44 RFCs (0001–0055) · 34 URI schemes · 18 protocols
🇬🇧 English · 🇩🇪 Deutsch · 🇫🇷 Français · 🇪🇸 Español · 🇮🇹 Italiano · 🇳🇱 Nederlands · 🇵🇱 Polski · 🇨🇿 Čeština · 🇸🇪 Svenska
🇯🇵 日本語 · 🇨🇳 中文 · 🇰🇷 한국어 · 🇮🇳 हिन्दी · 🇹🇷 Türkçe · 🇦🇪 العربية · 🇵🇹 Português · 🇷🇺 Русский · 🇺🇦 Українська
- CFP submitted to Open Source Summit Europe 2026
- Building Open Standards for Sovereign AI Systems: Provenance, Governance, and Interoperability
The Sovereign Intelligence Network — A distributed operating system for intelligence.
SovereignStack is a protocol stack and runtime that treats intelligence itself as a networked resource. It is to autonomous intelligence what TCP/IP is to data networking.
1970s → ARPANET (packet switching)
1990s → Internet (global connectivity)
2000s → Cloud (elastic compute)
2020s → AI Platforms (model serving)
2030s → Sovereign Intelligence Networks (SovereignStack)
Every SovereignStack object is:
- Identifiable — has a unique URI
- Addressable — resolvable across the network
- Discoverable — findable via capability/semantic search
- Verifiable — cryptographically signed, with provenance
- Portable — movable across nodes and jurisdictions
- Federatable — shareable across sovereign boundaries
- Auditable — full history and reasoning trail
agent://researcher-1 # Agent identity
session://abc123 # Session
artifact://def456 # Produced artifact
memory://xyz789 # Memory object
reason://decision-42 # Reasoning chain
knowledge://physics/newton # Knowledge object
capability://legal-review # Skill/capability
workflow://contract-analysis # Workflow definition
contract://task-88 # Agent contract
org://acme # Organization
robot://drone-12 # Physical device
policy://gdpr-eu # Governance policy
tel://zcube-a/evt-001 # Telemetry event (RFC-0033)
kv://zcube-a/gpu-003/session-a # KV cache object (RFC-0034)
gateway://eu-frankfurt # Federation gateway (RFC-0035)
mem://zcube-a/gpu-003/hbm # Memory pool (RFC-0036)
profile://zcube-standard-v1 # Cluster profile (RFC-0037)
model://huggingface/Qwen/Qwen2.5-72B # AI model (RFC-0040)
dataset://huggingface/c4 # Dataset (RFC-0040)
training://zcube-a/run-0042 # Training run (RFC-0040)
evaluation://zcube-a/eval-007 # Model evaluation (RFC-0040)
audit-pkg://node-001/2026-06-03 # Audit evidence package
continuity://zcube-a/legal-agent # AI continuity manifest (RFC-0052)
recovery://zcube-a/incident-42 # Recovery procedure (RFC-0050)
failover://zcube-a/evt-001 # Failover event log (RFC-0051)
playbook://zcube-a/gpu-failure # Recovery playbook (RFC-0050)
SovereignStack Protocol Stack — RFCs organized by layer
Deployment Models: Air-gapped · Federated Mesh · Hybrid
OASA Data Flow — API Gateway → Inference → Audit Trail
ss-kernel
├── Identity (UAI, SIG, trust, reputation)
├── Capabilities (registry, discovery, routing)
├── Messaging (event bus, streams)
├── Memory (tiered: session → civilizational)
├── Scheduling (compute placement, model selection)
├── Federation (sovereign routing, replication)
├── Governance (policies, jurisdiction, compliance)
└── Provenance (lineage, evidence, audit)
Alongside the core Rust primitives, SovereignStack implements a suite of Python-based microservices providing production-ready infrastructure:
- OASA API Gateway: Secure, OpenAI-compatible entry point enforcing Data Loss Prevention (DLP), Strict Compliance Locking, and SPIFFE workload identity validation.
