ARM Agents
The Agentic AI Operating System. A futureproof, failproof durable execution fabric for the Agentic Internet Era era.
Protocol-native MCP / A2A / ACP / AP2 with zero-loss resilience, carbon-aware orchestration, and human-aligned safety by design.
Vision & North Star
ARISE exists to make the 2026 Agent Internet era safe, sustainable, and abundant for everyone.
MISSION // Build the foundational execution fabric that enables billions of AI agents to collaborate safely across organizational boundaries, creating a Silicon Workforce that amplifies human potential while respecting planetary boundaries. Every transaction auditable, every mandate revocable, every watt accounted for.
Silicon Workforce
Autonomous agent swarms handle routine work, freeing humans for creative, strategic, and relational endeavors.
Human-in-the-Loop Safety
Cryptographically signed mandates with revocable sub-delegation ensure humans always retain ultimate authority.
Planetary Sustainability
Carbon-aware scheduling routes computation to green-grid windows. Every agent action carries an emissions trace.
Equitable Access
Open protocols and anti-extractive safeguards prevent platform lock-in. Agent capabilities as public infrastructure.
Core Engineering Principles
Ten invariants that govern every design decision in the ARISE codebase.
Sovereign Agency
Agents act within cryptographically bounded mandate scopes. No action without verifiable authorization.
Protocol-Native
MCP, A2A, ACP, and AP2 are first-class citizens, not adapters. Wire formats are the source of truth.
Durable State
Every state transition is checkpointed. Zero-loss recovery from crashes, network partitions, or provider failures.
Carbon-Aware
Computation is scheduled against grid carbon intensity. Non-urgent tasks defer to green windows automatically.
Auditability by Design
Immutable Truth Ledger records every decision, tool call, and mandate chain for EU AI Act compliance.
Semantic Sandboxing
Each tool executes in a capability-restricted Wasm sandbox. Tools cannot escape their declared permission scope.
Economic Traceability
AP2 mandates create verifiable payment trails. Every transaction is attributable to a human principal.
Graceful Degradation
When AI reasoning fails, the system falls back to deterministic paths rather than hallucinating forward.
Composable Swarms
Agents discover and coordinate via A2A/ACP without central registries. Swarm topology is emergent.
Edge-Ready
Core kernel compiles to Wasm for edge/IoT deployment. Full system runs on 512MB RAM minimum.
High-Level Architecture
Layered execution fabric with orthogonal cross-cutting concerns for economics, sustainability, and auditability.
Human Intent Layer
Orchestration Kernel
Safety & Sandbox Layer
Cognitive Swarms (A2A/ACP)
Memory Fabric
MCP Tools & Actions
Economic Layer (AP2)
Sustainability Scheduler
Truth Ledger
DATA FLOW
graph TD
HI[Human Intent / DID] --> OK[Orchestration Kernel]
OK --> SS[Safety & Sandbox Layer]
SS --> CS[Cognitive Swarms - A2A/ACP]
CS --> MF[Memory Fabric]
MF --> MT[MCP Tools & Actions]
MT --> ACT[Real-World Actions]
OK -.-> EL[Economic Layer - AP2]
OK -.-> SUS[Sustainability Scheduler]
OK -.-> TL[Truth Ledger]
EL -.-> MT
SUS -.-> OK
TL -.-> SS
style HI fill:#0d9488,stroke:#0d9488,color:#000
style OK fill:#1a1f2e,stroke:#0d9488
style SS fill:#1a1f2e,stroke:#334155
style CS fill:#1a1f2e,stroke:#334155
style MF fill:#1a1f2e,stroke:#334155
style MT fill:#1a1f2e,stroke:#334155Key Capabilities
Protocol-mapped capabilities with concrete implementation strategies and measurable success criteria.
