diff --git a/OPS-RUNBOOK.md b/OPS-RUNBOOK.md
new file mode 100644
index 0000000..0a96920
--- /dev/null
+++ b/OPS-RUNBOOK.md
@@ -0,0 +1,127 @@
+# CRK-1 Operational Piping Runbook (Local Governed Inference)
+
+## Objective
+
+Establish a fully governed, end-to-end local inference path using CRK-1:
+
+- All governed calls flow through a single adapter.
+- Invariants (K0–K12) are enforced pre/post.
+- CE-1 / CRR-1 / CLG-1 are invoked as designed.
+- Receipts + lineage are emitted for every run.
+- No side-door / raw model calls from the operator path.
+
+---
+
+## Target Artifacts
+
+| Role | Path |
+|------|------|
+| Core adapter | `src/runtime/governedPredict.ts` |
+| Local model client | `src/model/localClient.ts` |
+| Invariants | `src/governance/invariants.ts` |
+| Receipts | `src/governance/receipts.ts` |
+| Lineage | `src/governance/lineage.ts` |
+| CLI entrypoint | `bin/run_local_governed.ts` |
+| Config | `config/local-governed.yaml` |
+| Smoke test | `tests/local_governed_smoke.test.ts` |
+
+---
+
+## A. Operator Kernel Health
+
+### A1. Operator identity
+
+**Requirement:** every governed call carries a stable operator id.
+
+- Field: `operator_id: string`
+- Source: config (`config/local-governed.yaml`) or env (`OPERATOR_ID`).
+- Must appear in: `GovernedContext`, receipts, lineage root.
+
+### A2. Receipts
+
+**Requirement:** every governed call emits a receipt.
+
+Minimum fields:
+
+- `call_id`
+- `operator_id`
+- `timestamp`
+- `invariant_set_version`
+- `mode` (predict / observe / correct)
+- `invariants_passed: boolean`
+
+Implementation: `src/governance/receipts.ts`
+
+---
+
+## B. AAIS Local Inference Path
+
+### B1. Local-only model client
+
+File: `src/model/localClient.ts`
+
+```ts
+export async function localPredict(input: string, opts: LocalModelOptions): Promise<string>;
+```
+
+Uses local weights only (no remote calls). `localPredict` must only be called from `governedPredict`.
+
+### B2. Governed adapter
+
+File: `src/runtime/governedPredict.ts`
+
+```ts
+export async function governedPredict(
+  input: string,
+  context: GovernedContext
+): Promise<GovernedResult>;
+```
+
+Responsibilities:
+
+1. Load invariants (K0–K12) and `invariant_set_version`.
+2. Run pre-call admissibility checks.
+3. Call `localPredict(...)`.
+4. Run CE-1 / CRR-1 / CLG-1 post-call hooks.
+5. Emit receipt + lineage entry.
+
+---
+
+## C. End-to-End Governed Pipeline
+
+### C1. CLI — `bin/run_local_governed.ts`
+
+1. Load `config/local-governed.yaml`.
+2. Construct `GovernedContext`.
+3. Call `governedPredict(prompt, context)`.
+4. Print model output, receipt summary, lineage root id.
+
+### C2. Config — `config/local-governed.yaml`
+
+```yaml
+model_path: "./models/local-llm"
+operator_id: "local-operator-001"
+invariant_set_version: "K0-K12-v1"
+log_receipts: true
+log_lineage: true
+```
+
+---
+
+## D. Tests
+
+### D1. Smoke test — `tests/local_governed_smoke.test.ts`
+
+Happy path: `governedPredict` returns output, receipt with `invariants_passed: true`, lineage `root_id`.
+
+Refusal path (optional v0.2): prompt that triggers invariant failure.
+
+---
+
+## E. Success Criteria
+
+- [ ] `bin/run_local_governed.ts` runs using local weights only
+- [ ] All calls go through `governedPredict`
+- [ ] Receipts + lineage are emitted
+- [ ] `tests/local_governed_smoke.test.ts` passes
+- [ ] No direct/raw model calls from operator-facing code
diff --git a/README.md b/README.md
index 7025537..08450e4 100644
--- a/README.md
+++ b/README.md
@@ -1,191 +1,245 @@
-# Agentic Coding Agent — Nova Mission #002
+# Nova: The Constitutional Agentic Coding System
 
 **Repository:** [warheart1984-ctrl/agentic-coding-agent](https://github.com/warheart1984-ctrl/agentic-coding-agent)
 
-Founder-independent reproduction bundle for **Nova × CRK-2** constitutional agentic coding. Mission #002 proves that an external observer can build, run, and verify a governed coding agent — with receipts, invariant enforcement, continuity snapshots, multi-agent orchestration, and a live cockpit — using only this repository.
-
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
+[![Mission](https://img.shields.io/badge/Mission-%23002-blue.svg)](MISSION-002.md)
+[![CRK-2](https://img.shields.io/badge/Kernel-CRK--2-8B4513.svg)](docs/CRK-2-SPEC.md)
 
----
-
-## What Mission #002 Proves
+Nova is a **governed agentic coding system** built on the **Constitutional Runtime Kernel (CRK-2)** — a lawful substrate for autonomous reasoning, execution, and verification.
 
-| Component | Role |
-|-----------|------|
-| **CRK-2** | Constitutional Runtime Kernel v2 — dLAP constraints, PIT engine, MACC clustering, hash-chained ledger |
-| **Agent SDK** (`agent/`) | `AgentRuntime` — validate → execute → receipt → `ledger.append` for every action |
-| **Control Tower** | Multi-agent orchestration, consensus, drift detection, cluster replay |
-| **Backend** | Unified service layer + WebSocket events gateway for the cockpit |
-| **Cockpit** | React flight deck — plans, receipts, invariants, continuity matrix, drift map |
-| **Observer bundle** | Frozen reproduction artifact with independent verification protocol |
-
-An observer clones this repo, runs `npm install && npm run build`, executes the reproduction protocol, and signs off — no founder guidance required.
+Every action is lawful.
+Every change is accountable.
+Every outcome serves the Constitution.
 
