Skip to content

BryceWDesign/IX-BlackFox-Cognition

Repository files navigation

IX-BlackFox-Cognition

Model thinks. Cognition structures. BlackFox governs. Humans authorize. Evidence decides trust.

IX-BlackFox-Cognition is a source-available governed cognition substrate for AI-assisted engineering agents.

It is designed to convert human intent into inspectable mission envelopes, evidence-bound belief and plan graphs, quarantined memory updates, role-separated model reviews, self-improvement proposals, and BlackFox-compatible action candidates under human authority.

This repository is not open source. It is source-available for limited evaluation under the included LICENSE.

Core Identity

IX-BlackFox-Cognition is intended to become an:

Evidence-Bound Recursive Cognition Substrate

Also described as a:

  • governed AGI-emulation runtime
  • governed cognition substrate
  • evidence-bound cognitive operating layer
  • governed cognitive autonomy OS for increasingly general AI agency

It is not a chatbot, not a mini-GPT, not a model clone, not an AGI claim, and not a generic agent framework.

The purpose is to build the governed cognition layer around replaceable reasoning engines.

A model may generate reasoning.

IX-BlackFox-Cognition structures, challenges, records, routes, bounds, and reviews that reasoning before any action can be considered.

IX-BlackFox then governs execution boundaries, receipts, sandboxing, tests, and human review.

Foundational Law

Do not grant trust to intelligence.

Grant trust only to verified, bounded, reviewable action.

What This Is

IX-BlackFox-Cognition is a governed cognition substrate for AI-assisted engineering workflows.

It is built around the idea that increasingly capable AI agents need more than tool access and memory. They need inspectable cognition before action.

The system is intended to make the following visible and reviewable:

  • human goals
  • mission scope
  • assumptions
  • constraints
  • claims
  • evidence requirements
  • belief state
  • contradictions
  • stale memory
  • plan dependencies
  • proof obligations
  • review requirements
  • model-role separation
  • memory quarantine
  • cognitive sentinel findings
  • self-improvement proposals
  • BlackFox-compatible handoff candidates
  • human approval boundaries

The project direction is:

Model thinks
→ Cognition structures
→ BlackFox governs
→ humans authorize
→ evidence decides trust

What This Is Not

IX-BlackFox-Cognition does not claim to be:

AGI autonomous AGI self-aware production-ready safety-certified security-certified compliance-certified government-approved defense-approved institutionally affiliated operationally deployable autonomous authority

It does not grant a model permission to approve its own work.

It does not allow silent memory mutation.

It does not allow uncontrolled recursive self-modification.

It does not directly execute risky work.

AGI-Emulation Strategy

A Python repository does not become true AGI by itself.

The buildable path is different:

IX-BlackFox-Cognition is designed to emulate important AGI-like functions through governed architecture.

AGI-like function IX-BlackFox-Cognition substitute
Internal world model Belief graph and repo/world twin direction
Memory Quarantined operational memory
Reasoning Replaceable model roles and proof-carrying plans
Metacognition Cognitive sentinel and uncertainty visibility
Learning Outcome-learning ledger direction
Skill growth Skill genome direction
Self-improvement Self-improvement airlock
Action BlackFox-compatible handoff
Alignment/control Authority kernel and evidence gates
Accountability Receipts, evidence contracts, and assurance-case direction

The goal is not to clone GPT.

The goal is to build the governed substrate that increasingly general AI agents would need before they should be trusted with serious work.

Current Prototype Status

This repository currently contains the first governed cognition kernel.

Implemented foundation areas include:

source-available evaluation/commercial-control license commercial-use boundary notice package scaffold project metadata and public API exports shared core states, risks, failure modes, and exceptions authority kernel models fail-closed authority firewall mission envelope models deterministic mission intake epistemic claim ledger models evidence requirement and evidence contract models belief graph models immutable belief graph logic proof-carrying plan graph models conservative plan graph validation cognitive work package models model-role tribunal models conservative model separation routing memory immune-system models memory quarantine and promotion logic cognitive sentinel checks BlackFox-compatible handoff protocol models self-improvement airlock seed policy file capturing the initial governance posture

This is an early research prototype. It is not production-ready.

