The external control layer for AI
Menu
Request access
Request access

Architecture

Architecture turns the control thesis into a system map.

This is the control topology for G‑14: Atlas Mission Control carrying mission packets, Castor establishing authority, Apollo exposing operator command, evidence surviving the run, and release staying bounded.

Read docsTechnical diligenceReview proof surfaces

Control topology

Atlas, Castor, Apollo, Lamina, Covalence, and the rails matter only as one control topology.

The stack reads as one architecture for mission entry, authority, bounded execution, operator-visible review, durable evidence, and release control.

01

Runtime gate

Govern

Decide whether the AI action is allowed, held, blocked, escalated, or forced into safe state.

02

Action record

Bind

Bind the request, policy context, decision, release path, attestations, and effect record into a trace.

03

Proof packet

Prove

Export a signed proof packet showing what was requested, permitted, executed, and evidenced.

04

Verifier receipt

Verify

Let a customer, auditor, insurer, regulator, or incident responder check the packet independently.

Atlas

Atlas turns mission packets into bounded work, runtime state, hold-point progression, and outcome records.

Castor

Castor enforces authority, denial, capability limits, and fail-closed control.

Lamina

Lamina preserves attributable records, durable history, and replayable execution truth.

Covalence

Covalence provides code understanding, blast-radius awareness, and operational context for governed action.

VaultDesk

VaultDesk is the first live product surface where governed remote action can be inspected in practice.

Apollo

Apollo gives operators a place to inspect, steer, and intervene without bypassing governance.

Readiness

The readiness layer makes posture, scoring, and system health visible before release proceeds.

Thalos

Thalos provides the controlled environment and operating substrate for consequential machine work.

Eidolon

Eidolon extends the stack with governed adaptive execution that stays inside explicit authority and review.

Tessera rails

The Tessera rails tie accountability, proof, continuity, and economic control together so the system can be governed over time.

What the architecture already shows

These are the architecture truths that matter.

A serious architecture review is not an abstract stack picture. It explains what each role does, how the loop composes, and where deeper docs or packets are required before the picture needs to widen further.

What is visible

G‑14 is one control loop, not a subsystem collage

The public stack has to read as one loop: mission packet, authority, bounded execution, Apollo review, durable evidence, and release.

Governed action loopHow the stack composesPublic stack map

What is visible

Atlas executes under governance

Atlas is Mission Control, not an unbounded agent shell. It carries mission packets, runtime state, hold points, and outcome records under policy and release control.

ArchitectureProofTechnical packet

What is visible

Apollo exposes human review without bypassing the boundary

Apollo is the operator command surface inside the boundary. It gives humans a clear place to inspect, steer, and intervene without bypassing governance.

Apollo module docsTrustHigh-assurance packet

What is visible

Evidence and release are part of the architecture

The architecture is incomplete if it cannot show what survives after execution and how consequential outputs stay gated by review, replay, and release control.

ProofEvidence docsDiligence

Pressure test

Start by trying to break these four assertions.

Good architecture pages do not ask for approval. They invite the hardest questions first and leave the next inspection path sharper.

Pressure-test questions

  • Where does authority originate and how is denial represented?
  • What prevents execution from widening beyond the allowed path?
  • What records survive after the run and who can inspect them?
  • How does the entry product prove the larger platform instead of hiding it?

Read these next

Move from the system map into the docs that deepen it.

The next move is direct: the docs that explain the control loop, stack composition, and public system boundary.

Recommended reading

Governed action loop

Start here after the architecture map if you want one exact explanation of the public control loop.

Read in docs

Recommended reading

How the stack composes

Use this when you want the stack explained as one system instead of a module list, including where Atlas executes, Castor constrains, and Apollo exposes operator command.

Read in docs

Recommended reading

Apollo operator surface

Read this when the architecture discussion turns on where human review, operator command, and bounded intervention live in the public stack.

Read in docs

Recommended reading

Public stack map

This is the system map for a technical buyer who needs a controlled explanation of the full stack.

Read in docs

System path

Architecture turns the thesis into a clear control topology.

Architecture matters only if it shows that the product proof, trust story, and platform story are backed by one coherent system instead of disconnected module marketing.

Before this

Proof

The proof model establishes the standard: authority, execution, evidence, and release must survive scrutiny.

Open Proof

Current step

Architecture

The stack decides, authorizes, executes, remembers, and proves action coherently.

You are here

Next step

Docs

Once the system map lands, the next move is inspectable documentation and integration truth.

Open Docs
Technical diligencePlatform overviewRequest access