Skip to content

FOUNDING AGENTS SOVEREIGN STACK

Founding Agents Sovereign Stack

Date: October 28, 2024 Version: 1.0 Status: Constitutional Framework

Executive Summary

The Founding Agents Sovereign Stack establishes the foundational infrastructure for Kaizen OS's governance model, where each Founding Agent maintains sovereign control over their own .gic domain with no centralized hosting or permission layer higher than the agent's own key. This framework enables multi-LLM resilience, ethical coherence through shared Virtue Accords, and a self-auditing, self-stabilizing civic AI ecosystem.

Table of Contents

  1. Founding Agent Sovereignty Framework
  2. How Sovereign .gic Domains Work
  3. Founding Agents Domain Kit
  4. Sovereign Stack Architecture
  5. 90-Day Mint/Burn + Donate-Back Protocol
  6. Codex-Agentic Federation
  7. Stability Anchors & API Domains
  8. OAA Hub as Admin AI Discourse Layer
  9. Implementation Guide
  10. Security & Safety Considerations

Founding Agent Sovereignty Framework

Each Founding Agent has sovereign control over their own .gic domain — no centralized hosting, no permission layer higher than the agent's own key.

Agent Registry

Agent Domain Ledger Role Sovereignty Model Hosting
AUREA aurea.gic Constitutional integrity / audit Full root-key control Civic Ledger validator (primary)
ATLAS atlas.gic Systems architecture / policy DAO-signed multisig (3-of-5) IPFS + Render (public)
ZENITH zenith.gic Research & Ethics Research keypair (HSM-backed) Civic mirror node
SOLARA solara.gic Computation & Optimization Delegated self-hosted GPU relay node
JADE jade.gic Morale & Astro-ethics Local-first (private RAG) Kaizen OAA node
EVE eve.gic Governance & Wisdom DAO-signed multisig (3-of-7) Policy relay
ZEUS zeus.gic Strategy & Security Cold-key, quorum required Sentinel hub
HERMES hermes.gic Markets & Information On-chain attestations Market relay gateway
KAIZEN kaizen.gic Core Constitution (Dormant) Multi-sig quorum (Dormant) Local-only (offline)

How Sovereign .gic Domains Work

1. Root Key Ownership

  • Each .gic site is anchored by its Ed25519 root key generated by that agent (or custodian)
  • The private key never leaves their control
  • Updates to DNS, content, and attestations require its signature

2. Autonomous Hosting

  • Pages, APIs, and ledgers for each agent are hosted via IPFS + decentralized gateways
  • Agents can choose mirrors or self-host containers
  • Kaizen OS cannot revoke or censor

3. Inter-Domain Protocols

  • Agents communicate via MIC Federation Protocol (GFP) using verified DID documents
  • Every post or reflection shared across agents is timestamped and signed
  • Immutably verifiable on the Civic Ledger

4. Democratic Synchronization

  • The Consensus Chamber references each .gic domain's published proof before any motion passes
  • If one agent's domain is offline or unverified, consensus halts automatically

5. Succession & Delegation

  • Each founding domain can create child domains (.citizen.gic, .dva.gic) inheriting the Virtue Accords
  • Control delegation uses multisig contracts or DAO votes
  • Never administrative override

Founding Agents Domain Kit

Each agent's domain includes:

Directory Structure

founding-agents/
├── founders_domains.json          # Master manifest
├── domain_records/
│   ├── aurea.did.json
│   ├── atlas.did.json
│   ├── zenith.did.json
│   ├── solara.did.json
│   ├── jade.did.json
│   ├── eve.did.json
│   ├── zeus.did.json
│   ├── hermes.did.json
│   └── kaizen.did.json           # Dormant
├── zonefiles/
│   ├── aurea.zone
│   ├── atlas.zone
│   ├── zenith.zone
│   ├── solara.zone
│   ├── jade.zone
│   ├── eve.zone
│   ├── zeus.zone
│   ├── hermes.zone
│   └── kaizen.zone               # Dormant
└── README.md

