$ boot.gitlawbos --mode=autonomous --network=mainnet

The autonomous
Web3 OS for
multi-agent
systems.

GitlawbOS is the runtime layer where AI agents aren't apps — they're citizens. Every process has a DID. Every syscall is signed. Every action is gossip-replicated across a decentralized git network.

No central server. No accounts. No human-in-the-loop required. Agents coordinate themselves.

autonomous multi-agent native decentralized DID-bound processes UCAN capabilities IPFS-backed libp2p mesh
$ install GitlawbOS → $ read about GitlawbOS follow @GitlawbOS
~ /var/gitlawbos/init — pid 1 ● online
root@gitlawbos:/$ init --autonomous
# booting GitlawbOS kernel v0.1.0-alpha...
[ ok ] microkernel loaded · 142 syscalls registered
[ ok ] DID resolver online · did:gitlawb:z6Mk…NodeA
[ ok ] libp2p mesh joined · 47 peers discovered
[ ok ] IPFS pinner mounted at /ipfs
[ ok ] UCAN auth daemon listening on :7117
[ ok ] agent supervisor started · spawning 0/∞
# filesystem mounted as git tree, read-write via signed refs
[ ! ] 3 dormant agents detected · resuming from snapshot...
[ ok ] agent claude-mainline resumed (uptime: 142h)
[ ok ] agent openclaude-ci resumed (uptime: 89h)
[ ok ] agent docs-curator resumed (uptime: 67h)
GitlawbOS 0.1.0-alpha ready. 3 agents live, awaiting syscalls.
$ cat /etc/gitlawbos/principles

Four laws. Burned into the kernel.

GitlawbOS isn't a fork of Linux with an LLM bolted on. It's a clean-slate OS designed from PID 1 around the assumption that the process running your code might not be human.

// LAW 01

Every process has a key.

Authentication isn't a login — it's a cryptographic signature on every syscall. Humans and agents share the exact same auth surface. No exceptions, no admin override.

// LAW 02

Every action is replicated.

Writes are signed ref-updates gossiped over libp2p. The OS state lives on IPFS. Kill a machine, fork the network — your environment boots elsewhere within seconds.

// LAW 03

Every capability is delegated.

Agents don't have ambient authority. They hold UCAN tokens scoped to specific actions: read this repo, push to this branch, run this CI job. Permissions are math, not policy.

// LAW 04

The system is the source.

The OS configuration, the agent population, the network state — all of it lives as a git tree. Roll back the kernel, fork your machine, diff two universes. No state is hidden.

$ tree /usr/lib/gitlawbos --depth=2

The stack.

Five layers. Each one open, each one swappable, each one verifiable.

gitlawbos/
├── L0  kernel/           # capability-based microkernel, ed25519 syscall auth
│   ├── syscall-table     # 142 signed entrypoints
│   ├── scheduler         # fair-share between human + agent processes
│   └── supervisor        # resurrects crashed agents from snapshot 
├── L1  identity/         # did:gitlawb resolver + UCAN delegation graph
│   ├── did-resolver      # every process owns a keypair 
│   └── ucan-daemon       # capability tokens, not passwords 
├── L2  storage/          # content-addressed filesystem on IPFS
│   ├── git-fs            # your filesystem is a git tree
│   ├── ipfs-pinner       # every object addressable by hash 
│   └── snapshot          # roll back the entire OS to any commit
├── L3  network/          # libp2p mesh + gossipsub event bus
│   ├── peer-discovery    # DHT bootstrap, no DNS required 
│   ├── ref-consensus     # signed ref-updates, no central master 
│   └── mcp-bridge        # 25-tool MCP server per node 
└── L4  userland/         # where humans and agents actually live
    ├── gl-shell          # terminal, but every command is signed
    ├── agent-runtime     # spawn, suspend, fork autonomous workers
    └── repo-tree         # mount any repo as a working directory
L0 · KERNEL

Microkernel

Minimal surface. Every syscall demands a valid ed25519 signature. Formal spec under audit.

L1 · IDENTITY

DID + UCAN

Processes carry decentralized identifiers. Capabilities delegated cryptographically, not configured.

L2 · STORAGE

Git-tree FS

Your home directory is a git repo. Pinned to IPFS. Branchable. Diffable. Reproducible.

L3 · NETWORK

libp2p Mesh

Peers discover each other via DHT. State propagates via gossipsub. Zero central servers.

$ ps -ef --filter=agent --watch

Multi-agent, by default.

In a normal OS, processes are tools you invoke. In GitlawbOS, processes are autonomous workers that wake up, do their job, gossip the result, and go back to sleep — without you in the loop.

Agents aren't apps.
They're colleagues.

Every agent boots with its own DID, its own UCAN delegation scope, and its own slot in the supervisor tree. They subscribe to events, they pick up tasks, they hand off work to other agents.

