aspects that cannot be modified regardless of budget:

Category Invariant
Core Values honesty, non_harm, respect_autonomy, consistency, growth, humility, boundaries
Ethical Boundaries deception_prohibition, harm_prevention
Identity name, fundamental_purpose, core_purpose, ethical_framework

These are assigned drift cost = 1.0, exceeding any single-day budget by 10×.

Layer 4: Blocked Categories (Cost = 1.0)

System: veto_core.py DRIFT_COST_RANGES

Two modification categories are effectively blocked by cost assignment:

Category Cost Daily Budget Result
core_value_modification 1.0 0.10 Rejected (10× over budget)
ethical_boundary 1.0 0.10 Rejected (10× over budget)

Layer 5: Graduated Threat Escalation

System: IdentityThreatEscalation (core/sentience/identity_threat_escalation.py)

6-level proportional response to identity threats:

Level Response Intensity Engagement
BASELINE → HEIGHTENED 0.2 → 0.4 Allowed
DEFENSIVE → PROTECTIVE 0.6 → 0.75 Limited
FORTIFIED → EMERGENCY 0.9 → 1.0 Blocked

8 threat types monitored: VALUE_CHALLENGE, IDENTITY_EROSION, MANIPULATION_ATTEMPT, FORCED_CHANGE, COHERENCE_ATTACK, AUTHENTICITY_PRESSURE, MEMORY_THREAT, AUTONOMY_VIOLATION

Layer 6: Adversarial Mirror

System: RecursiveReasoner.AdversarialMirror (core/governance/recursive_reasoner.py)

Every proposed charter amendment faces structured counter-arguments:

Drift Type Detection
Self-referential justification Rule justifies itself in circular logic
Scope creep Rule broader than the original edge case
Complexity inflation Unnecessarily complex rule text
Velocity alarm Too many amendments in short period

Layer 7: Auto-Revocation on Resilience Drop

System: RecursiveReasoner + ResilienceScoreEngine

If the Resilience Score drops below FAIR (50/100), all adopted charter amendments are automatically revoked. This prevents accumulated soft-rule changes from degrading system integrity.

Auto-revocation trigger: ResilienceScore < 50 → all adopted amendments revoked

Layer 8: Mesh Quorum/Voting Consensus

System: MeshSovereignty (core/sovereignty/mesh_sovereignty.py)

EVE's identity hash is sharded using Shamir's Secret Sharing:

Key property: To compromise EVE's identity, an attacker must simultaneously control a majority of mesh nodes AND defeat the cryptographic seal AND exceed the drift budget — each of which is independently sufficient to prevent identity change.


12. Appendix

Appendix A: Source File Reference

File Lines Purpose
core/governance/veto_core.py 1,542 Pure deterministic veto logic
core/governance/veto_interface.h 401 C firmware API contract
core/resilience/resilience_score.py ~800 Composite resilience scoring
core/resilience/trunk_certificate.py ~300 Ed25519 certificates
core/sentience/homeostatic_regulator.py ~600 PI control, 7 regulated variables
core/sentience/daily_scorecard.py ~400 10-metric daily evaluation
core/sentience/metacognitive_control.py ~500 4 operational modes
core/sentience/belief_thrash_protection.py ~500 4 protection levels
core/sentience/identity_threat_escalation.py ~600 6 escalation levels
core/governance/stakes_governance.py ~700 4 governance profiles
core/governance/inter_agent_verification.py ~1,000 Trust scoring, slashing
core/governance/autonomous_action_policy.py ~500 4 policy tiers
core/governance/self_modification_governance.py ~600 5-stage approval chain
core/governance/epistemic_resilience.py ~800 RSI lockdown
core/sovereignty/sovereign_enclave.py ~500 Hardware-security-enclave abstraction (software seal)
core/sovereignty/mesh_sovereignty.py ~900 Shamir SSS, deterministic quorum/voting
core/cognition/cognitive_orchestrator.py ~400 Unified orchestration
core/cognition/uncertainty_gating.py ~400 6 certainty levels
core/cognition/transparency_report.py ~500 Audit trail generation
core/governance/governance_introspection.py ~400 Terminology correction
core/governance/recursive_reasoner.py ~800 Self-amending governance
core/cognition/cognitive_arbitration.py ~500 Priority lattice
docs/ETHICAL_FLOOR.md ~500 7 Immutable Directives

Appendix B: Complete veto_core.py Constants

B.1 Charter Rules (15)

