▶ Try it live (in your browser): https://umbraaeternaa.github.io/loom/play.html
Built solo, in the open, from Ukraine 🇺🇦.
The problem nobody can scale their way out of
AI now writes a large and growing share of the code that runs in the world. The uncomfortable part isn't that the code is often wrong — it's that the same model frequently writes both the code and the tests that check it. When one intelligence authors the solution and the criteria, "it passed" quietly stops meaning "it's safe." The gate becomes foolable. You can make the model bigger, but a bigger model that grades its own homework is still grading its own homework.
The honest answer isn't "trust a smarter model." It's: trust only what can be independently proven — and make that proof mechanical, not a matter of hope. That is the whole idea behind LOOM.
What LOOM is
LOOM is a small, open-source, effect-typed language that acts as a machine-checked trust layer for AI-written code. It doesn't just run code — it proves, at a gate, exactly what the code is allowed to do, before a single line executes. If the code lies about what it does, the compiler refuses it.
The slogan is: AI proposes, the compiler disposes.
Today it is a research kernel with 385 self-verifying checks, all green — every feature added only with an adversarial test, so the language can only ever get greener. There's a live browser playground where a stranger can paste a program and watch the checker accept or reject it in under a minute.
What it can actually do
Effect honesty. Every function declares its effects — Pure, IO, Net, Alloc, FFI, Rand. Declared effects must cover what the code actually does; the lie is caught transitively through calls, branches, recursion — not just straight-line code.
Capabilities, not ambient power. A foreign call has no ambient authority — un-wrapped, it's refused. A seam is the only thing that grants authority, so (seam (Pure) (ffi untrusted)) makes that code's I/O physically impossible.
Reinterpreting handlers. Take code that touches the network, swap what Net means (a pure mock), and the type system proves the original effect is contained.
Linear & affine resources — open-once, use, close-once, carried honestly across calls.
Provenance & a trust gate. Every value carries who authored it. (trust N e) refuses a value trusted only by itself and demands N independent, non-AI anchors — a direct defense against circular trust. Plus role quorums (code, spec, proof by distinct authors), provenance-gated capabilities, taint that flows through data, memory-poisoning defense, and program-wide require/forbid policy.
One program, every backend. The same checked program runs on the interpreter, compiles to Python, JavaScript, and real WebAssembly — structures, closures, effects, strings, and the trust layer itself — with identical output. Honest all the way down to the metal and into the browser.
An accountable gate. A trust decision is no longer a bare yes/no: approvals are now structured verdicts with manifests, advisory receipts, CI evidence, a read-only git observer, and cryptographic one-use signatures — an approval can be spent exactly once and never replayed. The gate that refuses lies now also proves what it allowed.
Its power
The power isn't a single feature — it's the shift in what "trust" means. Elsewhere, trust is a comment, a review, a hope. In LOOM, trust is a property the machine verifies before execution, and it survives translation: a guarantee proven in the interpreter still holds in the browser.
That generality is why the same engine can be pointed outward: LOOM's auditor can read real, external AI-agent code and model each suspected weakness as a minimal LOOM program the live checker rejects — turning "this feels risky" into "here is the exact effect/trust/capability shape, proven." It's early, and every finding is human-ratified before it counts, but the direction is clear: formal, checkable trust analysis for the code AI writes.
Its secret
Here's the part people don't expect: I don't write LOOM by hand. An autonomous organism I built grows it — day and night, on a single machine. Its loop is one no hand-written project runs: it proposes a change → proves it green itself → adversarially attacks its own proposal → and only then a human decides. It self-heals. Many "minds," one engine.
And that's the moat. The language is open. The results are public, always with proof. The engine that grows it stays private. You see what it does and verify it — never how it's built. Openness where it earns trust; secrecy where it protects the edge.
Its future
As AI writes more of the world's code, the scarce thing won't be more model capacity — it will be trust you can prove. LOOM aims to be that layer: where AI-written code can be proven, from a human-checked gate down to the metal and into the browser, with an accountable, non-replayable record of every decision. Next: deeper low-level and cross-platform expansion above the honest assembly contract, sharper external auditing, and — the real goal — for this kind of verifiable trust to be recognized and adopted by the people who need it most.
It's alpha, tiny on purpose. The individual ideas — effect rows, capabilities, provenance — aren't new; the synthesis is: one legible signature channel, checked at a trusted gate, as a trust layer for AI-generated code. Feedback and criticism are genuinely welcome — especially where the model is wrong.
⭐ Code (MIT): https://github.com/umbraaeternaa/loom
🌐 Site: https://umbraaeternaa.github.io/loom
▶ Try it live (in your browser): https://umbraaeternaa.github.io/loom/play.html
☕ Support: https://send.monobank.ua/jar/AHaziFXjYX
📸 Instagram: https://instagram.com/umbra_owner_architect_ai
Top comments (0)