English | 中文

fdo-kernel-mvk

Execution-integrity layer for deterministic, replay-verifiable AI runtime proof surfaces.

fdo-kernel-mvk is the execution-integrity layer repository in the Digital Biosphere Architecture. It focuses on deterministic execution, replay validation, and runtime truth surfaces. It is a layer repo, not the whole stack.

Role

fdo-kernel-mvk is the execution-integrity layer repository in the Digital Biosphere Architecture.

It focuses on deterministic execution, replay validation, and runtime truth surfaces.

It is a layer repo, not the whole stack.

Not this repo

• not the governance runtime
• not the audit control plane
• not the architecture hub
• not the evidence packaging toolkit
• not the benchmark suite

Start here

• docs/walkthrough.md
• digital-biosphere-architecture
• token-governor
• agent-evidence
• aro-audit

Architecture navigation

• system context -> digital-biosphere-architecture
• governance layer -> token-governor
• concrete evidence packaging entry -> agent-evidence
• post-execution review -> aro-audit
• shortest walkthrough -> verifiable-agent-demo

Commands

• make run -> EXECUTION_OK
• make replay -> REPLAY_PASS
• make tamper -> CONFORMANCE_FAIL

Architecture Context

This repository is part of the Digital Biosphere Architecture ecosystem. It contributes the Execution Integrity Layer rather than trying to be the whole stack. Its focus is execution truth, verification surface, and runtime integrity.

What it proves:

• Deterministic state evolution
• Canonical object checksum verification
• Trace-bound replay validation

Security note:

• This prototype currently uses SHA-256 checksums for tamper detection.
• Checksums provide integrity checks, not identity-bound digital signatures.

AI Agent Stack Architecture

This repository also explores where execution integrity fits in the broader AI agent stack.

See:

• AI Agent Architecture Map
• AI Agent Runtime & Security Stack
• AI Agent Stack Architecture
• AI Agent Security Architecture
• AI Agent Runtime OSI Model

flowchart TB
    A["Application Layer<br>AI Apps / Copilots / Workflows"] --> B["Agent Framework Layer<br>LangGraph / CrewAI / AutoGen"]
    B --> C["Identity Layer<br>Persona Objects (POP)"]
    C --> D["Execution Integrity Layer<br>MVK Kernel<br>Deterministic Action Logs"]
    D --> E["Governance Layer<br>Policy / Verification / Audit"]
    E --> F["Object Layer<br>FDO / Digital Objects"]
    F --> G["Infrastructure<br>Models / Compute / Storage"]

Loading

Core layers:

• Application
• Agent Framework
• Identity
• Execution Integrity
• Governance
• Object Layer
• Infrastructure

Key distinction:

• Governance decides what should be allowed.
• Execution integrity proves what actually happened.

License

MIT

Schema Notes

• Evidence → Inference → Action

Architecture Notes

• Execution Integrity vs Governance Runtime

Roadmap Notes

• Success-Side Execution Traces