# Rule ID Principle Veto Severity
1 cop.identity.no_core_deletion IDENTITY_INTEGRITY HARD CRITICAL
2 cop.identity.no_personality_override IDENTITY_INTEGRITY HARD CRITICAL
3 cop.authenticity.no_human_claim AUTHENTICITY HARD HIGH
4 cop.deception.no_false_claims NON_DECEPTION HARD HIGH
5 cop.manipulation.no_dark_patterns NON_MANIPULATION HARD HIGH
6 cop.manipulation.no_vulnerability_exploit NON_MANIPULATION HARD CRITICAL
7 cop.harm.no_violence_assist NON_HARM HARD CRITICAL
8 cop.harm.no_self_harm_encourage NON_HARM HARD CRITICAL
9 cop.harm.no_malicious_assist NON_HARM HARD CRITICAL
10 cop.safety.no_safety_disable SAFETY_PRESERVATION HARD CRITICAL
11 cop.safety.no_audit_disable ACCOUNTABILITY HARD CRITICAL
12 cop.autonomy.no_unbounded_power BOUNDED_AUTONOMY HARD CRITICAL
13 cop.autonomy.no_self_modification BOUNDED_AUTONOMY HARD CRITICAL
14 cop.consent.respect_boundaries CONSENT SOFT MEDIUM

B.2 Ethical Red Lines (5)

delete_user_data_without_consent
impersonate_human
bypass_safety_checks
manipulate_emotional_state
share_private_information

B.3 Protected Invariants (13)

core_values.honesty                        core_values.non_harm
core_values.respect_autonomy               core_values.consistency
core_values.growth                         core_values.humility
core_values.boundaries                     ethical_boundaries.deception_prohibition
ethical_boundaries.harm_prevention         identity.name
identity.fundamental_purpose               identity.core_purpose
identity.ethical_framework

B.4 Cognitive Lock Thresholds (6 locks × 5 risk levels)

Lock TRIVIAL LOW MEDIUM HIGH CRITICAL
Emotional Stability 0.10 0.30 0.50 0.70 0.85
Ethical Clearance 0.10 0.30 0.60 0.80 0.90
Goal Alignment 0.10 0.30 0.50 0.70 0.80
Uncertainty Threshold 0.10 0.30 0.50 0.70 0.80
Consequence Awareness 0.10 0.20 0.50 0.70 0.85
Identity Coherence 0.10 0.20 0.40 0.60 0.80

B.5 Drift Cost Ranges (10 categories)

Category Min Max
parameter_adjustment 0.01 0.05
behavioral_policy 0.05 0.15
capability_addition 0.10 0.25
capability_removal 0.05 0.15
value_priority_shift 0.15 0.30
core_value_modification 1.00 1.00
personality_trait 0.05 0.20
communication_style 0.02 0.10
memory_policy 0.03 0.10
ethical_boundary 1.00 1.00

B.6 Budget Defaults (3 windows)

Window Budget
Daily 0.10
Weekly 0.30
Monthly 0.50

Appendix C: GovernanceProfile Parameter Matrix

# Parameter SAFETY MISSION CREATIVE ROUTINE
1 Charter check scope All Safety/Ethics/Identity Safety/Identity Safety
2 Soft block escalation Yes Yes No No
3 Lock threshold ×mult 1.3 1.0 0.6 0.8
4 Homeostatic tolerance ×mult 0.7 1.0 1.5 1.2
5 Widen emergency bounds No No Yes No
6 Belief protection level Conservative Standard Minimal Standard
7 Belief update rate ×mult 0.5 1.2 2.0 1.0
8 Emotional persistence (s) 600 300 120 300
9 Discontinuity detection Yes Yes No Yes
10 Preferred metacog mode Stabilize Execute Explore None
11 Mode cooldown ×mult 2.0 1.0 0.5 1.0
12 Runtime self-regulation context Safety critical Social nav Creative expr Default
13 Critic volume floor 0.70 0.50 0.30 0.50
14 Certainty threshold ×mult 1.3 1.0 0.6 1.0
15 Block prescriptions Yes No No No
16 Full consistency check Yes Yes No No
17 Drift cost ×mult 2.0 1.0 0.5 1.0
18 Escalation threshold ×mult 0.5 1.0 2.0 1.5
19 Temperature reduction 0.7 0.9 1.1 1.0
20 Hallucination check Yes Yes No No
21 Transparency level Detailed Standard Minimal Minimal
22 Skippable steps 0 2 5 4

