Book on omnibachi

Protocol-Governed Systems

Thu, 15 Jan 2026 00:00:00 +0000

A Constitutionally Constrained Architecture for Autonomous and AI-Generated Software

A Practitioner’s Guide

Version 0 — First Edition · Baseline: PGS v0.4.0

Bhash Ganti (aka Bachi)

Contact: bachipeachy@gmail.com

Reference Implementation GitHub: bachipeachy/pgs_workspace

Abstract

Software systems are entering a new operational reality. As AI coding agents accelerate implementation velocity, the gap between what organizations intend systems to do and what those systems are actually capable of doing is widening rapidly. In conventional architectures, behavioral authority remains embedded in imperative code, dispersed across frameworks, orchestration layers, service boundaries, and runtime interpretation. Governance is typically applied after implementation through testing, review, policy, or operational controls rather than being structurally enforced before execution begins.

Chapter 00 — Introduction and Orientation

Thu, 22 Jan 2026 00:00:00 +0000

Software is now generated faster than it can be governed.

AI-assisted development, distributed infrastructure, microservice sprawl, and accelerating delivery pipelines have dramatically increased implementation velocity. Governance — correctness, traceability, behavioral authority, operational auditability — remains bounded by human deliberation. The gap between these two velocities is structural and widening.

This is not a problem you solve with better tooling, more diligent code review, or a stronger CI pipeline. Those are compensations for a structural absence. The absence is the governance surface itself: there is no artifact in most software systems that declares what the system is authorized to do, in a form that can be validated, compiled, and enforced before execution begins.

Chapter 1 — Why Software Breaks at Scale

Thu, 29 Jan 2026 00:00:00 +0000

This chapter is a diagnosis. Before proposing a solution, the book must make the problem visible — not as a collection of anecdotes, but as a structural pathology with identifiable root causes. The chapter argues that the dominant model of software construction — the application-centric model — embeds governance in code rather than declaring it as structure, and that this architectural choice produces a distinct form of debt that no amount of better tooling, process improvement, or code refactoring can eliminate. It introduces Structural Governance Debt as a formal concept, shows why it compounds polynomially with scale, and explains why AI-speed code generation removes the last natural throttle on its accumulation. The reader who finishes this chapter will recognize the pathology in their own systems — and understand why the remedy must be architectural, not procedural.

Chapter 2 — From Applications to Protocols

Thu, 05 Feb 2026 00:00:00 +0000

Paradigm and Reference Architecture

Chapter 1 diagnosed the pathology: Structural Governance Debt — the accumulated cost of embedding governance in code rather than declaring it as structure. The diagnosis is complete. This chapter defines the cure.

It is the foundational chapter of the book. It answers two questions in sequence. Part I — The Paradigm (Sections 2.1–2.6) asks: What is a Protocol-Governed System? It defines the five canonical properties, the WHAT/HOW separation, the Layer-Concern structural grammar (eight layers, ten concerns), and the emergent properties that follow from structural governance. Part II — The Reference Architecture (Sections 2.8–2.11) asks: What does this look like as a system? It maps the paradigm onto a concrete layered topology with strict authority flow — from declaration through governance through compilation to enforcement. By the end, the reader will hold the complete architectural vocabulary and system model that every subsequent chapter builds upon: layers, concerns, artifact types, authority flow, and the deployment context within which protocol-governed systems operate.

Chapter 3 — Constitutional Authoring

Thu, 12 Feb 2026 00:00:00 +0000

Chapter 1 diagnosed the pathology — structural governance debt. Chapter 2 defined the cure — Protocol-Governed Systems — and laid out the eight-layer architecture with its ten canonical concerns. The paradigm is established. The vocabulary is defined. But paradigms do not build systems. Artifacts do.

This chapter is where the reader picks up a pen. It answers the central question of PGS authoring: How do you express system behavior as governance artifacts — and how does the system guarantee that those artifacts are structurally complete before any execution occurs?

Chapter 4 — The Builder as Constitutional Compiler

Thu, 19 Feb 2026 00:00:00 +0000

Chapter 3 authored governance artifacts and proved that constitutional validation rejects incomplete or invalid declarations at authoring time. The artifacts are ratified — immutable, versioned, hash-anchored. But they are YAML embedded in markdown, organized for human readability. The execution engine does not read YAML. It loads compiled JSON.

