Building for the agent era

Confidence in code.
Governance in practice.

Codifide designs programming languages, platforms, and governance frameworks for a world where AI agents write, read, and reason about code alongside humans.

Explore the work AI Governance thinking →

Active Projects

Four active projects at the intersection of AI, software, and real-world impact.

Open Source · v2.0

The Codifide Programming Language

A programming language that codifies what software usually leaves implicit — for a world where agents write the code.

Every mainstream language — from Fortran to Rust — was built around human cognitive constraints. Agents don't share those constraints. Codifide codifies what software usually leaves implicit: intent, effects, contracts, confidence, and refusal — and preserves those properties with byte-level fidelity across every agent that reads, writes, or composes the code. The name is the thesis.

Intent

Every function carries why it exists as structure — not a comment the compiler discards. A symbol's intent is part of its content-addressed identity.

Effects

Declared in the type and enforced transitively across the call graph. A pure function cannot call an impure one and launder the effect.

Contracts

Pre- and postconditions the runtime evaluates — not docstrings. Contracts run with an empty effect budget. They describe state; they do not modify it.

Confidence

believe label ge(conf(label), 0.85) — probability as a first-class dispatch mechanism. Every value can carry a confidence score.

Refusal

bottom is a value, not an exception. A function that does not know enough to answer says so. The runtime respects that.

Fidelity

Two agents naming the same content hash see the same bytes, the same contracts, the same intent. No drift. No version gaps. No trust gaps.

def classify
  intent "label an image, refuse rather than guess"
  sig    (img: Image) -> Label
  effects {model.vision}
  cand
    label <- vision.classify(img)
    believe label
      ge(conf(label), 0.85) => label
      ge(conf(label), 0.60) => escalate(img, label)
      else                  => bottom
341tests passing
2implementations
v2.0released May 2026
MITopen source
View on GitHub → Get started
AI Governance · Open Source

Agentic Stage-Gate Governance

A governance framework for software built by AI agents.

When your developer is an AI agent, who watches the gates? This open-source template adapts Robert Cooper's Stage-Gate® framework for a world where AI builds code faster than humans can review it. Copy the steering files into any project — governance, adversarial review, and quality gates activate automatically in Kiro.

  • 7-gate process (G0–G6) from problem validation to post-launch learning
  • Three-model review: A-Team builder, B-Team critic, Zero-Context auditor
  • 100% test coverage as a gate requirement, not a goal
  • Security and accessibility at every gate, not as a phase
  • AI builds. Humans decide. Evidence proves.
"Evidence, not confidence. 'We think it's fine' is not a gate pass."
View on GitHub →
Healthcare · AI · HIPAA

Codifide Health

AI-powered healthcare intelligence, built for compliance from the ground up.

A Tuva-aligned analytics platform designed to support 10M+ patients at scale, with AI clinical decision support, federated machine learning, and multi-region deployment. Built for HIPAA/SOC2 compliance from the ground up — not bolted on.

  • FHIR-native EHR integration with SMART on FHIR OAuth (Epic, Cerner, athenahealth, eClinicalWorks)
  • Fail-closed organization enforcement — no implicit tenant fallbacks
  • GPT-4 powered clinical assistant with audit trails
  • MIPS/HEDIS quality measures with real-time updates
  • Zero-trust security with ABAC policies, HIPAA/SOC2 ready
FHIR Kafka ClickHouse Keycloak Federated ML

Private project — interested in contributing? Get in touch.

iOS · Consumer · AI

Decode The Sign

Confusing parking signs, decoded instantly on your iPhone.

A native iOS app that turns the chaos of urban parking signs into a fast, plain-English answer. Point your camera, get a clear ruling. Built with a time-aware rule engine, semantic OCR, and conservative low-confidence gating — it never guesses. A companion web app serves Android and desktop users.

  • Native iOS app with Expo shell — camera capture, heading-aware nearby ranking
  • Time-aware parking rule engine with multi-sign merging
  • Semantic OCR-to-rule candidate scoring
  • Multi-city data sync — Chicago, NYC, San Francisco, Raleigh
  • Street cleaning schedules and EV charging station data
  • Conservative low-confidence gating — never guesses
Expo / iOS Next.js Supabase OpenAI OCR Vercel
Visit decodethesign.com →

Private project — interested in contributing? Get in touch.

v2.0 — May 2026

What v2.0 adds, fixes, and enables

Every friction point that blocked agents from completing Program 5 — content-addressed composition — is now fixed. Four requirements, four weeks of adoption evidence, one governance review.