| Capability | Protocol / Tech | Implementation Notes | Impact / Metric |
|---|---|---|---|
| Durable Workflow Execution | Temporal.io / Custom Rust Runtime | Event-sourced state machines with checkpoint-at-every-step. Replay from any point after crash. | 99.99% task recovery rate |
| MCP Tool Integration | MCP (Anthropic Spec) | Native MCP server/client. Tools register with JSON Schema. Context windows managed per-agent. | <50ms tool dispatch latency |
| Agent Discovery & Coordination | A2A (Google DeepMind) | .well-known/agent.json auto-discovery. AgentCard + task lifecycle (submitted/working/done/failed). | <200ms cross-org agent handshake |
| Structured Dialogue | ACP (Agent Communication Protocol) | FIPA-style performatives (request, propose, inform, refuse). Dialogue state tracked per conversation. | 100% dialogue state consistency |
| Economic Transactions | AP2 (Agent Payment Protocol) | Verifiable mandate chains. Payment-agnostic (crypto/fiat/credits). Extends A2A task artifacts. | Full economic traceability |
| BFT Plan Consensus | 3-Model Agreement | High-stakes plans require 2-of-3 model agreement. Disagreements trigger HITL escalation. | >95% false positive rejection |
| Wasm Tool Sandboxing | Wasmtime / WasmEdge | Each tool runs in capability-restricted Wasm module. Memory limits, syscall filtering, time bounds. | Zero sandbox escapes |
| Carbon-Aware Scheduling | WattTime / Electricity Maps API | Non-urgent tasks defer to low-carbon grid windows. Real-time gCO2/kWh tracking per task. | 30% compute carbon reduction |
| Truth Ledger Auditing | Immutable Append-Only Log | Every decision, tool call, mandate invocation logged with Merkle proofs. EU AI Act compliant. | Full audit trail, <1s query |
| Hallucination Detection | Cross-Reference + Grounding | Output grounding against tool results. Confidence scoring with automatic fallback to deterministic paths. | <2% undetected hallucinations |
Resilience & Failproof Mechanisms
Six interlocking patterns that make zero-loss execution possible under Byzantine conditions.
Stateful Task Objects
A2A Task lifecycle (submitted -> working -> input-required -> done | failed) stored durably. Any crash replays from last checkpoint, not from scratch.
// Temporal workflow — checkpoint on every state transition
#[workflow]
async fn agent_task(ctx: WorkflowCtx, task: A2ATask) -> Result<TaskResult> {
let plan = ctx.activity(plan_action, &task).await?; // checkpoint 1
let approved = ctx.activity(bft_consensus, &plan).await?; // checkpoint 2
if !approved.quorum_met {
ctx.activity(escalate_hitl, &plan).await?; // checkpoint 3
return Ok(TaskResult::InputRequired);
}
let result = ctx.activity(execute_sandboxed, &plan).await?; // checkpoint 4
ctx.activity(log_truth_ledger, &result).await?; // checkpoint 5
Ok(TaskResult::Done(result))
}BFT 3-Model Consensus
High-stakes decisions require agreement from 3 independent models. Byzantine Fault Tolerant: tolerates 1 compromised/hallucinating model. Disagreement triggers human escalation.
// BFT consensus for high-stakes plan approval
async fn bft_consensus(plan: &AgentPlan) -> ConsensusResult {
let models = [Model::Primary, Model::Secondary, Model::Auditor];
let votes: Vec<Vote> = join_all(
models.iter().map(|m| evaluate_plan(m, plan))
).await;
let approvals = votes.iter().filter(|v| v.approved).count();
ConsensusResult {
quorum_met: approvals >= 2, // 2-of-3 agreement
votes,
confidence: votes.iter().map(|v| v.confidence).sum::<f64>() / 3.0,
}
}Dead-Man's Switch
Detects agent loops, spirals, and runaway execution. Monitors token burn rate, action repetition, and wall-clock time. Triggers graceful shutdown + HITL alert.