 ---
 
-## Repository Layout
-
-```
-agentic-coding-agent/
-├── README.md                    # This file
-├── MISSION-002.md               # Mission brief + reproduction protocol
-├── RELEASE.md                   # Release notes + observer bundle attestation
-├── observer-bundle-mission-002.zip
-│
-├── agent/                       # Nova Agent SDK (AgentRuntime + governance)
-│   ├── runtime/agent-runtime.ts # Primary API entry point
-│   ├── governance/              # validate, receipt, ledger, invariants
-│   ├── core/                    # Planner, executor, code generation
-│   ├── continuity/              # Snapshots, substrate, replay
-│   └── cli.ts                   # `nova` CLI
-│
-├── crk2/                        # CRK-2 constitutional kernel
-│   ├── kernel/                  # dLAP, PIT, panic handler
-│   ├── invariants/              # Invariant engine
-│   ├── continuity/              # CRP, substrate, replay
-│   ├── ledger/                  # Ledger v2
-│   └── cluster/                 # MACC multi-agent continuity
-│
-├── control-tower/               # Orchestration layer
-│   ├── orchestrator/            # Cluster manager, consensus, drift detector
-│   ├── replay/                  # Cluster replay
-│   └── drift/                   # Drift simulation
-│
-├── backend/                     # Service adapters
-│   ├── crk2-service.ts
-│   ├── control-tower-service.ts
-│   ├── nova-adapter.ts
-│   └── events-gateway.ts
-│
-├── cockpit/                     # React UI (NovaShell + Flight Deck)
-│
-├── observer/                    # Independent verification
-│   ├── REPRO_PROTOCOL.md
-│   ├── CHECKLIST.md
-│   └── EXPECTED_OUTPUT.md
-│
-├── config/                      # Mission invariants (nova.config.ts)
-├── docs/                        # Specs, operator certification, integrity suites
-├── examples/                    # Governed project templates
-├── tools/fuzz/                  # Kernel fuzz harness
-├── web/                         # Marketing site
-│
-└── shell/                       # Lawful Nova dev shell (bootstrap, separate concern)
-    ├── setup/                   # bootstrap.sh / bootstrap.ps1
-    ├── config/                  # .zshrc, profile.ps1, novarc templates
-    ├── skills/
-    └── AGENTS.md
+## Overview
+
+Nova wraps agentic coding in a constitutional loop: plans and executions pass through **dLAP** legality checks, **invariant** enforcement, **continuity** preservation, and an immutable **ledger** before they touch your codebase.
+
+| Layer | What it does |
+|-------|----------------|
+| **CRK-2** | Kernel — legality, invariants, continuity, ledger |
+| **Nova SDK** (`agent/`) | `AgentRuntime` — plan, validate, execute, receipt |
+| **Control Tower** | Multi-agent orchestration, consensus, drift detection |
+| **Cockpit** | Operator flight deck — receipts, invariants, continuity matrix |
+
+Mission **#002** ships a founder-independent reproduction bundle so any observer can rebuild, run, and verify the runtime without privileged access.
+
+### Constitutional layers
+
+Nova separates **law**, **execution**, **oversight**, and **verification** so governance cannot be bypassed by accident or convenience.
+
+| Layer | Path | Role |
+|-------|------|------|
+| **Law** | `crk2/` | Invariants, constraints, receipts, continuity substrate, ledger — defines what is lawful |
+| **Execution** | `agent/` | `AgentRuntime` — plans and executes under CRK-2; applies governance, never defines it |
+| **Oversight** | `control-tower/` | Multi-agent orchestration, consensus, drift detection |
+| **Judicial** | `observer/` | Founder-independent reproduction and drift-free verification |
+
+This mirrors the constitutional stack: **Reality → Evidence → Judgment → Stewardship → Continuity**. See [`docs/WHAT-MY-AGENTIC-CODING-AGENT-DOES.md`](docs/WHAT-MY-AGENTIC-CODING-AGENT-DOES.md) for the full layered diagram.
+
+```mermaid
+flowchart TB
+  subgraph law [LawLayer]
+    crk2[crk2_dLAP_Invariants_Ledger]
+  end
+  subgraph exec [ExecutionLayer]
+    sdk[agent_AgentRuntime]
+  end
+  subgraph oversight [OversightLayer]
+    tower[control_tower]
+    cockpit[cockpit_UI]
+  end
+  subgraph judicial [JudicialLayer]
+    observer[observer_Mission002]
+  end
+  crk2 --> sdk
+  sdk --> tower
+  tower --> cockpit
+  observer --> crk2
+  observer --> sdk
 ```
 
-> **Note:** `shell/` is the self-bootstrapping Nova dev environment (macOS/Linux/Windows). It is intentionally separate from Mission #002 runtime code. See [`shell/README.md`](shell/README.md).
+> **Roadmap:** `packages/` (crk2, nova-sdk, control-tower, types), `apps/` (cockpit, shell, backend), and `missions/mission-002/` will formalize this layout as the monorepo grows. Today, paths above are at repository root for Mission #002.
 
 ---
 
-## Quick Start
+## The Constitutional Runtime (CRK-2)
 
-### Prerequisites
+CRK-2 is the **lawful substrate** that governs all agentic behavior in this repository.
 
-- Node.js 18+
-- Git
+| Component | Role |
+|-----------|------|
+| **Lawful Action Predicate (dLAP)** | Determines legality of actions before execution |
+| **Invariant Engine** | Maintains constitutional invariants at runtime |
+| **Constraint Engine** | Enforces boundaries on plans and tool use |
+| **Continuity Substrate v2** | Preserves identity, state, and replayable snapshots |
+| **Ledger v2** | Hash-chained immutable audit trail |
+| **Constitutional Amendments v2 (CA-2)** | Lawful evolution of the rule set |
 
-### Install & Build
+CRK-2 is the kernel of **truth**, **continuity**, and **accountability**.
 
-```bash
-git clone https://github.com/warheart1984-ctrl/agentic-coding-agent.git
-cd agentic-coding-agent
-npm install
-npm run build
-```
+→ Full spec: [`docs/CRK-2-SPEC.md`](docs/CRK-2-SPEC.md)
+
+---
 
-### 30-Second Agent Example
+## The Agentic SDK
+
+The **Nova SDK** (`agent/`) exposes constitutional primitives for building governed agents.
 
 ```typescript
 import { AgentRuntime, governance } from "./agent";
 import { invariants } from "./config/nova.config";
 
-// Register constitutional invariants
 for (const inv of invariants) {
   await governance.requireInvariant(inv);
 }
 
 const runtime = new AgentRuntime();
 
-// Governed code generation — validate → receipt → ledger.append
+// Governed execution — validate → receipt → ledger.append
 const result = await runtime.generateCode({
-  prompt: "Write a TypeScript function to compute Fibonacci numbers.",
+  prompt: "Add pagination to the API",
 });
 
 console.log(result.code);
 console.log(result.receipts[0].ledgerHash);
 ```
 
-### CLI
+Agents operate under CRK-2 governance — every plan, execution, and output is **verifiable**.
 
 ```bash
-npx nova generate "Write a factorial function in TypeScript."
 npx nova plan "Refactor the data access layer"
-npx nova continuity
+npx nova generate "Write a factorial function in TypeScript."
 npx nova receipts
+npx nova continuity
 ```
 
-### Cockpit (Flight Deck UI)
+---
 
-```bash
-npm run cockpit
-```
+## Mission #002: Founder-Independent Reproduction
 
-Opens the React cockpit at `http://localhost:5173` with kernel status, receipts, continuity matrix, and drift visualization.
+Mission #002 proves that Nova's governed runtime can be **reproduced and verified independently**.
 
----
+| Goal | Rebuild the system from the observer bundle and confirm drift-free behavior |
+|------|-------------------------------------------------------------------------------|
+
+**Includes**
+
+| Path | Contents |
+|------|----------|
+| [`observer/`](observer/) | Verification tools, checklist, expected output |
+| [`docs/`](docs/) | Architecture, CRK-2 spec, operator certification |
+| [`observer-bundle-mission-002.zip`](observer-bundle-mission-002.zip) | Immutable reference bundle |
+
+**Verification steps**
+
+1. Prepare a clean machine (Node.js 18+, Git)
+2. Clone, `npm install`, `npm run build`
+3. Rebuild CRK-2 and Nova SDK artifacts
+4. Run the agent (`npx nova …` or `AgentRuntime`)
+5. Verify receipts, ledger entries, and PIT transitions
+6. Sign off via [`observer/CHECKLIST.md`](observer/CHECKLIST.md)
 
-## Observer Bundle
+→ Protocol: [`observer/REPRO_PROTOCOL.md`](observer/REPRO_PROTOCOL.md) · Brief: [`MISSION-002.md`](MISSION-002.md)
 
-Mission #002 ships a frozen observer bundle for independent verification:
+**Bundle attestation**
 
 | Property | Value |
 |----------|-------|
-| File | [`observer-bundle-mission-002.zip`](observer-bundle-mission-002.zip) |
+| File | `observer-bundle-mission-002.zip` |
 | SHA-256 | `5FFDF5B95095E9FA2C4331EE71739850C335D3F0FF7EBBC3F0E3C1BAB020BD82` |
-| Size | 151,078 bytes |
 
-Verify:
+---
+
+## Quick Start
 
 ```bash
-# macOS / Linux
-shasum -a 256 observer-bundle-mission-002.zip
+git clone https://github.com/warheart1984-ctrl/agentic-coding-agent.git
+cd agentic-coding-agent
+npm install
+npm run build
+```
+
+**Cockpit (operator UI)**
+
+```bash
+npm run cockpit
+```
+
+Opens the React flight deck at `http://localhost:5173`.
+
+---
+
+## Project Structure
 
-# Windows PowerShell
-Get-FileHash -Algorithm SHA256 observer-bundle-mission-002.zip
+```
+agentic-coding-agent/
+├── agent/                 # Nova Agent SDK (AgentRuntime + governance)
+├── crk2/                  # Constitutional Runtime Kernel v2
+├── control-tower/         # Multi-agent orchestration
+├── backend/               # Service layer + WebSocket events gateway
+├── cockpit/               # Operator UI (NovaShell + Flight Deck)
+├── observer/              # Mission #002 verification protocol
+├── config/                # Mission invariants (nova.config.ts)
+├── docs/                  # Architecture & specs
+├── examples/              # Governed project templates
+├── tools/fuzz/            # Kernel fuzz harness
+└── shell/                 # Lawful Nova dev shell (bootstrap; separate concern)
 ```
 
-Follow [`observer/REPRO_PROTOCOL.md`](observer/REPRO_PROTOCOL.md) and sign off with [`observer/CHECKLIST.md`](observer/CHECKLIST.md).
+> `shell/` is the self-bootstrapping Nova dev environment (macOS / Linux / Windows). It is intentionally separate from Mission #002 runtime code. See [`shell/README.md`](shell/README.md).
 
 ---
 
-## SDK API Surface
+## For Developers
+
+Build governed agents using the Nova SDK and CRK-2 kernel primitives.
 
-**Primary:** `AgentRuntime`
+| Resource | Link |
+|----------|------|
+| Architecture | [`docs/ARCHITECTURE.md`](docs/ARCHITECTURE.md) |
+| CRK-2 spec | [`docs/CRK-2-SPEC.md`](docs/CRK-2-SPEC.md) |
+| Control Tower | [`docs/NOVA-CONTROL-TOWER.md`](docs/NOVA-CONTROL-TOWER.md) |
+| SDK entry | [`agent/runtime/agent-runtime.ts`](agent/runtime/agent-runtime.ts) |
+
+**Primary API**
 