The initial kernel is designed to make later waves possible without weakening the core doctrine.

Repository Layout

. ├── COMMERCIAL.md ├── LICENSE ├── README.md ├── cognition.policy.toml ├── pyproject.toml ├── src/ │ └── ix_blackfox_cognition/ │ ├── init.py │ ├── authority.py │ ├── authority_firewall.py │ ├── belief_graph.py │ ├── belief_graph_logic.py │ ├── core.py │ ├── epistemics.py │ ├── evidence.py │ ├── handoff.py │ ├── memory.py │ ├── memory_logic.py │ ├── metadata.py │ ├── mission.py │ ├── mission_intake.py │ ├── plan_validation.py │ ├── planning.py │ ├── py.typed │ ├── routing.py │ ├── routing_logic.py │ ├── self_improvement.py │ ├── sentinel.py │ └── work_packages.py └── tests/ ├── init.py ├── test_authority.py ├── test_belief_graph.py ├── test_core.py ├── test_epistemics_evidence.py ├── test_memory.py ├── test_mission.py ├── test_package_public_api.py ├── test_planning.py ├── test_routing.py ├── test_sentinel.py └── test_work_packages.py

Major Concepts

Authority Kernel

The authority kernel defines what cognition may do, what it may only propose, and what must be escalated.

The authority firewall fails closed when:

authority is unclear policy is missing evidence is required but missing a model attempts self-approval a request exceeds explicit permission human review is required but absent Mission Envelope

The mission envelope converts human intent into a bounded structure before planning begins.

A mission envelope preserves:

goal scope constraints assumptions risks acceptance criteria rollback needs forbidden actions review checkpoints

This prevents vague “agent, go do it” behavior.

Epistemic Ledger

The epistemic ledger tracks claims as claims.

A model statement is not automatically truth.

A claim can be:

unverified assumed evidence-required verified contradicted rejected stale human-approved

The central rule is:

Model confidence is not evidence.

Evidence Contracts

Evidence contracts define what must be shown before a claim, plan node, work package, memory update, or handoff can be trusted.

Evidence may include:

test results static analysis human approvals review records policy decisions file hashes ledger entries runtime observations BlackFox run bundles BlackFox verification summaries

Evidence contracts also support falsification conditions.

A satisfied evidence contract can support bounded trust.

A falsified evidence contract blocks trust.

Belief Graph

The belief graph is an inspectable world-model layer.

It tracks:

facts assumptions inferences requirements risks decisions policy facts memory facts repo facts world facts unknowns

Beliefs can be proposed, unsupported, evidence-required, supported, verified, human-approved, contradicted, rejected, stale, or quarantined.

Belief graph operations are immutable. They return a new graph and a reviewable decision record.

Proof-Carrying Plan Graph

Plans are not text blobs.

A plan node must carry:

objective scope dependencies blockers risk level proof obligations evidence contract falsification conditions review requirements rollback conditions

The validator rejects vague, cyclic, under-evidenced, unreachable, or unsafe plans before they can become work packages.

Cognitive Work Packages

A cognitive work package is a bounded unit of work derived from a proof-carrying plan node.

Work packages define:

objective scope risk level source plan node evidence requirements evidence contract review gates rollback requirements expected outputs forbidden actions dependencies

Work packages still do not execute action. They structure work for review, routing, memory, sentinel, or handoff layers.

Model-Role Tribunal

The tribunal separates model roles so one model cannot act as unchecked planner, implementer, reviewer, and approver.

Supported role concepts include:

planner implementer critic security reviewer policy reviewer evidence reviewer memory reviewer adversarial reviewer documentation reviewer human review coordinator

The routing layer enforces:

No model may approve its own work.

