Terrene Foundation
Autonomous systems make consequential decisions.
The architecture to govern them does not exist in any open, verifiable form.
We build it.
The Terrene Foundation is a Singapore non-profit that publishes open standards, open-source software, and educational programmes for governing autonomous AI systems.
Standards. Software. Education. Governance. And the methodology that connects them.
What is the human for?
Ethics frameworks converge on principles, diverge on implementation. CARE separates trust from execution: the Trust Plane (accountability, values, boundaries) belongs permanently to humans. The Execution Plane is shared with AI operating within five constraint dimensions.
CARE · Philosophy · v2.1Read the specification →Who is accountable for what?
Organizations deploy AI without a grammar for accountability. PACT provides one: positional addressing via the D/T/R model (Department, Team, Role). Constraint envelopes that can only tighten through delegation chains. Governance that scales to 500+ person organizations.
PACT · Governance · v1.0Read the specification →Can you prove who authorized this?
Trust in autonomous systems is assumed, rarely verified. EATP makes it cryptographic: every autonomous action carries a signed decision record tracing through a chain to the human who authorized it. Trust escalates monotonically. A flagged action cannot be silently downgraded.
EATP · Protocol · v2.2Read the specification →How do you preserve what you know?
Institutional knowledge disappears between AI sessions. Conventions erode. Safety rules get forgotten. CO preserves what an organization knows across context windows, personnel changes, and tool migrations. Seven domain applications across software, research, education, finance, governance, and compliance.
CO · Methodology · v1.1Read the specification →How does governance travel across a federation?
Governance itself has to move. When a governed artifact is created in one repository of a federation, WEFT carries it to every other member with its provenance intact, keeps them convergent on one source of truth, and gates refinement through a human. Here trust means the federation staying coherent and attributable under governance, not agent trust-verification; that is EATP’s lane.
WEFT · Interoperability · Candidate v0.5Read the specification →Where to start
Section titled “Where to start”Use CO in your field
Research, learning, finance, education, governance, compliance, or software development. Set up in 10 minutes via Claude Desktop or Claude Code. No coding required.
Get started →Learn with us
Terrene Open Academy. ML engineering (ASCENT, 320 hours). Student AI collaboration for any subject. Instructor assessment tools for the GenAI era.
Academy →Read the standards
CARE, PACT, EATP, CO, and WEFT: from philosophy through governance, protocol, and methodology to federated interoperability. Seven domain applications.
Standards →Build with the SDK
Kailash Python SDK: workflow orchestration, trust infrastructure, governed agents. All Apache 2.0.
Developers →For organizations
PACT governance for AI accountability. Constraint envelopes, audit trails, and a 77-clause constitution that constrains the Foundation itself.
Governance →Why this matters
Section titled “Why this matters”AI that follows your institutional knowledge
CO (Cognitive Orchestration) makes institutional knowledge machine-readable. Specialized agents, contextual knowledge, guardrails, structured workflows, and a learning system that compounds over time. Three failure modes solved: amnesia, convention drift, and safety blindness.
Read the CO specification →Already working across seven domains
CO is not a theory. Seven domain applications exist: software development, academic research, learning, finance, education, governance, and regulatory compliance. Four are in production. Each follows the same template. The Foundation governs itself using CO.
See the domain applications →Governance you can verify, not just trust
The Foundation operates under a 77-clause constitution filed with ACRA Singapore. 11 founding provisions protect the non-profit mission from anyone that might seek to co-opt it. The constitution constrains the institution. The specifications constrain the AI.
Read the constitution →Self-hosting
The Foundation governs itself using the standards it publishes. The specifications, the SDK, the constitution, the curriculum, and the thesis were all produced using CO. That is the test: if the architecture works, the organization that publishes it should be the first implementation.
How we work →Proof, not promises
Section titled “Proof, not promises”Published specifications
CARE v2.1, PACT v1.0, EATP v2.2, CO v1.1, with WEFT v0.5 advancing at Candidate stage. Six core theses. Seven domain applications of CO. The specifications are implemented in working software and the Foundation operates under them. This is self-hosting.
Working open-source software
Kailash Python SDK: 322,000+ lines, 13,301 tests, 188 workflow nodes, 6 frameworks. Trust Plane alone: 76,000 lines, 4,255 tests, 72 security findings resolved across four red team rounds. All Apache 2.0.