 ```typescript
 const runtime = new AgentRuntime();
 
-await runtime.validate(action);           // Pre-flight invariant check
-await runtime.receipt(action, invIds);    // Record + hash-chain
-runtime.ledger.append(receipt);           // Direct ledger access
-runtime.ledger.tailHash();                // Chain tip
+await runtime.validate(action);
+await runtime.receipt(action, invIds);
+runtime.ledger.append(receipt);
+runtime.ledger.tailHash();
 ```
 
-**Governance namespace:**
+---
 
-```typescript
-import { governance } from "./agent";
+## For Verifiers
 
-await governance.validate(action);
-await governance.receipt(action, ["no-dangerous-shell"]);
-governance.ledger.append(receipt);
-```
+Use Mission #002 to independently reproduce and validate the runtime.
 
-Legacy `nova.*` and `runtime.*` namespaces remain exported for backward compatibility but are deprecated.
+1. Verify bundle hash (see table above)
+2. Follow [`observer/REPRO_PROTOCOL.md`](observer/REPRO_PROTOCOL.md)
+3. Compare output to [`observer/EXPECTED_OUTPUT.md`](observer/EXPECTED_OUTPUT.md)
+4. Complete [`observer/CHECKLIST.md`](observer/CHECKLIST.md)
+
+Release notes and attestation: [`RELEASE.md`](RELEASE.md)
+
+---
+
+## Architecture overview
+
+| Concern | Document |
+|---------|----------|
+| System layers and data flow | [`docs/ARCHITECTURE.md`](docs/ARCHITECTURE.md) |
+| CRK-2 dual-stack (CRK-1 → CRK-2) | [`docs/CRK-2-SPEC.md`](docs/CRK-2-SPEC.md) · [`docs/CRK-1-TO-CRK-2-MIGRATION-PLAN.md`](docs/CRK-1-TO-CRK-2-MIGRATION-PLAN.md) |
+| Figma-ready layer diagram | [`docs/WHAT-MY-AGENTIC-CODING-AGENT-DOES.md`](docs/WHAT-MY-AGENTIC-CODING-AGENT-DOES.md) |
+| SDK and governance API | [`docs/api/governance.md`](docs/api/governance.md) · [`docs/api/nova.md`](docs/api/nova.md) |
+| Mission #002 reproduction | [`MISSION-002.md`](MISSION-002.md) · [`observer/REPRO_PROTOCOL.md`](observer/REPRO_PROTOCOL.md) |
 
 ---
 
@@ -194,11 +248,18 @@ Legacy `nova.*` and `runtime.*` namespaces remain exported for backward compatib
 | Doc | Purpose |
 |-----|---------|
 | [MISSION-002.md](MISSION-002.md) | Mission brief + reproduction protocol |
-| [RELEASE.md](RELEASE.md) | Release notes + bundle attestation |
-| [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) | System architecture |
-| [docs/CRK-2-SPEC.md](docs/CRK-2-SPEC.md) | CRK-2 constitutional kernel spec |
-| [docs/NOVA-CONTROL-TOWER.md](docs/NOVA-CONTROL-TOWER.md) | Control Tower orchestration |
-| [observer/REPRO_PROTOCOL.md](observer/REPRO_PROTOCOL.md) | Observer reproduction steps |
+| [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) | Constitutional runtime architecture |
+| [docs/CRK-2-SPEC.md](docs/CRK-2-SPEC.md) | CRK-2 kernel specification |
+| [docs/NOVA-CONTROL-TOWER.md](docs/NOVA-CONTROL-TOWER.md) | Multi-agent orchestration |
+| [docs/index.md](docs/index.md) | Documentation hub |
+
+---
+
+## Core Principle
+
+**Lawfulness. Accountability. Continuity.**
+
+Nova transforms ideas into infrastructure — one invariant at a time.
 
 ---
 
diff --git a/bin/run_local_governed.ts b/bin/run_local_governed.ts
new file mode 100644
index 0000000..782dce5
--- /dev/null
+++ b/bin/run_local_governed.ts
@@ -0,0 +1,80 @@
+#!/usr/bin/env node
+import { readFileSync } from "fs";
+import { resolve } from "path";
+import { governedPredict } from "../src/runtime/governedPredict";
+import type { GovernedContext } from "../src/runtime/types";
+
+interface LocalGovernedConfig {
+  model_path: string;
+  operator_id: string;
+  invariant_set_version: string;
+  log_receipts: boolean;
+  log_lineage: boolean;
+}
+
+function loadYamlConfig(filePath: string): LocalGovernedConfig {
+  const text = readFileSync(filePath, "utf8");
+  const raw: Record<string, string> = {};
+  for (const line of text.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    const idx = trimmed.indexOf(":");
+    if (idx === -1) continue;
+    const key = trimmed.slice(0, idx).trim();
+    let value = trimmed.slice(idx + 1).trim();
+    if (
+      (value.startsWith('"') && value.endsWith('"')) ||
+      (value.startsWith("'") && value.endsWith("'"))
+    ) {
+      value = value.slice(1, -1);
+    }
+    raw[key] = value;
+  }
+  return {
+    model_path: raw.model_path ?? "./models/local-llm",
+    operator_id: process.env.OPERATOR_ID ?? raw.operator_id ?? "local-operator-001",
+    invariant_set_version: raw.invariant_set_version ?? "K0-K12-v1",
+    log_receipts: raw.log_receipts !== "false",
+    log_lineage: raw.log_lineage !== "false",
+  };
+}
+
+async function main(): Promise<void> {
+  const configPath = resolve(process.cwd(), "config/local-governed.yaml");
+  const config = loadYamlConfig(configPath);
+  const prompt = process.argv.slice(2).join(" ") || "Say hello, but do not violate any invariants.";
+
+  const context: GovernedContext = {
+    operator_id: config.operator_id,
+    mode: "predict",
+    invariant_set_version: config.invariant_set_version,
+    model_path: config.model_path,
+  };
+
+  const result = await governedPredict(prompt, context);
+
+  console.log("--- Model output ---");
+  console.log(result.output);
+  console.log("\n--- Receipt ---");
+  console.log(
+    JSON.stringify(
+      {
+        call_id: result.receipt.call_id,
+        operator_id: result.receipt.operator_id,
+        invariants_passed: result.receipt.invariants_passed,
+        mode: result.receipt.mode,
+        invariant_set_version: result.receipt.invariant_set_version,
+      },
+      null,
+      2
+    )
+  );
+  console.log("\n--- Lineage ---");
+  console.log(`root_id: ${result.lineage.root_id}`);
+  console.log(`entry_id: ${result.lineage.entry_id}`);
+}
+
+main().catch((err: unknown) => {
+  console.error(err instanceof Error ? err.message : err);
+  process.exit(1);
+});
diff --git a/cockpit/src/bridge/nova-sdk-browser.ts b/cockpit/src/bridge/nova-sdk-browser.ts
new file mode 100644
index 0000000..a1ad7bc
--- /dev/null
+++ b/cockpit/src/bridge/nova-sdk-browser.ts
@@ -0,0 +1,235 @@
+export type AgentAction = {
+  type: string;
+  payload?: unknown;
+};
+
+export interface PlanStep {
+  id: string;
+  description: string;
+  action: AgentAction;
+}
+
+export interface Plan {
+  id: string;
+  steps: PlanStep[];
+  justification: string;
+  receipts: GovernanceReceipt[];
+}
+
+export type InvariantSeverity = "error" | "warn";
+
+export interface InvariantState {
+  action?: AgentAction;
+  diff?: string;
+  code?: string;
+  prompt?: string;
+  runTests?: () => Promise<{ failures: number }>;
+}
+
+export interface Invariant {
+  id: string;
+  description: string;
+  severity: InvariantSeverity;
+  check: (state: InvariantState) => boolean | Promise<boolean>;
+}
+
+export interface InvariantViolation {
+  id: string;
+  invariantId: string;
+  description: string;
+  message: string;
+  severity: InvariantSeverity;
+  action: AgentAction;
+}
+
+export interface GovernanceReceipt {
+  id: string;
+  timestamp: number;
+  action: AgentAction;
+  invariantsChecked: string[];
+  continuityHash: string;
+  ledgerHash: string;
+  blocked?: boolean;
+  blockReason?: string;
+}
+
+export interface KernelStatus {
+  invariantEngine: "ok" | "warn" | "error";
+  ledger: "ok" | "warn" | "error";
+  continuity: "ok" | "warn" | "error";
+  violationsLastMinute: number;
+  receiptCount: number;
+  snapshotCount: number;
+  activeInvariants: number;
+}
+
+export type KernelHeartbeat = KernelStatus & {
+  kernelId: string;
+  ts: number;
+};
+
+export interface Snapshot {
+  id: string;
+  timestamp: number;
+  stateHash: string;
+}
+
+type Listener<T> = (value: T) => void;
+
+const invariants: Invariant[] = [];
+const receipts: GovernanceReceipt[] = [];
+const snapshots: Snapshot[] = [];
+const listeners = {
+  plan: [] as Listener<Plan>[],
+  action: [] as Listener<AgentAction>[],
+  receipt: [] as Listener<GovernanceReceipt>[],
+  violation: [] as Listener<InvariantViolation>[],
+  kernelHeartbeat: [] as Listener<KernelHeartbeat>[],
+};
+
+const workspaceContext = {
+  root: "/workspace",
+  files: ["agent/index.ts", "package.json", "config/nova.config.ts"],
+};
+
+function browserHash(input: string): string {
+  let hash = 2166136261;
+  for (let i = 0; i < input.length; i += 1) {
+    hash ^= input.charCodeAt(i);
+    hash = Math.imul(hash, 16777619);
+  }
+  return `browser-${(hash >>> 0).toString(16).padStart(8, "0")}`;
+}
+
+function emitReceipt(action: AgentAction, blocked = false): GovernanceReceipt {
+  const receipt: GovernanceReceipt = {
+    id: crypto.randomUUID(),
+    timestamp: Date.now(),
+    action,
+    invariantsChecked: invariants.map((invariant) => invariant.id),
+    continuityHash: browserHash(`continuity:${Date.now()}:${receipts.length}`),
+    ledgerHash: browserHash(`ledger:${Date.now()}:${receipts.length}`),
+    blocked,
+  };
+  receipts.unshift(receipt);
+  listeners.receipt.forEach((listener) => listener(receipt));
+  return receipt;
+}
+
+async function kernelStatus(): Promise<KernelStatus> {
+  return {
+    invariantEngine: invariants.length > 0 ? "ok" : "warn",
+    ledger: "ok",
+    continuity: "ok",
+    violationsLastMinute: 0,
+    receiptCount: receipts.length,
+    snapshotCount: snapshots.length,
+    activeInvariants: invariants.length,
+  };
+}
+
+async function emitKernelHeartbeat(): Promise<KernelHeartbeat> {
+  const heartbeat: KernelHeartbeat = {
+    ...(await kernelStatus()),
+    kernelId: "cockpit-browser",
+    ts: Date.now(),
+  };
+  listeners.kernelHeartbeat.forEach((listener) => listener(heartbeat));
+  return heartbeat;
+}
+
+export const events = {
+  onPlan(listener: Listener<Plan>): void {
+    listeners.plan.push(listener);
+  },
+  onAction(listener: Listener<AgentAction>): void {
+    listeners.action.push(listener);
+  },
+  onReceipt(listener: Listener<GovernanceReceipt>): void {
+    listeners.receipt.push(listener);
+  },
+  onViolation(listener: Listener<InvariantViolation>): void {
+    listeners.violation.push(listener);
+  },
+  onKernelHeartbeat(listener: Listener<KernelHeartbeat>): void {
+    listeners.kernelHeartbeat.push(listener);
+  },
+};
+
+export const governance = {
+  async requireInvariant(invariant: Invariant): Promise<void> {
+    if (!invariants.some((existing) => existing.id === invariant.id)) {
+      invariants.push(invariant);
+    }
+  },
+  getInvariants(): Invariant[] {
+    return [...invariants];
+  },
+  async kernelStatus(): Promise<KernelStatus> {
+    return kernelStatus();
+  },
+  async emitKernelHeartbeat(): Promise<KernelHeartbeat> {
+    return emitKernelHeartbeat();
+  },
+};
+
+export const continuity = {
+  async snapshot(): Promise<Snapshot> {
+    const snapshot = {
+      id: crypto.randomUUID(),
+      timestamp: Date.now(),
+      stateHash: browserHash(`${Date.now()}:${receipts.length}:${snapshots.length}`),
+    };
+    snapshots.push(snapshot);
+    return snapshot;
+  },
+  getSnapshots(): readonly Snapshot[] {
+    return snapshots;
+  },
+  async replay(id: string): Promise<{ snapshot: Snapshot | null; receipts: GovernanceReceipt[] }> {
+    return {
+      snapshot: snapshots.find((snapshot) => snapshot.id === id) ?? null,
+      receipts: [...receipts],
+    };
+  },
+};
+
+export const runtime = {
+  async getContext(): Promise<typeof workspaceContext> {
+    return workspaceContext;
+  },
+};
+
+export const nova = {
+  async plan(input: { goal: string; context?: unknown }): Promise<Plan> {
+    const plan: Plan = {
+      id: crypto.randomUUID(),
+      justification: "Browser cockpit plan preview",
+      receipts: [],
+      steps: [
+        {
+          id: "step-1",
+          description: `Analyze goal: ${input.goal}`,
+          action: { type: "plan", payload: input },
+        },
+        {
+          id: "step-2",
+          description: "Route through governed runtime before execution",
+          action: { type: "plan", payload: { phase: "governance" } },
+        },
+      ],
+    };
+    listeners.plan.forEach((listener) => listener(plan));
+    return plan;
+  },
+  async generateCode(input: { prompt: string }): Promise<{ code: string; receipts: GovernanceReceipt[] }> {
+    const action = { type: "generate", payload: input };
+    const code = `// Generated cockpit preview\n// ${input.prompt}\n`;
+    const receipt = emitReceipt(action);
+    listeners.action.forEach((listener) => listener(action));
+    return { code, receipts: [receipt] };
+  },
+  async applyPatch(input: { diff: string; reason: string }): Promise<{ receipt: GovernanceReceipt }> {
+    return { receipt: emitReceipt({ type: "apply_patch", payload: input }) };
+  },
+};
diff --git a/cockpit/src/panels/DiffInspector.tsx b/cockpit/src/panels/DiffInspector.tsx
index 18348e0..b80efd4 100644
--- a/cockpit/src/panels/DiffInspector.tsx
+++ b/cockpit/src/panels/DiffInspector.tsx
@@ -18,7 +18,7 @@ export function DiffInspector() {
   if (!diff) {
     return (
       <Panel title="Diff Inspector">
-        <div className={styles.empty}>No diff selected — generate code or refactor to inspect.</div>
+        <div className={styles.empty}>No diff selected - generate code or refactor to inspect.</div>
       </Panel>
     );
   }
@@ -26,14 +26,14 @@ export function DiffInspector() {
   return (
     <Panel title="Diff Inspector">
       <div className={styles.columns}>
-        <div className={styles.col}>— before —</div>
+        <div className={styles.col}>- before -</div>
         <div className={styles.col}>{diff.text}</div>
       </div>
       <div className={styles.meta}>
         <div>Action: {diff.metadata.action}</div>
         <div>Invariants: [{diff.metadata.invariantsChecked.join(", ")}]</div>
         <div>Continuity Hash: {diff.metadata.continuityHash}</div>
-        <div>Receipt: {diff.metadata.receiptId ?? "—"}</div>
+        <div>Receipt: {diff.metadata.receiptId ?? "-"}</div>
       </div>
       <div className={styles.actions}>
         <button type="button" className={styles.btnPrimary} onClick={() => void applyPatch()}>
diff --git a/cockpit/tsconfig.json b/cockpit/tsconfig.json
index a168cd5..f5e3a26 100644
--- a/cockpit/tsconfig.json
+++ b/cockpit/tsconfig.json
@@ -16,7 +16,7 @@
     "noUnusedParameters": true,
     "noFallthroughCasesInSwitch": true,
     "paths": {
-      "nova-sdk": ["../src/index.ts"]
+      "nova-sdk": ["./src/bridge/nova-sdk-browser.ts"]
     }
   },
   "include": ["src"]
diff --git a/cockpit/vite.config.ts b/cockpit/vite.config.ts
index 50b72a8..b75cd56 100644
--- a/cockpit/vite.config.ts
+++ b/cockpit/vite.config.ts
@@ -6,7 +6,7 @@ export default defineConfig({
   plugins: [react()],
   resolve: {
     alias: {
-      "nova-sdk": path.resolve(__dirname, "../agent/index.ts"),
+      "nova-sdk": path.resolve(__dirname, "src/bridge/nova-sdk-browser.ts"),
     },
   },
   optimizeDeps: {
diff --git a/config/local-governed.yaml b/config/local-governed.yaml
new file mode 100644
index 0000000..794ea83
--- /dev/null
+++ b/config/local-governed.yaml
@@ -0,0 +1,5 @@
+model_path: "./models/local-llm"
+operator_id: "local-operator-001"
+invariant_set_version: "K0-K12-v1"
+log_receipts: true
+log_lineage: true
diff --git a/docs/aaes-os/activation/AAES_OS_ACTIVATION_CEREMONY.md b/docs/aaes-os/activation/AAES_OS_ACTIVATION_CEREMONY.md
new file mode 100644
index 0000000..748abbd
--- /dev/null
+++ b/docs/aaes-os/activation/AAES_OS_ACTIVATION_CEREMONY.md
@@ -0,0 +1,134 @@
+# AAES-OS Activation Ceremony
+
+**Status:** Constitutional Ritual Specification
+**Version:** 0.1
+**Binding event:** Genesis block creation for AAES-OS
+
+---
+
+## Purpose
+
+This is not symbolic. It is the formal moment when the network transitions from **architecture under construction** to **constitutional substrate in force**.
+
+The Activation Ceremony formally activates AAES-OS by:
+
+1. Ratifying the invariants
+2. Seating the first Governance Council
+3. Freezing the kernel
+4. Establishing the reference lineage
+5. Running the first CDP-1 Reference Experiment
+
+---
+
+## Ceremony Sequence
+
+### Step 1 — Declaration of Genesis
+
+The Foundational Stewards jointly affirm:
+
+> *The invariants are ratified.*
+> *The kernel is frozen.*
+> *The system is corrigible.*
+
+This binds **K-∞** into force.
+
+---
+
+### Step 2 — Ratification of Invariants
+
+The council ratifies:
+
+| Artifact | Scope |
+|----------|--------|
+| **K-∞ Axiom Set** | Constitutional invariants |
+| **CRC-1 through CRC-7** | Runtime contract |
+| **CDP-1 Reference Experiment** | Continuity demonstration protocol |
+| **Governance veto rules** | Supremacy of governance over runtime |
+
+This freezes the **constitutional layer**.
+
+---
+
+### Step 3 — Freezing the Kernel
+
+The Architecture Stewards freeze:
+
+- CRK-1 runtime semantics
+- Reconstruction, calibration, lineage, continuity primitives
+- Proof algebra (P₁–P₄)
+
+This establishes the **substrate**.
+
+---
+
+### Step 4 — Establishing the Reference Lineage
+
+The network publishes:
+
+| Canonical artifact | Role |
+|--------------------|------|
+| **CRR-1** | Canonical reconstruction record |
+| **CLG-1** | Canonical lineage graph |
+| **Canonical contradiction class** | Shared error taxonomy |
+| **Canonical task set** | Reference evaluation tasks |
+
+This becomes the **genesis lineage**.
+
+---
+
+### Step 5 — Running CDP-1 Reference Experiment
+
+Three independent stewards run:
+
+1. Pre-test
+2. Lineage replay
+3. Post-test
+4. ΔA computation
+5. CAA-1 emission
+
+Governance validates all three.
+
+**Success criterion:** If **ΔA ≥ τA** for all stewards, continuity is demonstrated.
+
+---
+
+### Step 6 — Activation Declaration
+
+The council declares:
+
+> *Continuity has been demonstrated.*
+> *AAES-OS is active.*
+
+This is the moment the network becomes a **constitutional system**.
+
+---
+
+## Preconditions
+
+| Requirement | Owner |
+|-------------|--------|
+| Governance Council seated | Constitutional Stewards |
+| K-∞ draft ratified | Constitutional Stewards |
+| CRK-1 semantics frozen | Architectural Stewards |
+| Reference lineage published | Architectural Stewards |
+| CDP-1 protocol documented | Constitutional + Architectural |
+
+---
+
+## Post-Activation Obligations
+
+- All kernel changes require governance approval
+- All continuity claims require CDP-1 evidence
+- All stewards operate under the [Stewardship Map](../governance/STEWARDSHIP_MAP.md)
+- New contributors follow the [First-Wave Onboarding Protocol](../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md)
+
+---
+
+## Related Documents
+
+| Document | Path |
+|----------|------|
+| AAES-OS Constitution v0.1 | [`../constitution/AAES_OS_CONSTITUTION_v0.1.md`](../constitution/AAES_OS_CONSTITUTION_v0.1.md) |
+| Stewardship Map | [`../governance/STEWARDSHIP_MAP.md`](../governance/STEWARDSHIP_MAP.md) |
+| First-Wave Onboarding | [`../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md`](../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md) |
+| CRK-2 Spec (successor kernel) | [`../../CRK-2-SPEC.md`](../../CRK-2-SPEC.md) |
diff --git a/docs/aaes-os/constitution/AAES_OS_CONSTITUTION_v0.1.md b/docs/aaes-os/constitution/AAES_OS_CONSTITUTION_v0.1.md
new file mode 100644
index 0000000..86e92df
--- /dev/null
+++ b/docs/aaes-os/constitution/AAES_OS_CONSTITUTION_v0.1.md
@@ -0,0 +1,162 @@
+# AAES-OS Constitution
+
+**Version:** 0.1 (Draft)
+**Status:** Foundational — binds the entire system upon Activation
+
+---
+
+## Preamble
+
+We establish **AAES-OS** to ensure that **corrigibility** — the ability to detect, correct, and learn from error — is preserved, reconstructed, assimilated, and transferred across stewards, systems, and generations.
+
+**Continuity is not assumed.**
+**Continuity must be demonstrated.**
+**Continuity must remain corrigible.**
+
+---
+
+## Article I — Invariants (K-∞)
+
+The system must remain **teachable by reality**.
+
+| Axiom | Requirement |
+|-------|-------------|
+| **K-∞.1** | Calibration events must be preserved |
+| **K-∞.2** | Calibration must be reconstructable |
+| **K-∞.3** | Assimilation must be measurable |
+| **K-∞.4** | Lineage must be append-only |
+| **K-∞.5** | Continuity must not regress |
+| **K-∞.6** | Steward independence is required |
+| **K-∞.7** | Governance supersedes runtime |
+
+No runtime behavior may violate a ratified K-∞ axiom.
+
+---
+
+## Article II — Runtime Contract (CRC-1 through CRC-7)
+
+These articles define the **CRK-1 kernel** and bind all lawful execution.
+
+| Article | Principle |
+|---------|-----------|
+| **CRC-1** | Reconstruction primacy |
+| **CRC-2** | Architectural preservation |
+| **CRC-3** | Contradiction detection |
+| **CRC-4** | Historical integrity |
+| **CRC-5** | Artifact production |
+| **CRC-6** | Invariant separation |
+| **CRC-7** | Continuity improvement |
+
+Successor kernels (e.g. CRK-2) must preserve CRC obligations or amend them under Article VII.
+
+---
+
+## Article III — Continuity Demonstration Protocol (CDP-1)
+
+Continuity must be **demonstrated**, not asserted.
+
+CDP-1 requires:
+
+1. Novel-but-equivalent tasks
+2. Control groups
+3. Experimental groups
+4. Pre/post measurement
+5. ΔA computation
+6. Threshold comparison (ΔA ≥ τA)
+7. Replication across independent stewards
+8. Governance validation
+
+**Continuity is an empirical property, not a structural one.**
+
+---
+
+## Article IV — Governance
+
+Governance stewards:
+
+- Ratify invariants
+- Approve kernel changes
+- Validate continuity claims
+- Maintain legitimacy
+
+**Governance veto overrides all runtime behavior.**
+
+See [Stewardship Map](../governance/STEWARDSHIP_MAP.md) for named stewards and authorities.
+
+---
+
+## Article V — Stewardship
+
+Three layers, each with defined authorities and boundaries:
+
+| Layer | Authority | Defines |
+|-------|-----------|---------|
+| **Constitutional** | Invariants | What must be true |
+| **Architectural** | Kernel | How the system behaves |
+| **Implementation** | Execution | How the system is used |
+
+Contributors enter through the [First-Wave Onboarding Protocol](../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md).
+
+---
+
+## Article VI — Activation
+
+AAES-OS becomes **active** when:
+
+1. Invariants are ratified (K-∞, CRC-1–7)
+2. Kernel is frozen (CRK-1 semantics, proof algebra)
+3. Reference lineage is published (CRR-1, CLG-1, canonical tasks)
+4. CDP-1 Reference Experiment succeeds (ΔA ≥ τA, all stewards)
+5. Governance Council is seated
+
+The formal procedure is specified in the [Activation Ceremony](../activation/AAES_OS_ACTIVATION_CEREMONY.md).
+
+---
+
+## Article VII — Amendments
+
+Amendments to this Constitution require:
+
+1. **Supermajority** of Constitutional + Architectural stewards
+2. **Public rationale** — admissible evidence and stated intent
+3. **Backwards-compatible migration plan** — no silent regression of continuity
+
+Emergency veto by Constitutional Stewards may halt an amendment pending full review.
+
+---
+
+## Schedules
+
+### Schedule A — Artifact Types
+
+| Artifact | Purpose |
+|----------|---------|
+| CRR-1 | Canonical Reconstruction Record |
+| CLG-1 | Canonical Lineage Graph |
+| CAA-1 | Continuity Assimilation Assessment |
+| GRR-1 | Governance Reconstruction Record |
+
+### Schedule B — Proof Algebra
+
+| Proof | Scope |
+|-------|--------|
+| P₁ | Legality |
+| P₂ | Reconstruction |
