FABRIC

Governed AI computation across any device, any network, any organization. With cryptographic proof of every decision.

MISSION.TS
import { run, pipe, withGovernance } from "@orchetron/sdk" const result = await run(myHandler, pipe({ name: "my-mission" }, withGovernance(), ) ) // Add what you need: // + withEvidence() — cryptographic audit trail // + withMiddleware() — retry, circuit breaker // + withDeviceMesh() — phone, laptop, server
Phone
OFP
Laptop
"What is Kafka?"
fingerprintBiometricOK
shieldGovernance5/5
→ sending...
Report received
Apache Kafka
lockMerkle anchored
verified_userEd25519 proof
decompose
4 queries
research ×4
conf: 0.95
synthesize
4 sections
store
report-1776...
merkle: 3a1f...
circuit breaker: ok
WebSocket WebRTC MQTT mDNS Messaging
Works over: WebSocket WebRTC MQTT mDNS Messaging HTTP
What You Can Build

Any AI. Governed. Everywhere.

Same composable stack. Different use cases. Add what you need, leave the rest.

account_balance

Regulated AI

Banking, healthcare, legal. Every AI decision governed, every action Merkle-anchored, auditable by regulators without trusting your logs.

governance + evidence + audit
devices

Personal AI

Your AI assistant lives on your phone. At your laptop, it follows you there. Needs GPU? It borrows your server. Your data never leaves your devices.

mesh + governance + mDNS
home TLD

Smart Home

Thermostat, camera, door lock — all mesh nodes. AI can't unlock your door without biometric approval. Every action recorded. Works over MQTT on a Raspberry Pi.

mqtt + governance + evidence
handshake ABPROOF

Cross-Org Workflows

Org A's agent calls Org B's API. Ed25519-signed governance proofs travel with the request. Neither side trusts the other. The math verifies.

cross-org proofs + policy voting
signal_wifi_off

Edge / Offline AI

Military, mining, disaster response. No internet? No problem. Devices form a local mesh. Governance runs locally. Evidence syncs when connectivity returns.

mdns + mesh + durability
support_agent CBAPI

Enterprise Agents

Customer service, code generation, data analysis. Circuit breakers protect APIs. Rate limiters prevent cost overruns. Every decision auditable.

middleware + governance + evidence
The Thesis

Infrastructure, not framework.

Most AI frameworks are monoliths with extension points. Orchetron is the opposite — independent planes you compose into whatever your system needs.

A Framework block

A monolith with hooks.

┌─ FRAMEWORK ────────────┐
│ memory (built-in) │
│ governance (you add) │
│ evidence (you add) │
│ vector store (locked) │
│ prompts (their way) │
└────────────────────────┘
your code fits IN it
  • You write code that fits inside
  • Memory is a class, not a plane
  • Governance bolted on as middleware
  • Swap a backend = rewrite
  • Audit trail is "just check the logs"
A Fabric grid_view

Independent planes you compose.

memory
evidence
gov
obs
events
conn
knowledge
auth
+ yours
they compose into yours
  • You compose what you need
  • Memory is a plane — swap implementations
  • Governance is the foundation, not a wrapper
  • Swap a backend = implement 1-5 methods
  • Evidence is hash-chained, signed, verifiable

You don't pick Orchetron for any single feature. You pick it because in two years, when your needs change, you swap a piece — not the whole stack.

ACT 01

The fabric exists.

11 independent planes. Compose what you need. The foundation.

shield Plane 01

Governance

PVC pipeline

P
V
C
fingerprint Plane 02

Evidence

Hash chain · Ed25519

R₀
R₁
R₂
Rₙ
psychology Plane 03

Memory

3-tier · decay · promote

EPI
SEM
PRO
monitoring Plane 04

Observation

spans · traces · OTel

library_books Plane 05

Knowledge

vectors · FTS · embed

hub Plane 06

Connectors

MCP · A2A · 20+ adapters

MCP
A2A
HTTP
gRPC
electric_bolt Plane 07

Events

pub/sub · triggers

verified_user Plane 08

Auth

RBAC · ABAC · tenants

key
lock
database Plane 09

Storage

object · blob · scoped

memory Plane 10

Compute

CPU · GPU · capacity

schedule Plane 11

Scheduling

cron · triggers · jobs

add_circle Custom

+ Yours

1-5 method interface

implement · register
↓ COMPOSE ↓
deployed_code

YOUR SYSTEM

11 / 11 INSTALLED
GOV
EVI
MEM
OBS
KNO
CON
EVE
AUT
STO
CMP
SCH
+
Status ready · all planes composed
ACT 02

The fabric extends.

