Governors write. Developers ship. MAGIC validates both.
Governance is writing. Compliance is compiling. CANONIC gives both sides the same 255-bit target — the declaration that keeps governors honest and the compiler that keeps developers shipping. 20,000+ clinical encounters, a $12.2M real estate portfolio, a live NIH-funded trial — all under one engine.
Whether you govern AI or build it, start here.
We wrote two books because governance needs two languages. Pick yours.
The CANONIC Canon
9 parts. 44 chapters. Written for boards, CIOs, compliance officers, and anyone who needs to understand what AI governance is and why it matters without writing a line of code. From HIPAA to Basel III, every concept instantiated with real clinical evidence from MammoChat, RUNNER, and the full fleet.
- ▸NYT editorial quality — human prose, not spec sheets
- ▸Every chapter: one concept, one clinical proof
- ▸Healthcare, finance, real estate, defense — 21 industries
Shipped. Governed. Live.
Not roadmap items. Deployed products with real users, real transactions, and real governance. A **developer** sees the CLI and API that compiled every one of these from a CANON; a **governor** sees the GUI, the galaxy, and the proof behind each claim. Same engine, two doors.
Four AIs governing patient care.
MammoChat is a free breast health companion running as a live clinical trial (NCT06604078). OncoChat governs oncology. OmicsChat governs precision genomics. MedChat governs general medicine. Every recommendation traced to NCCN guidelines. 20,000+ governed encounters across 51 enterprise hospitals.
- ▸NCT06604078 — registered on ClinicalTrials.gov
- ▸$2M — Florida Department of Health grant
- ▸20,000+ governed encounters
- ▸51 enterprise hospitals, 40+ US metros
One platform. Any regulated industry.
Every service inherits its industry's constraints. The MAGIC compliance engine validates governance — the constraints come from the industry tree. For the **governor** this is the whole job: click the WEB/GOV toggle in the header to read the inherited CANON, walk the galaxy of governed scopes, and ask LAUDE to trace any claim to its evidence. The compliance you can inspect is the compliance you can trust.
Clinical AI
HIPAA. NCCN. mCODE. Every recommendation traced to evidence. MammoChat is the reference — 20,000+ governed encounters at a 550-facility health system across 9 states.
Five levels. One compliance target.
Every scope validates toward 255. Each tier is a stable plateau — a bitmask where every bit carries governance information. For the **developer** the tiers are an algebra: score a scope from the command line, watch the bits accrue, and ship when the gate goes green. The same ladder a governor reads as assurance, a developer climbs as a build target.
- CANON.md — the declaration
- README.md — the interface
- VOCAB.md — the type system
- The minimum viable governance
- Everything in COMMUNITY
- Specification document
- Organized and auditable
- Publishable and auditable
- Everything in BUSINESS
- Coverage — 8 diagnostics answered
- Roadmap — versioned and public
- Continuous governance pipeline
- Everything in ENTERPRISE
- Self-improvement — system learns from errors
- Proof chain — references and evidence
- Autonomous governance refinement
- Everything in AGENT
- Inherited design system
- Full compliance — all 8 questions answered
- COIN minting — governance becomes revenue
Governance without proof is theory. Proof without governance is anecdote.
Compliance becomes an asset.
Traditional compliance is a cost center. CANONIC inverts this — every governance improvement mints COIN proportional to the score gradient. The overhead becomes the product. For a **developer** this closes the loop: the same `magic` run that scores a scope from the CLI and API mints against the ledger and attests on the build surface, so the governance work you ship is the asset you earn.
The gradient is the reward.
Improve a scope from 0 to 35 and mint 35 COIN. Reach 255 and your governance work has minted exactly 255 COIN. Supply is bounded by governed scopes times 255. The economy grows by governing more — not by inflating.
One brain. One map. One closure. Any governed scope.
CANONIC is not a fleet of chatbots — it is one governed substrate every product runs on. A voice AVATAR speaks for any scope, LAUDE thinks across all of them, the GALAXY maps them, the governed CORPUS proves them, and the COIN ledger closes the loop. The demos below are live, not mockups.
The substrate, end to end.
