|
| 1 | +# omphalOS |
| 2 | + |
| 3 | +**A polycentric, offline-first casework suite for export control and sanctions intelligence analysis.** |
| 4 | + |
| 5 | +[](https://creativecommons.org/publicdomain/zero/1.0/) |
| 6 | +[](https://www.python.org/downloads/) |
| 7 | +[](https://doi.org/10.5281/zenodo.18344930) |
| 8 | + |
| 9 | +## Overview |
| 10 | + |
| 11 | +omphalOS is computational infrastructure for intelligence analysis that prioritizes epistemic humility, transparency, and reproducibility over predictive optimization. The system surfaces patterns in trade data that merit analytical review while systematically documenting uncertainty, making it suitable for adversarial legal contexts where analytical reasoning must withstand scrutiny. |
| 12 | + |
| 13 | +The architecture provides (i) polycentric verification through multiple independent implementations, (ii) offline-first operation in air-gapped environments, (iii) embedded procedural safeguards against overconfident assessments, (iv) human-readable SQL investigations under version control, and (v) checksummed artifacts enabling bit-identical re-execution. |
| 14 | + |
| 15 | +Application domains include export control casework under EAR and ITAR, sanctions enforcement through OFAC and multilateral regimes, trade-based money laundering detection, supply chain risk analysis, and proliferation finance investigations. |
| 16 | + |
| 17 | +The system explicitly rejects classification paradigms. It does not predict entity behavior, assign risk scores, or operate as real-time monitoring infrastructure. All analytical operations are batch-oriented and hypothesis-generating. |
| 18 | + |
| 19 | +## Quick Start |
| 20 | + |
| 21 | +```bash |
| 22 | +# Clone and verify |
| 23 | +git clone https://github.com/your-org/omphalOS |
| 24 | +cd omphalOS |
| 25 | +PYTHONPATH=core/src python -m omphalos.cli pack verify packs/INDEX.json |
| 26 | + |
| 27 | +# Build world and execute case |
| 28 | +PYTHONPATH=core/src python -m omphalos.cli world build --profile hydrate --out hydrate/world |
| 29 | +PYTHONPATH=core/src python -m omphalos.cli case run hydrate/cases/case_chemicals.json --out hydrate/runs |
| 30 | + |
| 31 | +# Verify and export |
| 32 | +PYTHONPATH=core/src python -m omphalos.cli case verify hydrate/runs/case_chemicals/<run_id>/ |
| 33 | +PYTHONPATH=core/src python -m omphalos.cli export hydrate/runs/case_chemicals/<run_id>/packet.json |
| 34 | +``` |
| 35 | +
|
| 36 | +See [TUTORIAL.md](docs/TUTORIAL.md) for detailed walkthrough. |
| 37 | +
|
| 38 | +## Architecture |
| 39 | +
|
| 40 | +The system operates through three core object types: (i) cases articulate investigative questions with defined scope and investigation selection, (ii) runs materialize cases against world-states producing checksummed artifacts, and (iii) packets structure analytical findings with explicit claims (observations and unknowns), annexes, and provenance chains. |
| 41 | +
|
| 42 | +Trust is distributed across independent implementations in Python (reference runtime), Rust (cryptographic attestation), and Go (independent SQL execution). A run achieves validity only when all verifiers agree on artifact integrity. |
| 43 | +
|
| 44 | +``` |
| 45 | +┌───────────────────────────────────────────┐ |
| 46 | +│ omphalOS │ |
| 47 | +├───────────────────────────────────────────┤ |
| 48 | +│ Cases → Python Runtime → SQL Warehouse │ |
| 49 | +│ ↓ │ |
| 50 | +│ Run Artifacts (Packets) │ |
| 51 | +│ ↓ │ |
| 52 | +│ ┌────────┬────────┬────────┐ │ |
| 53 | +│ │ Rust │ Go │ Export │ │ |
| 54 | +│ │ Verify │ Verify │ Gate │ │ |
| 55 | +│ └────────┴────────┴────────┘ │ |
| 56 | +└───────────────────────────────────────────┘ |
| 57 | +``` |
| 58 | +
|
| 59 | +See [ARCHITECTURE.md](docs/ARCHITECTURE.md) for complete system design. |
| 60 | +
|
| 61 | +## Documentation |
| 62 | +
|
| 63 | +| Document | Coverage | |
| 64 | +|----------|----------| |
| 65 | +| [TUTORIAL.md](docs/TUTORIAL.md) | First case walkthrough | |
| 66 | +| [ARCHITECTURE.md](docs/ARCHITECTURE.md) | System design and verification | |
| 67 | +| [CANON.md](docs/CANON.md) | Epistemic humility as architectural principle | |
| 68 | +| [INVESTIGATIONS.md](docs/INVESTIGATIONS.md) | SQL catalog and pattern taxonomy | |
| 69 | +| [THREAT_MODEL.md](docs/THREAT_MODEL.md) | Security assumptions and mitigations | |
| 70 | +| [DEPLOYMENT.md](docs/DEPLOYMENT.md) | Production deployment and scaling | |
| 71 | +| [RESEARCH.md](docs/RESEARCH.md) | Academic positioning and research agenda | |
| 72 | +
|
| 73 | +## Design Philosophy |
| 74 | +
|
| 75 | +Traditional algorithmic systems for intelligence analysis optimize for precision and recall, treating detection as a classification problem. This approach fails in domains where (i) base rates are exceptionally low (illicit transactions represent less than 0.01% of flows), (ii) adversaries adapt to disclosed detection logic through FOIA and litigation, and (iii) analytical conclusions must withstand adversarial legal scrutiny requiring transparent reasoning. |
