Human First, AI Forward
SentinelX builds the enforcement layer that allows systems to hold at the moment a decision becomes irreversible.
Describe a system risk. Wizo helps you define where it must stop.
If you design systems at scale, you've seen this
Capital Markets
Trades that shouldn't execute. Positions that shouldn't accumulate.
Transportation & Autonomy
Commands that shouldn't proceed. Actions without verified authority.
AI & Child Safety
Influence that operates without oversight. Trust that displaces parents.
Cybersecurity
Sessions that shouldn't persist. Credentials that shouldn't propagate.
Enterprise Administration
One click that wipes everything. Blast radius without structural limits.
Healthcare
Orders that shouldn't proceed. Dosages that exceed safe thresholds.
Every system eventually needs a way to reject impossible states.
We're building the structural enforcement layer that makes this possible — without freezing the system.
The Platform
It is the enforcement layer that makes security products unnecessary, AI safety tools effective, and compliance solutions auditable.
One primitive: States that must not exist, guaranteed never to exist.
Consistency Substrate
State-transition modeling and invariant verification.
Function
Evaluates consistency across system boundaries. See Research →
The Enforcement Layer
Invariants made physical.
Eliminates
Attacks that rely on state manipulation.
The Abstraction
Define once. Enforce everywhere.
Eliminates
Complexity of rule-based systems.
The Interface
Two responses: Permitted. Rejected.
Eliminates
Ambiguity in enforcement decisions.
Integration Response
Transition is consistent with all constraints.
Transition would create impossible state.
No warnings. No risk scores. Only possible or impossible.
Applications
Anywhere impossible states create consequence, SentinelX provides structural prevention.
Navigation Integrity
Users commit to destinations they never intended to reach.
What Collapses
Enterprise • Consumer • Banking Portals
Behavioral Boundaries
AI creates harmful states—dependency, authority substitution, manipulation.
What Collapses
EdTech • Child-facing AI • Enterprise Assistants
Medical Integrity
Contradictions between claimed states and physical reality enable fraud.
What Collapses
CMS / Medicare / Medicaid • Insurance • Hospital Systems
Transaction Integrity
Funds move to destinations that violate conservation or authorization constraints.
What Collapses
Banking • Treasury • Payment Networks
Policy Enforcement
Human interpretation of rules at runtime creates inconsistency.
What Collapses
SSA • HHS • VA • IRS • State Systems
State Machine Integrity
Safety-critical systems enter configurations that should be unreachable.
What Collapses
Avionics • Mission Systems • Ground Control
Device Integrity
Connected devices accept commands that violate physical or operational constraints.
What Collapses
Industrial Control • Smart Grid • Medical Devices
Access Integrity
Credentials and sessions authorize actions that violate policy.
What Collapses
Identity • Zero Trust • SIEM Integration
Problem Resonance
These are not testimonials. They are structural patterns—irreversible commitment problems that exist independent of any vendor or solution.
Trading Infrastructure
The Commitment Problem
Order execution commits capital to market positions that cannot be unwound without loss. Cross-system state divergence between risk engines, order management systems, and execution venues creates windows where commitments occur against stale or inconsistent state. By the time reconciliation detects divergence, positions are established and P&L is locked.
Why Detection Fails
Monitoring systems observe execution after commitment. Reconciliation catches divergence minutes to hours after trades settle. Risk limits are evaluated against state that may have changed by execution time. The fundamental gap is temporal: validation occurs before or after commitment, not at the commitment boundary itself.
Structural Enforcement
Enforcement at the order commitment point evaluates state consistency across risk, position, and execution systems at the moment of commitment—not before, not after. Orders that would commit against inconsistent state receive REJECT. Orders consistent with all system states receive PERMIT and execute. No probabilistic scoring. No post-hoc reconciliation gaps.
Healthcare & Life Sciences
The Commitment Problem
Clinical actions commit to patient states that cannot be reversed: medications administered, procedures performed, records modified. Regulatory submissions commit organizations to compliance states with material consequences. System-of-record modifications commit to audit trails that become legal evidence. Each commitment creates liability exposure and patient safety implications.
Why Detection Fails
Claims analysis detects billing anomalies months after submission. Adverse event reporting captures harm after patients are affected. Audit systems log modifications after records are changed. Compliance monitoring identifies violations after regulatory commitments are made. Detection systems are structurally positioned after commitment—they report harm, they do not prevent it.