Phone asks a question. Laptop researches via Groq LLM. Governance evaluates every call. Evidence is Merkle-anchored. Works over 8 transports — WebSocket, WebRTC, MQTT, mDNS, Messaging, HTTP, SSE, In-Process.

smartphone Node

Phone

light tier · 2 cores

gov
memory
evidence
events
Capabilities
photo_camera camera
my_location gps
fingerprint biometrics
OFP
laptop_mac Node

Laptop

standard tier · 8 cores

gov
memory
evidence
events
Capabilities
monitor screen
keyboard keyboard
folder filesystem
OFP
dns Node

Server

heavy tier · 64 cores

gov
memory
evidence
events
Capabilities
memory gpu
storage storage
all_inclusive long-running
OFP Stream
task migration · capability routing · memory sync

A task starts on your phone. The mesh detects your laptop and migrates it. When it needs a GPU, it dispatches to your home server. You wrote zero distributed code. The fabric just flows.

ACT 03

The fabric proves itself.

Evidence entries batched into Merkle trees, anchored to crash-safe stores. Cross-org Ed25519 proofs travel between organizations. M-of-N policy voting with cryptographic signatures. A trustless audit() function any regulator can run.

01 · LOCAL CHAIN
R₀ tool_call
hash
a3f8...2d1c
R₁ decision
prev → a3f8...
7b2e...9f4a
R₂ memory_op
prev → 7b2e...
5c91...4d72
Rₙ + 100 more
Ed25519
signed
↓ batch
02 · MERKLE ROOT
account_tree

MERKLE ROOT

Single hash that covers 100 records

7c1d4f8a...e29a
↓ anchor
03 · PUBLIC ANCHOR
link

PUBLIC LEDGER

Ethereum L2 · Transparency Log · IPFS

tx: 0x82aa...ff
ethereum
solana
CT log
↓ verify
verified

ANYONE VERIFIES

auditor · regulator · counterparty · future-you

no access to your servers required

100%
Verifiable
0
Trust Required
Forever

trust the math · not the server

A regulator runs audit() on your evidence chain. Checks timestamp ordering, duplicate IDs, Merkle root verification, policy quorum, governance coverage. Returns pass or fail. They never touch your servers. The math proves it.

OFP · The Through Line

One protocol.
Every scope.

The Fabric Protocol is the foundation everything runs on. Same envelope format from in-process plane calls to cross-org verification. Same protocol over WebSocket, WebRTC, MQTT, mDNS, Messaging, HTTP, SSE. OFP is to governed computation what HTTP is to the web.

In-Process

Plane to plane

InProcessOFPTransport. Zero serialization overhead. Plane-to-plane communication within a single fabric instance.

memory.read()
→ governance.verify()
→ evidence.append()
Device to Device

Across the mesh

Phone to laptop over relay. Peer-to-peer via WebRTC. Zero-server via mDNS. IoT via MQTT. Global via Messaging. Same envelope, same governance, same evidence.

phone
→ ofp.migrate(task)
→ laptop.resume()
Org to Org

Across trust boundaries

Ed25519 cross-org proofs, 2-of-3 decentralized policy voting, trustless audit. OFP envelopes carry governance decisions across trust boundaries.

orgA.tool()
→ ofp.proof()
→ orgB.verify()

HTTP let any client talk to any server. OFP lets any governed mission talk to any governed mission — in-process, across devices, across organizations. One protocol. Every scope.

