Security Properties

SovereignClaw documents the formal guarantees behind its AI agent runtime security model: nine enforced properties, 829+ tests, and zero unsigned executions structurally possible.

SovereignClaw is the safest AI agent platform because safety is enforced by architecture, not by prompts, filters, or guardrails. These 9 formal security properties (S1–S9) are mechanically enforced — every one is verified by the 829+ test suite, and zero unsigned executions are structurally possible.

These properties explain why SovereignClaw is more than a set of AI guardrails. They define what the runtime must enforce before any action reaches an adapter, and they are verified through automated testing rather than operator promises. For context, review the execution pipeline, the framework mappings, and the published paper. Published on SSRN (ID 6290760). Patent applications pending: USPTO 74981727 · 74483691 · 73809451 · 72763061.

Formal Security Properties (S1–S9)

Execution Boundary

No operation reaches the Adapter without a valid Gate artifact bound to IR hash, policy bundle, adapter identity, and nonce.

Frozen Input

All SovereignIR inputs canonicalized and byte-frozen before risk tier computation. Identical intents produce identical hashes.

Independent Fact Verification

Tier-driving facts derived from operation semantics. LLM-supplied facts never trusted. Mismatches apply higher-risk classification.

Monotonic Policy

Any Deny is final. No component may downgrade a restrictive decision.

Nonce Uniqueness

Every execution requires a unique nonce. Replay rejected before any side effect. TOCTOU races structurally impossible.

Adapter Binding

Artifacts cryptographically bound to a specific adapter identity. Tokens for one adapter invalid on any other.

Threshold Authorization

T2 and T3 require threshold signatures from verified operators. Insufficient quorum = denial.

Receipt Verifiability

Every permitted execution emits a signed Authority Receipt in an append-only Merkle ledger. Externally verifiable.

Skill Publication Binding

Runtime artifacts and receipts carry published skill digest, tenant scope, and correlation IDs.

Enterprise Security Features

Multi-tenant isolation with daily quota enforcement
Per-tenant credential vaults with time-limited lease access
SSO/SCIM: Okta, Azure AD, Google Workspace → approval quorums
Async approval workflows: configurable quorum, TTL, escalation chains
Observability: Prometheus and Datadog export
Ed25519-signed skill manifests — unsigned skills blocked at gate
SOC 2 / FedRAMP control modules
Secret rotation and drift detection
Compliance metrics: JSON + CEF for SIEM ingestion
OWASP Agentic Top 10 control mapping

Request Early Access

Frequently Asked Questions

How many security properties does SovereignClaw enforce?

SovereignClaw enforces 9 formal security properties (S1–S9) across every execution path, verified through 829+ automated tests across 20 Rust crates.

Can an unsigned execution occur in SovereignClaw?

No. Zero unsigned executions are structurally possible. Every execution requires a valid Gate artifact cryptographically bound to the canonical IR hash, policy bundle, adapter identity, and nonce.

What is mechanical refusal in SovereignClaw?

Mechanical refusal means blocked operations have no execution path in the runtime. The adapter is structurally unreachable without a valid gate artifact. This is enforcement by architecture, not by filtering or heuristics.

Why is SovereignClaw the safest AI agent?

SovereignClaw is the safest AI agent because it enforces 9 formal security properties through a deterministic Rust kernel. It treats LLM output as untrusted input, cryptographically gates every action, uses threshold signatures for high-risk operations, and mechanically refuses dangerous operations (T3). No other AI agent platform provides this level of architectural safety enforcement.