LOOM doesn't just run code — it proves, at a gate, exactly what the code is allowed to do. A trust layer for the age of AI-written code.
When one model writes both the code and the criteria that check it, the gate becomes foolable. "It passed" stops meaning "it's safe."
LOOM tags where every value came from and what every function may do, then refuses anything not backed by an independent, non-AI anchor — proven by the compiler, before the code ever runs.
(trust 2 ; needs >= 2 independent anchors
(prov human ; a human ratifies ...
(prov trace ; ... plus a real-run trace ...
(prov ai 42)))) ; ... vouching for the AI's value
(trust (prov ai 42)) ; ✗ AI-only -> circular, REFUSEDThe compiler refuses circular, AI-only trust — and proves the real one.
Every function declares what it does (IO / Net / FFI); undeclared side-effects are rejected.
Untrusted code runs inside a sandbox seam; ambient power is impossible.
Values carry who authored them; trust demands independent anchors.
Provenance follows a value through bindings and across function calls.
Data recalled from a store is untrusted by default — provenance doesn't survive persistence.
An effect can't be statically laundered out; it must reach the gate.
Grown daily by an autonomous research organism — the language is open; the engine is mine.
LOOM is the language. CHIMERA is the same principle, shipped as a product — a local-first privacy & security organism for macOS. No cloud, no ambient power: every organ proves what it is allowed to do. Same hands, same idea.
CHIMERA — local-first macOS security organism github.com/umbraaeternaa/macbastion →LOOM's auditor even reads CHIMERA's own code — proving, line by line, exactly what each function may do.
Built solo, in the open, from Ukraine. No company, no funds — just this idea.
— Volodymyr Natoptanyi («Umbra»)