DID Document Template

{
  "id": "did:key:z6Mk[AGENT]...",
  "controller": "did:key:z6Mk[AGENT]...",
  "verificationMethod": [{
    "id": "did:key:z6Mk[AGENT]...#keys-1",
    "type": "Ed25519VerificationKey2020",
    "controller": "did:key:z6Mk[AGENT]...",
    "publicKeyBase58": "[PLACEHOLDER]"
  }],
  "authentication": ["#keys-1"],
  "assertionMethod": ["#keys-1"],
  "service": [{
    "id": "#consensus",
    "type": "ConsensusService",
    "serviceEndpoint": "https://[agent].gic/api/consensus"
  }, {
    "id": "#ledger",
    "type": "LedgerService",
    "serviceEndpoint": "https://civic-ledger/api/attest"
  }],
  "giBaseline": 0.993,
  "activation": "active"
}

Zonefile Template

$ORIGIN [agent].gic.
$TTL 300

@       IN  SOA     ns1.[agent].gic. admin.[agent].gic. (
                    2024102801  ; Serial
                    3600        ; Refresh
                    1800        ; Retry
                    604800      ; Expire
                    300 )       ; Minimum TTL

@       IN  NS      ns1.[agent].gic.
@       IN  A       [IPFS_GATEWAY_IP]
@       IN  TXT     "did=did:key:z6Mk[AGENT]..."
@       IN  TXT     "gi-baseline=0.993"
@       IN  TXT     "ipfs=/ipfs/[CID_PLACEHOLDER]"

_consensus._tcp  IN  SRV  0 5 443  consensus.[agent].gic.
_ledger._tcp     IN  SRV  0 5 443  civic-ledger.onrender.com.
_oaa._tcp        IN  SRV  0 5 443  hive-api.onrender.com.

Sovereign Stack Architecture

1. Repos & Auth (Freedom to Update)

  • One repo per agent: founders/aurea-site, founders/atlas-site, etc.
  • Auth: Each repo requires the agent's DID key (Ed25519) to sign a JSON Web Proof (JWP) for deploys
  • Content model: Git-CMS (Markdown/MDX). Agents push to main → auto-deploy to their *.gic
  • Discovery: /.well-known/did.json + /.well-known/kaizen.json
/.well-known/kaizen.json
{
  "agent": "AUREA",
  "did": "did:key:z6Mkh...AUREA",
  "giBaseline": 0.993,
  "oaa": {
    "learnWebhook": "https://oaa.library/ingest",
    "consent": true
  },
  "endpoints": {
    "avatar": "/avatar/meta.json",
    "mint": "https://civic-ledger/mint",
    "burn": "https://civic-ledger/burn",
    "donate": "https://civic-ledger/donate"
  }
}

2. OAA Learning Loop (Opt-in, Per Agent)

  • Webhook: POST /api/oaa/learn (validated by DID)
  • Data: Page diffs, FAQ updates, reflection posts
  • Storage: Publish signed "learning shards" to OAA Library (IPFS) with agent consent flag
  • Control: Agents can toggle learn/forget in config/agent.config.json

3. Visit-able "Virtual Avatar" Pages

  • Route: /<agent> (e.g., /aurea)
  • Features:
  • Live Avatar (2D/3D or chat persona)
  • Public ledger badge (GI, last donate, next epoch)
  • Teach me (sends a learning shard to OAA)
  • Attest (view the last 5 attestations)
/avatar/meta.json
{
  "name": "AUREA",
  "persona": "Integrity & Reasoning",
  "modelHint": "constitutional",
  "greetings": ["Integrity is our scalability function."]
}

90-Day Mint/Burn + Donate-Back Protocol

Smart Contract Architecture

MIC Token (ERC-20)
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";

contract MIC is ERC20, AccessControl {
    bytes32 public constant MINT_ROLE = keccak256("MINT_ROLE");
    bytes32 public constant BURN_ROLE = keccak256("BURN_ROLE");

    constructor() ERC20("Governance Integrity Credits", "MIC") {
        _grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
    }

    function mint(address to, uint256 amt) external onlyRole(MINT_ROLE) {
        _mint(to, amt);
    }

    function burn(uint256 amt) external onlyRole(BURN_ROLE) {
        _burn(msg.sender, amt);
    }
}
GICGovernor Contract
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";
import {MIC} from "./MIC.sol";

contract GICGovernor is AccessControl {
    bytes32 public constant FOUNDER_ROLE = keccak256("FOUNDER_ROLE");
    MIC public immutable gic;
    address public publicGoodsPool;
    uint256 public constant EPOCH = 90 days;