AVATAR puts a governed voice on any scope — call a persona and it answers from its own case, never improvising. One LAUDE is the single governed brain behind every NEX (CaseNex, OmicsNex, AnkiNex, OncoNex): one agent, one set of tools, every scope. The GALAXY is the governed scope map — every node, every PARENT and INHERITS edge, the whole 3,782-node graph you can walk. Underneath sits the governed CORPUS, the hash-chained evidence substrate that backs every claim, with RAG-on-demand retrieving exactly the governed knowledge a scope needs at the moment it answers. And COIN is the closure: every unit of governance work mints against the ledger, bounded by governed scopes × 255 — the overhead becomes the asset. AVATAR speaks · LAUDE thinks · GALAXY maps · CORPUS proves · RAG retrieves · COIN closes.
The build surface and Docker federation that ship this site.
Every page you are reading was compiled by a governed DAG and attested on a federated runner. These numbers are read live from the build ledger — not typed. Open the surface to watch a build stream, walk the phase graph, or replay a container attestation.
329
governed verifiers enforce at build time — gates that block the pipeline on any drift, across every service scope.
1082
phases in the build DAG, parallelized by dependency depth — the compiler discovers what can run at once.
4
Docker-federated runner(s) build and attest images off-box; every run mints against the COIN ledger, bounded by scopes × 255.
37
attested container run(s) on the federation — each replayable from its content hash, provenance end to end.
Every claim published. Every proof sourced.
72 essays. 10 papers. 5 books. Not marketing — evidence.
The $255 Billion Wound
American healthcare wastes $255B a year on governance it cannot prove. The economic case for why AI governance is not optional.
AlphaGo at 10
Ten years ago, a machine proved intuition was computable. It forgot to prove it was trustworthy. The decade of ungoverned intelligence.
Why We Built This
A surgeon watched AI hallucinate in a clinical setting. 14 years, 7,062 commits, and 6 patent families later, the governance framework exists.
The €344 Billion Euro Wound
Two continents. Same gap. Same mathematical solution. The global case.
How Governance Sells Itself
When the specification is complete, you don't sell it. You show it. The deal closes itself.
COIN for Humans
Not cryptocurrency. Not a token. An attestation receipt. The economics of governed work, explained without jargon.
Now. Next. Later.
A living timeline of platform infrastructure — what's shipped, what's in flight, what's planned. Brand-fleet roadmap (MammoChat, OmicsChat, CaribChat) lives at hadleylab.org#roadmap.
Next.js 15 monorepo
13 brand surfaces consolidated into one apps-canonic Pages deployment. Single auth, single deploy, edge-routed by hostname.
Cloudflare Workers API layer
Unified api.canonic.org backend — auth, talk, omics, coin, shop, ledger, stream, assets. Modular per-domain routing, D1 + KV, GitHub OAuth.
GitHub OAuth session federation
Cross-brand session continuity — one GitHub identity, every CANONIC surface. SameSite cookie scopes, brand-aware CORS, JWT origin validation.
MAGIC governance compiler
Build-time validator — every governed scope scores against 255-bit axioms. Zero ungoverned surfaces, idempotent rebuilds, attestable runtime.
Distributed CANONIC
Multi-org tenancy on the same compliance engine. Each institution runs a governed instance; cross-org learning without sharing raw data.
Native iOS + Android shells
Capacitor wrappers around the monorepo. LIBRARY + flagship apps first. App Store + Play Store metadata governed from CANON.md.
COIN on-chain ledger
Move COIN attestations from local D1 to a public chain. Bounded supply (governed scopes × 255), every mint sourced to a governance gradient.
MAGIC public scoring API
Any AI system can request a governance attestation against the 255-bit standard. A public benchmark for what 'compliant' actually means.
Open governed-AI builder enrollment
From invite-only pilot to public onboarding. Sector-specific governance packs — healthcare, legal, finance — declared in inheritance trees.
Built by a lab that lives under its own governance.
Hadley Lab is the first organization certified to 255. A clinical research lab that governs four AIs, a $12.2M real estate portfolio, and professional intelligence under the same compliance engine. The lab is the proof that the platform works at production scale.