AIEP Node Emulator
A locally runnable proof of the AIEP hardware governance architecture. The emulator instantiates a cryptographic substrate node — complete with ECDSA identity, power-governed reasoning, live evidence ingestion from public legal sources, dissent fork detection, and hardware-triggered substrate migration — in a zero-dependency Node.js/TypeScript runtime with a live web dashboard.
The internet is the substrate. The node is the governance layer. Power is not an infrastructure concern — it is a first-class protocol primitive.
→ Hardware governance thesis · → Reference implementations
What it demonstrates
The emulator makes three architectural claims observable in a running system.
Claim 1 — The internet is a knowledge substrate, not just a delivery network
The node runs a continuous 15-second ingestion cycle against four live legislative sources:
| Source | What it ingests |
|---|---|
legislation.gov.uk | UK public law corpus |
bills.parliament.uk | Live UK parliamentary bills |
eur-lex.europa.eu | EU legal register |
api.congress.gov | US federal legislative index |
Every committed document is SHA-256 hashed and stored in the evidence ledger as an immutable artefact. When a source document changes between cycles, the emulator detects the hash divergence and issues an evidence evolution record — the substrate has received a new truth. This is not a crawl. It is a governed ingestion pipeline treating the open internet as a distributed knowledge layer.
Claim 2 — Power degradation must be governed as a reasoning constraint, not an infrastructure failure
The node operates across four power states derived from the hardware governance specification:
| State | Power | Capabilities |
|---|---|---|
| A | 100% | Full reasoning · evidence ingestion · signing · migration |
| B | 60% | Reasoning · evidence ingestion · signing |
| C | 30% | Evidence ingestion only |
| D | 15% | Substrate migration only — node triggers sealed migration and halts |
At State D the node does not simply stop. It seals its complete ledger into a MigrationRecord, signs it with its ECDSA private key, and generates a ledger_hash committing the full evidence corpus — ready for resumption on a receiving substrate. Power exhaustion is a protocol event, not a crash.
When reasoning is blocked by power state, the node issues a signed negative proof — a cryptographic assertion that the operation would have been performed but was constitutionally prevented. The absence of output is as attested as the output itself.
Claim 3 — Cryptographic identity is substrate-bound, not cloud-provisioned
On every boot the node generates a fresh ECDSA P-256 keypair using the Node.js built-in WebCrypto API (crypto.subtle). The node ID is derived deterministically from the public key hash:
nodeId = "aiep-node-" + sha256(publicKeyBytes).slice(0, 16)
No registration. No external authority. No API key. The substrate mints its own identity from its own cryptographic material — exactly as the hardware governance chip specification requires.
Running the emulator
Prerequisites: Node.js 18+ (uses built-in crypto.subtle — no external dependencies beyond the TypeScript executor)
cd repos/private/aiep-node
npm install
npm start
Open the live dashboard: http://localhost:9001
The dashboard refreshes every 2 seconds via Server-Sent Events. All panels update live as the ingestion cycle runs.
Optional — run an automated power degradation demo:
POWER_DEMO=1 npm start
Runs a 60-second A→D→A cycle, demonstrating all four power states and triggering an automatic substrate migration at State D.