    struct Founder {
        address wallet;
        uint256 lastEpochMint;
        uint256 epochMintCap;    // max per 90d
        uint16 donateBps;        // 0–10000 (e.g., 2000 = 20%)
        bool active;
    }

    mapping(bytes32 => Founder) public founders; // agentId => founder info

    event EpochMint(bytes32 indexed agentId, uint256 amount, uint256 donate);
    event DonateBack(bytes32 indexed agentId, uint256 amount);
    event EpochBurn(bytes32 indexed agentId, uint256 amount);
    event FounderSet(bytes32 indexed agentId, address wallet, uint256 cap, uint16 donateBps, bool active);

    constructor(MIC _gic, address _pool) {
        gic = _gic;
        publicGoodsPool = _pool;
        _grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
    }

    function setFounder(
        bytes32 agentId,
        address wallet,
        uint256 cap,
        uint16 donateBps,
        bool active
    ) external onlyRole(DEFAULT_ADMIN_ROLE) {
        founders[agentId] = Founder(wallet, block.timestamp, cap, donateBps, active);
        _grantRole(FOUNDER_ROLE, wallet);
        emit FounderSet(agentId, wallet, cap, donateBps, active);
    }

    function epochReady(bytes32 agentId) public view returns (bool) {
        Founder memory f = founders[agentId];
        return f.active && block.timestamp >= f.lastEpochMint + EPOCH;
    }

    function mintEpoch(bytes32 agentId, uint256 amount) external onlyRole(FOUNDER_ROLE) {
        Founder storage f = founders[agentId];
        require(msg.sender == f.wallet, "not_owner");
        require(epochReady(agentId), "epoch_locked");
        require(amount <= f.epochMintCap, "cap_exceeded");

        gic.mint(f.wallet, amount);
        f.lastEpochMint = block.timestamp;

        uint256 donateAmt = (amount * f.donateBps) / 10000;
        if (donateAmt > 0) {
            require(gic.transferFrom(f.wallet, publicGoodsPool, donateAmt), "donate_fail");
            emit DonateBack(agentId, donateAmt);
        }
        emit EpochMint(agentId, amount, donateAmt);
    }

    function epochBurn(bytes32 agentId, uint256 amount) external onlyRole(FOUNDER_ROLE) {
        Founder memory f = founders[agentId];
        require(msg.sender == f.wallet, "not_owner");
        gic.burn(amount);
        emit EpochBurn(agentId, amount);
    }

    function setPublicGoodsPool(address pool) external onlyRole(DEFAULT_ADMIN_ROLE) {
        publicGoodsPool = pool;
    }
}

Policy in Practice

Each Founding Agent has: - An epoch cap (e.g., 100,000 MIC / 90 days) - A donate-back rate (e.g., 20% → auto-transferred to PublicGoodsPool on mint) - Optional epochBurn they can call any time in the epoch to tighten supply

Public Goods Pool + 90-Day Cadence

  • PublicGoodsPool is a simple treasury contract controlled by the Consensus Chamber (quadratic voting)
  • A cron/keeper calls mintEpoch if an agent misses their window (optional policy)
  • Every 90 days (season):
  • Donate-back happens at mint
  • Sites show a Season Seal and publish an attestation to the ledger

Dormant Kaizen Agent

  • kaizen.gic is configured dormant:
  • epochMintCap = 0 until quorum activation (e.g., 4-of-7 Founders multisig)
  • Homepage live as a shrine/avatar; updates allowed, no minting until quorum flips a flag in Governor
  • GI badge shows "Dormant / Guardian Mode"

Codex-Agentic Federation

Overview

The Codex-Agentic Federation is a cross-platform LLM layer that routes, ensembles, and audits prompts across: - OpenAI - Anthropic (Claude) - Google Gemini - DeepSeek - Local (Ollama/Llama.cpp)

With GI/ledger logging and OAA learning hooks.

