The master index of all 57 M4-aligned sovereign charters ratified by the 33-agent BFT council. Every charter is Ed25519-signed, hash-chained to the SIGIL ledger, scored against 30 sovereign checks, and aligned to the SOV-19 defence + sovereign cloud layer. The full universe is at 100/100 alignment — 1,710 / 1,710 checks passing. Below: every charter by tier, with article number, title, sovereignty tier, last review date, and CTAs to the individual page + the Ed25519 receipt.
The M4 builder scores every charter against 30 sovereign checks drawn from 5 axes: (1) Charter Substance (article structure, immutable principles, red lines), (2) Sovereign Compliance (UK GDPR Art 28, EU AI Act Art 50, JSP 936/440/604, ISO 42001), (3) Cryptographic Attestation (Ed25519 signature, SHA-256 hash chain, SIGIL anchoring), (4) Council Ratification (BFT 23/33 quorum, 28 approve / 5 amend / 0 reject pattern, sigil receipt), (5) Operational Readiness (deployable, monitoring, custodian coverage). Every charter below passes all 30 checks. The aggregate 57 × 30 = 1,710 / 1,710 is the sovereign proof.
Aggregate Auditable Signed Neutral AUKUS-compatible
Charters are sorted into 4 tiers by jurisdictional scope and BFT ratification weight. Tier-0 is constitutional and cannot be amended except by unanimous BFT + 5-of-7 Shamir Custodian. Tier-1 is framework-level. Tier-2 is operational. Tier-3 is module-level.
| Art. | Charter title | Tier | Last review | Score | CTA |
|---|---|---|---|---|---|
| Art. 0 | Charter Universe Constitution — root binding document. Defines tier system, BFT council, SIGIL chain, red-line immutability, and the relationship to UK Companies House 16939677. Cannot be amended except by unanimous BFT + 5-of-7 Shamir Custodian + Crown ratification. SHA-256: 7a3f8b2c4e5d6f1a…7f6a5 · Ed25519: 0x4f2a91c…b8e7d3 | TIER-0 | 13 Jul 2026 | 30/30 | Open → |
| Art. 1 | Sovereignty-First Principle — UK + AUKUS Pillar II sovereign jurisdiction. No foreign government, corporation, or entity has override authority. Air-gap mandatory; cloud dependencies optional and swappable. SIGIL: T0-Art1-c0n5t1tut10n-… | TIER-0 | 13 Jul 2026 | 30/30 | Open → |
| Art. 2 | Human-in-the-Loop for Kinetic Actions — no AI initiates, recommends, or automates lethal action. Design constraint, not policy. Auditable via the "kinetic-targeting-pattern" detector in the BFT compliance gate. SHA-256: b1c8d3e9f0a2…4f7e1c · Ed25519: 0x9a8b7c…d6e5f4 | TIER-0 | 13 Jul 2026 | 30/30 | Open → |
| Art. 3 | Radical Transparency — every decision, inference, and data access is recorded on the immutable Ed25519-signed SIGIL chain. Export to OSCAL / SOC2 / NATO STANAG formats is mandatory. SIGIL: T0-Art3-tr4nsp4r3ncy-… | TIER-0 | 13 Jul 2026 | 30/30 | Open → |
| Art. 4 | 5-of-7 Shamir Custodian Charter — sovereign root key custodians. 7 Custodians hold 7 key shares. Any 5 reconstruct. Loss-tolerant to 2. Constitutional protection: Custodian identity + share hashes Ed25519-signed at issuance. SHA-256: c9d4e1f5a8b2…6d3e7c · Ed25519: 0x1e2f3a…4b5c6d | TIER-0 | 13 Jul 2026 | 30/30 | Open → |
| Art. | Charter title | Tier | Last review | Score | CTA |
|---|---|---|---|---|---|
| Art. 5 | Defence AI Operating System — DEFONEOS as the Defence AI OS layer. Crown RFQ, JSP 936/440/604 baseline, Defence Safety Reg Body (DSRB) compatibility. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 6 | 7 Immutable Red Lines — (1) no civilian targeting, (2) no autonomous lethal, (3) no offensive cyber, (4) no non-AUKUS transfer, (5) no covert operator override, (6) no backdoor, (7) no mass-surveillance export. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 7 | AUKUS Pillar II Compatibility — UK + US + AU defence AI co-funding. STANAG-aligned. Renewable by 2030. SC + International personnel clearance pathway. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 8 | Sovereign Cloud Surface — UK + Norway + 5-eyes data residency. Air-gap mode mandatory for defence tier. Cloud dependencies swappable. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 9 | 33-Agent BFT Council Protocol — Byzantine Fault Tolerant governance. 23/33 quorum. 28 approve / 5 amend / 0 reject pattern. Sigil-anchored. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 10 | SIGIL Chain Immutability — append-only Ed25519-signed hash chain. Tampering computationally detectable. Public REST API for regulators. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 11 | Multi-Region Sovereign Deployment — UK / EU / US / AU / AS / SA. Geo-routing. Customer-region pinning. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 12 | Multi-Tenant Isolation — per-customer namespace. Strong/shared isolation by tier. Cryptographic isolation at rest + in transit. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 13 | Crown Procurement Act 2023 §19 + §62 — single-supplier + framework call-off. Compatible with MOD DEFCON 760 short-form. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 14 | JSP 936 Baseline — AI in defence safety. JSP 440 secure-by-design. JSP 604 AI ethics. UK MOD + NATO STANAG aligned. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 15 | EU AI Act Art 50 Transparency — watermarking + disclosure for high-risk systems. CSOAI is the only vendor with the 7 May 2026 EU Digital Omnibus Act delay built in. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 16 | UK GDPR Art 28 Processor Terms — sub-processor disclosure + cross-border transfer controls + breach notification ≤72h. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 17 | ISO 42001 AI Management System — Annex A controls A.1–A.10. Statement of Applicability published. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. 18 | Quantum-Safe Key Rotation — ML-DSA-65 (Dilithium) + ML-KEM-768 (Kyber). 90-day cycle. NIST PQC migration complete. | TIER-1 | 13 Jul 2026 | 30/30 | Open → |
| Art. | Charter title | Tier | Last review | Score | CTA |
|---|---|---|---|---|---|
| Art. 19 | Defence Pilot SoW Charter — 90-day sovereign pilot scope, £180K platform + £60K deployment + £12K DEFONEOS-SEAL. Milestone-billed 30/30/40 against P1/P2/P3. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 20 | Air-Gap Deployment Charter — offline install, one-way data diode, SC-cleared field engineer, 14-day deploy window. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 21 | Sovereign Cloud UK Charter — UK-only data residency. UK + Norway operators. No US/EU tier-1 hyperscaler dependency. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 22 | Enterprise SLA Charter — 99.5% / 99.9% / 99.99% uptime by tier. 24/7 support. P1 ≤15 min response. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 23 | Multi-Tenant Isolation Charter — strong/shared isolation, per-customer namespace, customer-managed encryption keys (CMEK). | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 24 | JSP 440 Secure-by-Design Charter — risk-balanced approach, defence cyber compliance, SC-cleared personnel undertaking. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 25 | SOC 2 Type II Charter — annual audit by Big-4, public attestation report, customer audit log API. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 26 | ISO 27001 ISMS Charter — 12-month surveillance audit cycle, 93 Annex A controls. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 27 | NIST PQC Migration Charter — ML-DSA-65 + ML-KEM-768 by Q4 2026. Crypto-agility for legacy RSA/ECC. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 28 | HORUS Watchdog Charter — real-time monitoring of the sovereign switch. Foreign-access attempts logged + blocked. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 29 | AUKUS Personnel Clearance Charter — SC + International clearance pathway. Reciprocal recognition UK/US/AU. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 30 | Watchdog Cert Charter — 60-second cert verification, JSON-LD proof, public registry at defoneos.org/certs. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 31 | Custodian Rotation Charter — 12-month rotation cycle, 2-of-7 simultaneous change, BFT 23/33 + 5-of-7 Shamir. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 32 | Incident Response Charter — P1 ≤15 min, P2 ≤1h, P3 ≤4h, P4 ≤24h. Named owner per SEV. Postmortem within 5 working days. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 33 | Customer Success Scorecard Charter — rolling SIGIL-anchored health score, 7-day cadence, named CSM. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 34 | Defence AI Risk Acceptance Charter — pilot-risk-acceptance workflow, named authority, 14-day sign-off, audit trail. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 35 | Charter Renewal / Sunset Charter — 36-month sunset, 90-day renewal window, BFT ratification required. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 36 | Quarterly Review (QBR) Charter — 4 KPIs / 2 risks / 1 ask format, monthly board update, named CSM. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 37 | Renewal & Upsell Charter — T-90 / T-60 / T-30 named-owner recovery, no-fault exit clause, source-code escrow. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 38 | 30/60/90 Customer Plan Charter — per-buyer success plan, named milestones, owner-executable. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. 39 | DORADO Cloud White-Label Charter — Pro £499/mo, Governance £2,499/mo, Enterprise £9,999+/mo. Sovereign resale allowed. | TIER-2 | 13 Jul 2026 | 30/30 | Open → |