Constitutional governance
77 clauses. 11 entrenched provisions. A 7-step amendment gauntlet designed to make capture practically impossible without overwhelming consensus. Filed with ACRA (Accounting and Corporate Regulatory Authority) Singapore.
Open education
ASCENT: 1,333 lecture slides. 10 modules. 320 hours. 80 exercises. 11 Singapore-context datasets. COL-F: 24 finance agents, 20 knowledge areas, 13 enforcement rules.
For developers: the architecture
The Foundation publishes the standards; the open-source ecosystem implements them as an artifact cascade. loom is the artifact harness: it mints governance artifacts and distributes them across many targets. The Kailash SDK is one build target, shown in full further down.
The five standards define the rules. Anyone can implement them.
CARE Collaborative Autonomous Reflective Enterprise
Answers the question most governance frameworks skip: what is the human actually for? CARE separates the Trust Plane (where humans define boundaries and hold accountability) from the Execution Plane (where AI operates). This is not a monitoring dashboard. It is an architectural separation that makes governance structural rather than observational.
Read the specification →PACT Principled Architecture for Constrained Trust
When an AI agent acts on behalf of a department, who is accountable? PACT answers this with positional addressing: every human and agent has a location in the D/T/R tree (Department, Team, Role). Constraint envelopes flow through this tree and can only tighten through delegation. A department head cannot grant an agent more authority than the head possesses.
Read the specification →EATP Enterprise Agent Trust Protocol
Makes the question “who authorized this?” answerable with cryptographic proof, not organizational belief. Every autonomous action produces a signed decision record traceable to the human who authorized it. Trust can escalate (flag, hold, block) but never silently relax. The audit trail is tamper-evident and independently timestamped.
Read the specification →CO Cognitive Orchestration
Institutional knowledge disappears between AI sessions. Conventions erode. Safety rules get forgotten. CO solves this with five layers that preserve what an organization knows across context windows, personnel changes, and tool migrations. Seven domain applications exist across software, research, learning, finance, education, governance, and compliance.
Read the specification →WEFT Woven Ecosystem for Federated Trust
How governance itself travels. When a governed artifact is created in one repository of a federation, WEFT carries it to every other member with its provenance intact, keeps them convergent on one source of truth, and gates refinement through a human. WEFT is the cascade standard the layer below implements. It is at Candidate stage, one maturity step behind the four ratified standards.
Read the specification →loom is the open reference implementation of the WEFT cascade. It mints governance artifacts once, a human classifies them, and it distributes them as reviewable proposals with per-language and per-CLI overlays. Nothing is pushed silently. Click a lifecycle step.
loom The artifact harness
The single source of truth for governance artifacts: rules, skills, agents, commands, and hooks. loom authors each artifact once and emits it to multiple coding-agent hosts from one canonical definition, with a drift audit that keeps the meaning identical across hosts and only lets surface syntax differ. It is Apache 2.0 and Foundation-owned. The Kailash SDK below is one of the many targets it feeds.
Source on GitHub →Mint Origination with attribution
A governed artifact enters the cascade only through a mint event that binds it to an attributable author. A bare edit at the distributor, with no mint event, never enters the cascade. This is the first link in a provenance chain that follows the artifact everywhere it travels.
Classify The human gate
A human classifies each change: global, a language or host variant, or skip. Automated suggestion is allowed; automated placement is not. For a change that reaches past a declared threshold, the approver must be independent of the proposer, and a contestation path must sit outside the proposing authority’s chain.
Distribute Reviewable, never silent
Distribution never mutates a consumer’s working tree directly. The change arrives as a reviewable proposal the consumer approves, carrying its full provenance, with the correct per-language and per-host overlay composed on top of the shared artifact.
Pull On the consumer’s cadence
Consumers pull on their own schedule. The cascade reaches everyone by classify-then-pull, never by an autonomous push. A consumer may also formally decline a change; a declared decline is first-class and is not re-flagged later as accidental drift.
Observe A separate channel
Operation is observed on a channel kept separate from the provenance chain. Telemetry and violations accumulate as evidence, feeding candidate improvements without ever writing directly to the source of truth.
