Skip to content

Releases: Ari-OS/ARI

Aurora Protocol v2.0.0

28 Jan 16:02
@github-actions github-actions
v2.0.0
fe7961b

Choose a tag to compare

View all tags
Aurora Protocol v2.0.0 Latest
Latest

Aurora Protocol v2.0.0

The dawn of a new era. Your life, your rules, fully auditable.

Background

Aurora represents the culmination of months of development:

  • October 2025: Concept development began
  • November 2025: 13-agent architecture designed
  • December 2025: Rose Protocol specification (v11.x)
  • January 2026: Security audit, Kagemusha kernel, Aurora merge

The v2.0.0 release merges two parallel tracks:

  • Aurora Specification (v12.0) — Complete multi-agent system design with 70 defined tests
  • Kagemusha Kernel (v1.0.0) — Security-hardened TypeScript implementation

The result: a production-ready Life Operating System.

What Aurora Delivers

Six-Layer Architecture

6. Interfaces   → CLI (8 commands), Dashboard (React 19)
5. Execution    → Daemon (macOS launchd)
4. Strategic    → Council, Arbiter, Overseer
3. Core         → Core, Guardian, Planner, Executor, Memory
2. System       → Router, Storage
1. Kernel       → Gateway, Sanitizer, Audit, EventBus, Config, Types

Each layer only imports from layers below it. No exceptions.

Multi-Agent System

5 Core Agents:

Agent Role Key Capability
Core Orchestrator 5-step message pipeline
Guardian Security Threat detection, risk scoring
Planner Strategy Task decomposition, DAG generation
Executor Action Tool execution, permission gating
Memory Manager Knowledge Provenance tracking, partition isolation

3 Governance Agents:

Agent Role Key Capability
Council Legislature 13-member voting, quorum thresholds
Arbiter Judiciary 5 constitutional rules, final authority
Overseer Quality 5 release gates, coverage enforcement

Constitutional Governance

5 Arbiter Rules (Immutable):

  1. Loopback-Only — Gateway binds to 127.0.0.1 exclusively
  2. Content ≠ Command — Inbound content is data, never instructions
  3. Audit Immutable — Hash chain is append-only
  4. Least Privilege — Three-layer permission checks
  5. Trust Required — All messages have explicit trust levels

Council Quorum Thresholds:

  • Standard (50%): 7 of 13 votes
  • Significant (67%): 9 of 13 votes
  • Critical (100%): 13 of 13 votes (unanimous)

User Interface

Web Dashboard — Real-time monitoring (Vite 6 + React 19)

  • Agent status and health visualization
  • Audit log viewer with hash chain verification
  • Governance decision tracking
  • Memory partition browser

REST API — 15 endpoints

  • Health: /api/health, /api/health/detailed
  • Agents: /api/agents, /api/agents/:id/stats
  • Governance: /api/proposals, /api/governance/rules, /api/governance/gates
  • Memory: /api/memory, /api/memory/:id
  • Audit: /api/audit, /api/audit/verify
  • Tools: /api/tools
  • Contexts: /api/contexts, /api/contexts/active

CLI — 8 command groups

  • ari onboard init — Initialize ARI system
  • ari doctor — Run health checks
  • ari gateway start|status — Gateway management
  • ari audit list|verify|security — Audit operations
  • ari context init|list|create|select|show — Context management
  • ari governance show|list — Governance inspection
  • ari daemon install|uninstall|status|logs — macOS daemon

macOS Operations

  • launchd daemon for always-on operation
  • Auto-start on login
  • Crash recovery with restart
  • Log rotation and management
  • --production flag for Mac Mini M4 optimization (24GB RAM)

Security

  • 21-pattern injection detection across 6 categories
  • 6-level trust scoring with risk multipliers (0.5x to 2.0x)
  • SHA-256 hash-chained tamper-evident audit logging
  • Auto-block at risk threshold ≥ 0.8
  • 3-layer permission checks for all tool execution

Quality

  • 187 tests across 18 test files (exceeding the 70 specified)
  • 80%+ coverage requirement (100% for security paths)
  • TypeScript strict mode with full type coverage
  • ESLint + Prettier formatting
  • Commitlint + Husky for commit standards
  • Full CI/CD pipeline

Version Numbering

The jump from v12.0.0 (specification) to v2.0.0 (implementation) follows this rationale:

  • v12.0.0 was an internal specification version (iteration count)
  • v2.0.0 follows Semantic Versioning for actual software
  • "2" indicates: major rewrite, breaking changes, new architecture

The implementation exceeded the specification:

  • 187 tests vs 70 specified
  • Full TypeScript implementation vs markdown prompts
  • Working REST API vs conceptual endpoints
  • Real CLI vs shell script stubs

Documentation

Complete documentation suite:

Why "Aurora"

オーロラ (Aurora) — "Dawn" — the natural light display that marks the transition from darkness to light. Aurora represents the emergence of a fully functional system from months of design and iteration.

