The Three Nodes

Consensus Rule

A Tri-Witness (Floor F3) check validates that HUMAN intent, THEORY constraints, and APPS execution are aligned before any consequential action. If any node dissents, the action is blocked or escalated to 888_HOLD.

Network Topology (Docker)

traefik_network        — shared routing layer (all public services)
arifos_core_network    — arifOS kernel, databases, Traefik
geox_geox_network      — GEOX internal services

DITEMPA BUKAN DIBERI (Malay: "Forged, not given") is the founding principle of this system. Intelligence, capability, and authority are not granted — they are earned through verified, governed process.

Every agent, every tool, every deployment must pass the constitutional floors. A SEAL verdict is not handed out — it is the result of a full THEORY → ENGINE → GOVERNANCE pass with confidence ≥ 0.80.

Implications

• No shortcuts — the Golden Path (init → sense → mind → heart → judge → vault) cannot be skipped.
• No hallucinated authority — an agent cannot claim a SEAL it did not earn. F9 (Anti-Hantu) blocks this.
• No irreversible action without a ledger entry — VAULT999 records every consequential decision before it executes.
• The human is the final node — F13 (Sovereign) ensures Muhammad Arif bin Fazil holds the ultimate veto.

Seal Phrase

999_SEAL: DITEMPA BUKAN DIBERI

This phrase appears in every health endpoint and production manifest. It is the constitutional signature of a properly forged deployment.

What it does

arifOS MCP is the central intelligence hub of the Trinity Architecture. It runs as a FastMCP server, exposing constitutional tools via the Model Context Protocol. Every tool call passes through the governance mesh before executing.

Public Tools

Internal Tools (post-SEAL)

Infrastructure

Container:  arifosmcp
Port:       8080
Network:    arifos_core_network, traefik_network
Health:     https://arifosmcp.arif-fazil.com/health
Stack:      Python 3.12 · FastMCP · Qdrant · PostgreSQL · Redis

Tool Risk Levels

Golden Path Sequence

1. arifos.v2.init     → Bootstrap session, validate F1+F13
2. sense              → Perceive context (internal, post-init)
3. mind               → Reason and plan
4. heart              → Constitutional values check
5. arifos.v2.judge    → Render verdict (SEAL / PARTIAL / SABAR / VOID)
6. vault              → Write to VAULT999 (only if SEAL)

VAULT999 is the constitutional ledger of the arifOS ecosystem. It stores every verdict that reaches SEAL status (confidence ≥ 0.80). Writing to VAULT999 is an F1 (Amanah) requirement — no irreversible action proceeds without a corresponding vault entry.

Entry Structure

{
  "id":         "vault-{timestamp}-{hash}",
  "verdict":    "SEAL | PARTIAL | SABAR | VOID",
  "confidence": 0.00 – 1.00,
  "floor_pass": ["F1","F2",...,"F13"],
  "floor_fail": [],
  "action":     "description of the sealed action",
  "agent":      "arifOS MCP | GEOX | AF-FORGE | ...",
  "sovereign":  "arif-fazil",
  "timestamp":  "ISO-8601",
  "seal_phrase": "DITEMPA BUKAN DIBERI"
}

Access

VAULT999 entries are accessible via the vault internal tool after a successful SEAL verdict through the Golden Path. Direct writes are not permitted — all entries go through arifos.v2.judge.

GEOX is the Earth Witness organ in the arifOS constitutional federation. It is not a passive data viewer — every output it produces goes through a full THEORY → ENGINE → GOVERNANCE pass before being surfaced.

Core Capabilities

• Seismic interpretation — load and evaluate seismic lines with constitutional floor enforcement
• Well-log analysis — interpret well log data against physical plausibility constraints
• Prospect evaluation — score hydrocarbon prospects with uncertainty quantification
• Malay Basin Pilot — live data integration for the Malay Basin geological framework
• Macrostrat integration — query global stratigraphic data as ground-truth anchor

Architecture

Infrastructure

GUI container:   geox_gui    → nginx serving React 19 cockpit
API container:   geox_server → FastMCP Python server (port 8000)
Network:         traefik_network, geox_geox_network
Live:            https://geox.arif-fazil.com
Health:          https://geox.arif-fazil.com/health
MCP endpoint:    https://geox.arif-fazil.com/mcp
Version:         0.6.0

Core Principle

The ToAC states that anomalies visible in seismic or geospatial imagery are contrast artefacts until proven otherwise. A bright spot on a seismic section may be a genuine DHI (Direct Hydrocarbon Indicator) or it may be a processing artefact, multiple, or geometric effect.

GEOX enforces an audit of the full transform chain — from acquisition to display — before allowing any geological interpretation to proceed. This is the implementation of Floor F2 (Truth: τ ≥ 0.99) and Floor F4 (Clarity: CRS + units mandatory).