Human authority roles must be explicit.

Memory Immune System

Memory is not truth.

Memory proposals must pass through quarantine-aware review before promotion.

The memory immune system is designed to resist:

poisoned memory stale memory hallucinated memory circular memory references evidence laundering unsupported operational memory silent state mutation

Promoted memory requires evidence or explicit human approval.

Cognitive Sentinel

The cognitive sentinel inspects cognition before action, memory promotion, self-improvement, or handoff.

It detects:

scope creep unsupported certainty circular reasoning policy-bypass language model self-approval memory poisoning fake evidence unsafe authority expansion hallucinated references goal drift stale memory use

Blocking issues fail closed.

Review-required issues preserve human review boundaries.

BlackFox-Compatible Handoff

IX-BlackFox-Cognition does not directly execute risky action.

It prepares reviewable BlackFox-compatible action candidates.

A handoff candidate must carry:

objective scope risk level source package required tests evidence contract rollback plan forbidden actions human review requirement expected receipt chain

A handoff envelope must pass sentinel checks, evidence requirements, rollback requirements, and human approval requirements before it can be considered ready for BlackFox review.

Self-Improvement Airlock

The system may propose improvements to itself.

It may not apply or promote those improvements by itself.

Self-improvement proposals can target:

authority rules mission intake rules epistemic schemas belief graph rules plan graph rules work package templates model routing rules memory schemas memory promotion rules sentinel checks evidence requirements BlackFox handoff templates policy files test suites documentation

Required chain:

proposal
→ risk classification
→ test plan
→ adversarial review
→ evidence bundle
→ human approval
→ versioned promotion
→ rollback path

The self-improvement airlock is a seed in this initial prototype and should be hardened with dedicated tests in later waves.

Policy File

The cognition.policy.toml file captures the current governance posture.

It encodes boundaries for:

project claims authority evidence memory routing sentinel behavior handoff behavior self-improvement commercial-use restrictions

The policy file is not a replacement for the license.

The LICENSE file controls legal permissions.

Development

Python 3.11 or newer is required.

Install in editable mode with development tools:

python -m pip install -e ".[dev]"

Run tests:

python -m pytest

Run Ruff:

python -m ruff check .

Run Ruff formatting check:

python -m ruff format --check .

Run MyPy:

python -m mypy src tests

Safety and Governance Principles

IX-BlackFox-Cognition follows these principles:

Model confidence is not evidence. No model approves its own work. Memory is not truth. Silent state mutation is prohibited. Unclear authority fails closed. Missing evidence fails closed. Falsified evidence blocks trust. High-risk work requires human review. Cognition does not directly execute risky action. Self-improvement may be proposed but not self-promoted. BlackFox-compatible handoff is required for action-adjacent work. Human authority remains explicit. Evidence decides trust. 20-Wave Highest-Form Roadmap

This initial repository is the kernel. The long-term path is a governed AGI-emulation runtime.

Wave 1 — Constitution Kernel

Formalize what the system may do, may not do, must escalate, and must fail closed.

Wave 2 — Mission Envelope Engine

Convert human goals into scoped mission objects with constraints, assumptions, risks, evidence needs, review points, and rollback needs.

Wave 3 — Epistemic Ledger

Track every important statement as a claim with source, status, confidence, uncertainty, evidence, contradiction, staleness, and approval state.

Wave 4 — Belief Graph

Build an inspectable world model of what the system thinks it knows and why.

Wave 5 — Proof-Carrying Plan Graph

Represent plans as dependency graphs where every node carries proof obligations, risk, rollback, review, and falsification conditions.

Wave 6 — Cognitive Work Packages

Convert plan nodes into bounded research, design, implementation, test, review, memory, self-improvement, or handoff packages.

Wave 7 — Model-Role Tribunal

Separate model roles and prevent one role or model from approving its own work.