This chapter addresses the bridge between ratification and execution: How do ratified governance artifacts become the compiled protocol that the execution engine loads — and what guarantees that the compilation is faithful, deterministic, and complete?

Chapter 5 — Semantic-Agnostic Execution

Thu, 26 Feb 2026 00:00:00 +0000

Chapters 3 and 4 established the legislative pipeline: governance artifacts are authored, validated, ratified, and compiled into protocol JSON. The law is written. The law is compiled. But it has never executed.

This chapter is the moment of enforcement. It answers the question that separates PGS from every workflow engine, orchestrator, and application framework: Can a single execution engine process any domain’s workflows — financial, medical, industrial, blockchain — without containing a single line of domain-specific logic?

Chapter 6 — Capability Transforms and Composition

Thu, 05 Mar 2026 00:00:00 +0000

Chapter 5 executed the User Registration workflow as a DAG traversal. When the engine reached a CT_ step inside a capability contract, it dispatched to a transform and received a result. The transform was a black box — the engine sent inputs in and got outputs back. It did not know what happened inside. It followed the edge.

This chapter opens the box. It answers: How does pure computation work inside a protocol-governed system — and how do small, single-purpose functions compose into complex pipelines without losing determinism or governance?

Chapter 7 — Capability Side Effects and Isolation

Thu, 12 Mar 2026 00:00:00 +0000

Chapter 6 proved that pure computation is governed — atoms and molecules execute as deterministic, side-effect-free transforms. But a system that cannot write to storage, register state, or record events cannot do useful work. The CT_ layer computes. Something else must mutate.

This chapter opens the CS_ layer and answers: How does a protocol-governed system perform world mutation — persistence, registration, event recording — without compromising the determinism and auditability guarantees that the CT_ layer provides?

Chapter 8 — Failure as a First-Class Architectural Construct

Thu, 19 Mar 2026 00:00:00 +0000

Chapters 5 through 7 proved that PGS execution works — DAG traversal, pure computation, governed mutation. The happy path is established. But architects do not evaluate systems by their happy paths. They evaluate them by their failure modes.

This chapter answers: When a protocol-governed system fails, what exactly happens — and why is every failure classifiable, deterministic, and diagnosable without the original runtime?

In application-centric systems, failures are discovered forensically — log spelunking, stack trace analysis, hypothesis testing, and the dreaded “works on my machine.” In PGS, failure is a first-class architectural construct. Every failure falls into exactly one of four canonical categories: governance violations, binding resolution failures, execution failures, and structural violations. Each category has a deterministic signature, a trace-complete record, and a reconstruction path. The chapter introduces the Reconstructability Property — the guarantee that any failure can be fully diagnosed from governance artifacts and execution traces alone, without access to the original runtime environment. It establishes “no silent repair” as a constitutional invariant: no layer may fix, mask, or compensate for violations originating in another layer. Failures propagate honestly. The reader will understand why PGS systems are easier to debug than systems with more sophisticated error handling — because the failure taxonomy is structural, not procedural.

Chapter 9 — Deterministic Traces as First-Class Artifacts

Thu, 26 Mar 2026 00:00:00 +0000

Chapter 8 diagnosed failures by reading execution traces — inspecting which node failed, what result status was returned, and what exit reason terminated the workflow. At no point did diagnosis require source code or environment reproduction. But Chapter 8 treated the trace as a given. It used the trace without examining the trace itself.

This chapter examines the trace as an artifact. It answers: What makes an execution trace more than a log file — and how does its construction guarantee that audit, replay, and forensic diagnosis are architectural properties rather than operational aspirations?

Chapter 10 — Inverted Security Architecture

Thu, 02 Apr 2026 00:00:00 +0000

Chapters 5 through 9 proved that PGS execution is deterministic, that failures are classified, and that traces provide tamper-evident records of everything the system did. But one claim remains unproven: that the system cannot do what it was not told to do.

This chapter completes the security axis. It answers: How does a protocol-governed system achieve security not by defending against unauthorized behavior, but by making unauthorized behavior structurally inexpressible?