Refine Improvement through a human gate
Observed operation becomes improved artifacts only through a human gate. No observed pattern can become a cascaded artifact by any path that bypasses a recorded human decision. A distributor with no human gate, or no observation channel, refuses to operate.
The surfaces the cascade feeds, and the tooling around them. The Kailash SDK detailed below is one build target.
Build SDKs Where capabilities are built
The reusable runtime capabilities live here: workflow orchestration, trust infrastructure, governed agents. The Kailash SDK, in Python and other languages, is a build target the cascade keeps current. Its internal structure is the subject of the next section.
pip install kailash →Use-templates What downstream projects adopt
Ready-to-adopt project templates carry the governance artifacts into a downstream project. A project pulls a template to inherit the rules, skills, agents, commands, and hooks, then re-pulls on its own cadence as the canon improves.
Multi-CLI One definition, many hosts
The same artifact emits to Claude Code, Codex, and Gemini from one canonical definition. Only surface syntax differs between hosts; a drift audit keeps the meaning identical. The ecosystem is not bet on a single AI host.
Tooling csq, the session manager
csq is the operator’s session manager for running the governed coding sessions the artifacts flow into: pool multiple providers and accounts, isolate each terminal, share history and memory, and watch quota and cost in the statusline, from a desktop dashboard or the command line. Provider-neutral and cross-platform.
Source on GitHub →Programs and products built by following the CO and loom mechanisms. Some are reference applications that show a standard working end to end; others are products and Open Academy programmes. A few of the open-source ones:
PACT Platform Reference application
The reference application for governed AI operations: the human judgment surface that turns governance rules into a running system. A Layer 3 application built on the PACT governance primitives and the governed agents, it provides org definition, the approval queue, work management, dashboards, and deployment. Every agent action passes through the governance pipeline (D/T/R accountability, operating envelopes, knowledge clearance, verification gradient) before it executes.
Source on GitHub →Arbor HR advisory product
AI-powered HR advisory and workforce management for Singapore. A working product built on the Kailash SDK, following the COC five-layer methodology. It shows the whole stack in use: a real application whose governance is inherited from the cascade rather than bolted on.
Source on GitHub →FORGE Practitioner library
Foundation for Orchestration, Reasoning, and Generative Engineering. A Terrene Open Academy programme that distils the four standards into drillable craft: 67 skill atoms, 67 drills, and 25 teaching cases grounded in real practitioner journals. A library that downstream courses draw from.
Source on GitHub →ASCENT ML engineering programme
ML Engineering from Foundations to Mastery. An open Terrene Open Academy programme powered by the Kailash Python SDK: 1,333 slides across 10 modules and 320 hours, taking a working professional from first principles to production ML systems with governance built in.
Source on GitHub →What one target looks like from the inside. Governance is deterministic infrastructure that sits below the AI layer, not beside it.
Deterministic. No LLM. No judgment. Pure mechanism.
Kailash Core Workflow Orchestration
The execution engine where governance is not a feature but the runtime environment. Every workflow node inherits constraints from its parent and can narrow them but never widen them. Your compliance policy is not a document someone reads; it is the boundary condition enforced on every operation, automatically.
pip install kailash →Kaizen Agent Trust Infrastructure
The mechanical scaffolding that makes AI agents governable. Envelope tracking, scoped contexts, message routing, and plan execution. These operate without an LLM. They are pure mechanism: the machinery that checks whether an action fits within its constraint envelope before the AI ever reasons about it. Kaizen has no deterministic engine of its own: the agents below the governance line build on these primitives to add autonomous reasoning.
pip install kailash-kaizen →PACT Governance Engine
Turns the PACT specification into running machinery. Evaluates constraints in real time against the D/T/R tree. If a team lead delegates a task, the engine computes the effective envelope as the intersection of every ancestor’s constraints. The result is deterministic: no judgment calls, no edge cases where governance “depends.” Includes PACT for MCP, governance middleware that works with any MCP-compatible agent.
pip install kailash-pact →DataFlow Zero-Config Database
Define a data model, receive a complete set of governed database operations automatically. No ORM configuration. No boilerplate. Works with PostgreSQL, MySQL, SQLite, and MongoDB from the same model definition. Multi-tenancy is wired in, not bolted on.
pip install kailash-dataflow →Nexus Multi-Channel Deployment
Ship any workflow as a REST API, CLI tool, and MCP server simultaneously from a single codebase. Zero configuration to start. Auto-discovers your workflows, finds available ports, sets up CORS and documentation. Add authentication, middleware, and plugins when you need them, not before.
pip install kailash-nexus →Composed systems. Deterministic. Each engine reaches across all five primitives.