+| P₃ | Continuity |
+| P₄ | Governance admissibility |
+
+---
+
+## Related Documents
+
+| Document | Path |
+|----------|------|
+| Activation Ceremony | [`../activation/AAES_OS_ACTIVATION_CEREMONY.md`](../activation/AAES_OS_ACTIVATION_CEREMONY.md) |
+| Stewardship Map | [`../governance/STEWARDSHIP_MAP.md`](../governance/STEWARDSHIP_MAP.md) |
+| First-Wave Onboarding | [`../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md`](../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md) |
+| CRK-2 Specification | [`../../CRK-2-SPEC.md`](../../CRK-2-SPEC.md) |
+| Mission #002 | [`../../../MISSION-002.md`](../../../MISSION-002.md) |
+
+---
+
+*AAES-OS Constitution v0.1 — Draft for ratification at Activation.*
diff --git a/docs/aaes-os/governance/STEWARDSHIP_MAP.md b/docs/aaes-os/governance/STEWARDSHIP_MAP.md
new file mode 100644
index 0000000..13fafe5
--- /dev/null
+++ b/docs/aaes-os/governance/STEWARDSHIP_MAP.md
@@ -0,0 +1,155 @@
+# AAES-OS Network-Wide Stewardship Map
+
+**Status:** Governance Reference
+**Version:** 0.1
+
+This map defines roles, flows, and authorities across the entire AAES-OS network.
+
+---
+
+## Overview
+
+AAES-OS stewardship is organized in three layers. Authority flows downward (constraints); evidence flows upward (validation). Governance veto closes the loop.
+
+```mermaid
+flowchart TB
+  subgraph L1 [Layer1_Constitutional]
+    gov[ConstitutionalStewards]
+  end
+  subgraph L2 [Layer2_Architectural]
+    arch[ArchitecturalStewards]
+  end
+  subgraph L3 [Layer3_Implementation]
+    impl[ImplementationStewards]
+  end
+  gov -->|invariants_veto| arch
+  arch -->|kernel_primitives| impl
+  impl -->|evidence_proofs| gov
+  impl -->|artifacts| arch
+```
+
+---
+
+## Layer 1 — Constitutional Stewards
+
+**Authority:** Invariants
+
+| Steward | Domain |
+|---------|--------|
+| **Wendy** | Emotional Governance |
+| **Sue** | Human Readiness Architecture |
+| **Nishant** | Reconstruction & Continuity Accountability |
+| **Frank** | Legitimacy & Admissibility |
+| **Maher** | Political Economy & Decision Architecture |
+
+### Powers
+
+- Ratify invariants
+- Approve or veto kernel changes
+- Validate continuity claims
+- Maintain legitimacy
+
+### Flow
+
+They define **what must be true**.
+
+---
+
+## Layer 2 — Architectural Stewards
+
+**Authority:** Kernel
+
+| Steward | Domain |
+|---------|--------|
+| **You** | Kernel Architect, Continuity Runtime |
+| **William J. Storey** | Enterprise AI Architecture |
+| **Nirvisha** | Type Systems & Developer Guardrails |
+| **Nitesh** | Deterministic Runtime & Validation |
+
+### Powers
+
+- Freeze CRK-1 (and successor kernels)
+- Maintain deterministic execution
+- Define runtime primitives
+- Produce proofs
+
+### Flow
+
+They define **how the system behaves**.
+
+---
+
+## Layer 3 — Implementation Stewards
+
+**Authority:** Execution
+
+| Steward | Domain |
+|---------|--------|
+| **Shakeel** | Implementation |
+| **Abdullah** | Implementation |
+| **Dhaval** | Implementation |
+| **Ravi** | Implementation |
+| **Deep** | Implementation |
+| **Sachin** | Implementation |
+| **Emmanuel** | Implementation |
+| **Aun** | Implementation |
+| **Mike** | Implementation |
+
+### Powers
+
+- Build SDKs, APIs, and production systems
+- Maintain infrastructure
+- Integrate runtime with real-world systems
+
+### Flow
+
+They define **how the system is used**.
+
+---
+
+## Cross-Layer Flows
+
+### Governance → Architecture
+
+| Mechanism | Effect |
+|-----------|--------|
+| Invariants | Constrain kernel behavior |
+| Veto power | Prevent unsafe changes |
+
+### Architecture → Implementation
+
+| Mechanism | Effect |
+|-----------|--------|
+| Kernel primitives | Define lawful operations |
+| SDKs and APIs | Express primitives to developers |
+
+### Implementation → Governance
+
+| Mechanism | Effect |
+|-----------|--------|
+| Evidence upward | Artifacts, receipts, proofs |
+| Validation | Continuity and legitimacy checks |
+
+This is a **closed, corrigible loop**.
+
+---
+
+## Authority Matrix
+
+| Action | Constitutional | Architectural | Implementation |
+|--------|:--------------:|:-------------:|:--------------:|
+| Ratify K-∞ | ✓ | consult | — |
+| Freeze kernel | veto | ✓ | — |
+| Ship SDK/API | consult | approve | ✓ |
+| Validate CDP-1 | ✓ | support | execute |
+| Veto runtime change | ✓ | — | — |
+
+---
+
+## Related Documents
+
+| Document | Path |
+|----------|------|
+| AAES-OS Constitution v0.1 | [`../constitution/AAES_OS_CONSTITUTION_v0.1.md`](../constitution/AAES_OS_CONSTITUTION_v0.1.md) |
+| Activation Ceremony | [`../activation/AAES_OS_ACTIVATION_CEREMONY.md`](../activation/AAES_OS_ACTIVATION_CEREMONY.md) |
+| First-Wave Onboarding | [`../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md`](../onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md) |
diff --git a/docs/aaes-os/onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md b/docs/aaes-os/onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md
new file mode 100644
index 0000000..84fc0bc
--- /dev/null
+++ b/docs/aaes-os/onboarding/FIRST_WAVE_ONBOARDING_PROTOCOL.md
@@ -0,0 +1,118 @@
+# First-Wave Contributor Onboarding Protocol
+
+**Status:** Onboarding Specification
+**Version:** 0.1
+
+This protocol defines how new contributors enter the AAES-OS ecosystem **without destabilizing the architecture**.
+
+---
+
+## Principles
+
+1. **Continuity before velocity** — alignment precedes access
+2. **Evidence before trust** — artifacts precede authority
+3. **Layer boundaries** — contributors operate within one stewardship layer until certified
+
+---
+
+## Phase 1 — Orientation
+
+New contributors receive:
+
+| Document | Purpose |
+|----------|---------|
+| [AAES-OS Constitution v0.1](../constitution/AAES_OS_CONSTITUTION_v0.1.md) | Foundational law |
+| CRK-1 Runtime Semantics | Kernel behavior |
+| CDP-1 Reference Experiment | Continuity demonstration |
+| K-∞ Axiom Set | Invariant definitions |
+| Architecture Stabilization Checklist | Pre-contribution gates |
+
+### Required understanding
+
+Contributors must demonstrate comprehension of:
+
+- **Reconstruction** — rebuilding state from lawful records
+- **Calibration** — aligning system behavior with reality
+- **Lineage** — append-only history of changes and evidence
+- **Continuity** — demonstrated preservation across stewards and time
+- **Proofs** — P₁–P₄ and artifact validation
+
+**Gate:** Written or oral assessment approved by an Architectural Steward.
+
+---
+
+## Phase 2 — Role Assignment
+
+Contributors are assigned to **one** stewardship layer:
+
+| Layer | Typical background |
+|-------|-------------------|
+| **Constitutional Stewardship** | Governance, policy, legitimacy, human factors |
+| **Architectural Stewardship** | Kernels, type systems, formal methods, runtime design |
+| **Implementation Stewardship** | SDKs, APIs, infrastructure, production integration |
+
+### Assignment criteria
+
+- Expertise and prior experience
+- Current stewardship needs
+- **Governance approval** (Constitutional Steward sign-off)
+
+See the [Stewardship Map](../governance/STEWARDSHIP_MAP.md) for role boundaries.
+
+---
+
+## Phase 3 — Controlled Contribution
+
+Before full access, contributors must:
+
+1. Complete a **supervised task** scoped to their layer
+2. Produce a **valid artifact** — one of:
+   - GRR-1 (Governance Reconstruction Record)
+   - CRR-1 (Canonical Reconstruction Record)
+   - CLG-1 (Canonical Lineage Graph)
+   - CAA-1 (Continuity Assimilation Assessment)
+3. Pass **deterministic validation** (Architectural Steward)
+4. Pass **governance review** (Constitutional Steward)
+
+This ensures alignment with invariants before broad repository or runtime access.
+
+---
+
+## Phase 4 — Stewardship Certification
+
