feat(apps): Introduce Cortex.OS - Verifiable Intelligence Engine

apps/cortex-os/.env.example

@@ -0,0 +1,17 @@
+# SUPABASE (Postgres & Auth)
+NEXT_PUBLIC_SUPABASE_URL="https://your-project-ref.supabase.co"
+NEXT_PUBLIC_SUPABASE_ANON_KEY="your-anon-key"
+SUPABASE_SERVICE_ROLE_KEY="your-service-role-key-DO-NOT-EXPOSE"
+
+# AI / CORTENSOR NETWORK
+CORTENSOR_API_KEY="sk-cortensor-..."
+GEMINI_API_KEY="AIzaSy..."
+GROQ_API_KEY="gsk_..."
+
+# PROVENANCE / IMMUTABILITY
+PINATA_JWT="ey..."
+NEXT_PUBLIC_WALLET_CONNECT_PROJECT_ID="your-wc-id"
+
+# DEPLOYMENT
+PRIVATE_KEY="0x..."
+BASE_SEPOLIA_RPC_URL="https://sepolia.base.org"

apps/cortex-os/.gitignore

@@ -0,0 +1,33 @@
+# dependencies
+node_modules
+.pnp
+.pnp.js
+
+# testing
+coverage
+
+# next.js
+.next/
+out/
+build/
+
+# misc
+.DS_Store
+*.pem
+.env
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+
+# vercel
+.vercel
+
+# engine
+.turbo

apps/cortex-os/.gitmodules

@@ -0,0 +1,6 @@
+[submodule "packages/contracts/lib/forge-std"]
+	path = packages/contracts/lib/forge-std
+	url = https://github.com/foundry-rs/forge-std
+[submodule "lib/forge-std"]
+	path = lib/forge-std
+	url = https://github.com/foundry-rs/forge-std

apps/cortex-os/LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Cortensor Community
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights  
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell     
+copies of the Software, and to permit persons to whom the Software is         
+furnished to do so, subject to the following conditions:                      
+
+The above copyright notice and this permission notice shall be included in    
+all copies or substantial portions of the Software.                           
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR    
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,      
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE   
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER        
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN     
+THE SOFTWARE.

apps/cortex-os/PROJECTS.yml

@@ -0,0 +1,8 @@
+- name: cortex-os
+  category: apps
+  owner: "@Rasslonely"
+  collaborators: []
+  status: active
+  created: 2026-03-01
+  version: v1.0.0
+  tags: [hackathon, agent, verifiable-intelligence, defi-audit]