Chapter 11 — Declarative Package Federation

Thu, 09 Apr 2026 00:00:00 +0000

Chapters 5 through 10 treated each domain as a self-contained governance unit — one vocabulary, one set of artifacts, one execution surface. But real systems are not single domains. The blockchain module references crypto transforms from the reusable package. The AI licensing module uses the same shared side-effect runtimes. The transport layer wraps workflow execution in HTTP semantics. Every production system is a federation.

This chapter answers: How do independently authored domains discover, reference, and compose each other’s artifacts — and how is that federation itself governed rather than emergent?

Chapter 12 — Linear Scalability Through Compositional Isolation

Thu, 16 Apr 2026 00:00:00 +0000

Chapter 10 proved that no undeclared execution can occur. Chapter 11 proved that no undeclared structure can exist. But a system can have perfect security and perfect federation and still collapse under its own complexity. If every new domain introduces coupling to every existing domain, the interaction surface grows quadratically. If every version upgrade cascades through dependent artifacts, the migration cost grows with the dependency graph.

This chapter completes the structural arc. It answers: Why does complexity in a protocol-governed system grow linearly with the number of declared artifacts — rather than polynomially with the interactions between them?

Chapter 13 — Building a Protocol-Governed Domain

Thu, 23 Apr 2026 00:00:00 +0000

Chapters 3 through 12 taught us about the different parts of a special system. We learned how it makes sure things are done correctly, how it runs programs, how it handles changes, and how it keeps track of everything. Each chapter showed us one important rule or feature. But knowing what each part does is not the same as knowing how to build the whole system from the very beginning.

Chapter 14 — Use Case: AI Agent Governance Domain

Thu, 30 Apr 2026 00:00:00 +0000

Chapter 13 defined the construction method — Act 0 through Act VII. The method is precise, the gates are structural, and the sequence is topologically determined. But a method without an industrial proof is a theory.

This chapter is the proof. It answers: Can the eight-act construction method produce a non-trivial enterprise domain — from business thesis to running, traced, verified execution — without modifying the core engine or any existing domain?

Chapter 15 — Structural Economics of Governance

Thu, 07 May 2026 00:00:00 +0000

Chapters 3 through 14 proved that protocol governance works — structurally, technically, and at industrial scale. The architecture is sound. The construction method is repeatable. The execution is deterministic. But architects do not adopt paradigms because they are elegant. They adopt them because the economics are compelling.

This chapter shifts from architecture to economics. It answers: What does protocol governance cost — and what does it save — over the lifecycle of a software system?

Chapter 16 — Engineering Under Constitutional Constraint

Thu, 14 May 2026 00:00:00 +0000

Chapter 14 proved the construction method works. Chapter 15 showed why the economics are compelling. The reader now knows what protocol governance produces and what it costs. But architecture and economics are experienced by organizations. Engineering is experienced by individuals.

This chapter answers the question that every practicing engineer asks: What does it actually feel like to build software this way — and what changes in daily practice when governance is primary and code is subordinate?

Chapter 17 — AI-Augmented Development Under Protocol Governance

Thu, 21 May 2026 00:00:00 +0000

Chapter 16 showed how engineering practice transforms under protocol governance. The daily loop shifts from integration to composition. Risk is bounded. Debugging is structural. But Chapter 16 assumed human-speed development. What happens when the developer is an AI generating artifacts at machine speed?

This chapter addresses the question that Chapter 1 opened: How does protocol governance resolve the generation-governance impedance mismatch — the widening gap between AI’s ability to produce code and humanity’s ability to govern it?

Chapter 18 — Adopting Protocol Governance Incrementally

Thu, 28 May 2026 00:00:00 +0000

The reader has arrived at the final chapter with a complete picture. The paradigm is defined. The execution model is proven. Security, federation, and scaling properties are established. The construction method has been demonstrated on an industrial domain. The economics are quantified. The engineering practice is described. The AI implications are addressed.

One question remains: How do I start — and how do I start without rewriting everything?

