Self-hosted runtime for Claude, Codex, and OpenCode — seven bridges, runtime tool generation, hash-chained audit. Compliance is a structural property, not a checkbox.
Every compliance mechanism is a structural design constraint. There is no "compliance mode" you can accidentally leave off.
One-time AI-nature disclosure card per user, structurally locked. Cannot be disabled via configuration. Users receive the card on first interaction; opt-out via /leave or /pass.
Deny-by-default consent gate for observer-transcript sharing. Per-user, TTL-capped, re-validated at consume time. No auto-admit shortcut exists in the codebase.
Every security-relevant event is appended to a SHA-256-linked audit.jsonl chain. Tampering with any entry invalidates the chain. Offline-verifiable via voice-audit verify.
Compliance-zone routing and engine allowlists are enforced per tenant. L34 Data Classification + L35 Egress Lockdown structurally prevent data from leaving the permitted zone.
From multi-channel messaging to runtime tool generation, Corvin ships production-grade infrastructure out of the box.
Native daemons for Discord, Telegram, WhatsApp, Slack, Email, Microsoft Teams, and Signal. Hot-reload settings, per-chat profiles, and rate limiting built in to every bridge.
Generate schema-bound, sandboxed tools at runtime via MCP. Four-scope workspace hierarchy (task / session / project / user), operator-controlled policy, bwrap network isolation.
Prompt-inject markdown skills into future session turns. Automatic grading, promotion gates (3 positive grades to reach project scope), and a linter that blocks prompt-injection attempts.
Swap between Claude Code, Codex CLI, and OpenCode without changing your bridge config. Adaptive cost-split automatically routes to Haiku for helper tasks and Sonnet for primary turns.
FTS5 SQLite recall with PII-redacted indexing. Distilled per-user model injected as context. GDPR Art. 17 erasure via /forget and the cross-layer corvin-erasure CLI.
Out-of-LLM-loop iterative compute worker with grid, random, and Bayesian optimisation strategies. Hermetic per-spawn tempdir, per-engine env allowlist, output capped at 64 KB.
Seven production bridges ship with the core distribution. Each daemon is independently configurable with per-chat profiles, whitelists, and rate limits.
bridge.sh up starts all configured daemons.
Edit operator/bridges/<channel>/settings.json to
add your tokens and whitelist.
# 1. Clone
git clone https://github.com/veegee82/Corvin.git
cd Corvin
# 2. Setup
bash setup.sh
# 3. Start all bridges
bash operator/bridges/bridge.sh up