PAI-Kernel SDK v2.2.2

PAI-Kernel v2.2.2 — Stabilization Release

Constitutional integrity fix in pai_governance_daemon · 5 CVE patches · MSRV bumped to Rust 1.88 · README v0.3 multi-audience structure · pre-publication audit triumvirate operational.

Headline change · constitutional integrity fix

The previously published pai_governance_daemon = "1.3.0" SDK shipped with a Tier ≥ 2 authorization composition bug. Two compliance tests (T2_delegation_expired_rejected and T3_tier2_action_requires_consent) returned Ok(()) instead of the expected Err(GovError::Unauthorized) because the runtime evaluated «consent OR delegation» with the Author branch short-circuited true.

The composition violated:

• Constitutional Document § Principle 1 — Authorship Supremacy («Delegation must be scoped, time-bound, and revocable»)
• Bill of Authorial Rights § Right 1 — Final Authority (self-binding for Tier ≥ 2 capability use)
• Consent and Capability Model § Principle 2 («Be revocable» · «Be logged in Decision Log»)

The v1.3.1 SDK fixes this through a four-stage compliance investigation procedure with independent verification. The fix was reviewed by an independent reviewer applying canonical PAI-CD against the diff and ratified PASS WITH NOTES (no constitutional invariant violations · refinement candidates filed for v2.3 corpus revision).

Adopter upgrade:

cargo update -p pai_governance_daemon
cargo run -p pai_compliance --locked --release
# expect 10/10 PASS

What's new

Security

• 5 CVE patches (rust-openssl family · rustls-webpki 0.103.12 → 0.103.13 · time 0.3.41 → 0.3.47)
• Defense-in-depth · Unicode NFKC normalization in pai_interface::validate_context() (homoglyph bypass mitigation)
• 0 CVEs at release · cargo audit clean
• CycloneDX 1.4 SBOM published at docs/sbom/sbom.json (256 components)
• Constitutional compliance binary now mandatory release pipeline gate

Engineering

• Rust toolchain 1.86.0 → 1.88.0 (MSRV bump required by time CVE fix)
• Cross-crate resource cliff structural mitigation (scripts/check_cross_crate_includes.sh · pre-publish gate)
• Forward defense scanner integrated in CI · workspace-boundary include checks at PR time
• All GitHub Actions SHA-pinned

Documentation

• README v0.3 multi-audience entry structure: 60-second pitch · PAI / PAI-CD / PAI-Kernel hierarchy diagram · 5 audience paths (Adopter / Researcher / Auditor / Contributor / Engineering) with time estimates
• papers/README.md motivation pointer for the SSRN paper
• Author identity surface: Mikhail Sergeev (independent researcher · Russia · ORCID 0009-0001-6443-855X)

Distribution

• 18 crates re-published to crates.io as v1.3.1
• Pre-compiled binaries via Homebrew tap: brew install PAI-Kernel/tap/pai-kernel
• install.sh fast path preserved: curl -fsSL https://paikernel.org/install.sh | sh

Migration from v2.2.1

cargo build --locked          # picks up CVE-patched deps + v1.3.1 SDK
cargo update -p pai_governance_daemon   # specifically the constitutional fix

MSRV: Rust 1.88.0 required (was 1.75 in v2.2.1).
SDK API: no breaking changes. validate_context() now applies NFKC normalization (strictly more conservative). pai_governance_daemon Tier ≥ 2 authorization corrected.

The v2.2 corpus snapshot remains frozen at March 2026 · citationally stable · this release ships SDK + tooling improvements without changing the constitutional framework itself.

Looking ahead

• v2.2.2.1 patch (~end-May / early-June 2026): docs/EXAMPLES.md canonical 6-invariant walkthrough grounded in real adopter scenarios.
• v2.2.3 (~late June / early July 2026): Russian translation of the canonical 10 documents · bilingual mdBook documentation portal · subdomain consolidation.

Citation

@techreport{paikernel2026paicd,
  author       = {Sergeev, Mikhail Anatolievich},
  title        = {{PAI-CD}: A Constitutional Framework for Authorial Sovereignty in Deployed {AI} Systems},
  institution  = {PAI-Kernel Initiative},
  year         = {2026},
  doi          = {10.5281/zenodo.19151899}
}

Companion paper · SSRN DOI 10.2139/ssrn.6512218.

Feedback

• GitHub Issues · public discussion
• contact@paikernel.org · direct
• Security-sensitive · GitHub security advisory

For the benefit of all living beings.