// Dead-Man's Switch — kills runaway agents
struct DeadManSwitch {
max_steps: u32,
max_tokens: u64,
max_wall_time: Duration,
repetition_window: u32,
}
impl DeadManSwitch {
fn check(&self, ctx: &AgentContext) -> SwitchResult {
if ctx.steps > self.max_steps { return SwitchResult::Kill("Step limit") }
if ctx.tokens_burned > self.max_tokens { return SwitchResult::Kill("Token limit") }
if ctx.elapsed() > self.max_wall_time { return SwitchResult::Kill("Timeout") }
if ctx.action_entropy() < 0.1 { return SwitchResult::Kill("Loop detected") }
SwitchResult::Continue
}
}Semantic Wasm Sandboxing
Tools execute in Wasm modules with capability-restricted interfaces. Declared permissions (network, filesystem, memory) enforced at runtime. No ambient authority.
// Wasm sandbox configuration per tool
{
"tool": "web_search",
"sandbox": {
"memory_limit_mb": 64,
"cpu_time_limit_ms": 5000,
"permissions": {
"network": ["GET https://*.googleapis.com/*"],
"filesystem": "none",
"env_vars": "none"
},
"syscalls": ["clock_gettime", "random_get"],
"output_schema": { "type": "array", "items": "SearchResult" }
}
}Circuit Breakers
Provider failures trigger circuit breakers with exponential backoff. Automatic failover to backup providers. Half-open probes test recovery before full re-enable.
// Circuit breaker state machine
enum CircuitState { Closed, Open(Instant), HalfOpen }
impl CircuitBreaker {
async fn call<F, T>(&mut self, f: F) -> Result<T>
where F: Future<Output = Result<T>> {
match self.state {
CircuitState::Open(until) if Instant::now() < until => {
Err(Error::CircuitOpen)
}
CircuitState::Open(_) => {
self.state = CircuitState::HalfOpen;
self.try_call(f).await
}
_ => self.try_call(f).await,
}
}
}Graceful Degradation
When AI reasoning confidence drops below threshold, the system switches to deterministic fallback paths. No hallucinating forward — safe defaults always available.
// Graceful degradation with confidence thresholds
async fn execute_with_fallback(task: &Task) -> Result<Output> {
let ai_result = ai_engine.reason(task).await;
match ai_result.confidence {
c if c > 0.85 => Ok(ai_result.output),
c if c > 0.60 => {
log_truth_ledger("low_confidence", &ai_result);
escalate_hitl(task, &ai_result).await
}
_ => {
log_truth_ledger("fallback_triggered", &ai_result);
deterministic_fallback(task).await // Safe, tested path
}
}
}Future-Proofing & Interoperability
Abstraction layers and extension points designed for a decade of protocol evolution.
Reasoning Engine Abstraction
The cognitive layer is fully decoupled from the execution kernel via a CognitiveProvider trait. Swap GPT-5 for Claude Opus or a local Llama model with zero workflow changes.
trait CognitiveProvider: Send + Sync {
async fn reason(&self, ctx: &ReasoningContext) -> ReasoningResult;
async fn evaluate_plan(&self, plan: &Plan) -> PlanEvaluation;
fn capabilities(&self) -> ProviderCapabilities;
}
// Hot-swap at runtime
kernel.set_cognitive_provider(Arc::new(ClaudeProvider::new()));Agent Self-Discovery
Every ARISE agent publishes a .well-known/agent.json conforming to the A2A AgentCard spec. Includes capabilities, supported protocols, auth requirements, and rate limits.
// .well-known/agent.json
{
"name": "supply-chain-optimizer",
"version": "1.2.0",
"protocols": ["mcp/1.0", "a2a/1.0", "acp/1.0", "ap2/1.0"],
"capabilities": ["planning", "negotiation", "payment"],
"auth": { "type": "oauth2", "issuer": "https://auth.arise.dev" },
"rate_limit": { "rpm": 1000, "burst": 50 },
"carbon_budget": { "gco2_per_task": 2.5 }
}Protocol Upgrade Paths
Version negotiation built into every protocol handshake. Agents advertise supported versions and negotiate to highest common. Breaking changes use adapter layers.