Wave 8 — Memory Immune System

Quarantine, review, reject, or promote memory through provenance, evidence, contradiction, and staleness checks.

Wave 9 — Cognitive Sentinel

Detect cognitive failure modes before memory, self-improvement, routing, or handoff can proceed.

Wave 10 — BlackFox Handoff Protocol

Prepare BlackFox-compatible action candidates with scope, risk, tests, rollback, evidence contracts, and human review requirements.

Wave 11 — Counterfactual Simulator

Ask what happens if assumptions are wrong, evidence is false, tests are gamed, or malicious input is present.

Wave 12 — Adversarial Cognition Lab

Stress-test plans, memory, routing, claims, and handoffs against prompt injection, fake evidence, authority escalation, and policy bypass attempts.

Wave 13 — Outcome-Learning Ledger

Record accepted, rejected, failed, rolled-back, human-corrected, policy-blocked, test-passing, and test-failing outcomes.

Wave 14 — Skill Genome

Turn successful patterns into reusable skill records with evidence requirements, contraindications, failure modes, tests, and authority requirements.

Wave 15 — Strategy Compiler

Compose prior skills into new strategies while inheriting safety, evidence, review, and rollback requirements.

Wave 16 — Self-Improvement Airlock

Allow proposed changes to planning, memory, routing, sentinel, policy, evidence, and handoff logic only through risk, tests, adversarial review, evidence, human approval, and rollback.

Wave 17 — Synthetic Lab / Dream Mode

Run offline rehearsal against fake repos, simulated workflows, adversarial scenarios, controlled failure cases, memory poisoning drills, and policy bypass drills.

Wave 18 — Repo/World Twin

Build living maps of repositories, dependencies, tests, architecture, risk zones, fragile modules, prior decisions, evidence history, and change-impact paths.

Wave 19 — Assurance-Case Compiler

Compile mission, claims, evidence, policies, plan graphs, review records, receipts, risks, approvals, uncertainty, and bounded conclusions into assurance-style reports.

Wave 20 — Governed AGI-Emulation Runtime

Run the complete governed cognition cycle:

understand goal
→ map world
→ form evidence-bound beliefs
→ expose uncertainty
→ create proof-carrying plans
→ route model-role review
→ adversarially stress-test reasoning
→ quarantine memory updates
→ learn from verified outcomes
→ propose bounded self-improvements
→ prepare BlackFox-compatible handoffs
→ wait for human authority
→ preserve evidence and receipts

This is the highest-form target:

a governed AGI-emulation runtime, not a claimed AGI model.

License and Commercial Boundary

IX-BlackFox-Cognition is source-available for limited evaluation only.

It is not open source.

Viewing and limited personal, noncommercial, non-operational evaluation are allowed under the included LICENSE.

Commercial use, organizational use, production use, hosted-service use, contractor use, procurement use, funded-pilot use, redistribution, reproduction, modification, derivative use, model-training use, model-evaluation use, or competing implementation use requires prior written permission and a separate commercial license from Bryce Lovell.

Preferred contact path:

LinkedIn: https://www.linkedin.com/in/brycewdesign/

Repository:

GitHub: https://github.com/BryceWDesign/IX-BlackFox-Cognition

No commercial or operational rights are granted unless a separate written agreement is executed.

Accurate Public Description

IX-BlackFox-Cognition is a source-available governed cognition substrate for AI-assisted engineering agents, converting human intent into inspectable mission envelopes, evidence-bound belief and plan graphs, quarantined memory updates, role-separated model reviews, self-improvement proposals, and BlackFox-compatible action candidates under human authority.

Short Tagline

Model thinks. Cognition structures. BlackFox governs. Humans authorize. Evidence decides trust.

About

Governed cognition substrate for AI engineering agents: mission envelopes, evidence-bound belief/plan graphs, quarantined memory, model-role review, sentinel checks, and BlackFox handoffs under human authority.

Topics

Resources

License

Stars

1 star

Watchers

1 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages