▸ A Manifesto for Engineers

Determinism Isn't Dead

It just moved up the stack.

You learned that good systems are predictable. You wrote tests. You valued reproducibility. You distrusted magic.

Then agents happened.

Now you're watching junior devs ship systems where the same input produces different outputs. Where "it works" means "it worked that one time." Where the answer to "why did it do that?" is "I don't know, but it seemed helpful."

You're not wrong to be uncomfortable. Your instincts are correct.

Other tools predict if your code will break. mdash proves who's responsible when your agent acts, even when the code works exactly as intended but the action was wrong.

But here's what's also true: you can't unit test emergent behavior. You can't mock a model's reasoning. The agent layer is fundamentally non-deterministic.

So where does determinism go?

It moves up. To the governance layer.

You can't control what the agent thinks. But you can control:

  • What it's allowed to do

    Warrants declare intent and constraints before execution. Policy is code.

  • What it claims it did

    Attestation seals outcomes with cryptographic proof. Claims are verifiable.

  • Whether that claim is physically possible

    Physics validation checks against hardware reality. Lies are mathematically detectable.

  • Who's responsible for what

    Token attribution distinguishes agent decisions from environment responses.

The Sealed Context Architecture

The vulnerability isn't in the agent's "goals"; it's in the context window. If an attacker can inject content, they can influence behavior.

mdash seals context at every layer:

// System context: signed by operator, immutable mid-session const system = seal({ policy: policyConfig, constraints: operatorConstraints }, operatorKey); // Warrant context: per-action, hash-chained const warrant = authorize({ intent: "transfer_funds", ceiling: 500.00, prev_hash: lastWarrant.hash }); // Tool responses: hashed on receipt, source-attributed const response = attributeResponse({ content: toolOutput, source: "stripe_api", type: "env" // never "system" });

The chaos is contained. The audit trail is deterministic. The proofs are mathematical.

What this means for you

Your skills aren't obsolete. They're misallocated.

You've been trying to apply rigor at the agent layer, where it can't stick. mdash lets you apply it where it can:

The warrant system is a state machine. You can formally verify it.

Physics validation isn't AI. It's constraint checking against hardware specs.

Hash chains are deterministic. Same inputs, same outputs, every time.

We're not asking you to trust the model. We're asking you to trust the math.

Defensible deployment

The word isn't "safe." Safe implies nothing bad can happen. That's not realistic with autonomous systems.

The word is defensible.

When something goes wrong (and something will), you can prove what the agent was authorized to do, what it actually did, whether the claim was physically possible, and who or what influenced each decision.

That's what lets you deploy agents without getting fired. That's what lets you sleep at night.

Determinism isn't dead. It just moved to where it can actually work.

Read the Docs Try Simulator