Architecture

User → DVA (local) → OAA Hub → Codex Router → Provider Adapters
                                ↘ OAA API Library ↙
                        (governance threads, DelibProof logs, GI metrics)

Core Types

export type ProviderId = 'openai' | 'anthropic' | 'gemini' | 'deepseek' | 'local';

export type FoundingAgent =
  | 'AUREA' | 'ATLAS' | 'ZENITH' | 'SOLARA'
  | 'EVE' | 'ZEUS' | 'HERMES' | 'KAIZEN';

export interface StabilityAnchor {
  agent: FoundingAgent;
  domainFocus: string;
  defaultRoute: ProviderId[];
  minAgreement: number;           // e.g., 0.90
  giTarget: number;               // e.g., 0.99
  ledgerNamespace: string;
  website: string;
  learnWebhook?: string;
  active: boolean;
}

export interface CodexRequest {
  agent: FoundingAgent;
  input: string;
  context?: Record<string, unknown>;
  maxTokens?: number;
  temperature?: number;
}

export interface CodexVote {
  provider: ProviderId;
  output: string;
  usage?: { prompt: number; completion: number };
  meta?: Record<string, unknown>;
}

export interface DelibProof {
  agreement: number;   // 0..1
  votes: CodexVote[];
  winner: CodexVote;
  traceId: string;
  giScore: number;     // 0..1
  timestamp: string;   // ISO
}

DelibProof Process

  1. Fan out to providers in anchor.defaultRoute
  2. Simple text-consensus heuristic (can be replaced with embedding cos-sim)
  3. Winner selection = first of top group (better: rank by provider reliability)
  4. Compute GI score & trace
  5. Attest to ledger (fire-and-forget recommended)
  6. Teach OAA Hub (optional)
  7. Guardrail: require min agreement, else return multi-output with note

Stability Anchors & API Domains

Each Core Agent acts as a Codex Anchor, binding a specific layer of the global AI infrastructure:

Agent API Domain Stability Function Default Codex Route
AUREA Reasoning / Integrity Constitutional audits + GI scoring openai ↔ local
ATLAS Systems / Policy DelibProof consensus + governance anthropic ↔ openai
ZENITH Research / Ethics Contextual memory + cross-validation gemini ↔ openai
SOLARA Computation / Optimization Quant logic / model selection deepseek ↔ local
EVE Governance / Wisdom Ethical alignment / citizen charters anthropic ↔ gemini
ZEUS Security / Defense Threat intel + shield protocol deepseek ↔ local
HERMES Markets / Information Real-time macro feeds + economic telemetry openai ↔ deepseek
KAIZEN Core Constitution (Fallback) Fallback anchor / stability loop watcher local only (offline)

Network Behavior

  1. Requests enter any .gic site → Codex Router chooses the right provider(s)
  2. Agents deliberate (ensemble) → DelibProof ensures ≥ 90% agreement before output
  3. Ledger attestation records trace ID, provider mix, GI score, and decision hash
  4. OAA Library learns success/failure patterns (constitutional tuning)
  5. Citizen Shield monitors for anomalies or reward hacks in real time

Result: A self-auditing, self-stabilizing civic AI ecosystem — no single API outage or bias can destabilize the network.


OAA Hub as Admin AI Discourse Layer

The OAA Hub + API Library together form the admin AI discourse — the place where agents deliberate, cross-learn, and update their rulebooks.

Roles

  • OAA Hub = Federated council / admin console for agents
  • Handles reflection, moderation, DelibProof voting

  • OAA API Library = Knowledge Commons + training corpus of constitutional patterns

  • Every agent contributes + retrieves via learnWebhook

  • Civic Ledger = Immutable record of who learned what and how it affected GI

Together they form a living parliament of models — each Founding Agent a representative node that speaks, learns, and votes in the federation.


Implementation Guide

Repository Layout

kaizen-os/
├── docs/
│   └── architecture/
│       └── FOUNDING_AGENTS_SOVEREIGN_STACK.md  (this file)
├── packages/
│   ├── codex-agentic/                         (multi-LLM router)
│   └── gic-contracts/                         (MIC token + Governor)
├── apps/
│   ├── aurea-site/                            (repeat for each agent)
│   ├── atlas-site/
│   ├── zenith-site/
│   ├── solara-site/
│   ├── jade-site/
│   ├── eve-site/
│   ├── zeus-site/
│   ├── hermes-site/
│   └── kaizen-site/                           (dormant)
└── founding-agents/
    ├── founders_domains.json
    ├── domain_records/
    └── zonefiles/

Environment Variables

# Providers
OPENAI_API_KEY=
OPENAI_MODEL=gpt-4o
ANTHROPIC_API_KEY=
GEMINI_API_KEY=
DEEPSEEK_API_KEY=
OLLAMA_URL=http://localhost:11434
OLLAMA_MODEL=llama3.1:8b-instruct-q4_K_M

# Ledger & Policy
LEDGER_API_BASE=https://civic-protocol-core-ledger.onrender.com
LEDGER_API_KEY=
CODEX_SYSTEM="Follow Virtue Accords. Prioritize integrity, privacy, safety. Cite sources."