Conflation Risk Classes

Audit Requirements

Before GEOX renders a SEAL verdict on any interpretation, the following must be documented:

• Coordinate reference system (CRS) and datum
• Acquisition geometry and fold
• Processing sequence (demultiple, migration, filter)
• Display parameters (gain, colour scale, clip level)
• Well tie quality (if available)

Basin Overview

The Malay Basin is a Cenozoic intracratonic basin located in the southern South China Sea, straddling Malaysia and Indonesia. It is one of Southeast Asia's most productive hydrocarbon basins, with over 50 years of production history from clastic reservoirs of Miocene to Pliocene age.

• Area: ~85,000 km²
• Dominant play type: Fluvio-deltaic clastics (Miocene–Pliocene)
• Structural style: NW-SE trending normal faults with inversion
• Primary operator: Petronas Carigali (Malaysian waters)
• Data source: GSM-702001 regional interpretation framework

Constitutional Integration

All Malay Basin prospect evaluations in GEOX must pass:

• F2 Truth — coordinates in WGS84/MSL, tied to public Macrostrat stratigraphy
• F4 Clarity — all depth estimates in metres TVDSS with ± uncertainty band
• F7 Humility — P10/P50/P90 resource estimates required; single-point estimates blocked
• F9 Anti-Hantu — no phantom structures; every closure must have a 4-way or fault-dependent trap with documented geometry
• F13 Sovereign — prospect gate (drill/no-drill decision) requires human confirmation

Live Dashboard

The Malay Basin Pilot dashboard is accessible at geox.arif-fazil.com under the Pilot tab. It integrates the regional framework with the GEOX cockpit's seismic viewer, well-log panel, and governance badge strip.

Execution Flow

CLI (cli.ts)
  → AgentProfile
  → AgentEngine
      → LongTermMemory injection
      → LlmProvider.completeTurn()
      → ToolRegistry.runTool()   [permission + policy check]
      → ShortTermMemory append
      → RunReporter
          → ForgeScoreboard
          → RunMetricsLogger

Modes

LLM Providers

• mock — deterministic scripted responses (default, for testing)
• openai_responses — live OpenAI Responses API (requires OPENAI_API_KEY)

Stack

Language:   TypeScript (ESM, NodeNext module resolution)
Runtime:    Node.js 22+
Test:       node:test (built-in, no jest/vitest)
Build:      npm run build  →  dist/
Entry:      node dist/src/cli.js <command>

TASK_CREATED
  → PLAN_PROPOSED
      → APPROVAL_REQUIRED       (human review gate)
          → TOOL_RUN_STARTED
              → TOOL_RUN_FINISHED
                  → TASK_COMPLETED
                  → TASK_ABORTED        (floor violation or 888_HOLD)

State Definitions

Gate Types

Dangerous tools flag

Tools classified as dangerous are only accessible when ENABLE_DANGEROUS_TOOLS=1 is explicitly set in the environment. They remain gated by 888_HOLD even when the flag is active.

APEX is the THEORY node of the Trinity Architecture. It is not a software system — it is a body of constitutional principles that all software systems in the ecosystem must implement. The apex.arif-fazil.com site is the canonical reference.

Core Claims

• Intelligence that cannot be audited is not trustworthy intelligence.
• Every AI action has a reversibility coefficient. Irreversible actions require proportionally higher evidence standards.
• Human sovereignty is not a feature to be toggled — it is a constitutional floor (F13) that cannot be negotiated away.
• The entropy constraint (ΔS ≤ 0, Floor F4) is the mathematical expression of "make things clearer, not murkier."
• A system that claims a SEAL it did not earn is a Ghost (Hantu) — Floor F9 blocks this absolutely.

Relationship to arifOS

arifOS MCP is the runtime implementation of APEX theory. Every floor in arifOS has a direct mapping to an APEX principle. When theory and implementation diverge, APEX wins — the implementation must be updated to conform.

Definition

In information-theoretic terms, entropy S is the measure of uncertainty or disorder in a state. The constitutional constraint ΔS ≤ 0 means that every action an agent takes must leave the system in a state of equal or lower uncertainty than before.

Concretely: if an agent's response makes the situation less clear — adds ambiguity, contradicts established facts, or leaves a problem in a worse-understood state — it violates F4.

Practical enforcement

• Every tool call must declare how it reduces uncertainty (even if marginally)
• Responses that introduce more unknowns than they resolve score negative ΔS and are blocked
• In GEOX, this manifests as the requirement for coordinates + CRS on all inputs — bare pixel values have undefined entropy reduction
• In AF-FORGE, multi-step plans must show monotonically decreasing uncertainty toward the goal