BBonis Systems
Governance

Gates before the action. Receipts after it.

When one agent directs many sub-agents, the risk is not a single mistake — it is the same mistake at machine speed. A flawed human decision is one bad record; a flawed agent can repeat the same error thousands of times before a person notices. Governance for delegated agents has to do two things a logging system cannot: it has to stop the wrong action before any resource is spent, and it has to leave a record that lets anyone reconstruct exactly why each action was taken. Bonis builds the substrate for both.

What the substrate is

Two layers, in sequence. A deterministic policy gate evaluates every proposed action against the controlling rules and returns one of three dispositions before anything runs. If the action proceeds, a tamper-evident receipt records the decision, its inputs, and the rule it was checked against — hash-linked into a chain any third party can verify without cooperation from Bonis. The gate is prevention; the receipt is evidence. A delegated-agent system needs both, because evidence after the fact cannot un-spend a resource the gate should have stopped.

Pre-flight gate
A deterministic check that runs before any action and returns proceed, review, or block. Code, not a model — it cannot drift, and it hard-stops without spending the resource it is protecting.
Per-invocation receipt
Every action that proceeds leaves a tamper-evident record binding the decision, the input commitment, and the controlling rule. Hash-linked into a chain; Bitcoin-checkpointed when batches close.
Human-in-the-loop disposition
The review disposition routes high-consequence actions to a person before they run. Oversight is a gate outcome, not a separate bolt-on.
Propagating stop
A limit breach or an operator stop applies pre-flight and is designed to propagate down the delegation tree — the controller halts, and the sub-agents it directs halt with it.

Gates, not watchers

The instinct is to put a watcher on every agent. That fails three ways: it asks who watches the watcher, it multiplies cost with every agent added, and the watcher is itself a model that can drift or hallucinate. The substrate inverts it. Most actions need only a deterministic gate and a receipt — cheap, fixed-cost, and unable to drift. Independent second-reader review is reserved for the judgment calls a rule cannot decide, where a genuinely separate set of eyes adds something code cannot. And because every action is already recorded and reconstructable, real-time omniscient watching becomes unnecessary: you watch the gates and you prove with the receipts.

Deterministic gates
The constitution — fixed rules every action is checked against, before it runs.
Second-reader review
The courts — independent judgment reserved for what rules cannot decide.
Tamper-evident receipts
The public record — every action reconstructable by any third party.
Least-privilege delegation + propagating stop
Separation of powers — authority that chains up the tree and a stop that propagates down it.

Why this matters now

Regulated industries are moving the same way agent platforms are: toward delegated systems that act on real consequences. Where those systems touch regulated activity, oversight bodies are expected to ask for the same controls in every sector — human oversight of high-consequence actions, an audit record of why each action was taken, the ability to reconstruct every decision, hard limits, and a kill switch. Those requirements map almost one-to-one onto the control primitives the substrate already provides. Bonis governs the work — the decision and its proof; where money moves, a separate regulated settlement rail executes, and Bonis never custodies funds on it.

Oversight of high-consequence actions
review disposition routes to a person
Audit record of why
per-invocation receipt with the controlling rule attached
Reconstruct every decision
hash-linked chain, independently verifiable
Hard limits
quota policy enforced pre-flight
Kill switch
limit breach / operator stop, propagating
Settlement with proof
separate regulated rail; Bonis takes no custody

Capability Gate — explicit

An honest line between what is built and what is proven live. The control primitives and the composed governance layer that wires them into a delegation tree are built and proven in-process. What remains is proving the whole flow on a real external workload — and until that happens, no live-governance claim is made.

Built
The control primitives: deterministic pre-flight gate with proceed / review / block disposition, per-invocation tamper-evident receipt, hash-linked chain with independent third-party verification, quota / limit policy enforced pre-flight, and a rail-agnostic settlement adapter, sandbox-proven, that takes no custody.
Built, proven in-process
The composed governance layer: a delegation tree where a controller's authority cannot escalate across a hand-off, each sub-agent's records roll up into its parent's, and a stop propagates down the tree. Built and proven against an adversarial test battery in-process, with settlement composed through the gate.
Not yet proven live
The layer has not yet run a real external workload end to end. Live orchestration today remains a sequential pipeline; the delegation tree is built but is not yet the live production governance path.
Path to live
Run a real workload through the composed flow with an independently-verified receipt — the step that closes the gate and unlocks any live-governance claim. Live settlement and any regulated deployment proceed independently through counsel review and regulatory clearance.

Read further

What this is not

  • Bonis Systems does not claim a live agent governance deployment today — the composed layer is built and proven in-process, but not yet run on a real external workload.
  • Bonis Systems does not put a separate AI watcher on every agent; most control is deterministic code, not a model.
  • Bonis Systems does not custody funds on any settlement rail.
  • Bonis Systems does not act as a money transmitter or payment processor of record on any rail.
  • Bonis Systems does not provide investment, legal, or tax advice.