| 76 | +
|
| 77 | +omphalOS inverts this paradigm. Rather than classification, the system provides hypothesis-generating pattern detection that surfaces anomalies without labeling them. Rather than concealing analytical methods, it assumes disclosure and designs for transparency. Rather than confident predictions, it systematically documents unknowns alongside observations. |
| 78 | +
|
| 79 | +The Canon—sixty repetitions of "interpret with restraint; prefer simpler explanations; record unknowns" embedded in every SQL investigation—makes epistemic humility structurally unavoidable. This design draws from research demonstrating that single warnings are psychologically distant while repeated environmental cues durably shift judgment patterns. |
| 80 | +
|
| 81 | +See [CANON.md](docs/CANON.md) for philosophical foundation. |
| 82 | +
|
| 83 | +## Investigation Catalog |
| 84 | +
|
| 85 | +The catalog contains 20,000 parametric SQL queries detecting patterns including (i) payment fragmentation indicating threshold evasion, (ii) entity clustering revealing shell company networks, (iii) temporal anomalies preceding sanctions implementation, (iv) cross-domain procurement suggesting proliferation activity, and (v) price outliers indicating transfer pricing or barter. |
| 86 | +
|
| 87 | +Each investigation includes Canon and Margin headers providing epistemic safeguards, metadata documenting domain scope and analytical intent, CTE-based SQL for reviewability, and limited result sets preventing analyst overwhelm. |
| 88 | +
|
| 89 | +See [INVESTIGATIONS.md](docs/INVESTIGATIONS.md) for complete pattern taxonomy. |
| 90 | +
|
| 91 | +## Polycentric Verification |
| 92 | +
|
| 93 | +| Implementation | Language | Function | |
| 94 | +|----------------|----------|----------| |
| 95 | +| Python | 3.10+ | Reference runtime and case orchestration | |
| 96 | +| Rust | 1.70+ | Cryptographic attestation and schema validation | |
| 97 | +| Go | 1.20+ | Independent SQL execution and result verification | |
| 98 | +
|
| 99 | +This architecture defends against implementation bugs, supply chain compromises, and single points of failure. Trust is distributed rather than concentrated. |
| 100 | +
|
| 101 | +## Security and Privacy |
| 102 | +
|
| 103 | +**Export Control Notice**: This software is publicly released and not subject to export controls under the Export Administration Regulations. It contains no controlled technical data. Included datasets are synthetic and non-identifiable. |
| 104 | +
|
| 105 | +**Privacy by Design**: Packets contain aggregates rather than individual transaction details. Export gates block credentials and secrets before artifacts leave secure environments. World-states for demonstration are synthetic; production deployments apply redaction protocols. |
| 106 | +
|
| 107 | +See [THREAT_MODEL.md](docs/THREAT_MODEL.md) and [SECURITY.md](SECURITY.md) for threat analysis and disclosure policy. |
| 108 | +
|
| 109 | +## Contributing |
| 110 | +
|
| 111 | +Contributions are welcome following guidelines in [CONTRIBUTING.md](CONTRIBUTING.md) and security protocols in [SECURITY.md](SECURITY.md). |
| 112 | +
|
| 113 | +Requirements: (i) all data must be synthetic and non-identifiable, (ii) SQL investigations must follow Canon and Margin conventions, (iii) code must pass verification, (iv) no credentials or classified material. |
| 114 | +
|
| 115 | +## License |
| 116 | +
|
| 117 | +CC0 1.0 Universal (Public Domain) |
| 118 | +
|
| 119 | +This work was produced by the United States Government and is not subject to copyright protection in the United States. Foreign copyrights may apply. To the extent possible under law, all copyright and related rights have been dedicated to the public domain worldwide. |
| 120 | +
|
| 121 | +See [LICENSE](LICENSE) for complete text. |
| 122 | +
|
| 123 | +## Citation |
| 124 | +
|
| 125 | +```bibtex |
| 126 | +@software{omphalos2026, |
| 127 | + author = {{U.S. Government}}, |
| 128 | + title = {omphalOS: A Polycentric Architecture for Epistemically Humble Intelligence Analysis}, |
| 129 | + year = {2026}, |
| 130 | + doi = {10.5281/zenodo.18344930}, |
| 131 | + url = {https://github.com/your-org/omphalOS} |
| 132 | +} |
| 133 | +``` |
| 134 | +
|
| 135 | +## Acknowledgments |
| 136 | +
|
| 137 | +Development influenced by Richards Heuer's *Psychology of Intelligence Analysis* (structured analytic techniques), Elinor Ostrom's polycentric governance theory, the CompCert verified software project, and the open-source intelligence community. |
| 138 | +
|
| 139 | +The system is designed to be transparent not because it has nothing to hide, but because transparency is what makes it defensible. |
0 commit comments