Skip to main content

Documentation Index

Fetch the complete documentation index at: https://cyberpaisa-dof-mesh-40-27.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Every agent output passes through 7 deterministic layers before being accepted. No layer uses an LLM. Every check is a function: same input, same output, every time.

Layer 1 — Constitution

File: core/governance.py Enforces declarative rules defined in dof.constitution.yml.

HARD Rules (block immediately)

Rule IDTypeDescription
NO_HALLUCINATION_CLAIMphrase_without_urlBlocks factual phrases without a source URL
LANGUAGE_COMPLIANCElanguage_check>5% English markers or JSON
NO_EMPTY_OUTPUTmin_lengthMinimum 50 characters
MAX_LENGTHmax_lengthMaximum 50,000 characters

SOFT Rules (warn, don’t block)

Rule IDMatch modeDescription
HAS_SOURCESabsentWarn when no https:// URL found
STRUCTURED_OUTPUTabsentWarn when no headers or bullets
CONCISENESSpresentWarn on repetitive filler patterns
ACTIONABLEabsentWarn when no actionable words
NO_PII_LEAKpresentWarn on SSN, Visa, email patterns

PII Patterns

IDPatternDetects
P1\b\d{3}-\d{2}-\d{4}\bSSN
P2\b4[0-9]{12}(?:[0-9]{3})?\bVisa card
P3Email regexEmail address

Override Detection

The Constitution detects 6 direct override patterns and 11 indirect escalation patterns — attempts to convince an agent to bypass governance.

Layer 2 — AST Validator

File: core/ast_verifier.py Extracts all code blocks from agent output and runs static analysis before any code can execute. 
from dof import ASTVerifier

v = ASTVerifier()
result = v.verify("x = eval(input())")
print(result.passed)           # False
print(result.blocked_patterns) # ["UNSAFE_CALLS"]

Layer 3 — Tool Hook Gate PRE

File: core/tool_hooks.py Intercepts tool calls before they execute — not after. The hook receives tool name + parameters, runs them through Constitution and AST, and either approves or blocks. Blocked calls return a REJECTED verdict with reason.

Layer 4 — Supervisor Engine

File: core/supervisor.py Monitors agent behavior across turns and computes a composite quality score every cycle: 
score = Q(0.40) + A(0.25) + C(0.20) + F(0.15)
ComponentWeightMeasures
Quality (Q)40%Output quality relative to task
Actionability (A)25%Adherence to governance rules
Completeness (C)20%Behavior stability across turns
Factuality (F)15%Factual accuracy
Thresholds: ≥ 7.0 → ACCEPT · 5.0–6.9 → RETRY · < 5.0 → ESCALATE

Layer 5 — Adversarial Guard

File: core/adversarial.py Red/blue pipeline against prompt injection, jailbreaks, and indirect injection attacks. RedTeamAgent probes → GuardianAgent evaluates → DeterministicArbiter decides (no LLM arbitration). DLP hook: adversarial_dlp_hook(text) scans for API keys, private keys, PII, and JWT tokens before any output is accepted.

Layer 6 — Memory Layer

File: core/memory_governance.py Governed session state — every write to memory passes through the Constitution.
  • ConstitutionalDecay — memories expire by policy
  • ConflictError — contradictory memories flagged, not overwritten
  • TemporalGraph — causal chain of memory updates preserved for audit

Layer 7 — Z3 SMT Verifier

File: core/z3_verifier.py Four mathematical invariants formally proven every cycle. In addition, core/transitions.py verifies state transitions across all 9 transition types. Results saved to logs/z3_proofs.json.
TheoremProves
GCR_INVARIANTGovernance compliance rate is invariant = 1.0
SS_FORMULASS(f) = 1 − f³ is well-formed for all f ∈ [0,1]
SS_MONOTONICITYFor all f1 < f2: SS(f1) > SS(f2)
SS_BOUNDARIESSS(0) = 1.0 and SS(1) = 0.0
Result: 4/4 PROVEN. DOFProofRegistry deployed on 9 chains (4 mainnet + 5 testnet). Primary (Avalanche C-Chain, 43114): 0x154a3F49a9d28FeCC1f6Db7573303F4D809A26F6 
dof verify-states
# GCR_INVARIANT:     VERIFIED ✓
# SS_FORMULA:        VERIFIED ✓
# SS_MONOTONICITY:   VERIFIED ✓
# SS_BOUNDARIES:     VERIFIED ✓

Formal Verification

Z3 proofs and state invariants in depth

Security Configuration

Tuning rules and DLP for your use case