FAOS Trust Center
Certification before eligibility. Nothing serves your traffic until it has climbed the ladder.
FAOS runs on many runtimes — the engines that reason, the coding harnesses that build, the sandboxes that execute. Every one of them climbs the same seven-rung ladder, from registration to general availability, whether it is FAOS-native or supplied by a vendor.
A runtime is registered long before it is trusted. It is ineligible by default — it serves no tenant traffic — and it stays that way until it has passed every rung up to its certification level. Certification comes first. Eligibility is earned.
Each rung has a trust meaning and the gate a runtime passes to earn it. A runtime carries the highest rung it has cleared — and no higher.
Gate: Registry row (registered-but-ineligible)
The runtime is entered in the registry of record with an owner and a governing decision record. Registered, but ineligible by default — it serves no tenant traffic.
Gate: Port protocol + lint gates
The runtime implements the standard FAOS port interface and passes the structural lint gates — it never runs its own agent loop and its SDK is never a hard dependency. One loop, always FAOS-owned.
Gate: Conformance vs reference mock
The runtime passes the full conformance suite against a reference baseline — happy path, error path, timeout, permission denial, and data-loss-prevention redaction all behave to contract.
Gate: Security gates
Permission classes, egress policy, DLP scanning, tenant isolation, and audit logging are wired end-to-end. Every access decision, content change, and trust change is recorded.
Gate: Live conformance + parity/trace
The runtime passes live conformance in a real sandbox — cost and trace roll up correctly across delegated work, and the go-live gate returns green.
Gate: Simulation gate
Ontology-powered, adversarial industry simulations return an approved verdict with high scenario coverage before the runtime is trusted to act with less supervision.
Gate: Eligibility flip → GA
Only here does eligibility flip on. The runtime serves live tenant traffic behind an allowlist, under a live SLO watch, after consecutive green releases across every lower rung.
Eligibility is a single, deliberate switch at the top of the ladder. Below it, a runtime can be registered, conformance-tested, security-audited, even validated in live sandboxes — and still serve zero of your traffic.
The flip from ineligible to eligibleonly lands once every lower rung is green, behind a tenant allowlist and under a live service-level watch. There is no shortcut around a rung, and no runtime is eligible “by reputation.”
We would rather show you the real state of the ladder than a marketing badge. Today, FAOS-native engines have climbed to supervised production (L4) and beyond. Vendor engines — the ones you may recognize from elsewhere — sit at sandboxed (L2): registered and conformance-tested, but ineligible for your traffic until they clear the security, live-conformance, and simulation rungs above them.
That is the point. The moat is not the length of the list of runtimes we support — it is the depth of the gating every one of them has to pass. A deeper ladder is a stronger promise, even when it means fewer runtimes are eligible on any given day.