Stdin commands (while running in a terminal):
| Command | Effect |
|---|---|
degrade | Drop one power state |
restore | Raise one power state |
fork | Inject a test dissent fork into the reasoning engine |
migrate | Manually trigger a sealed substrate migration |
quit | Controlled shutdown |
Dashboard panels
The web dashboard at http://localhost:9001 displays six real-time panels:
| Panel | What it shows |
|---|---|
| Identity | Cryptographic node ID derived from EC public key hash · uptime · environment fingerprint |
| Power State | Current tier (A/B/C/D) with colour-coded indicator and active capability list |
| Evidence Ledger | Committed documents · failed fetches · evolved sources (hash-divergent re-ingestions) · commits per cycle · mirror sync status |
| Latest Evidence | Source URL and SHA-256 hash of the most recently committed document |
| Reasoning Engine | Chains built · dissent forks detected · negative proofs issued · substrate migrations completed |
| Migration Events | Timestamped log of every sealed substrate migration with ledger_hash |
Technical architecture
| Component | Implementation |
|---|---|
| Cryptographic identity | ECDSA P-256 via crypto.subtle (WebCrypto — native Node.js, no OpenSSL dependency) |
| Content hashing | SHA-256 via crypto.subtle.digest |
| Evidence evolution tracking | Per-source hash map, previousHashes, evolved flag on re-committed records |
| Reasoning | Step-by-step chain with replay_hash · dissent fork detection via conclusion divergence |
| Governance | checkAdmissibility() gated on fetch success, power budget ≥ 15%, content ≤ 500 KB |
| Power model | PowerGovernor — four states, capability map, onStateChange listener for auto-migration |
| Network migration | sealAndMigrate() → signed MigrationRecord with ledger_hash over full evidence corpus |
| Negative proofs | Signed NegativeProofRecord issued on every capability-blocked operation |
| Web dashboard | Node.js http module + SSE — no Express, no framework |
| TypeScript | Zero compiled output — executed directly via tsx |
Zero native dependencies. All cryptography from the Node.js built-in crypto module. The only npm package is tsx (the TypeScript executor). Every other capability is stdlib.
Relationship to specification
The emulator runs the following specification components in a single local node:
| Specification | Implementation |
|---|---|
| GB2519826.8 — Hardware Governance Chip | Power state model, capability gating, substrate identity generation |
| Silicon governance primitives | State-triggered goal vector enforcement — auto-migration at constitutional threshold |
| P99 — Secure Substrate Migration | sealAndMigrate(), MigrationRecord, ledger_hash |
| GENOME R1–R8 | Evidence hashing, canonical commitment, record signing |
| P16 — Negative Proof Record | Signed NegativeProofRecord on every blocked operation |
| Governed dissent detection | Fork detection on every reasoning chain, fork recorded with full context |
This is not a simulation of the specification. The cryptographic operations, governance constraints, and record schemas are the specification primitives executing on standard hardware, proving that the architecture is implementable without proprietary silicon — and that the silicon layer’s role is enforcement, not structure.
Architectural significance
The emulator answers a challenge the hardware governance thesis anticipates: “You can specify hardware governance, but can you demonstrate the governance logic itself independently of the chip?”
The answer is yes. The node demonstrates that:
- Substrate identity can be cryptographically self-minted from EC keypair material
- Evidence governance operates identically at every power tier — degraded capability, not degraded integrity
- Negative proofs make the absence of output legally equivalent to its presence — both attested, both in the ledger
- Migration is a governance protocol event triggered by the substrate’s own power state, not by an external orchestrator
When the hardware chip exists, these same protocols run in a physically isolated TEE that software cannot access. The emulator demonstrates the protocol. The chip enforces it at a layer software cannot reach.
Live attestation artefact
The emulator’s identity, capabilities, and GENOME kernel hash are published as a machine-queryable well-known artefact:
/.well-known/aiep/hardware/node-attestation.json
The artefact is an AIEP_NODE_ATTESTATION record containing the GENOME kernel_bundle_hash from the emulator’s GENOME_LOCKFILE.json. The attestation_hash field is a SHA-256 commitment over a canonical JSON preimage of the node parameters. Any third party can verify this independently:
preimage = {
"emulator_version": "1.0.0",
"genome_kernel_bundle_hash": "<value from GENOME_LOCKFILE.json>",
"genome_lockfile_version": "1.0.0",
"node_type": "emulator"
}
attestation_hash = sha256(canonicalJson(preimage))
The artefact is indexed via the hardware surface index and referenced in the audit chain.
Source
Located at repos/private/aiep-node/ in the AIEP Hub workspace. Available on request — contact [email protected] for access.
→ Hardware governance thesis · → Reference implementations · → Downloads
AIEP Node Emulator · v1.0.0 · 2026-03-13 · Apache 2.0