NGARi Tech Charter

Non-Negotiable Technical Standards for the Sovereign Business Operating System (SBOS)

Purpose

NGARi builds the Sovereign Business Operating System (SBOS) — an AI platform that runs entirely on user-specified hardware with zero cloud dependency, zero third-party inference, and zero undisclosed telemetry. This Charter defines the non-negotiable technical standards that govern how we design, deploy, and operate every component of the NGARi ecosystem.

These standards are not guidelines. They are binding requirements enforced through architectural design, automated verification, and constitutional governance. Any system, agent, or component that cannot satisfy these standards must be redesigned, replaced, or removed.

Scope

This Charter applies to all NGARi software, firmware, and hardware configurations, including:

• The NS BOS kernel (hardware abstraction layer, inference engine, agent runtime, sovereign data plane, network sync)
• All autonomous agents (CEO, CRO, Engineer, Worker, Email, Communications, Supply Chain, Marketing, and future agents)
• The Control Tower dashboard and all API endpoints
• The NGARi website, chat app, and e-commerce systems
• All third-party integrations, libraries, and dependencies
• All model deployments, fine-tuning pipelines, and inference configurations

Non-negotiables

1. No Third-Party AI Dependency

All inference, reasoning, and decision-making must execute locally on hardware the user specifies and controls.

• No inference API calls to external services — runtime network monitoring must detect and block unauthorized external inference requests
• All models loaded from local Ollama instance or equivalent — model registry must list only locally available models
• External AI services used only for explicitly authorized auxiliary functions (payment processing, email delivery) with informed user consent
• Hardware attestation cryptographically proving local execution — attestation module must produce verifiable proof on demand

Enforcement: Any component that attempts inference via an unapproved external endpoint must be immediately quarantined. The hardware owner must be notified with full context.

2. Open-Source Kernel with Model Inspectability

The core kernel infrastructure must be open and auditable. Models must be inspectable by the user.

• NS BOS kernel source code publicly available under Apache 2.0 or equivalent
• All models carry signed manifests with training provenance, dataset sources, architecture, and checksums
• Users can inspect, modify, and rebuild any kernel component — build system must produce reproducible builds
• No binary blobs or proprietary components in the kernel layer

Enforcement: The kernel build pipeline must fail if any dependency lacks an open-source license compatible with the kernel's license. Binary-only components in the kernel layer are prohibited.

3. Energy Transparency for Every Inference

Every inference must report its measured power draw in real time.

• Power measurement at inference granularity — telemetry module must record milliwatt-hours per inference
• Real-time power data accessible via API and dashboard — Control Tower must display current and cumulative energy usage
• Estimated carbon footprint calculated when energy source data available — carbon accounting module must use NGARi's measured 271 g/kWh or user-provided grid intensity
• Energy data included in audit logs — audit trail must record energy cost alongside inference inputs and outputs

Enforcement: The inference engine must not execute if the power measurement module is unavailable or reporting errors. Energy transparency is not optional logging — it is a gating requirement.

4. Model Provenance and Verifiable Integrity

Every model deployed on NGARi must be verifiably authentic and unmodified.

• Signed manifest: model architecture, training dataset provenance, quantization method, checksum, GPG signature
• Checksum verification: model weights checked against manifest before every load
• Training provenance documentation: dataset sources, training date, carbon cost
• Update mechanism: users must approve model updates, and updates must not modify model behavior silently

Enforcement: A model whose checksum does not match its signed manifest must not load. A model whose manifest lacks required provenance fields must not load. A model whose GPG signature cannot be verified against a trusted key must not load.

5. Zero Telemetry by Default

No usage data, prompts, outputs, or system metrics may leave the user's hardware without explicit, specific, revocable consent.

• All telemetry disabled at initial system boot — fresh installs must have zero outbound data by default
• Telemetry opt-in requires explicit user action with clear disclosure of what is collected and why
• Telemetry data must be bounded, minimal, and deletable — users must be able to view, export, and delete all telemetry data
• Telemetry consent must be revocable at any time — revocation must stop all outbound data within one minute

Enforcement: The network layer must block all outbound data except explicitly authorized communications (email, Matrix, payment processing). Any attempt to send telemetry data without user consent must be logged and flagged to the hardware owner.

6. Audit-First Architecture

Every action an autonomous agent takes must be logged, traceable, and verifiable.

• Comprehensive logging: every inference, tool call, file operation, and external communication recorded
• Tamper-evident audit trail using cryptographic chaining — log sequence must produce verifiable hash chain
• Audit logs accessible to hardware owner at all times — audit API must provide real-time log access
• Log export in standard formats (JSON, CSV, Syslog) for regulatory compliance — export module must support FDA 21 CFR Part 11, SEC 17a-4, SOC 2 formats
• Log retention configurable by hardware owner

Enforcement: An agent that performs an action without creating a corresponding audit entry must be halted. The audit module must be independently verifiable — it must not share code paths with the agent runtime to prevent tampering.

Operational Commitments

Supply Chain Security

All software components — from kernel modules to agent scripts to model weights — must have cryptographically verified provenance. The build pipeline must produce reproducible builds. Dependency trees must be auditable.

Security by Design

All inter-component communication must be encrypted. Authentication must use cryptographic keys, not passwords, for machine-to-machine communication. Access controls must follow least-privilege principles.

Hardware Independence

The HAL must support multiple architectures: NVIDIA Jetson (Nano, AGX Orin, Thor), POWER9, x86_64, ARM, and cloud VMs. No single hardware vendor may become a dependency. The HAL must be extensible without kernel modifications.

Vendor and Partner Alignment

All third-party services integrated into the NGARi ecosystem must meet the standards defined in this Charter. Where vendor defaults conflict, they must be configured to comply or be replaced.

Governance and Accountability

Enforcement

Violations of these non-negotiables trigger immediate review. The offending component must be quarantined, the hardware owner notified, and a remediation plan executed. Repeated violations may result in system shutdown.

Auditing

The Technology Stewardship body or equivalent governance entity must conduct regular audits of compliance with this Charter. Audit results must be published to the hardware owner.

Amendment Process

This Charter may be amended through the constitutional amendment process. All changes must be versioned, dated, and accompanied by change notes explaining the rationale and impact.