HomeDocsPersistent Context Kernel

Persistent Context Kernel

Technical Overview · PCK v0.1

The Persistent Context Kernel (PCK) is governed context infrastructure for AI agents. It treats agent memory with the same discipline applied to databases: schema, transactions, isolation, audit trail, and deterministic replay. Agents are stateless — the kernel stores, versions, scopes, and serves context on demand.

The core shift: from "what does the agent know" to "what is the agent allowed to know — and can we prove it."

For the design philosophy and problem framing behind PCK, read the Founder Note on Governed Context.

Four Governing Properties

Versioned

Every context entry is append-only. Updates create new versions, never mutations. The original is always preserved.

Scoped

Multi-level tenant and workflow isolation. Out-of-scope context is structurally invisible — not access-denied.

Replayable

Any governed action can be forensically reconstructed from its recorded state. Deterministic. Byte for byte.

Auditable

Every context operation is recorded as structured, queryable data. The audit trail is not a log — it is the primary forensic artifact.

Design Principles

The PCK is built on a small number of non-negotiable design principles:

Immutability as foundation.

If context mutates, replay becomes forensically invalid. The PCK is append-only by design.

Structural isolation.

Tenant and scope boundaries are enforced at the data layer, not the application layer. Cross-scope leakage is architecturally impossible.

Deterministic assembly.

Context assembly is fully deterministic. Same inputs produce byte-identical output. This is required for forensic replay and is verified by conformance tests.

Hard limits, not soft degradation.

Budget overflows and integrity failures produce hard errors, not silent truncation. The kernel does not guess.

Architectural Properties

The PCK enforces a set of internal invariants that guarantee governed context behaves predictably under all conditions — including failure, concurrency, and cross-agent dependency.

These invariants cover:

  • • Entry immutability and version integrity
  • • Scope isolation and visibility rules
  • • Replay determinism and snapshot pinning
  • • Failure semantics and corruption detection
  • • Cross-agent context dependency governance

The full invariant specification is available under technical NDA.

Enterprise Implications

The PCK's properties are designed for regulated and compliance-sensitive environments:

Audit-ready by default.

Every context operation produces a forensic artifact. There is no separate "audit mode" to enable.

Replay as compliance tool.

Regulators and auditors can request deterministic reconstruction of any governed action — what the agent knew, in what order, at what time, under what policy.

Multi-tenant safe.

Scope isolation is structural, not policy-based. Misconfiguration cannot cause cross-tenant leakage.

Model-agnostic.

The PCK governs context regardless of which model consumes it. Governance is not coupled to any specific LLM provider.

Validated Environments

The PCK has been validated locally and inside Azure Confidential Compute (AMD SEV-SNP) with full test coverage across context operations, scope isolation, replay determinism, and failure handling.

These artifacts reflect PCK v0.1. The kernel is under active development. No SLA implied.

Full Technical Specification

The complete PCK specification — including invariants, failure semantics, lifecycle model, and implementation constraints — is available to qualified partners and investors.

Request Technical Access →

Follow the Build

We're building governed context infrastructure in public.

Follow the Build →

Related

Persistent Context Kernel: Governing What AI Agents Know →