// Version negotiation during A2A handshake
async fn negotiate_protocol(peer: &AgentCard) -> ProtocolVersion {
let my_versions = vec!["a2a/1.1", "a2a/1.0"];
let peer_versions = &peer.protocols;
my_versions.iter()
.find(|v| peer_versions.contains(v))
.map(|v| ProtocolVersion::parse(v))
.unwrap_or(ProtocolVersion::BASELINE)
}Open Extension Points
Plugin system for custom tools, cognitive providers, storage backends, and protocol adapters. Extensions are Wasm modules loaded at runtime with sandboxed capabilities.
// Plugin manifest for a custom tool extension
{
"plugin": "salesforce-connector",
"type": "mcp-tool",
"wasm_path": "./plugins/salesforce.wasm",
"permissions": ["network:salesforce.com", "memory:128mb"],
"schema": "./plugins/salesforce-schema.json",
"hooks": ["pre_execute", "post_execute", "on_error"]
}Security, Compliance & Ethical Layer
Threat model, regulatory compliance, and ethical safeguards for enterprise and governmental deployment.
Threat Model
| Threat | Attack Vector | Mitigation | Severity |
|---|---|---|---|
| Agent Spoofing | Forged AgentCard or DID impersonation | Mutual TLS + DID verification on every A2A handshake. AgentCards signed by issuing authority. | Critical |
| Mandate Coercion | Compromised agent signs sub-mandates beyond scope | Mandate chain verification at every execution boundary. Scope intersection enforced cryptographically. | Critical |
| Sandbox Escape | Wasm tool exploits host function interface | Minimal host function surface. Capability-based access. Memory isolation. Syscall allowlists. | High |
| Hallucination Propagation | Hallucinated output used as input to downstream agent | BFT consensus on critical paths. Grounding verification. Confidence-gated execution. | High |
| Economic Drain | Agent authorized for payments exploits mandate bounds | AP2 mandate amount caps. Rate limiting. Real-time spend monitoring. Sub-second revocation. | High |
| Data Exfiltration | Tool sends context window data to unauthorized endpoint | Network allowlists per tool sandbox. Egress monitoring. Content classification scanning. | Medium |
Regulatory Compliance
EU AI Act (2026)
Carbon / ESG Reporting
Tech Stack & Integration Patterns
Production-grade toolchain optimized for safety, performance, and protocol compliance.
Core Runtime
Orchestration
Durable workflow execution, checkpointing, replay
Inter-agent messaging, event streaming
High-performance RPC for internal service mesh
Storage & Memory
Multi-model store (graph + document + KV) for agent state
Vector embeddings for semantic memory, RAG retrieval
Ordered KV for Truth Ledger, Merkle-based audit log
Protocol Clients
Observability
Distributed tracing, metrics, spans across agent swarms
Metrics collection, alerting, SLA monitoring
Dashboards, Truth Ledger visualization, carbon tracking
Sustainability
Real-time grid carbon intensity data
Fallback carbon intensity provider, regional data
Per-pod energy consumption measurement
Integration Code Examples
use mcp_rs::{McpServer, ToolDefinition, JsonSchema};
#[tokio::main]
async fn main() {
let server = McpServer::builder()
.name("arise-tools")
.version("1.0.0")
.tool(ToolDefinition {
name: "web_search".into(),
description: "Search the web with sandboxed execution".into(),
input_schema: JsonSchema::from_file("schemas/web_search.json"),
handler: Box::new(|input| Box::pin(web_search_handler(input))),
})
.tool(ToolDefinition {
name: "database_query".into(),
description: "Execute read-only SQL against approved schemas".into(),
input_schema: JsonSchema::from_file("schemas/db_query.json"),
handler: Box::new(|input| Box::pin(db_query_handler(input))),
})
.build();
server.listen("0.0.0.0:3001").await.unwrap();
}use a2a_sdk::{A2AClient, Task, TaskState, AgentCard};