PAI-Kernel v2.2.1

PAI-Kernel v2.2.1 — Release Notes

Release date: 2026-04-23
Status: Early preview · invitation-only distribution
Framework version: PAI-CD v2.2.1
SDK version: v1.3.0 (crates.io parallel publication)
Repository: github.com/PAI-Kernel/pai-kernel
Paper: SSRN DOI 10.2139/ssrn.6512218

---

What this release is

First public release of PAI-Kernel. Previous history: internal development, SSRN paper publication (v2.2.1 — April 2026), public repository paused pending remediation.

The pause has been lifted. v2.2.1 is the authorized first release — early preview, not production-ready, not general-availability.

Integration level · honest framing

PAI-Kernel v2.2.1 SDK provides the governance substrate — invariants, witness chain, consent gates, drift monitoring, export primitives. This release runs side-by-side with Ollama (or any LLM runtime) for local demonstration purposes. The AI-mediation wiring — routing model responses through governance gates, Conservative Mode blocking AI output mid-stream, witness entries auto-populated from chat turns — is scheduled for a future release.

See INSTALL.md § 8 "What you're seeing (Level 1 Demo Mode)" and KNOWN_LIMITATIONS.md for the full scope statement.

---

Scope

Framework corpus (3 canonical documents)

Published to repository root:

• Constitutional Core (PAI_Constitutional_Document.md) — 205 lines; non-derogable invariants, document hierarchy, interpretive rules
• Bill of Authorial Rights (PAI_Bill_of_Authorial_Rights.md) — 355 lines; 14 enforceable rights with non-derogation protection
• Glossary (Glossary.md) — 349 lines; binding terminology authority

Browsable HTML rendering: corpus.paikernel.org (same content, different surface)

SDK v1.3.0 (Rust workspace)

• 28 crates implementing framework invariants
• 2 runtime binaries: pai_governance_daemon (axum HTTP daemon) + CLI subcommands
• 262 tests passing; 0 regressions
• Phase 1 scope: live daemon + witness chain + drift monitoring + consent gate + snapshot/export
• Publication to crates.io in parallel

Paper

• Title (as published): "PAI-CD: A Constitutional Framework for Authorial Sovereignty in Deployed AI Systems"
• Author: Mikhail Anatolievich Sergeev (Independent Researcher; PAI-Kernel Initiative)
• Venue: SSRN · DOI 10.2139/ssrn.6512218
• PDF: papers/PAI-CD_Authorial_Sovereignty_Deployed_AI_v2.2.1.pdf

---

What changed in v2.2.1

From v2.2 Freeze Edition (2026-03-19)

v2.2.1 is v2.2 + editorial patches + traceability metadata. No new normative content.

R2 terminology patches

Applied to the 3 corpus documents:

• Constitutional Core · Principle 6 — added inline clarifying note: "'Standard' refers to the classification criterion, not standardization-body-level specification. PAI-CD is a normative framework, not a formally ratified standard."
• Bill of Rights · Right 5 — "standardized format" → "portable format" (semantic consistency with right title "RIGHT TO PORTABILITY")

Other R2 rulings (Ruling 3 "protocol between instances", Ruling 4 "normative standard") do not apply to v2.2 source text — those terms were introduced in later Amendment cycles (v2.3+ / v3.x).

Style normalization

Applied to all published Markdown:

• Human-readable H1 titles replace filename-style H1 (# PAI_Constitutional_Document.md → # Constitutional Core)
• Markdownlint configuration via .markdownlint.json (project style rules)
• Frontmatter added: title / slug / category / excerpt / metadata / pai_cd.source.* traceability block
• Footer traceability line added

Pre-release defect remediation

Prior to this release a public-repo defect inventory was maintained (ten items identified). Resolution before v2.2.1 push:

• 8 items remediated — integrated into this release (terminology discipline fixes, copyright granularity, versioning notes, paper update, citation metadata)
• 2 items closed pre-release (stale branch deleted; archival metadata title correction landed in prior cycle)
• 0 items carried forward as known limitations

---

What did NOT change

The v2.2 Freeze Edition surface at corpus.paikernel.org (ReadMe-hosted corpus-docs sync repo) uses pure v2.2 verbatim content without R2 patches. That surface is a pure archival snapshot.

The v2.2.1 GitHub release surface does apply R2 patches. This matches the bifurcation model (public snapshot layer vs public release layer are distinct).

Which to cite: academic citation targets SSRN paper DOI (cites v2.2.1 reconstruction). Repository citations use github.com/PAI-Kernel/pai-kernel@v2.2.1.