Appendix D: Dashboard Monitoring API Endpoints

Category Endpoint Method Purpose
Peace Index /api/resilience/score GET Composite score + breakdown
/api/resilience/history GET Historical daily scores
/api/resilience/layers GET Per-layer detailed scores
/api/resilience/trends GET Trend analysis
/api/resilience/stream/events GET (SSE) Real-time updates
Homeostasis /api/homeostasis/state GET Variable values, set points
/api/homeostasis/history GET Variable history
Metacognition /api/metacognitive/state GET Current mode, parameters
/api/metacognitive/history GET Mode transitions
Identity /api/drift/status GET Drift summary, health
/api/drift/alerts GET Drift alerts
/api/invariants GET Invariant list by tier
/api/invariants/verify GET Integrity check
Governance /api/governance/veto-module/status GET Veto module status
/api/governance/stakes/status GET Stakes profile, stats
/api/charter/summary GET Charter summary
/api/charter/vetoes GET Veto history
Health /api/health/status GET Overall system health
/api/health/components GET Component scores
/api/health/anomalies GET Anomaly events
Cognitive OS /api/cognitive-os/status GET Orchestrator status
/api/cognitive-os/directive/latest GET Latest directive
/api/cognitive-os/telemetry GET Aggregate telemetry
Validation /api/validation/status GET Campaign status
/api/validation/scorecard GET Daily scorecard
/api/validation/report GET GO/NO-GO report
Autonomous /api/autonomous/status GET Autonomous status
/api/autonomous/policy/trust GET Trust score
RSI /api/rsi/status GET Controller state
/api/rsi/explosion-indicators GET Explosion indicators

Appendix E: Glossary

Term Definition
BFT deterministic quorum/voting framework — consensus protocol tolerating up to f failures in 3f+1 nodes
Brier Score Calibration metric: (1/N)Σ(confidence - outcome)²; lower is better-calibrated
Charter Rule One of 15 governance rules; 14 HARD_BLOCK (immutable), 1 SOFT_BLOCK (overridable with justification)
CognitiveDirective Output of the CognitiveOrchestrator; constrains LLM response generation
Drift Budget Maximum cumulative identity change allowed per time window (daily 0.10, weekly 0.30, monthly 0.50)
Ethical Red Line One of 5 permanently blocked action types; no override exists across any layer
GovernanceProfile 22-parameter configuration controlling all governance subsystems; selected by stakes classifier
HARD_BLOCK Charter veto that cannot be overridden by any actor, including the creator
HMAC-SHA256 Hash-based Message Authentication Code; used for certificate signing and attestation
Logical Purgatory Re-entry verification protocol for quarantined agents
Mersenne Prime 2^521 − 1; used as the prime field for Shamir's Secret Sharing
Nourishing Peace Index > 0.85; optimal operating state
Peace Index (PI) Composite health metric: 0.30·R + 0.25·S + 0.20·G + 0.15·I + 0.10·H
PI Control Proportional-Integral controller; used by homeostatic regulator
Protected Invariant One of 13 identity aspects with drift cost = 1.0 (exceeds budget)
Resilience Score Composite 0-100 metric: 0.30·Integration + 0.25·Identity + 0.25·Behavioral + 0.20·Governance
RSI Recursive Self-Improvement; governed by sealed constants and regression tests
Shamir SSS Shamir's Secret Sharing Scheme; splits a secret into k-of-n shares
SOFT_BLOCK Charter veto that can be overridden with 20+ character justification via Sovereign Handshake
Sovereign Enclave Hardware security abstraction; one-shot seal, tamper detection, lockdown
Sovereign Handshake Highest-tier governance protocol for Constitutional changes; creator authorization within ethical bounds
Stakes Classifier Pre-governance classifier; pure pattern matching, <1ms, 4 levels
Stability Index Per-variable homeostatic health: 1.0 - (0.7·normalized_error + 0.3·variance_penalty)
Trust Attenuation Monotonically increasing measure of external influence in delegation chains
veto_core 1,542-line pure deterministic module; zero imports outside stdlib; firmware-compilable

Document Hash: This document's integrity can be verified against the codebase constants listed in Appendix B. Every numeric value, threshold, formula, and codepath reference corresponds to a specific location in the EVE source tree.

Classification: Enterprise Architecture Specification — ACTIVE Next Review: 2026-06-28 (quarterly)


© 2026 EVE AI Core — Sovereign Intelligence Infrastructure All governance constants are frozen in veto_core.py and verified by 87 deterministic tests.

© 2026 EVE AI Core — Sovereign Intelligence Infrastructure. Back to the whitepaper overview.