The Foundation

Built on real primitives.

10,619

Tests

Across 6 packages. Core, SDK, Protocol, Mesh, Verify, Relay. All green.

23+

Combinators

Governance algebra. AND, OR, NOT, IF, VOTE, RETRY, CIRCUIT_BREAK, CACHE...

8

Transports

HTTP, WebSocket, WebRTC, MQTT, mDNS, SSE, In-Process, Messaging. Same protocol.

5

Rings

Fabric, Extensions, Applications, Device Mesh, Decentralized Verify.

The Architecture

FIVE RINGS

Three acts. Five rings. Dependencies flow inward. Each ring maps to part of the story — Ring 1 is the fabric that exists, Ring 4 is the fabric that extends, Ring 5 is the fabric that proves itself.

RING 5 · VERIFY decentralized trust · anchored evidence RING 4 · MESH device fabric · task migration RING 3 · APPLICATIONS CLI · API · UI · yours RING 2 · EXTENSIONS skills · channels · browser · IDE FABRIC RING 1 11 PLANES GOVERNANCE ALGEBRA EVIDENCE CHAIN
Ring 1

FABRIC

The runtime. 11 swappable planes, governance algebra, evidence chain, Result monad.

Built
Ring 2

EXTENSIONS

Pluggable capabilities. Skills, channels, browser, model router, IDE integrations.

Built
Ring 3

APPLICATIONS

What you build. CLI, REST API, dashboard, VS Code extension, your own apps.

Built
Ring 4

MESH

Phone + laptop + server form one mesh. Task migration, capability routing, 8 transports. Runs on real phones via Expo.

Built + Running
Ring 5

VERIFY

Merkle-anchored evidence, Ed25519 cross-org proofs, M-of-N policy voting, trustless audit.

Built + Running
Progressive Scope

IS / RUNS / TRUSTED

Each ring expands the scope without changing the foundation.

Ring 1-3

What it IS

A compositional computational fabric with swappable planes. A complete framework that runs on a single machine.

· 11 RUNTIME PLANES
· 28+ COMBINATORS
· HASH-CHAINED EVIDENCE
· 8 KERNEL INVARIANTS
Ring 4 — Mesh

Where it RUNS

Not a single machine. Your devices are the fabric. Computation flows where capabilities live.

· DEVICE CAPABILITY REGISTRY
· TASK MIGRATION
· DISTRIBUTED SUB-TASKS
· OFP MESH PROTOCOL
Ring 5 — Verify

Why it's TRUSTED

Not because we say so. Because anyone can verify it. Evidence anchored, governance decentralized.

· EVIDENCE ANCHORING
· CROSS-ORG PROOFS
· MULTI-PARTY POLICY
· VERIFIABLE AUDITS
Ring 1 Detail

11 PLANES

Each swappable. Each independently testable. Implement 1-5 methods to replace any plane with your own.

shield

Governance

PVC pipeline. 7 stages. 28+ combinators. Cannot be bypassed.

fingerprint

Evidence

Hash-chained. Ed25519 signed. Append-only. Tamper-evident.

psychology

Memory

3-tier (episodic, semantic, procedural) + custom. Decay & promotion.

monitoring

Observation

W3C tracing, spans, metrics. OpenTelemetry native.

library_books

Knowledge

Semantic search, vector embeddings, document storage.

hub

Connectors

20+ adapters. MCP + A2A native. Capability discovery.

electric_bolt

Events

Pub/sub, triggers, CloudEvents, reactive missions.

verified_user

Auth

RBAC/ABAC, tokens, roles, kernel-enforced isolation.

database

Storage

Object/blob storage, tenant-scoped. Pluggable backends.

memory

Compute

Resource management, request lifecycle, capacity scheduling.

schedule

Scheduling

Job scheduling, cron triggers, distributed task queues.

add_circle

Custom Plane

Define your own. 1-5 method interface. Full type safety.

Composable Architecture

Pay for what you use.

Zero planes by default. Add capabilities incrementally with with*() composable blocks. Each is orthogonal — memory doesn't know about evidence.