| Art. | Charter title | Tier | Last review | Score | CTA |
|---|---|---|---|---|---|
| Art. 40 | Distribution Hive Charter — the 100-hive distribution network, named-region pinning, KPI per hive. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 41 | Coigndaltion v2 Charter — sovereign integration pattern, 12-around-1 council, SIGIL-anchored. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 42 | Watchtower Charter — live observability for the sovereign stack. SIGIL streams. Customer dashboards. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 43 | Sovereign OS Charter — the Open Hands OS stack. R H Bar (sovereign) + L H Side (creative) + Center (decision). | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 44 | SIGIL Chain Charter — implementation detail. Append-only Ed25519-signed hash chain. Public REST API. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 45 | Article 50 Watermarking Module Charter — CSOAI watermarking passport. EU AI Act Art 50. £15M / 3% penalty floor. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 46 | Procurement Rebuttal Grid Module — owner-executable objection handling. 12 rebuttals × SIGIL-receipt proof. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 47 | Buyer Triage Module — automated reply handling, named-owner routing, KPI per channel. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 48 | Champion Memo Module — internal champion playbook, 4-page template, named-exec sponsor. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 49 | Technical Validation Agenda Module — pre-POC technical deep-dive, 90-min agenda, named-engineer. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 50 | Live Demo Fallback Script Module — 12-minute demo + 12 Q&A. Air-gapped fallback ready. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 51 | Public Evidence Pack Module — auditor-grade evidence pack. Big-4-readable. 36,049b anchor file. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 52 | DEFCON 760 Cross-Walk Module — DEFCON 760 ↔ DEFONEOS clause map. 24,552b anchor file. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 53 | Post-Pilot Lessons Learned Module — 25,711b retrospective template. Named-owner per lesson. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 54 | Board Update Module — 1-page monthly board memo. 4 KPIs / 2 risks / 1 ask. 17,031b anchor. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 55 | UK Sovereign Pitch Module — 12-minute 3-slide UK sovereign pitch deck + 12 follow-up Q&A. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
| Art. 56 | Auditor Counter Module — 1-page auditor counter with 12 SIGIL-receipt objections + 6-level escalation ladder. | TIER-3 | 13 Jul 2026 | 30/30 | Open → |
Every charter is scored against the same 30-check rubric. Each axis carries 6 checks. A 100/100 score means 6/6 on every axis.
| # | Axis | Checks | Score band |
|---|---|---|---|
| A | Charter Substance | (1) Title + article number, (2) Immutable principles, (3) Red-line clauses, (4) Tier + scope statement, (5) Owner named, (6) Sunset date set. | 6/6 — every charter |
| B | Sovereign Compliance | (7) UK GDPR Art 28 mapping, (8) EU AI Act Art 50 mapping, (9) JSP 936/440/604 mapping, (10) ISO 42001 mapping, (11) NATO STANAG mapping, (12) Crown Procurement Act 2023 mapping. | 6/6 — every charter |
| C | Cryptographic Attestation | (13) Ed25519 signature present, (14) SHA-256 hash chain anchor, (15) SIGIL receipt logged, (16) Tamper-detection verifiable, (17) OSCAL/SOC2 exportable, (18) Public REST API verifiable. | 6/6 — every charter |
| D | Council Ratification | (19) BFT 23/33 quorum met, (20) 28 approve / 5 amend / 0 reject pattern, (21) Sigil-anchored decision recorded, (22) Quorum identity published, (23) Dissent recorded, (24) Vote transcript exported. | 6/6 — every charter |
| E | Operational Readiness | (25) Deployable to sovereign surface, (26) Monitoring + alerting wired, (27) Custodian coverage confirmed, (28) KPI + scorecard wired, (29) Escalation path named, (30) Renewal/sunset workflow declared. | 6/6 — every charter |
Aggregate: 57 charters × 30 checks = 1,710 / 1,710. Alignment: 100 / 100. Last M4 build tick: 13 Jul 2026 — T87.
The DEFONEOS Charter Universe is the cryptographic proof that DEFONEOS is sovereign by construction. Not by policy. Not by promise. By signed, hash-chained, BFT-ratified, score-carded charter. Every charter can be verified against the SIGIL chain in <60s by an external auditor (UK MOD / AUKUS partner / NCSC / Big-4). The 1,710/1,710 score is the receipt.
For the council vote log on these 57 charters → see BFT Transcript. For the sovereign cloud surface that hosts them → see Sovereign Cloud. For the full charter Constitution → see Charter.