async fn submit_cross_org_task(peer_url: &str) -> Result<Task> {
let client = A2AClient::new();
// Discover agent capabilities
let card: AgentCard = client
.discover(peer_url) // GET /.well-known/agent.json
.await?;
// Submit task with mandate chain
let task = client.submit_task(
&card,
Task::builder()
.title("Optimize Q3 supply chain routing")
.mandate(current_mandate_chain())
.input(serde_json::json!({
"constraints": ["cost < $50k", "delivery < 72h"],
"regions": ["NA", "EU"]
}))
.build()
).await?;
// Poll for completion (or use streaming)
assert_eq!(task.state, TaskState::Submitted);
Ok(task)
}use ap2::{Mandate, SubMandate, PaymentIntent, SigningKey};
fn create_payment_mandate() -> Mandate {
let root_key = SigningKey::from_env("ROOT_MANDATE_KEY");
let root = Mandate::root()
.principal("did:key:z6Mk...") // Human DID
.max_amount(Currency::USD(10_000))
.expires_at(Utc::now() + Duration::hours(24))
.sign(&root_key);
// Delegate sub-mandate to procurement agent
let sub = SubMandate::delegate(&root)
.agent("did:agent:procurement-bot-7")
.max_amount(Currency::USD(5_000))
.allowed_actions(["purchase_order", "negotiate_price"])
.revocable(true)
.sign(&root_key);
// Agent creates payment intent within mandate bounds
let payment = PaymentIntent::new()
.mandate(&sub)
.amount(Currency::USD(2_350))
.recipient("did:vendor:acme-supplies")
.memo("PO-2026-Q3-0042")
.build();
root
}Interactive Truth Ledger Explorer
A live demo of the immutable audit log. Every agent decision, tool call, and payment is recorded, verifiable, and queryable.
Complete audit trail for mandate procurement-q1 showing 6 recorded steps across 4 agents with full Merkle chain verification and HITL escalation at payment threshold.
Real-World Workflow: Cross-Company Procurement
An end-to-end example showing how two companies negotiate a logistics contract using A2A discovery, ACP negotiation, BFT validation, HITL approval, and AP2 payment.
Workflow Summary
Every step is recorded in the Truth Ledger with Merkle proofs. The human stays in control via mandate chains and HITL escalation. The payment only executes after BFT consensus, human approval, and cryptographic mandate verification. Click any step above to see the protocol-level detail.
Why ARISE?
Feature-by-feature comparison with the leading agent frameworks. ARISE is the only protocol-native, resilient, carbon-aware agent OS.
| Feature | ARISE | LangGraph | CrewAI | AutoGen | Semantic Kernel |
|---|---|---|---|---|---|
| Protocol Support | |||||
| Native MCP support | |||||
| Google A2A protocol | |||||
| Agent Commerce (AP2) | |||||
| FIPA-ACL (ACP) | |||||
| Resilience | |||||
| Durable execution (stateful) | |||||
| Dead-Man's Switch | |||||
| Multi-model BFT consensus | |||||
| Circuit breakers | |||||
| Safety & Isolation | |||||
| Wasm sandboxing | |||||
| Mandate chain (delegated auth) | |||||
| Immutable audit log | |||||
| HITL escalation | |||||
| Sustainability | |||||
| Carbon-aware scheduling | |||||
| Per-task energy tracking | |||||
| EU AI Act compliance | |||||
| Architecture | |||||
| Edge deployment (512MB) | Q3 | ||||
| Multi-org agent discovery | |||||
| Plugin marketplace | Q3 | ||||
The Core Differentiators
ARISE is the only framework with first-class MCP + A2A + ACP + AP2 support, enabling true cross-organization agent collaboration and commerce.
Durable execution via Temporal, BFT consensus, Dead-Man's Switch, and circuit breakers. No other framework offers this depth of fault tolerance.
Built-in carbon scheduling, per-task energy tracking, and ESG reporting. Sustainability is architecture, not an afterthought.
Implementation Roadmap
Four-phase delivery plan from MVP kernel to ecosystem marketplace.
