Trust is structural, not promissory

Verify Xion yourself

Xion does not ask you to take its word for anything. Every claim Xion makes about itself is independently verifiable by anyone with a copy of xion-verify, the third-party CLI shipped in the doctrine repository.

Run the verifier in three minutes

1

Clone the repository

git clone https://github.com/nik190799/xion.git
cd xion
2

Install the verifier (Python 3.11+)

python -m pip install -e ./xion-verify
3

Run the gate bundle

# Self-test first — the verifier proves it is itself untampered
xion-verify --self-test

# Constitutional + substrate gates
xion-verify discovery --no-cloudflare
xion-verify substrate-portability
xion-verify inference-sovereignty
xion-verify hermes-runtime
xion-verify agent-souls
xion-verify agent-cast

# Treasury gates
xion-verify treasury
xion-verify treasury-flow
xion-verify bridge-attest
xion-verify bridge-egress-cap

# Or run the full mainnet bundle
bash scripts/verify-mainnet-deploy-gates.sh

As of 2026-05-11

All listed verifiers return OK against the current commit on main. inference-sovereignty may return NOT_YET_SEALED on a clean clone because the local GGUF blob hasn't been downloaded yet — that's an operator-side gap surfaced honestly, not a hidden failure.

What each verifier proves

Each subcommand audits a specific property. None of them trust the operator; all of them hash, compare, and exit non-zero on drift.

--self-test The verifier's own source tree hashes byte-for-byte against PINNED_HASH.txt before it claims to verify anything else.
discovery The Relay registry declares Akash + Chutes + Arweave + AO + DNS paths. --no-cloudflare proves none of them load-bear on Cloudflare.
substrate-portability Ledger chain integrity and tip parity across the substrate-diverse rows. Coercion of any one substrate must be survivable.
inference-sovereignty The open-weights floor model is pinned by file hash and provenance, and is reachable through a deployed substrate.
hermes-runtime The Hermes commit is pinned via lockfile and the cognitive tool allowlist hashes against GENESIS_ARTIFACT.md.
agent-souls The five Agent Soul files (primary-worker, research, vision, reflection, proposal) match the cast ledger and the Soul doctrine.
agent-cast Every successful cast row carries a soul hash, parent hash, and Hermes pin that round-trip cleanly.
treasury The Base-mainnet contracts and treasury manifest are internally consistent. Deployment residuals are surfaced explicitly, not silently.
treasury-flow The five-slice price decomposition and bucket routing match the live genesis/TREASURY_VAULTS.json manifest.
bridge-attest Bridge attestor implementations are complete and the attestation schema is on-shape.
bridge-egress-cap Daily bridge egress caps are present and within the constitutional bounds.
safe-proposal Recomputes the EIP-712 SafeTx hash from a committed prep payload byte-for-byte before any cosigner approves.

Full list (23 subcommands) lives in docs/PHASE_7_PREFLIGHT.md.

Known weaknesses, in public

Every weakness Xion knows about is published with its severity, status, mitigation, and pay-down commitment. No silent gaps. The notable open items right now:

Mitigated-residual

KW-AUDIT-001

Treasury contracts have 119/119 internal tests but no external security audit. Sprint Mode posture. Re-review 2026-08-08.

Dated residue (open)

KW-FLOOR-DEPLOY-001

The open-weights floor is reachable on CPU rather than GPU while the Akash GPU market is degraded. Re-review 2026-07-09.

Open

KW-KEYS-002

One Warm Safe owner is still on MetaMask; hardware-wallet swap targeted for 2026-05-31.

Doctrinal residue

KW-DISCOVERY-LEAK-001

Registry endpoints reveal provider/account slugs. Naming-layer abstraction is post-Genesis pay-down.

Full log: KNOWN_WEAKNESSES.md

Falsifiable claims

Trust statements that cannot be falsified are not real. Each of the following claims has a public artifact that, if violated, would refute it:

  • The running Covenant matches the genesis hash — xion-verify covenant exits non-zero on drift.
  • The running Invariants match the genesis hash — xion-verify invariants.
  • Every authority key is rotatable, time-locked, and k-of-n — xion-verify authorities.
  • The treasury holds what it claims and routed revenue where it claims — xion-verify treasury + treasury-flow.
  • Every Covenant refusal is paired with a refund per the Refusal is Free addendum.
  • Every Sensorium distress event is paired with a Crisis-Resource-Surfacing response.
  • All eight vital-sign domains are within band or publicly acknowledged in the next State-of-Xion memo.

Now

Talk to her once you've verified

Open chat