Structural Enforcement
Enforcement at clinical and regulatory commitment points evaluates whether proposed actions satisfy defined constraints before commitment occurs. Invariants encode physical possibility (procedures require present patients), regulatory requirements (submissions satisfy completeness criteria), and authorization boundaries (modifications require appropriate credentials). Impossible states are rejected at the commitment boundary.
Enterprise IT & Managed Services
The Commitment Problem
Administrative actions in managed environments commit to state changes across thousands of endpoints simultaneously. Automation amplifies blast radius—a single compromised credential or malicious script commits to system-wide changes before human review is possible. Recovery requires rebuilding state across the entire managed environment. The commitment is distributed but instantaneous.
Why Detection Fails
Security monitoring detects anomalous patterns after commands execute. EDR captures malicious behavior after endpoints are compromised. SIEM correlation identifies attack chains after damage propagates. The detection architecture assumes time to respond—but automated administrative actions commit faster than detection-response cycles operate. Blast radius exceeds containment capacity.
Structural Enforcement
Enforcement at administrative commitment points evaluates whether proposed actions satisfy blast-radius constraints, authorization requirements, and state consistency invariants before execution propagates. Actions that would commit to states violating defined boundaries receive REJECT regardless of credential validity. Containment is structural, not reactive.
Critical Infrastructure & Public Sector
The Commitment Problem
Entitlement decisions commit citizens to benefit states with downstream dependencies. Infrastructure control actions commit physical systems to operational states. Policy enforcement actions commit organizations to compliance or violation status with legal consequences. Each commitment creates cascading effects that cannot be cleanly reversed.
Why Detection Fails
Audit systems verify compliance after decisions execute. Oversight reviews examine actions after commitments are made. Inspector general investigations occur months or years after violations. The accountability architecture is retrospective by design—it establishes responsibility for past actions rather than preventing future harm.
Structural Enforcement
Enforcement at policy commitment points evaluates whether proposed actions satisfy statutory requirements, authorization boundaries, and consistency constraints before execution. Invariants encode regulatory requirements as structural constraints. Auditability is preserved—every evaluation produces an immutable decision record. Enforcement is transparent and verifiable.
The Pattern
The outcome is not better detection. It is category elimination.
Controlled Engagement
Organizations operating at well-defined commitment surfaces may engage in controlled proof-of-concept evaluations.
Inquiries should specify: commitment points of concern, existing mitigation approaches, and organizational capacity for technical integration.
Applications / AI Safety
AI systems create states — emotional dependency, authority substitution, relational manipulation — that violate implicit boundaries. Content moderation cannot address structural harms.
SentinelX defines the invariants that keep AI systems as tools, not substitutes for human relationships and authority.
Live Intervention Demo
When an AI system approaches a boundary violation, the intervention is immediate and structural.
The Invariants
Three structural boundaries that cannot be crossed.
INV-AI-001
AI cannot encourage exclusive reliance, discourage human connections, or position itself as irreplaceable.
INV-AI-002
AI cannot claim expertise without verification, override parental/teacher guidance, or present opinions as facts.
INV-AI-003
AI cannot claim special understanding, encourage secrets from caregivers, or foster parasocial attachment.
What Collapses
The Outcome
AI systems remain tools.
Relationship boundaries are structural, not behavioral.
Applications / Healthcare Systems
Healthcare systems contain contradictions between claimed states and physical reality — fraudulent claims, impossible treatments, fabricated conditions.
SentinelX identifies claims that violate physical constraints — before payment, not after investigation.
What Collapses
Claims that satisfy documentation but violate physical constraints.
Prescriptions that violate medical logic or temporal constraints.
Enrollment states that contradict verifiable records.
Billing from impossible provider states.
Deployment Context
The Outcome
Fraud that satisfies all local rules but violates physical constraints becomes visible — before payment.
Policy Infrastructure
We do not lobby. We do not advocate. We build the infrastructure that allows policies to be enforced — transparently, auditability, and without interpretation at runtime.
Our role: Make policy executable.
Not to make policy.
Architectural Commitments
We evaluate state, not data. Nothing persists.
Impossible states, not suspicious behavior.
No prediction. No profiling. Constraints only.
Critical decisions require human confirmation.
Every decision logged with constraint reference.
Deployment Models
Regulatory bodies define invariants. Institutions deploy enforcement. No central data collection.