DataFlow Engine Governed Data Operations
Wraps the DataFlow primitive with query performance monitoring, field-level validation, and data classification policies. Define a model once; get governed database operations across PostgreSQL, MySQL, SQLite, and MongoDB. The Express path provides direct CRUD at 0.27ms per operation (23x faster than workflow execution) when you do not need workflow composition. Classification policies propagate from PACT constraints: if a field is marked CONFIDENTIAL, every engine that touches it inherits the restriction.
pip install kailash-dataflow →Nexus Engine Governed Multi-Channel Gateway
Wraps the Nexus primitive with enterprise middleware: CSRF protection, audit logging, metrics collection, rate limiting, security headers. Deploy any workflow as API, CLI, and MCP server simultaneously. The middleware applies uniformly regardless of which primitives the workflow uses. A DataFlow workflow and a Kaizen agent workflow get the same audit trail, the same rate limits, the same security posture. Enterprise presets (SaaS, internal) configure the full middleware stack in one line.
pip install kailash-nexus →Pact Engine Trust Plane Facade
The single integration point for the Trust Plane. Composes GovernanceEngine, CostTracker, and EventBus behind one interface. Evaluates constraints in real time against the D/T/R tree. When kaizen-agents is installed, bridges the Trust Plane to the Execution Plane: governance decisions flow to GovernedSupervisor, execution outcomes flow back for audit. When it is not installed, the engine operates as a standalone governance evaluator. Fail-closed: if evaluation errors, the action is blocked.
pip install kailash-pact →Above: deterministic enforcement. No AI, no judgment. Below: AI operates within the envelopes defined above.
Autonomous execution within governed envelopes. LLM required. Every constraint from every engine above is inherited. More than 18 agent types ship; these are the headline set.
Agent The primary interface
The unified entry point most builders start from. Configure it with a model and a budget and it runs; every action still passes through the governance line below the engines. The other agent types are specializations of this same governed core.
pip install kaizen-agents →Delegate Autonomous Agent Core
An AI agent that cannot exceed its authority. The Delegate reasons, plans, and acts through a TAOD loop (Think, Act, Observe, Decide), but every action passes through the governance line: the Pact Engine evaluates the constraint envelope before execution proceeds. Composes Kaizen primitives for agent scaffolding with PACT primitives for constraint evaluation. Works with any LLM provider. The intelligence is the LLM’s. The boundaries are yours.
pip install kaizen-agents →GovernedSupervisor Multi-Agent Orchestration
Coordinates multiple governed agents through seven subsystems: accountability tracking, budget enforcement, knowledge clearance, governance cascade, dereliction detection, emergency bypass, and audit. Each subsystem composes across all primitives and engines above the governance line. Progressive disclosure: Layer 1 is three lines of code; Layer 2 adds configuration; Layer 3 exposes the full governance API. The governance line is not a wall; it is a membrane. Autonomous agents reach up through the engines to use DataFlow, Nexus, and PACT, but every action returns through the governance gate.
pip install kaizen-agents →Specialized agents Task-shaped reasoning
A family of agents shaped to a task: ReAct (interleaved reasoning and action), retrieval-augmented research, chain-of-thought, self-reflection, vision, audio transcription, and streaming. Each is the same governed core with a different reasoning strategy. All inherit the constraint envelope unchanged.
pip install kaizen-agents →Multi-agent patterns Coordination shapes
Composable ways to run several governed agents together: supervisor and worker, consensus, structured debate, and sequential pipeline. The pattern coordinates the agents; the governance line still gates every individual action each agent takes.
pip install kaizen-agents →Autonomous coders Multi-hour execution
ClaudeCodeAgent and CodexAgent run long autonomous coding sessions inside the same governed envelope: they plan, edit, and act over many steps, and each step still returns through the governance gate for evaluation before it proceeds.
pip install kaizen-agents →The quality of what you make reveals the quality of what you think.