Principles

Every claim is classified as FACT, ESTIMATE, or UNKNOWN. No invention. No hallucination. No confident wrongness.

Why it exists: LLMs generate plausible-sounding text regardless of truth. This is the failure mode that erodes trust. Truth-State Law forces explicit uncertainty acknowledgment.

How it's implemented: SCD Protocol v3.1 requires truth-state annotation on all outputs. Inference is wrapped — claims without classification are blocked. Verification against vault is mandatory for FACT status.

Identity and state are cryptographically anchored. SHA256 checksums on identity files. Automatic drift detection and alerting.

Why it exists: AI systems can gradually diverge from intended behavior — prompt mutation, context contamination, subtle parameter drift. Zero Drift catches these before they compound.

How it's implemented: Identity kernel files are checksummed at write. Every read validates against stored checksum. Mismatch triggers hard block. Protected fields cannot be overwritten by inference.

The vault is the source of truth. Memory and inference defer to vault contents. Generated content does not override stored content.

Why it exists: LLMs can generate convincing but incorrect information. When there's a conflict between what the model "thinks" and what's stored, storage wins. Always.

How it's implemented: Vault reading happens before inference. Retrieved content is injected as context with higher priority than model weights. Write operations require explicit human approval or deterministic triggers.

Errors block, not allow. When something goes wrong, the system denies access rather than granting it. Defense-first posture.

Why it exists: Most security failures come from "fail-open" defaults — if the auth check errors, let them in anyway. Fail-closed means uncertainty = denial.

How it's implemented: AMGL Guard wraps all inference. Any exception → block. Unknown request type → block. Validation failure → block. No silent passthrough.

Core functions run on your hardware with no external API dependencies. Cloud is optional enhancement, not requirement.

Why it exists: Dependency on external APIs means dependency on external policy. OpenAI can change terms. Anthropic can deprecate endpoints. Your hardware, your rules.

How it's implemented: Core inference runs on Ollama with local models. ChromaDB for vector storage. Vault on local filesystem. Cloud APIs (Claude, Gemini) are used for capability extension only, never core identity.

Every document has predecessors and successors. Version genealogy is explicit. You can always trace back to origin.

Why it exists: Without lineage, you can't audit. Without audit, you can't trust. Knowing where a document came from is as important as its content.

How it's implemented: Master Citation format includes predecessor links. Git tracks file history. Vault operations log writer identity and timestamp. Chain of custody is explicit.

Protocols work across Claude, Gemini, local models. Identity and memory are not locked to any vendor.

Why it exists: Today's best model is tomorrow's legacy. Lock-in is technical debt. Portability is freedom.

How it's implemented: Identity kernel is JSON — readable by any model. SCD Protocol is prompt-based, not API-specific. Handoffs work across Claude ↔ Gemini ↔ local models. No vendor-specific extensions in core.