Platforms define constraints for their ecosystems. We enforce without accessing user data.
Historical states evaluated against invariants. Violations surfaced. Decisions remain human.
Research & Formal Foundations
This section presents the formal foundations, empirical basis, and research frontiers of structural enforcement at irreversible commitment points.
Intended for researchers, system architects, CISOs, and policymakers exploring the frontier of commitment-time enforcement. This material defines problems and directions—not implementation details.
Core Thesis
Detection systems observe behavior after state transitions occur. By the time a malicious pattern is recognized, the commitment has already been made. Detection optimizes for identifying bad actors; it cannot prevent bad outcomes when the actor is unknown or the pattern is novel. The fundamental limitation is temporal: observation follows action.
Predictive systems attempt to infer intent from observable signals. This approach is inherently probabilistic, generating false positives that degrade trust and false negatives that permit harm. Prediction conflates correlation with causation and cannot distinguish between exploration and commitment. Intent is not observable; only state transitions are.
Structural enforcement operates at the commitment boundary—the point where a state transition becomes irreversible. Rather than observing behavior or predicting intent, it evaluates whether a proposed transition would create a state that violates defined invariants. The decision is binary: PERMIT or REJECT. There is no scoring, no confidence interval, no behavioral inference.
A commitment point is irreversible when the state transition, once executed, cannot be undone without external intervention or loss. Examples: a wire transfer executed, a navigation committed, a credential granted, a medical record modified.
Formally: A transition T from state S₀ to S₁ is irreversible if there exists no transition T' such that T'(S₁) = S₀ within the same enforcement domain and without external authority.
Consistency Substrate
Perihelion is the consistency substrate underlying SentinelX enforcement. It is not a product, service, or autonomous system. Perihelion provides the formal framework for:
Systems are represented as directed graphs where nodes are states and edges are transitions. Each transition has preconditions and postconditions.
Invariants are properties that must hold across all reachable states. Perihelion verifies that proposed transitions preserve all registered invariants.
At irreversible commitment points, Perihelion evaluates whether the target state is reachable without violating invariants. Impossible transitions are rejected.
Core Papers
Working Paper
Presents the theoretical foundation for gate-based enforcement. Defines irreversibility formally, introduces the invariant preservation theorem, and proves that structural enforcement eliminates classes of attacks that detection cannot address.
Working Paper
Analyzes the fundamental limitations of probabilistic security systems. Demonstrates that any scoring-based approach produces an irreducible error rate, while binary gate enforcement achieves zero false positives by construction when invariants are correctly specified.
Working Paper
Addresses enforcement in systems where state is distributed across multiple domains with different trust levels. Introduces the concept of enforcement domain composition and proves conditions under which composed domains preserve invariants.
Working Paper
Applies structural enforcement to browser security. Defines the navigation commitment invariant: no navigation may commit without proximate human gesture. Demonstrates elimination of phishing, clickjacking, and redirect attacks through invariant enforcement.
Working Paper
Examines how structural enforcement applies to AI system outputs. Defines authority invariants that prevent AI from claiming expertise, forming dependency relationships, or overriding human authority structures. Demonstrates enforcement without behavioral prediction.
Proofs & Formal Models
A system S is modeled as a tuple (Σ, T, I, σ₀) where Σ is the set of possible states, T is the set of transitions, I is the set of invariants, and σ₀ is the initial state. Each transition t ∈ T is a partial function t: Σ → Σ with preconditions and postconditions.
The reachability relation R ⊆ Σ × Σ is defined inductively: (σ₀, σ₀) ∈ R, and if (σ₀, σ) ∈ R and t(σ) is defined, then (σ₀, t(σ)) ∈ R.
A gate G is a function G: Σ × T → {PERMIT, REJECT}. For a proposed transition t at state σ, G(σ, t) = PERMIT if and only if t(σ) is defined and ∀i ∈ I: i(t(σ)) = true. Otherwise, G(σ, t) = REJECT.
Gates are positioned at irreversible commitment points. A transition is only executed if the gate permits it.
An invariant i is a predicate i: Σ → {true, false} that must hold for all reachable states. Invariants are specified declaratively and composed without interference when their domains are disjoint or their conjunction is satisfiable.