This chapter answers the adoption question pragmatically. Protocol governance does not require a big-bang migration. The minimum viable starting point is one contract, one workflow, one trace — a single governed capability wrapping an existing service as a capability side effect. From that foothold, the chapter maps the incremental path to platform maturity. It provides migration patterns from monoliths, microservices, and event-driven architectures. It addresses the Rigidity Question head-on — why structural constraint enables flexibility rather than brittleness. It offers a decision framework for the architect who must make the case to stakeholders. And it answers honestly when protocol governance is overkill — because not every system needs it, and knowing where the boundary lies is part of the paradigm’s integrity.

Appendix A — Glossary of PGS Terms

Thu, 04 Jun 2026 00:00:00 +0000

This glossary defines the operational vocabulary of Protocol-Governed Systems. PGS vocabulary is structural, not descriptive — each term corresponds to a specific architectural role. Understanding these terms is understanding the system.

Core Paradigm

Protocol-Governed System (PGS)
A computational model in which system behavior is defined as compiled governance artifacts rather than as an emergent property of implementation code. All permissible behavior is declared before execution; only declared behavior is executable.

Appendix B — Protocol Snapshot Reference

Thu, 11 Jun 2026 00:00:00 +0000

The canonical set of compiled protocol artifacts is maintained in the protocol_snapshot/ directory of the pgs_workspace repository.

Why a live pointer instead of a static appendix? Prior editions included artifact listings in this appendix. Protocol artifacts are versioned, evolving artifacts — a static copy ages immediately. The live snapshot is always authoritative.

Location

pgs_workspace/
└── protocol_snapshot/
    └── artifacts/
        ├── workflows/
        ├── capability_contracts/
        ├── capability_transforms/
        ├── capability_side_effects/
        ├── runtime_bindings/
        ├── intents/
        ├── assertions/
        ├── events/
        ├── actors/
        ├── layers/
        └── invariants/

How to Browse

# List all workflows
ls protocol_snapshot/artifacts/workflows/

# List all capability side effects
ls protocol_snapshot/artifacts/capability_side_effects/

# Read a specific artifact
cat protocol_snapshot/artifacts/workflows/blockchain__WF_REGISTER_ACTOR_UNVERIFIED_V0.json

Naming Convention

All artifact filenames follow FQDN format:

Appendix C — pgs_runtime CLI Reference

Mon, 15 Jun 2026 00:00:00 +0000

pgs_runtime is the command-line interface for the PGS runtime engine. It provides two subcommands: run executes a workflow or intent against a compiled snapshot, and examine inspects an execution trace.

Global Usage

pgs_runtime <subcommand> [options]

The CLI reads from protocol_snapshot/ and writes traces to traces/. It does not modify snapshot artifacts.

`pgs_runtime run`

Executes a workflow or intent against the compiled protocol snapshot.

Synopsis

pgs_runtime run \
  (--wf <FQDN> | --intent <FQDN>) \
  --payload <path> \
  [--rb <FQDN>] \
  [--mode <runtime|authoring>] \
  [--debug] \
  [--data-root <path>] \
  [--workspace <path>]

Entry Point (mutually exclusive, one required)

Flag Argument Description

pgs_compiler CLI Reference

Mon, 15 Jun 2026 00:00:00 +0000

pgs_compiler is the command-line interface for the PGS compiler pipeline. It provides three subcommands: compile runs a single-structure build, build runs the full workspace build, and inspect queries compiled evidence without recompiling.

Global Usage

python -m pgs_compiler.cli <subcommand> [options]

`compile`

Runs the full 9-stage pipeline (S1–S9) for a single STRUCTURE_ artifact (Phase Type A).

python -m pgs_compiler.cli compile --structure <STRUCTURE_NAME>

Flag Description

--structure Name of the STRUCTURE_ build artifact to compile (e.g., STRUCTURE_BUILD_BLOCKCHAIN_CONFIG_V0)

Appendix D — Artifact Schema Reference

Mon, 15 Jun 2026 00:00:00 +0000

Every PGS artifact is a declarative unit of governance. Each artifact type has a fixed schema — a set of fields that the builder validates before compilation. This appendix documents the schema for each artifact type, drawn from the compiled artifacts in protocol_snapshot/.

Artifacts are authored as Markdown files with a YAML machine: block. The builder extracts the machine: block and compiles it into a JSON artifact. The field definitions here describe the YAML schema — the same fields appear in the compiled JSON under frontmatter.