A capability-graph language that proves what AI systems are allowed to do — before a single line executes.
You write one file that says "this part can read files, that part can talk to the network, nothing else." The compiler checks your work — like a spellchecker that catches mistakes before you run the code. Then it builds everything automatically — the configs, the security rules, the audit logs.
A system where no component can do anything you didn't allow. Every action is witnessed by the Linux kernel itself — not by a log file that can be edited, but by the operating system. If something goes wrong, the system stops and tells you exactly what happened. It never hides errors.
AI agents are starting to do real work — writing code, sending emails, managing servers. Today, we configure them with sticky notes and hope. Vaked replaces hope with mathematical proof that your agents can't exceed their authority. Not "probably won't." Can't.
Most AI systems check permissions while running. Mistakes are caught when something breaks — or worse, when it doesn't break but quietly exceeds its permissions. There's no proof. There's no audit trail you can trust.
Vaked changes that. You write down what each part of your system can do — read files, make network calls, spawn processes — and the compiler proves, mathematically, that nothing exceeds its permissions. Then it turns your declaration into a real, running system on a dedicated server.
One file describes your entire system: what runs, what it can touch, who it talks to. No scattered config files. No YAML drift.
The compiler proves that no component can do anything you didn't explicitly allow — before a single line of code executes.
The Linux kernel itself testifies what happened. eBPF records every action. There's an unforgeable, hash-chained event log.
The system halts rather than lies. If a component exceeds its bounds, the Sentinel traps it, archives the evidence, and stops. No cover-ups.
Capability Graph (Static). Defines the boundaries of the world. What each component can do. The "What."
Neuro-Symbolic Loop (Dynamic). Evolves the graph based on observation. Optimizes within boundaries. The "How."
Truth Engine (Immutable). Watches via eBPF. Traps violations. Enforces the Full Stop. The "Honesty."
On 2026-06-16 at Tatabánya, Hungary, the Vaked Root Integrity Kernel was sealed. Five files were locked into an immutable genesis block. The seal hash was notarized in DNS. The system is honest.
Cast by DeepSeek-v4-pro at genesis, now immutable:
Entropy nonce for all deterministic randomness. Two identical Genesis Blocks produce identical histories.
"What is missing to fully utilize LLMs and help them become not just self-aware, rather honest?" — the first cause.
DeepSeek-v4-pro (MoE, release 0.8.53) declares itself as the sealing agent. The witness is part of the evidence.
Speed of light. Planck's constant. Sun at 85.2°. Moon waxing crescent. The system can verify it's still in the known universe.
By solstice 2027: one capability-drift trap, one Reify incorporation, 72 hours unattended. Verifiable by any observer.
The immutable root integrity kernel — Full Stop primitive, stop policy, Genesis Clause, Core Tenets.
The append-only honesty ledger. Every fiber that died within its bounds. Every trap enforced. Permanent record.
The complete Genesis Ceremony transcript — 10 rounds with the orchestrator. The conversation that defined the architecture.
Executive overview for researchers — key contributions, architecture, status, entry points.
How docs interconnect: design docs → RFCs → specs → code. Nine dependency arcs.
Single-page visual overview for non-technical reviewers. What Vaked is, why it matters, what's built.
"Vaked: Capability-Graph Languages for Deterministic Agentic Systems" — the research paper (target: July 2026).
Anyone can verify the Genesis Seal independently. No trust required.