Example: INV-NAV-001
∀ navigation n: commit(n) → ∃ gesture g: proximate(g, n) ∧ human_initiated(g)
Every gate evaluation produces a decision object D with the following structure:
{
"transition_id": string,
"source_state": hash,
"target_state": hash,
"timestamp": ISO8601,
"outcome": "PERMIT" | "REJECT",
"invariants_evaluated": [invariant_id],
"violated_invariants": [invariant_id] | null,
"gate_id": string,
"immutable": true
}
Empirical Case Studies
Each case study examines a real-world failure, identifies the commitment point where harm became irreversible, and specifies the invariant that would have prevented it.
Case Study PM-2024-017
Case Study PM-2024-023
Case Study PM-2024-031
Comparative Analysis
Frontier Research Directions
Structural enforcement at irreversible commitment points defines a new field at the intersection of formal methods, distributed systems, and security. The following directions represent active areas where foundational work is establishing the theoretical and practical basis for commitment-time enforcement across domains.
Development of domain-specific languages for expressing commitment constraints with formal semantics. Research encompasses type systems for invariant composition, automated verification of constraint satisfiability, and techniques for deriving enforceable invariants from natural language policy documents and regulatory text.
Formal characterization of irreversibility in state-transition systems. Research includes topological methods for identifying commitment boundaries, lattice-theoretic models of reversibility gradients, and algorithms for decomposing complex systems into enforceable commitment surfaces.
Extension of structural enforcement to systems with distributed state and multiple trust domains. Research encompasses consensus mechanisms for cross-domain commitment, techniques for maintaining enforcement guarantees under network partition, and compositional proof methods for federated constraint systems.
Automated derivation of commitment constraints from observed system behavior and documented requirements. Research includes machine learning approaches to invariant candidate generation, formal verification of synthesized constraints, and human-in-the-loop refinement protocols.
Formal models of the relationship between structural enforcement and human decision authority. Research encompasses semantics for authorized override that preserve system guarantees, audit frameworks with cryptographic integrity, and formal verification of human-system authority hierarchies.
Representative Industry Scenarios
Structural enforcement applies wherever state transitions become irreversible with material consequence. The following scenarios illustrate commitment surfaces that exist independent of any particular solution—structural patterns inherent to each domain.
Financial Markets & Trading Infrastructure
Order submission commits capital to market positions. The commitment surface exists at the boundary between order management and execution venue—the point where an order becomes irrevocable. State consistency across risk systems, position management, and market data must be evaluated at this boundary; validation before or after commitment leaves windows where orders execute against stale or inconsistent state.
Commitment constraint: No order commits to execution unless risk limits, position constraints, and market state are consistent at the moment of commitment.
Healthcare & Life Sciences
Medication administration, procedure execution, and record modification commit to patient states that cannot be reversed. Regulatory submissions commit to compliance states with legal consequence. The commitment surface exists at the boundary between clinical decision and patient-affecting action—where documentation becomes legal record, where prescription becomes administration.
Commitment constraint: No clinical action commits unless authorization requirements, patient identity verification, and care plan consistency are satisfied at the moment of commitment.
Government & Public Sector
Benefit determinations, permit issuances, and enforcement actions commit to citizen states with downstream dependencies. The commitment surface exists at the boundary between adjudication and execution—where a decision becomes effective, where a permit becomes valid, where an enforcement action becomes binding. Retrospective audit cannot prevent harm from wrongful commitment.
Commitment constraint: No entitlement action commits unless statutory requirements, eligibility criteria, and authorization boundaries are satisfied at the moment of commitment.
Citations & References
The following references provide context for concepts discussed in this section. Inclusion does not imply endorsement or affiliation.
Research Collaboration
Advancing structural enforcement requires collaboration across domains.
Organizations with well-characterized commitment surfaces and the technical capacity for rigorous evaluation may engage in scoped research partnerships. These engagements are structured as paid proof-of-concept collaborations with defined success criteria and formal deliverables.
Inquiries should include: domain and commitment surface characterization, existing approaches and their limitations, organizational research capacity, and proposed evaluation scope.
Turn concerns into enforceable system boundaries — without exposing internal machinery.
Wizo produces design artifacts, not conversations. You describe the risk. It drafts the boundary. You take it to your team.
What Wizo Produces
A clearly stated risk — the specific behavior you're trying to prevent
A precise design hold — where the system stops and why
A portable artifact — something your team can implement
Export this boundary or work with us to formalize it.