- Federation Relay & Sync Engine: Decentralized node synchronization utilizing advanced Conflict-Free Replicated Data Types (CRDTs) to ensure eventual consistency across sovereign boundaries.
- Merkle Audit Log: Cryptographically verifiable, append-only event stream providing a tamper-proof provenance trail for all system operations.
- Predictive Scheduler: Autonomous operational controller employing exponential smoothing models to predict compute load and proactively scale resources.
- Weight Federation: Secure registration and sharding of model weights across distributed nodes for collaborative inference.
SovereignStack/
├── ss-kernel/ # Core kernel (identity, resolver, eventbus, registry, capability, policy)
├── ss-core/ # Shared types, URI parsing, errors
├── ss-crypto/ # Ed25519 signing, hashing
├── ss-identity/ # Universal Agent Identity
├── ss-capability/ # Capability declaration & matching
├── ss-eventbus/ # Event sourcing infrastructure
├── ss-cas/ # Content-addressed storage
├── ss-federation/ # Sovereign routing & discovery
├── ss-runtime/ # Multi-model execution runtime
├── ss-memory/ # Tiered memory subsystem (Stub)
├── ss-sessiond/ # Session lifecycle daemon
├── ss-scheduler/ # Compute placement (Stub)
├── ss-swarm/ # Multi-agent coordination (Stub)
├── ss-reason/ # Reasoning object store (Stub)
├── ss-kas/ # Knowledge addressing system (Stub)
├── ss-sig/ # Sovereign identity graph (Stub)
├── ss-trust/ # Trust framework (Stub)
├── ss-reputation/ # Reputation scoring (Stub)
├── ss-policy/ # Governance & jurisdiction (Stub)
├── ss-provenance/ # Computational lineage (Stub)
├── ss-jurisdiction/ # Jurisdiction compliance engine
├── ss-twin/ # Digital twin framework
├── ss-device/ # Reality interface layer (Stub)
├── ss-economy/ # Resource markets (Stub)
├── ss-sip/ # Sovereign Intelligence Protocol (Stub)
├── reference-node/ # Minimal reference node binary
├── conformance/ # Conformance test suites & profiles
├── rfcs/ # Protocol specifications (RFC-0001–0040)
├── docs/
│ ├── architecture/ # 10-page architecture breakdown
│ └── architecture/diagrams/ # SVG architecture diagrams
├── tests/ # Conformance test suite
├── examples/ # Reference implementations
└── playground/ # Try-it-now deployment
SovereignStack is governed by a formal standards framework:
| Document | Description |
|---|---|
| STANDARDS.md | Root standards framework — 6 layers |
| OBJECT_MODEL.md | Universal object model with cryptographic signatures |
| URI_STANDARD.md | URI scheme registry & resolution rules |
| TRUST_MODEL.md | Capability-based zero-trust security |
| SECURITY.md | Threat model & incident response |
| CONFORMANCE.md | 3-tier certification program & badges |
| CERTIFICATION.md | Badge levels, colors, shapes, materials |
| PROTOCOL_REGISTRY.md | 18 protocols with lifecycle management |
| REFERENCE_IMPLEMENTATIONS.md | 13 core subsystems + 3 language bindings |
| ROADMAP-2035.md | 10-year vision through Sovereign Intelligence Internet |
| BUILD_WINDOWS.md | Windows build guide — exe, MSI, Python bundling |
| docs/i18n/README.md | Internationalization — 18 languages with full i18n policy |
SovereignStack is translated into 18 languages. The project follows the Debian model: English is canonical, translations are maintained copies. See the i18n index for available languages and the translation policy.