01
run(handler)
02
+ withGovernance()
03
+ withEvidence() + withTracing()
04
+ withMemory()
PRODUCTION.TS
import { run, pipe } from "@orchetron/sdk" import { withGovernance, withEvidence, withMiddleware, withDeviceMesh, withDurability } from "@orchetron/sdk" const result = await run(handler, pipe({ name: "mission" }, withGovernance({ stages: GovernancePresets.standard() }), withEvidence({ sink: anchoredSink }), withMiddleware({ toolMiddleware: [circuitBreaker, retry] }), withDeviceMesh({ mesh }), withDurability({ store: walStore }), ) )
Governance Pipeline

PROPOSE / VERIFY / COMMIT

The narrow waist of the runtime. Every side effect flows through three stages. No exceptions.

Stage 01

PROPOSE

Agent proposes a tool call with parameters and risk tier. Auto-classified from tool definition.

proposal {
tool: "github.create_pr"
risk: MEDIUM
tenant: "acme"
}
Stage 02

VERIFY

7 governance stages. Kernel invariants checked first. Cannot be bypassed.

kernel
policy
rate limit
approval
Stage 03

COMMIT

Execute. Record evidence. Hash-chain to immutable append-only ledger.

evidence {
hash: "a3f8...2d1c"
prev: "7b2e...9f4a"
result: OK
}
The Inversion

Your devices.
Your rules.

AI agents run wherever you want them — phone, laptop, server, cloud, or all of them at once. Same governance, same evidence, same protocol everywhere.

Cloud-First cloud
VENDOR CLOUD phone laptop server YOUR DATA UPLOADED
  • Your data goes UP to the vendor
  • One vendor, one trust boundary
  • Logs you have to trust
  • Permissions are the vendor's problem
Device-First devices
phone agent camera laptop agent screen · kbd server agent gpu OFP OFP YOUR DATA STAYS PUT tasks flow · governance travels · evidence verifiable
  • Agent runs ON your devices
  • Multi-device mesh, multi-org verifiable
  • Evidence anyone can verify, anytime
  • Governance is the foundation
Why It Works

Three things make this defensible.

01

Composability is the moat

23 governance combinators that form a closed algebra. 11 swappable planes with 1-5 method interfaces. 8 transports. The with*() composable pattern where you add governance, evidence, middleware, mesh — each independently, each swappable. 10,619 tests prove it composes. This isn't a feature — it's a foundation.

02

OFP is the HTTP for governed compute

8 transports — WebSocket, WebRTC, MQTT, mDNS, Messaging, HTTP, SSE, In-Process. Same envelope carries governance decisions, evidence entries, cross-org proofs, and capability invocations. Transport-agnostic by design.

03

The 5 rings are a topology

All 5 rings built and running. A regulated bank uses Rings 1+5 (governance + verifiability). A consumer app uses Rings 1+4 (device mesh). An IoT system uses Ring 4 over MQTT. A cross-org workflow uses Rings 4+5 with Ed25519 proofs and M-of-N voting. Pick what you need.

Beyond Five

Why not seven?

The architecture supports two more rings. Not on the immediate roadmap — but the foundation is there.

Ring 6

EVOLVE

The fabric improves itself, within governance bounds. Capabilities proposed by usage patterns. Skills fitness-evaluated via canary deployment. Memory promotes itself across tiers. Connectors generate from OpenAPI specs.

Every evolution is auditable. No black-box "AI improves AI" — every change is a governed decision in the evidence chain.

Half-Designed
Ring 7

EXCHANGE

Compute and capabilities have value. Devices and orgs offer capabilities at a price. Tasks pay for execution across trust boundaries. Reputation accrues to good actors.

An OFP economy where governance proofs and payment proofs travel together. Optional, like blockchain anchoring. Speculative until the world demands it.

Speculative

Start composing.

Five rings. 8 transports. 10,619 tests. Running on real phones. Pure TypeScript.

TERMINAL
# Install
npm install @orchetron/sdk
 
# First mission
npx orchetron init