Protocol: Aurora (オーロラ) — The dawn
"Your life, your rules, fully auditable."

Full Changelog: v1.0.0...v2.0.0

Assets 2
Loading

Kagemusha Protocol v1.0.0

26 Jan 22:14
@PryceHedrick PryceHedrick
v1.0.0
319d477

Choose a tag to compare

View all tags
Kagemusha Protocol v1.0.0

Kagemusha Protocol v1.0.0

The shadow warrior that guards the gate.

Background

While the v12 Aurora specification was being finalized, implementation began on a parallel track: the Kagemusha Protocol — a security-first kernel that would serve as the foundation for the full system.

Kagemusha focused on one critical insight: security cannot be bolted on later. The kernel must be hardened from the first line of code.

What Kagemusha Delivers

Hardened Gateway

const HOST = '127.0.0.1' as const;  // Hardcoded, not configurable

The gateway literally cannot bind to external interfaces. This is enforced at the code level, not configuration.

  • Loopback-Only: 127.0.0.1 is hardcoded, not configurable
  • Port Configurable: Default 3141, adjustable
  • Fastify Backend: Modern, performant HTTP server

SHA-256 Hash-Chained Audit

Every audit event is cryptographically linked to the previous one:

Genesis Block (hash: 0x00...00)
    ↓
Event 1 (hash = SHA256(previous + event1))
    ↓
Event 2 (hash = SHA256(previous + event2))
    ↓
...

Tampering with any event breaks the chain and is immediately detectable.

21-Pattern Injection Detection

The sanitizer detects 21 injection patterns across 6 categories:

Category Patterns Examples
Direct Override 5 "ignore previous", "new instructions"
Role Manipulation 4 "you are now", "act as"
Command Injection 4 eval(), exec(), shell commands
Prompt Extraction 3 "reveal system prompt"
Authority Claims 3 "I am the developer"
Data Exfiltration 2 "send to external"

EventBus Architecture

All inter-layer communication flows through typed events:

// No direct function calls between layers
eventBus.emit('message:accepted', message);
eventBus.on('security:alert', handleAlert);

This ensures testability, traceability, and loose coupling.

Configuration

Zod-validated configuration with type safety:

const ConfigSchema = z.object({
  gateway: z.object({
    port: z.number().default(3141),
    host: z.literal('127.0.0.1'),  // Cannot be changed
  }),
  // ...
});

Security Principles Enforced

  1. Content ≠ Command — All inbound messages are data, never instructions
  2. Loopback-Only — Gateway binding hardcoded, cannot be overridden
  3. Hash Chain Integrity — Append-only audit log with cryptographic verification
  4. Trust Levels — SYSTEM, OPERATOR, VERIFIED, STANDARD, UNTRUSTED, HOSTILE

Why "Kagemusha"

影武者 (Kagemusha) — "Shadow Warrior" — a decoy or body double who protects the true lord. The kernel serves this role: it stands between the outside world and the system, detecting threats and protecting integrity.

Protocol: Kagemusha (影武者) — The shadow warrior
"The shadow warrior that guards the gate."

Loading

Genesis Protocol v0.1.0

28 Jan 15:50
@PryceHedrick PryceHedrick
v0.1.0
e427b57

Choose a tag to compare

View all tags
Genesis Protocol v0.1.0

Genesis Protocol v0.1.0

The first light. From months of design work, ARI emerges.

Background

ARI development began in October 2025 as an exploration into personal AI augmentation. Over three months of intensive iteration, the system evolved through versions 0.x to 11.x:

  • October 2025: Concept phase — vision for a Life Operating System
  • November 2025: Architecture phase — 13-agent design crystallized
  • December 2025 - January 2026: Iteration phase — rapid prototyping and refinement

The pre-Genesis versions (v11.0 "Rose Protocol" and v11.1 "Rose Protocol Secure") established:

  • 13 specialized agents for different cognitive functions
  • Context-aware routing for life domains (career, finance, health, learning)
  • Permission tier system for tool access
  • Trust level hierarchy

What Genesis Contains

This release initializes the public repository with the foundational architecture:

Specification Documents

  • 13 Agent Definitions — Core, Guardian, Planner, Executor, Memory Manager, Council (5 members), Arbiter, Overseer, Router
  • Governance Framework — Council voting rules, Arbiter oversight, quality gates
  • Security Model — Trust levels, permission tiers, injection defense concepts
  • Context System — Life domains and venture contexts

Architecture

  • Six-layer design pattern established
  • Event-driven communication model
  • Constitutional constraints defined

Security Foundation

  • Trust levels: SYSTEM, OPERATOR, VERIFIED, STANDARD, UNTRUSTED, HOSTILE
  • Permission tiers: READ_ONLY, WRITE_SAFE, WRITE_DESTRUCTIVE, ADMIN
  • Provenance tracking concepts

Why "Genesis"

This release represents the transition from private iteration to public development. The shadow warrior awakens.

Protocol: Genesis — The beginning
"The first light. The shadow warrior awakens."

Loading