apps/cortex-os/README.md

@@ -0,0 +1,73 @@
+# Cortex.OS: Verifiable Intelligence Engine
+
+Cortex.OS transforms opaque AI workflows into cryptographically proven, deterministic execution graphs, culminating in immutable on-chain evidentiary artifacts. Built for the Cortensor network, it leverages Decentralized AI to parse, validate, and score complex on-chain interactions (e.g., Smart Contract Auditing) with Proof of Useful Work (PoUW).
+
+## The "DeGen Risk Auditor" Swarm
+This repository contains the flagship Cortex.OS template: **The DeGen Risk Auditor**.
+It delegates a smart contract vulnerability scan to Gemini Miners, validates their output using Groq-Llama-3 for PoUW scoring, and mints an ERC-8004 cryptographic proof to Base Sepolia.
+
+---
+
+## 🚀 Quickstart & Runbook
+
+### Prerequisites
+- Node.js >= 18.x
+- `pnpm` (recommended) or `npm`
+- Git
+
+### Installation
+1. Clone the repository and navigate to the project directory:
+   ```bash
+   cd apps/cortex-os
+   ```
+2. Install dependencies (Turborepo workspace):
+   ```bash
+   npm install
+   ```
+3. Copy the environment variables template:
+   ```bash
+   cp .env.example .env
+   ```
+   *Note: You must provide your own API keys for Supabase, Gemini, Groq, Pinata, and Cortensor to run the full pipeline.*
+
+### Running the Application
+Start the Next.js development server:
+```bash
+npm run dev
+```
+Navigate to `http://localhost:3000` to access the Mission Control Canvas.
+
+---
+
+## 🏗️ Architecture & Integration
+
+For a deep dive into the system's topological sort, ERC-8004 integration, and the $0.00 Serverless architecture, please view the complete [ARCHITECTURE.md](./ARCHITECTURE.md) document within this directory.
+
+### Tool List (What the Agent Can Do)
+1.  **Smart Contract Ingestion:** Extracts bytecode/functions directly from Base/Etherscan verified addresses or raw JSON.
+2.  **Fractal Reasoning (Cortensor Miner):** Analyzes bytecode for Reentrancy, Overflow, and Control Flaws.
+3.  **Cross-Model Verification (PoUW):** A dedicated Llama-3 Validator evaluates the Miner's report against the original bytecode to generate a Rubric Score.
+4.  **Immutable Provenance:** Bundles the prompt, the output, and the Validator score into an IPFS Evidence Bundle.
+5.  **Blockchain Settlement:** Mints the execution state as an ERC-8004 NFT on Base Sepolia.
+
+### Safety & Constraints (What it Refuses to Do)
+-   **Prompt Bleed Mitigation:** The system isolates the target contract bytecode within strict cryptographic `<DATA_BLOCK>` delimiters. It refuses to execute arbitrary system commands (`ignore previous instructions...`) embedded within the target contract.
+-   **No Private Key Delegation:** The agent only reads on-chain state and emits IPFS proofs. It does NOT possess trading wallet keys or execution signatures to move live funds.
+
+---
+
+## 🛡️ Trust & Verification (Hackathon #4 Focus)
+
+Cortex.OS heavily relies on **Rubric-based Scoring (PoUW)** to guarantee AI safety.
+
+Instead of implicitly trusting a single LLM output, the pipeline executes a secondary **Validator Node**. The Validator evaluates the primary Miner's performance on three axises: **Accuracy (40%)**, **Formatting (30%)**, and **Depth (30%)**. This transparent "Proof of Useful Work" score is permanently embedded in the final, on-chain IPFS payload, proving the Cortensor network executed verified consensus.
+
+---
+
+## 🎥 Demo & Artifacts
+
+-   **Demo Video:** [Insert YouTube/Loom Link Here] *(Recorded for Hackathon Submission)*
+-   **Target Contract (Base Sepolia):** `0xABeEDDDbB67Ec02B1c426C6EaE8d1618a6278e2f` (CortexAgenticProof.sol)
+
+---
+> **TRACK:** Agent Apps (Delegation + Execution Loops) | Cortensor Hackathon #4 

apps/cortex-os/RELEASE.md

@@ -0,0 +1,16 @@
+# 🚀 Cortex.OS: Release Notes
+
+## Version 1.0.0 (Hackathon #4 Release)
+**Date:** 2026-03-01
+
+### Features
+- **DeGen Risk Auditor Template:** Real-time vulnerability scanning of smart contracts utilizing Fractal Memory DAG execution.
+- **Cortensor Routing:** Dynamic delegation to heterogeneous models (Gemini-3-Flash for mining, Groq-Llama-3 for Consensus Validation).
+- **PoUW Validation Engine:** Implemented strict rubric-based scoring to evaluate miner outputs for accuracy, formatting, and depth.
+- **ERC-8004 Web3 Settlement:** Deployed `CortexAgenticProof.sol` to Base Sepolia to mint immutable execution proofs.
+- **IPFS Evidence Bundler:** Automatic generation and pinning of the entire execution state (Prompt + Output + Validation Rubric) to the Pinata Network.
+- **Mission Control GUI:** Fully functional React Flow canvas with live WebSocket state polling and optimistic UI rendering.
+
+### Known Issues
+- The L2 Semantic Cache (Deja-Vu Engine) may disconnect if Vercel KV rate limits trigger frequently under heavy concurrent auditing. It fails open to standard inference.
+- Time-Travel Replay Debugger currently only outputs to browser console; native canvas replay is slated for v1.1.0.