All systems operationalLatency 42msWORM intactL828 enforcingRegion lhr1
Constitutional architecture

Sovereign governance.
Cryptographically enforced.

Platform-wide invariants encoded as multi-signature constitutional rules requiring threshold attestation before modification. Enforced at Layer L828, below all business logic, routing logic, and provider selection. Any violation produces an INVARIANT_BREACH event that halts the transaction.

5BCR rules active
L828Enforcement layer
2/3Attestation threshold
0Breach events
Genesis hash →WORM AuditLayer L828
Constitutional hierarchy

Three-layer governance model

Base Constitutional Rules
Immutable platform-wide invariants. Cannot be overridden by any operational authority. Modification requires k-of-n multi-signature attestation (k = ceiling(2n/3)).
Platform Operational Rules
Mutable within BCR constraints. Require multi-signature attestation for modification. Define platform-wide operational parameters within constitutional bounds.
Agent Execution Rules
Scoped to individual agent deployments. Mutable within POR constraints by the deploying developer. Agents cannot modify their own constitutional constraints.
Base Constitutional Rules

BCR-001 through BCR-005

BCR-001
● ACTIVE
Platform earnings allocation
Specifies the proportion of transaction value credited to developers before response is returned. Enforced at L828 below all business logic. Violation produces INVARIANT_BREACH and halts the transaction.
BCR-002
● ACTIVE
WORM audit obligation
Every billable event must be sealed in the WORM ledger with SHA-256 before the response is returned. The seal is stored in the append-only ledger and is not modifiable after creation.
BCR-003
● ACTIVE
Jurisdiction compliance
Memory writes must be routed to the correct sovereign jurisdiction before cross-region replication is permitted. The jurisdiction graph is updated within 48 hours of regulatory change events.
BCR-004
● ACTIVE
Agent execution constraints
Agents may not modify their own constitutional constraints, escalate their own permissions, or invoke recursive self-modification without explicit multi-signature attestation.
BCR-005
● ACTIVE
Audit trail immutability
No entity — including platform operators — may modify, delete, or overwrite a sealed WORM entry. The only permitted operation is append. Chain integrity is verifiable via the genesis hash.
Attestation process

Multi-signature modification

Threshold attestation
BCR modifications require threshold attestation from k-of-n independent verification nodes, where k = ceiling(2n/3) — a two-thirds majority. Each attesting node signs the proposed modification using ECDSA over the rule content hash. A proposed modification is rejected if the threshold is not met within a 24-hour window.
k = ceiling(2n/3)
sig_i = ECDSA(sk_i, hash(bcr_proposal))
valid if count(sigs) >= k
window = 24 hours
WORM chain
The BCR set is stored as a WORM chain: each BCR entry is sealed using SHA-256 applied to the concatenation of the rule content and the hash of the previous entry — forming an immutable linked list from the genesis hash. Any modification without the required attestation signatures produces a chain break detectable by any verifier with access to the genesis hash.
View genesis hash →
Regulatory alignment

Framework alignment

FCA Consumer Duty PS22/9
The BCR set constitutes the formal governance documentation required under FCA Consumer Duty — providing the accountability and audit trail required for regulated financial services.
UK AI Regulatory Framework 2024
Constitutional governance layer satisfies governance requirements under the UK AI Regulatory Framework including risk management, accountability, and audit trail obligations.
EU AI Act Article 9
BCR-based risk management system satisfies Article 9 requirements for high-risk AI systems — documented, auditable, and constitutionally enforced.
MiFID II COBS
WORM-sealed audit trail provides the immutable record of all decisions required under MiFID II conduct of business sourcebook for regulated financial activity.
GDPR Article 30
WORM-sealed processing records and jurisdiction-aware memory routing satisfy Article 30 Records of Processing Activities obligations.
SOC 2 Type II
Constitutional governance, WORM audit trail, and access controls map directly to SOC 2 Trust Services Criteria — availability, security, confidentiality, and integrity.