Eleven agents. One primitive.

Reads any document — assay reports, safe-keeping receipts, certificates of analysis, licenses, insurance certificates, bills of lading, invoices, contracts, government IDs. Extracts structured fields, compares against known templates, and anchors the verdict with its reasoning to Bitcoin. Every verification is independently auditable forever.

Unified verification surface over twelve public-registry adapters: FDIC BankFind, SEC EDGAR, NY Department of State Active Corporations, Delaware Division of Corporations (API-key-gated), SAM.gov entity lookup (API-key-gated), OFAC Specially Designated Nationals list, FAA N-number aircraft registry, the London Bullion Market Association Good Delivery list, the OCC Financial Institution Directory, 50-state Secretary-of-State search, USDA hemp plans, and state cannabis regulators. Each adapter declares its own automated-vs-manual mode honestly; the fan-out endpoint dispatches to every applicable adapter for an entity kind in parallel and returns a multi-source attestation with a compositeStatus band (VERIFIED / PARTIAL / NOT_FOUND / FLAGGED / ERROR / EMPTY_APPLICABLE). Every report Bitcoin-anchored at source.

Two-party atomic anchoring. Party A initiates and signs a payload; Party B countersigns; Knox computes the combined cryptographic commitment and anchors it externally. Court-admissible proof that both parties agreed to the exact same terms at known timestamps. Replaces the he-said-she-said of every bilateral agreement.

Records every asset pledged as collateral. Refuses re-pledge of an active asset. Public pledge-check endpoint — any counterparty, any auditor, any regulator can verify before acting. Eliminates the single most damaging fraud pattern in collateralized lending: the same asset pledged to three lenders at once.

Registers any asset, license, or entity for continuous re-verification. Hourly cron re-checks the registry and anchors any status change — license lapse, entity suspension, certificate revocation — with the full before-and-after state. Converts one-time verification into evidentiary monitoring without polling.

Atomic ownership transfer across verified parties. Current owner signs a release; recipient signs acceptance; the combined hash is anchored to Bitcoin as a single commitment. Full transfer history on-chain. Refuses transfer of any asset with an active pledge. No orphaned custody, ever.

Eight-signal statistical pattern analysis over anchored event streams. Detects signatures of coordinated behavior between parties that should be acting independently — shared timing, shared infrastructure fingerprints, correlated access rhythms, and six additional dimensions. Every detection report is itself Knox-anchored so the claim carries its own cryptographic timestamp. Metadata-only analysis — no content inspection, no attribution.

Eight-signal pattern analysis over access metadata of the caller's own anchored event stream — source IPs, user agents, timing distributions, latency clusters, off-hours concentration, velocity spikes, user-agent uniformity, minute-of-hour clustering. Produces a banded Observation Index (quiet / routine / active / intense) and a self-anchored report that provides a cryptographic record of when specific observation patterns first appeared. Not surveillance identification or attribution; pattern strength only. Raw IPs and user agents are hashed to short tokens before any report is anchored.

Register three kinds of baseline under your Knox API key: a software bill of materials (SBOM), a multi-tier supply-chain graph rooted at a vendor entity, or an OFAC/SAM/FAR exclusion-screen query set. The agent captures initial state, anchors it, and re-verifies on every cron tick. Each detected change — a new critical CVE on a tracked component, a new supplier appearing in the graph, a name matching an exclusion entry that did not previously match, an adversarial-jurisdiction addition — becomes its own Bitcoin-anchored delta. The analyze endpoint returns an eight-signal banded drift report (quiet / routine / active / critical) that is itself self-anchored. Not a risk determination; drift record only.

Parallel four-check pre-screen for an applicant business: Secretary-of-State deep-link resolution, NAICS code-vs-vertical alignment, plus advisory OFAC and Section 889 slots. The SoS and NAICS slots are authoritative output from this agent. The OFAC Specially Designated Nationals and FAR 52.204-25 / Section 889 slots carry advisory results only — every response explicitly names the authoritative delegate endpoint that performs the rostered, affidavit-backed screen. Overall band is a dispatcher summary (CLEAR / FLAGGED / PENDING), not an approval. Full batch Knox-anchored.

Given a named counter-party, assembles a single Knox-anchored dossier that composes every live signal already produced by other agents — multi-authority registry presence, OFAC and FAR 889 exclusion status, collusion-pattern mentions, surveillance-pattern mentions, continuous-monitoring drift mentions — plus a honest name-match count per slice and a composite band (CLEAR / ADVISORY / ELEVATED / BLOCKED). Scope boundary: this is depth-for-one; cross-counterparty pattern analysis is Agent #7 Collusion. Output is a shared reference for the caller's own decision, never a compliance verdict.