Axiom Service

The governance service for autonomous systems.

Axiom doesn't replace CrewAI, LangChain, n8n, or Hermes. It governs them. Any agent calls one API before executing a tool. Axiom evaluates — ALLOW, BLOCK, or ESCALATE. Every decision carries cryptographic proof.

Agent-Agnostic
One API. Any framework. CrewAI, LangChain, n8n, Hermes.
Policy
Deny-by-default. Immutable at runtime.
Proof
Hash-chained. Replayable. Tamper-evident.
Escalation
Humans in the loop when needed.

Your agents can act. Can you prove they acted correctly?

Every autonomous agent — whether built with CrewAI, LangChain, n8n, or a custom stack — can propose and execute actions. But most cannot prove the action was allowed before it happened. Axiom provides the missing governance gateway: a single API that any agent framework calls before executing. If the action violates policy, it never executes. If it passes, it carries cryptographic proof.

One API. Any agent framework.

Every agent framework calls the same endpoint before executing a tool. Axiom evaluates the proposed action against policy, confidence, and context — and returns a binding decision.

POST /v1/governance/check

{ "agent_id": "invoice-agent-01", "framework": "crewai", "tool_name": "pay_invoice", "tool_input": { "amount": 12000, "vendor_id": "v_5542" }, ... }

ALLOW — "All policy checks passed." Proof hash recorded.
BLOCK — "Vendor bank account mismatch detected." Action refused.
ESCALATE — "Payment exceeds autonomous threshold." Human approval required.

Nine layers. One governance spine.

Every autonomous decision traverses nine layers. Each layer gates, constrains, records, or verifies. No layer can authorize itself beyond its bounds.

1
Observe
Ingest state from all adapters — banks, chains, processors, DEXs. Normalized, timestamped, source-annotated.
2
Confidence
Score every source on freshness, consistency, health, and corroboration. Uses min() aggregate — one degraded source gates the system.
3
Reconcile
Cross-source agreement. Detect divergence. If Bank A and Bank B disagree, the system knows — and records it as forensic evidence.
4
Policy
Evaluate against immutable, hash-committed constraints. Deny-by-default. Any action not explicitly permitted is denied.
5
Escalate
Classify into tier: INFO → REVIEW → APPROVAL → STOP. STOP requires explicit human intervention — no automatic recovery.
6
Decide
Propose action within policy bounds. Optimize among permissible options. "I propose. Policy permits. Confidence gates."
7
Prove
Record immutably. Hash-chain to prior event. Enable replay. Any third party can independently verify every decision.

See how Axiom governs an autonomous agent before it executes a high-liability action.

The agent can propose the action. It cannot make the action executable until Axiom permits it.

The five questions every autonomous system must answer.

Was this action allowed?
Policy evaluation is deterministic. Every action carries a reference to the exact policy hash that governed it. Auditors verify: was this action within policy? Answer is provably yes or no.
Was confidence sufficient?
The system refuses to act below threshold. Confidence scores are recorded in every event. Replay verifies: was aggregate confidence above the required level? A single degraded source at 0.3 cannot be averaged away by nine at 1.0.
Did sources agree?
The reconciliation engine detects divergence between independent data sources. Every reconciliation produces a forensic event — what was compared, what diverged, what consistency factor was applied.
Why was this decision made?
Every decision records: what was observed, what alternatives were considered, what policy rules were evaluated, what escalation tier applied, and what rationale was used. Not a black box — a replayable trail.
Can I replay it?
Yes. The kernel is deterministic (ADR-0005). Identical input → identical output. Any third party who has never met the operator can replay the entire operational history and verify every decision independently.

What happens when things go wrong.

Refused
REFUSED
Stale bank data — system refused payment. No stale-state execution allowed.
Blocked
BLOCKED
Vendor account mismatch — system blocked payment. Policy violation prevented.
Escalated
ESCALATED
Low confidence — system escalated to human. Machines can't blame; humans approve ambiguity.

Axiom's value is not action. It's safe refusal.

Every Decision. Replayable.

Decision
Proposed action
Evidence
All inputs recorded
Replay
Deterministic kernel
Verification
Independent proof

Any auditor, regulator, or counterparty can independently reconstruct and verify every autonomous decision. No trust in the operator required.

Starting with Financial Operations

Axiom's kernel is domain-agnostic — the same governance spine operates across payments, supply chain, energy, and infrastructure. But financial operations is where the pain is most acute today.

Treasury Automation

Sweeps & Rebalancing

Policy-bound treasury sweeps with confidence-gated execution. Prove every movement was within limits, with adequate confidence, and correctly reconciled.

Payment Routing

Processor Selection

Route payments across processors within policy bounds. Optimize for cost and speed — while proving every route was policy-compliant and source-verified.

Settlement Operations

Cross-Source Verification

Reconcile settlement data from multiple independent sources. Detect divergence. Record as forensic evidence. Never act on inconsistent state.

Processor Failover

Graceful Degradation

When a processor degrades, confidence drops. The system escalates rather than routing to an uncertain destination. Humans approve the failover path.

Two questions. Two products. One trust model.

Axiom operates fully on its own — events are cryptographically self-consistent and independently verifiable. For organizations needing the strongest trust model, Ardyn Core adds execution integrity verification: proving the governance runtime itself ran on infrastructure you can trust.

Can I trust where this ran? + Should this have been allowed to run?

Ardyn Core proves the execution environment was genuine — hardware, software, and configuration all verified. Axiom proves the action was policy-compliant, confidence-gated, and independently replayable. Together: trusted computation and governed autonomy.

Learn about Ardyn Core →

Autonomous systems need governance.
Axiom provides it — with proof.