Skip to content

Introduction

Frank Yglesias Bertheau edited this page Jul 7, 2026 · 3 revisions

Welcome to Valhalla AI — the gated runtime for AI agent fleets.

Valhalla AI is a deterministic, fail-closed runtime for AI agent fleets.
It verifies every consequential action before any side effect occurs. Each decision is explicit, auditable, and controlled.

Note: Valhalla AI inserts control before execution. It does not inspect side effects after the fact.


Welcome visuals

Suggested image: high‑level runtime diagram with Ingress, Policy, Approval, Sandbox, and Arbitration.
(Placeholder for a high‑level architecture image showing the five‑gate pipeline from request to approved side effect.)

Suggested image: trust‑zone map showing core control plane, user‑facing services, untrusted execution, storage, and recovery paths.
(Placeholder for a topology image mapping the Nine Worlds to trust zones and runtime boundaries.)


On this page


What Valhalla AI does

Most agent systems let actions happen immediately. A retrieval hits storage. A message reaches an API. A workflow mutates state. When something fails, teams often lack a clear approval path or audit trail.

Valhalla AI inserts a required five‑gate pipeline in front of those actions. Every request must pass all five gates before any side effect is committed.

  • Ingress checks where the request came from.
  • Policy checks whether the request is allowed.
  • Approval checks whether required consent exists.
  • Sandbox checks the action in isolation first.
  • Arbitration resolves conflicts between competing agents.

Gate details

Gate Description
Ingress Authenticates the caller. Validates API keys. Enforces rate limits and network allowlists.
Policy Evaluates ABAC or RBAC rules against agent identity, resource type, and request context.
Approval Requires explicit human or automated consent for high‑risk actions.
Sandbox Executes the action in a temporary environment with no permanent side effects.
Arbitration Applies deterministic conflict resolution when agents target the same resource.

If a gate cannot explicitly approve the action, the action stops. Silence means no.

Example: an agent updates a user record

[Content placeholder – detailed walk‑through of a successful request passing all gates]

Example: a request is denied

[Content placeholder – example where Policy or Approval gate blocks the request]

More technical examples

[Placeholder for additional end‑to‑end scenarios]


Why the gated model matters

AI agents can read, write, execute, and decide. That power needs boundaries.

Valhalla AI gives teams a reliable control point before execution. It helps you:

  • Prevent unauthorized actions
  • Maintain a complete audit trail
  • Enforce consistent policy across all agents
  • Avoid race conditions and accidental data mutation
  • Support regulated workflows

Platform design

Valhalla AI uses Norse cosmology as a system model, not just as branding. The names map to concrete controls, trust boundaries, and recovery patterns.

Yggdrasil is the shared control spine. Requests pass through one observable path so traffic can be watched, metered, and refused.

In practice, this means:

  • A single service mesh core
  • Deterministic routing
  • One place to enforce all gates

The Nine Worlds map to trust zones. Your topology becomes your threat model.

The Norns represent the system record:

  • Urd – append‑only audit ledger
  • Verdandi – live metrics
  • Skuld – forecasting

Ragnarök represents failure planning. Recovery is tested before it is needed.

Typical drill goals:

  • Full‑system chaos injection
  • Restoration from in‑tree backups
  • Replay of state from the Urd ledger

Key properties

These properties are enforced by the runtime, not left to application code alone.

  • Deterministic – same input always yields same gate verdicts
  • Fail‑closed – unknown or unapproved = denied
  • Fully audited – every decision written to an immutable ledger
  • Framework‑agnostic – works with any agent framework or language
  • Gated side effects – no permanent change without explicit gate passage

Who it is for

[Content placeholder – intended audience: platform teams, ML engineers, security engineers, compliance officers, etc.]


Next steps

[Content placeholder – links to getting started, API reference, architecture deep dive]

Clone this wiki locally