Guided tour

Build a real program, block by block

We'll assemble an H100 datacenter program, from the hardware profile to an authorized rollout, and stop at each block to say what it does and which line keeps it honest.

Overview Reference Full example
Step 1

Header, modules, and bindings

Every program declares its apiVersion and pulls in signed, content-addressed modules.

apiVersion "kwam.dev/v0.2"

import "std/faultdomains" as fd digest "sha256:1c0ffee…"   # pinned, signed
use fd.h100

let fanout = 8x
let ca     = secret://vault/kwam/mtls-ca

The digest pins the module to a specific signed content hash: a swapped module that quietly alters your fault-domain sets cannot pass. let binds reusable values you'll interpolate with ${…}.

Step 2

Pick the hardware profile

The profile sets the interconnect/latency model and the health hooks.

profile h100_dc {
  hardware     "h100"
  interconnect "nvlink+ib"
  health       [dcgm, nvml]               # telemetry only, not kernel-level
  fanout       ${fanout}
  cache_size   512mb                      # profile-scaled, off-heap, reclaimable
}

KWAM reads DCGM/NVML/NCCL telemetry and drives drain/cordon and checkpoint/restart. It does not run inside CUDA kernels. Switch hardware to "tpu" or "trainium" and the rest of the program is portable.

Step 3

Declare the trust policy

Who may do what — and the floor nobody may drop below.

policy trust_root {
  ca            ${ca}
  sandbox_floor gvisor                    # client.sandbox may not request weaker
  grants {
    "spiffe://kwam/acme/cl-7/*/*/*/seed" {
      caps           [discover, replicate, deploy, quarantine]
      signed_by      "acme-prod"          # required signer of consent tokens
      discover_scope [10.40.0.0/16]      # discover is non-default + scoped
      dual_control   true                 # destructive caps need two people
    }
  }
}
Why this is safe A node is deployable only if its identity appears here with deploy and a valid externally-minted consent token is presented at runtime. discover is non-default and per-range scoped, so the recon phase is gated as tightly as deploy.
Step 4

Stand up the server and discovery

Transport, ports, seeds, plus an optional, narrow tiny-LLM that only re-ranks.

server seed {
  identity  spiffe://kwam/acme/cl-7/az1/pod0/n0000/seed
  transport quic                          # quic primary, grpc fallback
  ports { control …  data …  metrics … }   # mTLS-gated; numbers omitted
  seeds     [kwam-seed.internal]
  trust     trust_root                    # required before any deploy
  llm       dc_negotiator
}

discovery dc_negotiator {
  strategy gossip
  fanout   ${fanout}
  negotiator {
    task     "next-hop-path"          # ONLY job: re-rank enumerated candidates
    fallback deterministic              # PRIMARY path; the model is off the critical path
    # … model id, output schema, token/timeout limits omitted …
  }
}
The model's one job The tiny LLM's output is a permutation of the already-enumerated candidate set and nothing else. It may not invent or up-rank an endpoint, never authorizes a node, never selects content, and never blocks a probe. The deterministic order is always the primary path.
Step 5

Define the client and the replication

A content-addressed image, a sandbox at or above the floor, and fault-domain spread.

client kwam_node {
  image    "sha256:9f3a7c…d21"          # cid; cosign-verified; no mutable tags
  sandbox  gvisor                          # >= policy.sandbox_floor; 'none' illegal
  health   [dcgm.gpu_health, nvml.xid_errors, nccl.comm_status]
  safepoint cooperative                    # reexec available for security-critical swaps
}

replicate code_and_data {
  factor        3
  anti_affinity [rack, pdu, spine, az]     # no two replicas share a listed domain
  # … chunker + repair tunables omitted …
}

The placer guarantees no two replicas share a listed fault domain until domains are exhausted. Content is split into variable-size chunks tuned to keep the dedup index small; the exact chunker and repair tunables are provided to licensees.

Step 6

State the SLA: the honest core

The compiler checks these nines against the math you just wrote.

guard sla {
  durability    6nines      # a DESIGN TARGET, checked vs the math; 11nines would be REJECTED
  mttr_restore  …            # per-bit, INDEPENDENT single-node loss
  recovery_time …            # fleet, CORRELATED domain loss (honest tail)
  integrity     sha256       # zero silently-corrupted bits
  on_violation  quarantine
  # … audited MTBF inputs + error budget omitted …
}
Two MTTRs, never one mttr_restore is per-bit restore under independent single-node loss only. Fleet recovery under a correlated AZ-scale outage is recovery_time: minutes-to-hours, throughput-bounded. KWAM never collapses the two into one flattering number. The audited failure-rate inputs that back the nines are provided to licensees.
Step 7

Watch it, then roll it out — with consent

Metrics feed the error budget; the deploy is gated on a signed token the server can't forge.

metric integrity_slo { observe silent_corruption_count target 0 window 30d }

deploy rollout_h100 {
  server   seed
  client   kwam_node
  to       h100_pool
  strategy canary
  waves    [1percent, 5percent, 25percent, 50percent, 100percent]
  bake     10m
  consent {
    grant_ref <signed-consent-token>       # externally-minted, signed, single-use
    scope     fleet.h100_pool              # MUST be a subset of the token's resource glob
  }
}
The line that kills the worm consent.grant_ref references a token minted only by an operator-held key the server never possesses. At lowering, the compiler checks the token's presence and that your scope is a subset of its signed resource glob; at runtime, the server verifies the signature, freshness, and single-use status on every action. The author types no approver, ticket, or scope as authority — those are derived from the signed token.
See the whole program Reference
Legal

Ownership & governing law

KWAM is our intellectual property, grounded in Swiss law.

Intellectual property & governing law

KWAM is the sole and exclusive property of the owners of KWAM.CH

KWAM — its source code, the KWAM language, the JHMM reconstruction orchestrator, the deterministic codec runtime, and all associated AI components — is a proprietary computer program and the sole and exclusive intellectual property of KWAM.CH. As a computer program it is a protected work under the Swiss Federal Act on Copyright and Related Rights (Copyright Act, CopA), and the exclusive rights of use vest in KWAM as employer; it is further protected as a trade secret under the Swiss Federal Act Against Unfair Competition (UCA). KWAM is offered by private licence only. All rights reserved.

CopA (SR 231.1) Art. 2 para. 3 & Art. 17 · UCA (SR 241) Art. 6 · Governed by the laws of Switzerland · Place of jurisdiction: Zürich