Resilient Kernel + MCP
MILESTONES
- Temporal-based durable execution kernel in Rust
- Native MCP server/client with tool registry
- Wasm sandbox runtime (Wasmtime integration)
- Dead-Man's Switch + circuit breaker patterns
- Truth Ledger v1 (append-only FoundationDB)
- OpenTelemetry instrumentation baseline
RISKS
- Temporal Rust SDK maturity
- Wasm sandbox escape vectors
SUCCESS METRICS
- 99.99% task recovery rate
- < 50ms tool dispatch
- Zero sandbox escapes
A2A/ACP + AP2 Protocols
MILESTONES
- A2A agent discovery (.well-known/agent.json)
- Task lifecycle management (full A2A spec)
- ACP performative engine (request/propose/inform)
- AP2 mandate signing + payment intents
- BFT 3-model consensus module
- Cross-org task integration tests
RISKS
- A2A spec stability (pre-1.0)
- Payment rail regulatory variance
SUCCESS METRICS
- < 200ms cross-org handshake
- First production AP2 transaction
- 100% mandate traceability
Carbon Scheduler + Edge
MILESTONES
- WattTime/Electricity Maps integration
- Carbon-budget-aware task scheduler
- Wasm kernel compilation for edge devices
- Edge-cloud hybrid orchestration
- Kepler per-pod energy measurement
- EU AI Act audit report generation
RISKS
- Carbon API data quality/latency
- Edge memory constraints
SUCCESS METRICS
- 30% compute carbon reduction
- 512MB minimum edge footprint
- Full EU AI Act compliance
Ecosystem & Marketplace
MILESTONES
- Plugin marketplace for Wasm extensions
- Agent reputation and trust scoring
- Multi-tenant SaaS deployment option
- Robotics/IoT agent bridge protocols
- Community-contributed tool registry
- Open-source core release (Apache 2.0)
RISKS
- Marketplace governance
- Multi-tenant isolation guarantees
SUCCESS METRICS
- 100+ community plugins
- 10+ enterprise deployments
- 1000+ registered agents
Launch Platform
The user-facing control plane for operating, auditing, and monitoring the ARISE agent fleet.
Protocol Status Dashboard
Real-time status of all protocol endpoints (MCP, A2A, ACP, AP2) with health checks, latency percentiles, and connection counts.
Truth Ledger Explorer
Browse, search, and verify the immutable audit log. Every decision trace, tool invocation, and mandate chain is queryable.
Agent Auditing Console
Inspect any agent's execution history, mandate scope, resource consumption, and compliance status.
Carbon Dashboard
Track energy consumption and carbon emissions across the agent fleet. Budget enforcement and scheduling optimization visibility.
Fleet Observability
OpenTelemetry-powered distributed tracing across agent swarms. Traces span organizational boundaries via A2A correlation.
Agent Discovery Registry
Browse all discoverable agents, their capabilities, protocol support, and trust scores. The Yellow Pages of the Agent Internet.
LIVE PROTOCOL STATUS
Business & Ecosystem Model
Multi-layered revenue strategy designed to fund open-source development while serving enterprises, governments, and the developer community.
ARISE Cloud (Managed SaaS)
Fully managed multi-tenant deployment with per-agent and per-workflow pricing. Ideal for teams that want to run agents without managing infrastructure.
Enterprise & Sovereign License
Self-hosted or air-gapped deployment for organizations with strict data residency, regulatory, or security requirements. Includes priority support and SLAs.
Efficiency Tax (AP2 Transactions)
A micro-fee on economic transactions processed through the AP2 payment protocol. Revenue scales directly with agent-driven commerce volume.
Governance-as-a-Service
Managed compliance reporting, EU AI Act audit generation, Truth Ledger hosting, and regulatory certification support for organizations operating agent fleets.
Plugin Marketplace (Rev Share)
A curated marketplace for Wasm-sandboxed agent extensions, tool adapters, and pre-built workflows. Developers earn 80% revenue share on paid plugins.