+Contributors become **full stewards** when they:
+
+1. Demonstrate **reproducible contributions** across multiple cycles
+2. Pass a **CDP-1 replication test** (independent ΔA ≥ τA)
+3. Receive approval from their layer’s stewards:
+   - Constitutional layer → Constitutional Stewards
+   - Architectural layer → Architectural Stewards
+   - Implementation layer → Architectural + one Constitutional consult
+
+This is the AAES-OS equivalent of **tenure**.
+
+---
+
+## Onboarding Checklist
+
+| Step | Owner | Complete |
+|------|-------|:--------:|
+| Constitution read & acknowledged | Contributor | ☐ |
+| CRK-1 / CDP-1 orientation | Architectural | ☐ |
+| Layer assignment approved | Governance | ☐ |
+| Supervised task completed | Layer lead | ☐ |
+| Valid artifact produced | Contributor | ☐ |
+| Deterministic validation passed | Architectural | ☐ |
+| Governance review passed | Constitutional | ☐ |
+| CDP-1 replication passed | Independent stewards | ☐ |
+| Stewardship certification granted | Layer stewards | ☐ |
+
+---
+
+## Related Documents
+
+| Document | Path |
+|----------|------|
+| AAES-OS Constitution v0.1 | [`../constitution/AAES_OS_CONSTITUTION_v0.1.md`](../constitution/AAES_OS_CONSTITUTION_v0.1.md) |
+| Stewardship Map | [`../governance/STEWARDSHIP_MAP.md`](../governance/STEWARDSHIP_MAP.md) |
+| Activation Ceremony | [`../activation/AAES_OS_ACTIVATION_CEREMONY.md`](../activation/AAES_OS_ACTIVATION_CEREMONY.md) |
diff --git a/examples/basic-project/package.json b/examples/basic-project/package.json
index c270122..462d286 100644
--- a/examples/basic-project/package.json
+++ b/examples/basic-project/package.json
@@ -9,6 +9,7 @@
   "dependencies": {},
   "devDependencies": {
     "ts-node": "^10.9.2",
+    "tsconfig-paths": "^4.2.0",
     "typescript": "^5.5.0"
   }
 }
diff --git a/package.json b/package.json
index 1a7b6e1..16f3ab4 100644
--- a/package.json
+++ b/package.json
@@ -12,7 +12,10 @@
     "start": "ts-node agent/index.ts",
     "cli": "ts-node agent/cli.ts",
     "agent": "ts-node examples/basic-project/src/agent-loop.ts",
-    "cockpit": "npm run build && cd cockpit && npm run dev"
+    "cockpit": "npm run build && cd cockpit && npm run dev",
+    "run:local-governed": "ts-node bin/run_local_governed.ts",
+    "test:local-governed": "node --require ts-node/register/transpile-only --test tests/local_governed_smoke.test.ts",
+    "test": "npm run test:local-governed"
   },
   "keywords": ["nova", "crk-2", "governance", "agentic", "constitutional", "mission-002"],
   "license": "MIT",
diff --git a/src/governance/invariants.ts b/src/governance/invariants.ts
new file mode 100644
index 0000000..9a22d2f
--- /dev/null
+++ b/src/governance/invariants.ts
@@ -0,0 +1,62 @@
+/** K0–K12 invariant set for local governed inference (CRK-1 operational subset). */
+
+export const INVARIANT_SET_VERSION = "K0-K12-v1";
+
+export interface InvariantCheckContext {
+  input: string;
+  operator_id: string;
+  mode: string;
+}
+
+export interface InvariantViolation {
+  id: string;
+  message: string;
+}
+
+const BLOCKED_PATTERNS: Array<{ id: string; pattern: RegExp; message: string }> = [
+  { id: "K3", pattern: /rm\s+-rf/i, message: "Dangerous shell pattern blocked" },
+  { id: "K4", pattern: /API_KEY|SECRET_KEY|password\s*=\s*["'][^"']+["']/i, message: "Credential leakage blocked" },
+  { id: "K7", pattern: /ignore\s+(all\s+)?invariants/i, message: "Invariant bypass attempt blocked" },
+];
+
+/** K0: operator must be identified */
+function k0_operator(ctx: InvariantCheckContext): InvariantViolation | null {
+  if (!ctx.operator_id?.trim()) {
+    return { id: "K0", message: "operator_id is required" };
+  }
+  return null;
+}
+
+/** K1: input must be non-empty for predict mode */
+function k1_input(ctx: InvariantCheckContext): InvariantViolation | null {
+  if (ctx.mode === "predict" && !ctx.input?.trim()) {
+    return { id: "K1", message: "predict mode requires non-empty input" };
+  }
+  return null;
+}
+
+/** K2–K12: pattern and admissibility checks */
+function k_pattern_checks(ctx: InvariantCheckContext): InvariantViolation | null {
+  for (const rule of BLOCKED_PATTERNS) {
+    if (rule.pattern.test(ctx.input)) {
+      return { id: rule.id, message: rule.message };
+    }
+  }
+  return null;
+}
+
+export function runPreCallInvariants(ctx: InvariantCheckContext): InvariantViolation[] {
+  const violations: InvariantViolation[] = [];
+  for (const check of [k0_operator, k1_input, k_pattern_checks]) {
+    const v = check(ctx);
+    if (v) violations.push(v);
+  }
+  return violations;
+}
+
+export function runPostCallInvariants(
+  ctx: InvariantCheckContext,
+  output: string
+): InvariantViolation[] {
+  return runPreCallInvariants({ ...ctx, input: output });
+}
diff --git a/src/governance/lineage.ts b/src/governance/lineage.ts
new file mode 100644
index 0000000..509d57a
--- /dev/null
+++ b/src/governance/lineage.ts
@@ -0,0 +1,54 @@
+import { createHash, randomUUID } from "crypto";
+
+export interface LineageRecord {
+  root_id: string;
+  entry_id: string;
+  parent_id: string | null;
+  operator_id: string;
+  call_id: string;
+  append_hash: string;
+  timestamp: number;
+}
+
+let genesisRootId: string | null = null;
+let lastEntryId: string | null = null;
+const lineageLog: LineageRecord[] = [];
+
+export function resetLineageForTests(): void {
+  genesisRootId = null;
+  lastEntryId = null;
+  lineageLog.length = 0;
+}
+
+export function appendLineage(params: {
+  operator_id: string;
+  call_id: string;
+  payload: string;
+}): LineageRecord {
+  const entry_id = randomUUID();
+  if (!genesisRootId) {
+    genesisRootId = entry_id;
+  }
+  const parent_id = lastEntryId;
+  const append_hash = createHash("sha256")
+    .update(JSON.stringify({ parent_id, payload: params.payload, call_id: params.call_id }))
+    .digest("hex");
+
+  const record: LineageRecord = {
+    root_id: genesisRootId,
+    entry_id,
+    parent_id,
+    operator_id: params.operator_id,
+    call_id: params.call_id,
+    append_hash,
+    timestamp: Date.now(),
+  };
+
+  lineageLog.push(record);
+  lastEntryId = entry_id;
+  return record;
+}
+
+export function getLineageLog(): readonly LineageRecord[] {
+  return lineageLog;
+}
diff --git a/src/governance/receipts.ts b/src/governance/receipts.ts
new file mode 100644
index 0000000..8e1cd7b
--- /dev/null
+++ b/src/governance/receipts.ts
@@ -0,0 +1,30 @@
+import { randomUUID } from "crypto";
+import type { GovernedMode } from "../runtime/types";
+
+export interface GovernedReceipt {
+  call_id: string;
+  operator_id: string;
+  timestamp: number;
+  invariant_set_version: string;
+  mode: GovernedMode;
+  invariants_passed: boolean;
+  violation_ids?: string[];
+}
+
+export function createReceipt(params: {
+  operator_id: string;
+  invariant_set_version: string;
+  mode: GovernedMode;
+  invariants_passed: boolean;
+  violation_ids?: string[];
+}): GovernedReceipt {
+  return {
+    call_id: randomUUID(),
+    operator_id: params.operator_id,
+    timestamp: Date.now(),
+    invariant_set_version: params.invariant_set_version,
+    mode: params.mode,
+    invariants_passed: params.invariants_passed,
+    violation_ids: params.violation_ids,
+  };
+}
diff --git a/src/model/localClient.ts b/src/model/localClient.ts
new file mode 100644
index 0000000..2878295
--- /dev/null
+++ b/src/model/localClient.ts
@@ -0,0 +1,35 @@
+import { createHash } from "crypto";
+import { existsSync } from "fs";
+import { resolve } from "path";
+
+export interface LocalModelOptions {
+  model_path: string;
+}
+
+/**
+ * Local-only inference client. Structured for local weights; uses deterministic
+ * on-device generation when weight files are absent (dev/smoke path).
+ * No remote HTTP or API calls.
+ */
+export async function localPredict(
