What is HestiaOS?
Problem
Agentic systems — whether AI assistants, autonomous workflows, or multi-agent architectures — face fundamental challenges around decision transparency, accountability, and boundary control.
When an agent acts, several questions arise:
- Who decided the action should proceed?
- What policy governed the decision?
- What evidence exists that the decision was valid?
- Can the chain of events be reconstructed later?
- What side effects did the action produce?
Most existing agent frameworks do not systematically answer these questions. Policy is often implicit, traces are incomplete, and there is no clear line between "proposed" and "executed".
Approach
HestiaOS explores a governance-first execution model.
Instead of treating policy as an afterthought or guardrail bolted onto an otherwise unrestricted agent, HestiaOS places a governance kernel at the boundary between intent and side effect.
This kernel is responsible for:
- Registering incoming intents
- Evaluating them against explicit policy
- Producing DecisionTraces — replayable, causal records
- Requiring an ExecutionCommit before any external side effect is permitted
Core Concepts
| Concept | Description |
|---|---|
| Intent | A proposed action submitted by an agent or operator. |
| Policy Decision | An explicit evaluation of an intent against declared rules. |
| DecisionTrace | A structured, replayable record of the decision path. |
| ExecutionCommit | A cryptographic-style marker that authorizes a side effect. |
| Causal Bridge | The link between a DecisionTrace and observable outcomes. |
| Governance Kernel | The boundary component that enforces the above contracts. |
What is public here?
This site contains:
- Architecture overview at the boundary level
- Public benchmark summaries with stated limitations
- Synthetic audit and replay traces (no real data)
- Redacted screenshots from demo environments
- Links to approved public repositories
- Kernel v0.1 freeze documentation
What is not public here?
This site does not contain:
- Private runtime infrastructure details
- Production credentials, tokens, or keys
- Internal project data or customer data
- Live execution controls
- Non-redacted internal logs
- Private repository content
- OpenProject or Nextcloud data
If something is not listed here, it is not public — and that is by design.