Training & Certification
Structured training programs, certification tracks, and consulting engagements for teams adopting ARISE. Includes architecture reviews and deployment planning.
TARGET UNIT ECONOMICS (YEAR 2)
Open-Source Core Commitment
The ARISE kernel, protocol adapters (MCP/A2A/ACP/AP2), Wasm sandbox runtime, and Truth Ledger core are permanently open-source under Apache 2.0. Enterprise features (multi-tenancy, SSO, advanced compliance tooling, priority support) are source-available under a commercial license.
This model ensures the protocol layer remains a public good while sustaining development through value-added services. We believe the agent internet must be built on open standards, not proprietary lock-in.
Risks, Mitigations & Testing Strategy
Comprehensive risk register with concrete mitigation strategies and testing approaches.
Protocol specification instability
MITIGATION
Version negotiation layer. Adapter pattern for breaking changes. Active spec working group participation.
TESTING STRATEGY
Protocol conformance test suite against multiple spec versions. Fuzz testing on wire format parsing.
Wasm sandbox vulnerabilities
MITIGATION
Minimal host function surface. Defense-in-depth: Wasm + process isolation + seccomp. Regular security audits.
TESTING STRATEGY
Continuous fuzzing with cargo-fuzz. Annual third-party penetration testing. Bug bounty program.
Temporal.io single point of failure
MITIGATION
Multi-region Temporal deployment. Custom lightweight replay engine as fallback. Regular DR drills.
TESTING STRATEGY
Chaos engineering: Temporal cluster kill tests. Failover time measurement. Data integrity verification after recovery.
Carbon API data quality
MITIGATION
Dual provider (WattTime + Electricity Maps). Fallback to conservative estimates. Cache with TTL.
TESTING STRATEGY
Historical data backtesting. API response time monitoring. Comparison audits between providers.
Multi-model BFT false positives
MITIGATION
Tunable consensus thresholds. Human review queue for edge cases. Continuous calibration from HITL feedback.
TESTING STRATEGY
Adversarial test suite with known-hallucination prompts. False positive rate tracking dashboard.
Supply chain attacks on plugins
MITIGATION
Plugin signing + verified publisher chain. Static analysis on Wasm bytecode. Runtime behavior monitoring.
TESTING STRATEGY
Malicious plugin test suite. Provenance chain verification. Sandbox escape attempt library.
Get Started
From zero to a running agent fleet in under 5 minutes. Apache 2.0 licensed, open-source core.
Install the CLI
# Install ARISE CLI curl -fsSL https://get.arise.dev | sh # Or via npm npm install -g @arise/cli
Initialize your first node
# Create a new ARISE project arise init my-agent-fleet cd my-agent-fleet # This scaffolds: # /agents - Agent definitions # /tools - MCP tool configs # /mandates - Mandate templates # /workflows - Temporal workflow defs # arise.config.ts
Define and register an agent
// agents/procurement.ts
import { defineAgent } from "@arise/sdk"
export default defineAgent({
name: "ProcurementAgent",
protocols: ["mcp", "a2a", "acp"],
capabilities: ["vendor_search", "price_compare"],
mandateScope: "procurement/*",
consensus: { model: "bft", quorum: "2/3" },
carbon: { budget: "5g_co2_per_task" },
})Start your local agent fleet
# Start in development mode arise dev # Output: # ARISE v0.1.0 - Development Mode # Kernel: http://localhost:9100 # Dashboard: http://localhost:9200 # MCP: http://localhost:9300 # A2A: http://localhost:9400 # # Agent 'ProcurementAgent' registered # Truth Ledger: append-only (local SQLite) # Carbon tracking: mock provider (dev mode)
Documentation
Complete API reference, architecture guides, and tutorials.
docs.arise.devGitHub Repository
Source code, issues, pull requests, and contribution guide.
github.com/arise-os/ariseDiscord Community
Chat with the team, get help, and share what you're building.
discord.gg/ariseInteractive Playground
Try ARISE in the browser with pre-built agent scenarios.
play.arise.dev