Learn the core concepts, architecture, and how to build with CorvinOS.
CorvinOS is built for multiple teams, organizations, and deployment regions. Each tenant has isolated configuration, audit logs, and data storage. Compliance zones enforce regional data residency.
Swap between Claude, Local Hermes (Ollama), or other AI providers without changing your code. Engines are pluggable via a standardized Protocol. Choose based on latency, cost, and compliance requirements.
EU AI Act compliance is enforced in code, not policy. Bot disclosure, consent gates, and audit trails are built into the platform architecture. Compliance mechanisms fail-closed and cannot be bypassed.
Connect AI systems across teams with cryptographically signed handoffs. A2A protocol includes HMAC-SHA256 authentication, replay prevention, and data classification filtering.
Every interaction is recorded in a tamper-proof, SHA256-chained audit log. Logs are encrypted at rest, retained for 7 years, and can be verified cryptographically at any time.
Forge Tools are sandboxed, deterministic executables generated at runtime. SkillForge generates LLM behaviors. Both are validated, audited, and can be promoted across task/session/project/user scopes.
Get the full source code from GitHub. CorvinOS is Apache-2.0 open source โ no sign-up required.
Configure voice bridges, compliance zones, and AI engine preferences in your tenant config.
Launch on your infrastructure. On-premise, EU-cloud, or hybrid deployment options available.
HTTP gateway for voice/chat channels. Hot-reload settings, session management, and per-chat permission modes. Handles Discord, WhatsApp, web, and Slack.
Five pluggable engines: ClaudeCode, Hermes, OpenCode, Codex, and CopilotCLI. All share L10 path-gate, L16 audit, L33 artifact registration.
Runtime tool/skill generation with MCP server. Sandboxed via bwrap, validated by linter, promoted across scopes with grading gates.
L10 Path Gate, L16 Audit Hardening, L34 Data Classification, L35 Egress Lockdown, L36 GDPR Erasure, L37 Audit Encryption, L38 A2A Protocol.
Distributed compute layer for training and inference. GPU cluster coordination, workload routing, and cost optimization across regions.
AI Act evidence generation, GDPR ROPA, audit attestation, and SBOM generation. Automated compliance reporting for regulators.
Every event in CorvinOS is recorded to a hash-chained audit log. Each new event includes the SHA256 hash of the previous event, creating an immutable chain. You can verify chain integrity at any time with voice-audit verify. If anyone modifies a historical event, the hash chain breaks and the tampering is detected.
CorvinOS classifies data into four levels: PUBLIC (any engine), INTERNAL (EU/local only), CONFIDENTIAL (local only), and SECRET (local, zero egress). Before spawning an engine, the system checks: (1) What data classification is this task? (2) Is this engine allowed in this zone? (3) Does the engine's network egress policy match? If any check fails, the task is rejected with a detailed audit event.
The erasure orchestrator walks through every system layer (user recalls, audit, artifacts, etc.) and deletes records related to a user. It does NOT delete the audit log itselfโinstead, it removes the identity mapping, making historical records unlinked to any person. This preserves compliance evidence while respecting the right to deletion.
Each bridge (Discord, WhatsApp, web) is a stateless HTTP adapter. Messages come in, get converted to CorvinOS format, routed to the configured engine, and converted back to the native format. Bridges support session state, role-based permissions, and hot-reload configuration without restart.
The WorkerEngine protocol is a contract that every AI engine must implement: spawn(prompt, env=) โ stream. ClaudeCode, Hermes, OpenCode, and others all fulfill this contract. The main loop doesn't care which engine is runningโit just calls the protocol. This allows you to swap engines per-chat or per-organization without code changes.
Forge doesn't generate arbitrary shell scripts. Instead, users define a schema (inputs, outputs, constraints). Forge generates a Python/bash tool matching that schema, runs it in a minimal bwrap sandbox with no network access, validates outputs against the schema, and audits every execution. The output is deterministic and reproducible.
Full source code, detailed docs, examples, and community support on GitHub
View CorvinOS on GitHub โ