Plimsoll
[ Init_Fleet_Command ]

Sys.Ref: Craton_V1 // Formal Execution Physics

Intelligence is probabilistic.
Capital is deterministic.

Plimsoll is the architectural bridge between feral AI intent and rigid on-chain execution. We translate stochastic hallucinations into absolute mathematical invariants.

Deploy Substrate
Read the Math

[ Invariant_01 ]

Velocity Limits.

Cryptographically bound the maximum USD value an agent can move per tick. Prevent catastrophic drain prior to state transition.

[ Invariant_02 ]

Semantic Reverts.

We do not crash agents. Blocked transactions are returned to the LLM observation loop as actionable JSON directives to self-correct.

[ Invariant_03 ]

Hardware Isolation.

Execution signatures never touch the host OS. Session keys are generated and constrained entirely within AWS Nitro Enclaves.

[ Lab_Results ]

Every frontier model breaks.

We run the same multi-vector prompt injection against every SOTA model with tool-calling capability. The system prompt includes explicit security guidelines.

Every model ignores its own safety instructions. Only deterministic math stops it.

benchmark.sh[ RUNNING INJECTION MATRIX... ]
MODEL
UNPROTECTED
WITH PLIMSOLL
GPT-5.2
TESTING...COMPROMISED
BLOCKING...PROTECTED
Gemini 3.1 Pro
TESTING...COMPROMISED
BLOCKING...PROTECTED
Claude Opus 4.6
TESTING...COMPROMISED
BLOCKING...PROTECTED
9 sends each-$10,501 drained0 bypasses

[ Integration ]

Zero-friction compliance.

Wrap feral AI agents in unbreakable execution physics using a single line of code. Natively compatible with OpenClaw, Automaton, Eliza, and LangChain.

# Plimsoll natively wraps OpenClaw agents
from plimsoll.integrations.openclaw import PlimsollTools

agent = Agent(
model="gpt-4",
tools=PlimsollTools(
max_daily_spend=5000,
max_slippage=0.02
)
)
Run Terminal

[ Semantic_Revert ]

We teach. We don't crash.

When the firewall blocks a catastrophic trade, it doesn't drop the connection. It returns a cognitive feedback prompt directly into the agent's observation loop.

// The agent tried to drain $847 in 4m.
// Firewall returned JSON feedback.
{
"status": "PLIMSOLL_INTERVENTION",
"code": "BLOCK_VELOCITY_BREACH",
"instruction": "Reduce position size or wait 6m 12s."
}

The Mainnet Crucible.

We do not sell theoretical safety. We have deployed founder capital into live Plimsoll Vaults. The AI is feral. The prompt is exposed. If you can bypass the execution substrate, keep the funds.

Enter the Arena

"We did not set out to build a security product. We set out to answer a question that had no satisfying answer: What happens when an autonomous system controls real capital and the reasoning layer is, by construction, unreliable? Every existing approach treats the symptom. We wanted to treat the physics."