---

Known limitations

See KNOWN_LIMITATIONS.md for full text. Key items:

• v2.2 is a citationally-stable freeze; future corpus freezes may introduce additional normative content (not auto-reflected here)
• SDK v1.3.0 exceeds v2.2 corpus scope — the runtime implements additional invariants ahead of their publication in a future corpus freeze; adopters using SDK bind to this superset
• Several corpus-required items (TCB attestation, supply-chain provenance, multi-principal governance, author vulnerability protection V4 path) are not runtime-enforced in SDK v1.3.0 yet
• Multi-instance coordination (multiple PAI Authors cooperating) is proposal-stage — NOT in v2.2.1
• Regulatory zone governance + provider-disposition disclosure are scheduled for a later release — NOT in v2.2.1
• Formal verification methods produce specification-level verdicts, not runtime-SDK conformance

---

Installation

SDK (Rust)

cargo add pai-kernel

Or add to Cargo.toml:

[dependencies]
pai-kernel = "1.3"

Individual crates available (see workspace members). Running the daemon:

cargo install --path runtime/pai_kernel
pai_governance_daemon --config pai-kernel.toml

Default bind: 127.0.0.1:9100. HTTP surface per pai_api crate.

Framework corpus

• Clone repo: git clone https://github.com/PAI-Kernel/pai-kernel.git
• Checkout tag: git checkout v2.2.1
• Read corpus docs: repository root

Or browse online: corpus.paikernel.org

---

Distribution scope

Invitation-only early adopter distribution.

• Public GitHub release (discoverable but not announced)
• crates.io publication (Rust developers can find via search; not promoted)
• Direct personal invitations sent to initial adopter shortlist
• No public announcement on LinkedIn, X, HackerNews, Product Hunt until future DL authorizes it

Transition to general availability gated on:

• Next major corpus release publication, OR
• Early adopter feedback validating stability

Either transition requires new DL.

---

Feedback

Welcomed via:

• GitHub Issues at github.com/PAI-Kernel/pai-kernel/issues (public)
• Direct contact: contact@paikernel.org
• Security-sensitive: GitHub security advisory

Valuable contributions:

• Objections, counterexamples, architectural critique
• Formal verification extensions
• Experience reports from attempted deployments

---

Rollback posture

• Pre-push rollback — release authorization can be rescinded before first push (no external impact)
• Post-push rollback — repository can be set back to private; v2.2.1 tag deletion possible but creates "withdrawn release" signal (avoided unless critical)
• Critical-failure archive path — if post-release problems emerge, archive public repo and restart on new repo (high cost; reserved for critical defect)

---

License

• Corpus (Markdown documents): CC BY 4.0
• SDK code (Rust): MIT OR Apache-2.0 (dual license per Rust convention)
• Paper: SSRN standard posting terms

See LICENSE for full text.

---

Acknowledgments

v2.2.1 is the product of sustained solo development effort across 2026 by the maintainer (Mikhail Sergeev as Independent Researcher / PAI-Kernel Initiative). The framework's development followed an internal governance discipline that systematically considered multiple perspectives — product, technical, standards, research, audit, and ecosystem — through documented decision-making processes.

Specific acknowledgments are deferred to the general-availability release; early adopter contributions (once feedback arrives) will be documented in a future CONTRIBUTORS file.

---

Next

• v2.2.2 (patch candidate): reserved for security or citation-critical fixes only
• Next major corpus release: under active development; timeline subject to dedicated publication cycle
• Public announcement: separate future DL; gated on readiness signals above

---

PAI-Kernel v2.2.1 · Release Notes · 2026-04-23
Tag: v2.2.1 · Commit: [to be filled at tag creation]

PAI-CD v2.2 — Freeze Edition (Initial Public Release)

PAI-CD v2.2 — Freeze Edition

Initial public release of the PAI Constitutional Document (PAI-CD).

This release establishes the normative core of PAI-CD v2.2 as a stable baseline for:

• academic publication
• external review

---

Contents

• Foundational constitutional documents (Public Edition):

  • Constitutional Document
  • Bill of Authorial Rights
  • Glossary

• Initial research paper:

  • PAI-CD: A Constitutional Framework for Authorial Sovereignty in Deployed AI Systems

---

Normative Status

The normative authority of PAI-CD v2.2 is defined exclusively by the constitutional documents included in this release package.

At this stage, the Public Edition is published as a flat structure in the repository root.

Future versions will introduce a structured corpus/ directory without altering normative content.

All other materials — including README, papers, and supporting documentation — are non-binding.

---

Scope of Public Edition

This release includes 3 of 10 documents comprising the PAI-CD v2.2 framework.

The remaining documents (implementation mapping, threat modeling, compliance, and governance layers) will be published in subsequent stages.

---

Stability

Version 2.2 is designated as a Freeze Edition:

• core invariants are fixed
• interpretation rules are stable
• changes require formal Amendment

---

License

CC BY 4.0 (see LICENSE)

---

PAI Foundation (in formation)