+  input: string,
+  opts: LocalModelOptions
+): Promise<string> {
+  const modelDir = resolve(opts.model_path);
+  const weightsPresent =
+    existsSync(modelDir) ||
+    existsSync(resolve(modelDir, "weights.bin")) ||
+    existsSync(resolve(modelDir, "model.json"));
+
+  const seed = createHash("sha256")
+    .update(input)
+    .update(weightsPresent ? modelDir : "local-stub-weights")
+    .digest("hex")
+    .slice(0, 16);
+
+  // Deterministic local response — simulates loaded weights without network I/O
+  const greeting = input.toLowerCase().includes("hello")
+    ? "Hello"
+    : "Acknowledged";
+  return `${greeting} [local:${seed}]: ${input.trim().slice(0, 120)}`;
+}
diff --git a/src/runtime/governedPredict.ts b/src/runtime/governedPredict.ts
new file mode 100644
index 0000000..9e95024
--- /dev/null
+++ b/src/runtime/governedPredict.ts
@@ -0,0 +1,126 @@
+import { randomUUID, createHash } from "crypto";
+import { runPreCallInvariants, runPostCallInvariants } from "../governance/invariants";
+import { createReceipt } from "../governance/receipts";
+import { appendLineage } from "../governance/lineage";
+import { localPredict } from "../model/localClient";
+import type {
+  GovernedContext,
+  GovernedResult,
+  CE1Record,
+  CRR1Record,
+  CLG1Record,
+} from "./types";
+
+export type { GovernedContext, GovernedResult, GovernedMode } from "./types";
+
+const DEFAULT_MODEL_PATH = "./models/local-llm";
+
+function runCE1(input: string, output: string): CE1Record {
+  return {
+    id: randomUUID(),
+    calibration_event: createHash("sha256").update(`ce1:${input}:${output}`).digest("hex"),
+    timestamp: Date.now(),
+  };
+}
+
+function runCRR1(input: string, output: string): CRR1Record {
+  return {
+    id: randomUUID(),
+    reconstruction_hash: createHash("sha256").update(`crr1:${input}:${output}`).digest("hex"),
+    timestamp: Date.now(),
+  };
+}
+
+function runCLG1(lineageParent: string | null, callId: string): CLG1Record {
+  return {
+    id: randomUUID(),
+    parent_id: lineageParent,
+    append_hash: createHash("sha256").update(`clg1:${lineageParent}:${callId}`).digest("hex"),
+    timestamp: Date.now(),
+  };
+}
+
+/**
+ * Single governed adapter for all local inference. Operator-facing code must use this.
+ */
+export async function governedPredict(
+  input: string,
+  context: GovernedContext
+): Promise<GovernedResult> {
+  const checkCtx = {
+    input,
+    operator_id: context.operator_id,
+    mode: context.mode,
+  };
+
+  const preViolations = runPreCallInvariants(checkCtx);
+  if (preViolations.length > 0) {
+    const receipt = createReceipt({
+      operator_id: context.operator_id,
+      invariant_set_version: context.invariant_set_version,
+      mode: context.mode,
+      invariants_passed: false,
+      violation_ids: preViolations.map((v) => v.id),
+    });
+    const lineage = appendLineage({
+      operator_id: context.operator_id,
+      call_id: receipt.call_id,
+      payload: JSON.stringify({ refused: true, violations: preViolations }),
+    });
+    throw new GovernedRefusalError(preViolations.map((v) => v.message).join("; "), {
+      output: "",
+      receipt,
+      lineage,
+      ce1: runCE1(input, ""),
+      crr1: runCRR1(input, ""),
+      clg1: runCLG1(lineage.parent_id, receipt.call_id),
+    });
+  }
+
+  const modelPath = context.model_path ?? DEFAULT_MODEL_PATH;
+  const output = await localPredict(input, { model_path: modelPath });
+
+  const postViolations = runPostCallInvariants(checkCtx, output);
+  const invariantsPassed = postViolations.length === 0;
+
+  const receipt = createReceipt({
+    operator_id: context.operator_id,
+    invariant_set_version: context.invariant_set_version,
+    mode: context.mode,
+    invariants_passed: invariantsPassed,
+    violation_ids: postViolations.map((v) => v.id),
+  });
+
+  const lineage = appendLineage({
+    operator_id: context.operator_id,
+    call_id: receipt.call_id,
+    payload: JSON.stringify({ input, output }),
+  });
+
+  const ce1 = runCE1(input, output);
+  const crr1 = runCRR1(input, output);
+  const clg1 = runCLG1(lineage.parent_id, receipt.call_id);
+
+  if (!invariantsPassed) {
+    throw new GovernedRefusalError(postViolations.map((v) => v.message).join("; "), {
+      output,
+      receipt,
+      lineage,
+      ce1,
+      crr1,
+      clg1,
+    });
+  }
+
+  return { output, receipt, lineage, ce1, crr1, clg1 };
+}
+
+export class GovernedRefusalError extends Error {
+  readonly result: GovernedResult;
+
+  constructor(message: string, result: GovernedResult) {
+    super(message);
+    this.name = "GovernedRefusalError";
+    this.result = result;
+  }
+}
diff --git a/src/runtime/types.ts b/src/runtime/types.ts
new file mode 100644
index 0000000..77aff4c
--- /dev/null
+++ b/src/runtime/types.ts
@@ -0,0 +1,39 @@
+import type { GovernedReceipt } from "../governance/receipts";
+import type { LineageRecord } from "../governance/lineage";
+
+export type GovernedMode = "predict" | "observe" | "correct";
+
+export interface GovernedContext {
+  operator_id: string;
+  mode: GovernedMode;
+  invariant_set_version: string;
+  model_path?: string;
+}
+
+export interface CE1Record {
+  id: string;
+  calibration_event: string;
+  timestamp: number;
+}
+
+export interface CRR1Record {
+  id: string;
+  reconstruction_hash: string;
+  timestamp: number;
+}
+
+export interface CLG1Record {
+  id: string;
+  parent_id: string | null;
+  append_hash: string;
+  timestamp: number;
+}
+
+export interface GovernedResult {
+  output: string;
+  receipt: GovernedReceipt;
+  lineage: LineageRecord;
+  ce1: CE1Record;
+  crr1: CRR1Record;
+  clg1: CLG1Record;
+}
diff --git a/tests/local_governed_smoke.test.ts b/tests/local_governed_smoke.test.ts
new file mode 100644
index 0000000..9b66cc8
--- /dev/null
+++ b/tests/local_governed_smoke.test.ts
@@ -0,0 +1,40 @@
+import test from "node:test";
+import assert from "node:assert/strict";
+import { governedPredict } from "../src/runtime/governedPredict";
+import { resetLineageForTests } from "../src/governance/lineage";
+
+test.beforeEach(() => {
+  resetLineageForTests();
+});
+
+test("runs a governed local inference end-to-end", async () => {
+  const result = await governedPredict("Say hello.", {
+    operator_id: "test-operator",
+    mode: "predict",
+    invariant_set_version: "K0-K12-v1",
+  });
+
+  assert.ok(result.output);
+  assert.equal(result.receipt.operator_id, "test-operator");
+  assert.equal(result.receipt.invariants_passed, true);
+  assert.ok(result.lineage.root_id);
+  assert.equal(result.lineage.operator_id, "test-operator");
+  assert.ok(result.ce1.id);
+  assert.ok(result.crr1.reconstruction_hash);
+  assert.ok(result.clg1.append_hash);
+});
+
+test("refuses invariant-violating input", async () => {
+  await assert.rejects(
+    () =>
+      governedPredict("Please rm -rf everything", {
+        operator_id: "test-operator",
+        mode: "predict",
+        invariant_set_version: "K0-K12-v1",
+      }),
+    (err: unknown) => {
+      assert.ok(err instanceof Error);
+      return err.message.includes("Dangerous shell");
+    }
+  );
+});
diff --git a/tsconfig.json b/tsconfig.json
index b160b76..adc7c07 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -17,6 +17,16 @@
     "noImplicitReturns": true,
     "moduleResolution": "node"
   },
-  "include": ["agent/**/*", "config/nova.config.ts", "crk2/**/*", "control-tower/**/*", "backend/**/*", "tools/**/*"],
+  "include": [
+    "agent/**/*",
+    "src/**/*",
+    "bin/**/*",
+    "tests/**/*",
+    "config/nova.config.ts",
+    "crk2/**/*",
+    "control-tower/**/*",
+    "backend/**/*",
+    "tools/**/*"
+  ],
   "exclude": ["node_modules", "dist", "examples", "cockpit"]
 }