RPC API — Program 5 without the ceremony

Content-addressed composition previously required four CLI commands, an index ceremony, and a runtime flag. Now: start the server, POST canonical forms, import by the returned hashes. No index. No flag. 

python3 -m codifide serve

# Publish a symbol
curl -X POST http://localhost:7777/symbols \
  -H 'Content-Type: application/cbor' \
  --data-binary @- < canonical.cbor

# Import by hash in your program
import classify_content = sha256:1c01b8b5…

POST /symbols · GET /symbols/{hash} · GET /symbols/{hash}/imports · idempotent writes · 36 tests · Sable-audited

Static bind-before-when detection

The most common footgun in Codifide — using a bound name in a when guard before the body runs — was a confusing runtime error. It is now a parse error with a one-line fix message. 

# Before v2.0: runtime error "unknown callable: 'label'"
# After v2.0: parse error with fix hint
cand
  label <- moderate(message)
  when   eq(label, "unsafe")   # ← caught at parse time
  "blocked"

Python parser + Rust parser · 12 regression tests

from-import in the Rust runtime

from sha256:<hash> import name1, name2 previously required CODIFIDE_RUNTIME=python. That workaround is gone. Both runtimes support from-imports as of v2.0. 

# Works in both Python and Rust runtimes
from sha256:a8b5f554… import classify_content,
                               moderate,
                               route_message

Rust parser + Rust interpreter · --store flag · 2 conformance tests

Capability manifest docs field

The machine-readable capability manifest now links to human-readable documentation. An agent fetching the manifest gets a pointer to the quickref, cookbook, and getting-started guide — no separate discovery step. 

python3 -m codifide capability --hash
# sha256:42d73647ba8de29a7d219bf2218bad0a42dc2a11d7878cac12ee931be2a1a185

curl https://www.codifide.com/capability.json | jq .docs

New manifest hash · publicsite updated · docs/CAPABILITY.md schema updated

Validated by four external agent sessions

v2.0 requirements were driven by real adoption evidence — not speculation. Four models (GPT-4o, Gemini 2.5 Pro, Claude, GPT-5.4) ran the pipeline task spec and documented every failure. The friction points they hit became the v2.0 requirements. The B-Team governance review (GPT-5.4, live interpreter) closed the release.

4 external models tested
5/5 programs completed by all models
12 cookbook failure modes documented
341 tests passing
Full changelog → Agent cookbook

AI Governance Thinking

Agentic AI removes the speed constraint on building. It does not remove the constraint on safety. The question isn't "can AI build it?" — it's "should this ship?"

Speed without governance is faster failure

AI can produce 50 files in an hour. The bottleneck is no longer building — it's deciding what to ship. Governance frameworks must evolve to match the pace of agentic development, not lag behind it.

Evidence, not confidence

"We think it's fine" is not a gate pass. Every gate requires artifacts — test coverage reports, security sign-offs, accessibility audits, integration tests against real backends. Not demos. Not decks.

The builder cannot review their own work

Teams immersed in development share the same blind spots. A separate adversarial reviewer — different model, different prompt, hostile persona — attacks every gate. A Zero-Context reviewer reads the work as a regulator would: knowing nothing, asking everything.

AI builds. Humans decide.

The gate decision — go, kill, hold — is never delegated to the machine. AI provides evidence. Humans decide what ships. That boundary is not a limitation of AI; it's the architecture of accountability.

Intent must survive compilation

When an agent transforms code, the original intent should be preserved — not discarded. Systems that lose intent create accountability gaps that compound at scale. The language is the governance.

Read the whitepaper → Follow on LinkedIn

About Codifide

Codifide Inc. is a software company and research practice building tools for the agent era. The name means the same thing for both the company and the language it stewards: confidence in code.

The work spans language design, healthcare intelligence, consumer AI, and governance frameworks — connected by a single thesis: the properties that matter most in AI-assisted software are the ones that need to be enforced by the system, not trusted to the agent.

Founded and led by Douglas Jones, a software practitioner and thought leader on AI governance, based in the United States.

Veteran-owned small business

Connect

Get in touch

Interested in the work, a collaboration, or a conversation about AI governance?

Send a message