| RFC | Title | Status |
|---|---|---|
| RFC-0001 | Sovereign Object Model | Draft |
| RFC-0002 | URI Standard + ABNF Grammar | Draft |
| RFC-0003 | Trust Graph | Draft |
| RFC-0004 | Capability Registry | Draft |
| RFC-0005 | Knowledge Objects | Draft |
| RFC-0006 | Reasoning Objects | Draft |
| RFC-0007 | Event Bus | Draft |
| RFC-0008 | Federation Routing | Draft |
| RFC-0009 | Session Lifecycle | Draft |
| RFC-0010 | Conformance Framework | Draft |
| RFC-0011 | Identity & DID Resolution | Draft |
| RFC-0012 | Cryptographic Signatures & Verification | Draft |
| RFC-0013 | Provenance Graph | Draft |
| RFC-0014 | Agent Communication Protocol | Draft |
| RFC-0015 | Workflow Execution Engine | Draft |
| RFC-0016 | Resource Allocation & Accounting | Draft |
| RFC-0017 | Sovereign Memory Protocol (Detailed) | Draft |
| RFC-0018 | Content-Addressable Storage | Draft |
| RFC-0019 | Trust & Reputation Scoring | Draft |
| RFC-0020 | Policy Enforcement | Draft |
| RFC-0021 | Jurisdiction & Data Residency | Draft |
| RFC-0022 | Audit Log Streaming | Draft |
| RFC-0023 | Extension & Plugin System | Draft |
| RFC-0024 | Multi-Model Routing | Draft |
| RFC-0025 | Session Migration | Draft |
| RFC-0026 | Capability Delegation Chain | Draft |
| RFC-0027 | Swarm Coordination | Draft |
| RFC-0028 | Digital Twin Synchronization | Draft |
| RFC-0029 | Intelligence Economy Primitives | Draft |
| RFC-0030 | Network Topology Awareness | Draft |
| RFC-0031 | KV Locality Scheduling | Draft |
| RFC-0032 | AI Fabric Protocol | Draft |
| RFC-0033 | Fabric Telemetry Protocol | Draft |
| RFC-0034 | Distributed KV Placement | Draft |
| RFC-0035 | Topology-Aware Federation | Draft |
| RFC-0036 | Memory Fabric Objects | Draft |
| RFC-0037 | AI Cluster Profiles | Draft |
| RFC-0040 | Model Lineage Protocol | Draft |
| RFC-0050 | AI Continuity & Disaster Recovery | Draft |
| RFC-0051 | Model Failover Protocol | Draft |
| RFC-0052 | AI Continuity Manifest | Draft |
| RFC-0053 | Sovereign Recovery Profiles | Draft |
| RFC-0054 | Compliance Framework (OASA CCM) | Draft |
| RFC-0055 | Windows Build System | Draft |
# Clone & enter
git clone https://github.com/Kubenew/SovereignStack.git
cd SovereignStack
# Windows: build .exe binaries (see BUILD_WINDOWS.md for full MSI guide)
cargo build --release --bin ss-node --bin ss-cli
# Launch playground (Docker Compose)
docker compose -f playground/docker-compose.yml up -d
# Or build from source
cargo build --workspacecargo test --workspaceSovereignStack provides a complete audit and certification framework for enterprise AI deployments:
| Asset | Description |
|---|---|
| OASA CCM | Core Controls Matrix — 18 controls across NET/RUN/HW/AUD/CONT for L1/L2/L3 |
| SOC 2 Mapping | Full mapping to AICPA TSC 2023 — all 5 trust categories |
| Gaia-X Mapping | Mapping to Gaia-X Trust Framework + Self-Description generation |
| SOC 2 Type 1 Report Template | Pre-built evidence package template for auditor review |
| Compliance Schema | JSON Schema (Draft 2020-12) for automated node validation |
| Audit Evidence Schema | Structured evidence package for oasa-audit report |
| Validation Script | Automated compliance scanner with --audit-host |
Target frameworks: ISO 42001, EU AI Act, SOC 2, NIS2, Gaia-X, CSA CCM, FedRAMP
# Generate compliance evidence package
oasa-audit report --framework iso42001 --framework soc2
# Export for auditor review
oasa-audit export-pdf --output audit-report-2026-Q2.pdfApache-2.0 OR MIT (dual-licensed)