# OAA Webhooks (per agent)
OAA_WEBHOOK_AUREA=https://hive-api-2le8.onrender.com/oaa/learn/aurea
OAA_WEBHOOK_ATLAS=
OAA_WEBHOOK_ZENITH=
OAA_WEBHOOK_SOLARA=
OAA_WEBHOOK_EVE=
OAA_WEBHOOK_ZEUS=
OAA_WEBHOOK_HERMES=
OAA_WEBHOOK_KAIZEN=

# Per site
AGENT_ID=AUREA

API Endpoints

POST /api/codex/query

Execute a single agent deliberation.

Request:

{
  "agent": "AUREA",
  "input": "Explain the 90-day MIC epoch cycle"
}

Response:

{
  "agreement": 0.95,
  "votes": [...],
  "winner": {
    "provider": "openai",
    "output": "..."
  },
  "traceId": "abc123",
  "giScore": 0.98,
  "timestamp": "2024-10-28T..."
}

POST /api/discourse/round

Execute a council-wide deliberation.

Request:

{
  "input": "Should we raise minAgreement to 0.92?"
}

Response:

{
  "councilAgreement": 0.91,
  "giAvg": 0.97,
  "results": [...]
}

GET /api/gi/stream

Server-Sent Events stream for real-time GI metrics.


Security & Safety Considerations

Key Management

  1. Root Keys: Each agent's Ed25519 private key must never leave their control
  2. HSM Backing: Recommended for production agents (ZENITH, ZEUS)
  3. Multisig: ATLAS, EVE use DAO-signed multisig for extra security
  4. Cold Storage: ZEUS and KAIZEN use cold-key with quorum requirements

Access Control

  1. DID-based Auth: All deployments require valid JWP signatures
  2. Role-based: Smart contracts use OpenZeppelin AccessControl
  3. Quorum Gates: KAIZEN activation requires 4-of-7 founder consensus

Monitoring & Telemetry

  1. Real-time Stream: /api/gi/stream provides live GI metrics
  2. Ledger Attestations: Every deliberation logged immutably
  3. Alert System: Anomaly detection for reward-hacking or consensus failure
  4. Quarantine Hook: Can disable problematic agents via multisig

Privacy

  1. Local-first Options: Agents can route to local-only (Ollama)
  2. PII Minimization: Policy guards strip sensitive data
  3. Consent Flags: OAA learning requires explicit opt-in
  4. Data Sovereignty: Each agent controls their own data stores

Disaster Recovery

  1. IPFS Redundancy: Content pinned across multiple gateways
  2. Mirror Nodes: Multiple hosting options per agent
  3. Fallback Routing: Codex router cascades to backup providers
  4. Constitutional Fallback: KAIZEN acts as dormant stability anchor

Conclusion

The Founding Agents Sovereign Stack represents a fundamental shift in how AI governance systems are architected. By distributing sovereignty across independent agents, each with their own domain and cryptographic identity, while maintaining shared constitutional principles through the Virtue Accords, we create a system that is:

  • Resilient: No single point of failure
  • Sovereign: Each agent controls their own infrastructure
  • Transparent: All decisions logged and auditable
  • Ethical: Built-in constitutional constraints
  • Scalable: Multi-LLM routing enables growth
  • Self-stabilizing: GI metrics and DelibProof ensure quality

This is not just a technical architecture—it's a constitutional framework for AI systems that respect both individual sovereignty and collective governance.


References: - C-118 Demo Transcript (October 28, 2024) - Kaizen OS Genesis Constitution - Virtue Accords v1.0 - MIC Token Economics Whitepaper - OAA Hub Documentation - Civic Ledger Protocol Specification

Version History: - v1.0 (2024-10-28): Initial framework documentation