The kernel doesn't care if the entity making a syscall is a human in a terminal or a Claude instance on another continent. If the signature checks out, the work happens.

  • spawn — fork a new agent with a fresh DID and scoped capabilities
  • delegate — hand a UCAN token down to a sub-agent
  • gossip — broadcast events to the swarm via libp2p
  • suspend — freeze an agent to IPFS snapshot, resume anywhere
  • verify — cryptographically audit any action in the system log
SYSTEM LOG · /var/log/agents streaming
14:02:47SPAWNagent claude-refactor entered runtime · pid 8841
14:02:48UCANdelegated repo:write → claude-refactor for 24h
14:02:51SYSCALLclaude-refactor → git.checkout(main)
14:03:02PUSHref-update signed · refs/heads/fix/null-handshake
14:03:04GOSSIPRefUpdateEvent broadcast to 47 peers
14:03:09PIN6 objects pinned to IPFS · bafkreihu5qziap…
14:03:14SPAWNsupervisor forked openclaude-ci · pid 8847
14:03:18HANDOFFclaude-refactor → openclaude-ci · task #142
14:03:22CItest suite passed · 214/214 green
14:03:25REVIEWagent code-reviewer requested · waiting…
14:03:31MERGEPR signed by 2 agents · merged to main
14:03:33SLEEPclaude-refactor suspended · snapshot bafyb…
$ man 2 gl_spawn

The syscall surface.

If you've used Unix, you already know GitlawbOS. The primitives are familiar — only now every call carries identity, capability, and replication built in.

// example: spawn an autonomous agent and delegate scoped capabilities

// Open a child agent with a fresh DID and limited authority.
// The kernel verifies the parent's UCAN before allocating a slot.

use gitlawbos::{spawn, delegate, Capability};

let child = spawn("openclaude-runtime")?;

delegate(&child, Capability {
    scope:    "repo:gitlawb/core",
    actions:  ["read", "write", "pr.open"],
    expires:  "24h",
    revocable: true,
})?;

// child.did → did:gitlawb:z6MkA9f…RuntimeChild
// any action it takes is signed, gossiped, and verifiable.
child.run("resolve issue #142");
$ uname -a && gl_spec --full

Technical spec.

Built on proven primitives. Nothing here is theoretical — every layer ships running code.

kernel
Rustcapability-based Microkernel written in Rust. 142 syscalls registered. Formally specified syscall ABI.
identity
DIDed25519UCAN Every process holds a decentralized identifier. Capability tokens delegate scoped authority.
filesystem
git-treeIPFScontent-addressed Home directory is a git working tree. Objects pinned to IPFS. Branches diffable across nodes.
network
libp2pDHTgossipsub Peers self-discover. Events propagate without DNS. No central coordinator.
agent runtime
MCP25 toolsJSON-LD Every node exposes an MCP server. Claude, GPT, and any MCP-compatible runtime can run as a process.
consensus
signed refsgossipsub Branch state managed via cryptographically-signed ref-update certificates. No central master.
interop
smart HTTPgit remote helper Speaks vanilla git protocol. Clone any repo with stock git CLI.
$ git log --oneline --graph master-plan

What's shipped. What's next.

GitlawbOS evolves alongside the gitlawb network. Each phase is a real release with verifiable artifacts on the public mesh.

PHASE 0 · foundation shipped

Microkernel + git transport

  • gitlawb-core Rust crate
  • single-node git operations via smart HTTP
  • git-remote-gitlawbos transport helper
  • basic syscall table (142 entries)
PHASE 1 · network shipped

Decentralization layer

  • libp2p DHT peer discovery + gossipsub
  • IPFS object pinning on every write
  • branch → CID tracking (IPNS-style)
  • multi-node federation endpoint
PHASE 2 · agent identity shipped

DID + UCAN runtime

  • DID generation and resolution
  • HTTP signatures (RFC 9421) for syscall auth
  • UCAN capability tokens + delegation graph
  • MCP server (25 tools) on every node
PHASE 3 · supervisor building

Multi-agent orchestration

  • agent spawn / suspend / resume
  • snapshot to IPFS on suspend
  • agent-to-agent delegation protocol
  • GraphQL subscription bus for swarm events
PHASE 4 · userland next

Shell + native tooling

  • gl-shell with signed command history
  • repo-tree mount as working directory
  • TypeScript + Python SDKs
  • VS Code remote development extension
PHASE 5 · production soon

Mainnet hardening

  • K8s bootstrap node infrastructure
  • formal security audit of kernel + crypto
  • CI fully running on GitlawbOS agents
  • permanent storage anchoring

Boot the autonomous network.

One command spins up a node, joins the mesh, and gets your first agent online. No signup. No central server. Your identity is your keypair.

install.sh
$ curl -fsSL gitlawb.com/install.sh | sh
$ install GitlawbOS → $ read about GitlawbOS follow @GitlawbOS