21. What “Constitutional Architecture” Actually Means
Walls, floors, and the difference between a policy and a promise the code can keep
(Our new logo! Our new name! SourcedOS. This logo is symbolizing a radical sea change in how we are thinking about what we have been building for the last five years)
If you have looked at the footer of beta.sourcedos.com lately, you have seen a phrase that says Constitutional Architecture.
Two words. Most people who land on the page will scroll right past them.
Those two words are doing more work than any other phrase on the entire site. So I am going to stop and explain them.
This is the post where we get specific about what makes SourcedOS different from every other platform you have been told puts users first.
The way platforms usually do it
When a platform wants to tell you it cares about you, it writes a policy.
The policy says the platform will not do certain things. It will not sell your data without consent. It will not manipulate your feed to maximize engagement. It will not use your behavior to train models without telling you. The policy lives in a help page document that you have never read and were not really meant to read. It exists so the company can point at it when asked.
Six product cycles later, when the incentive landscape changes, the policy gets edited or quietly deprecated. A new VP comes in. A board pressures growth. A pivot happens. And almost nobody notices the policy moved, because the policy was never the thing protecting you.
The policy was a marketing surface.
This is how every major platform you currently use was built. LinkedIn. Meta. Google. The ATS your last employer used. The CRM your sales team is on. All of them have policies. All of those policies are revisable, performative, and disposable.
The reason the bad outcomes keep happening is that policies live on the wall, and the architecture lives in the floor, and the floor is the thing that actually decides what gets done.
The other way
There is a different way to build a system. It is much harder, and almost nobody does it, because the incentive structure of venture-backed software does not reward the patience it requires.
The other way is to put the rules in the floor.
Not in a document. Not on a help page. Not in a values statement on a marketing site. In the code itself, at the layer where every operation has to pass through. So the bad outcomes are not discouraged, not policed, not punished after the fact. They are structurally impossible. The system literally cannot do them. Because the architecture refuses to compile a version of itself that would.
That is what constitutional architecture means.
The word constitutional is not decorative. A constitution, in the legal sense, is the layer of rules that sits above the day-to-day rules. You cannot pass a regular law that contradicts it. Same idea here. The constitutional layer of SourcedOS sits above the application layer. Anything the application tries to do has to pass through the constitutional layer first. If it would violate the rules in the floor, it does not happen. Not because someone wrote a policy against it. Because the code structurally cannot execute it.
What is actually in the floor
Three layers.
The AI Integrity Engine is the deepest one. It contains one hundred specific patterns of harm the system is architecturally incapable of executing. We call them Never Sets. They cover manipulation at the semantic level. The neural level. The limbic level. The dopamine level. They cover cult dynamics, multilevel marketing patterns, and the kind of slow extraction the platform economy has spent twenty years perfecting.
Eleven of those Never Sets were written by Liz, an old friend of mine, out of her thirty years inside special education classrooms. No traditional engineering process would have surfaced what she put in. They are in the architecture because she put them there. I will write a whole post about Liz’s work one day. For now, just know that the eleven Never Sets she contributed are some of the most important in the entire document.
The Relationship Intelligence Architecture sits above the Never Sets. It defines how AI is allowed to interact with humans across professional, romantic, and educational domains. It is at version 3.0. It is the document that turns the Never Sets into a coherent governance framework instead of a list.
The Four Laws of Human Computing sit above the RIA. They are the constitutional preamble. They govern the substrate as a whole. Nothing executes without a human asking for it. The system cannot rewrite itself without authorization. The human is the one driving. Always.
And then there is the wrap.
The Human-First Protective Layer System is the outermost skin of the substrate. It wraps all three of the inner layers, and every interaction between a human and SourcedOS has to pass through it first.
It was authored by Liz out of her twenty-five years inside special-education classrooms.
It is currently at version 6.3. It specifies a Universal Container System with twenty-three enforceable protection artifacts covering orientation before demand, regulated pacing, visible choices, non-shaming tone, safe exit at every step, and accessibility as a baseline rather than an accommodation.
The wrap exists because the three constitutional layers underneath it can be perfectly compliant and still harm a fragile user, since nothing inside the Four Laws or the RIA or the AIE governs how the interface presents itself to a human body. The Protective Layer System closes that gap. Its thesis, in Liz’s words, is lower the water so everyone can swim.
That is the architecture. Three constitutional layers wrapped by a fourth. The floor, and the envelope around it.
Why this is different from what you have been told
Every serious company has started talking about AI safety in the last two years. Most of them mean policy when they say it. They mean a values statement, a trust and safety team, a red team, an ethics board, a content moderation process that cleans up bad outcomes after they happen.
None of that is architecture.
All of it can be unwound by a board meeting.
I am not criticizing the people doing that work. Most of them are trying. The problem is the layer. You cannot protect users with policy alone, because policy is downstream of the architecture, and the architecture will win every time the incentive landscape shifts.
The only thing I have ever seen actually hold, across time, across leadership changes, across market pressure, is architecture that makes the bad outcome structurally impossible in the first place.
That is what I have spent five years building.
The standing challenge
Here is the thing about putting rules in the floor instead of on the wall.
You can prove it.
When the rules are policy, the only thing you can show is a document. When the rules are architecture, you can show the commit history, the tests, and the specific Never Sets that would block any extraction or coercion attempt anyone tries to make.
So this is the standing challenge I make to anyone who wants to evaluate SourcedOS.
Show me where extraction or coercion exists in the substrate. I will give you the commits. I will give you the tests. I will give you the Never Sets that would have blocked it. If you find one I missed, I owe you a beer and a Linear ticket.
That offer is real. It is also the entire moat. No competitor can copy the constitutional architecture without rebuilding from the substrate up. And most of them will not, because the patience required is incompatible with the incentive structure they are inside.
Why I am telling you this now
Because constitutional architecture is the thing the next ten years of AI infrastructure will either have or not have. And if it does not have it, the failure modes we have watched unfold on social media for the last twenty years are going to look small.
Because every founder I talk to is being told the answer to AI safety is policy. And policy is not the answer. Policy is the surface. Architecture is the floor.
Because the world is about to be flooded with AI systems that claim to put users first, and almost none of them will be willing to put the rules in the floor where you can see them and challenge them.
And because if you are paying attention, this is the moment to learn the difference between the two, so you can tell which one you are using.
The next post is the last in this arc. It is about a Latin phrase I picked as the motto for what I am building, and why patience is the qualification for putting infrastructure into the world.
— Mike
Michael Doran is the founder of SourcedOS, where he is building relationship intelligence infrastructure for founders and leadership teams. He writes about the human layer of work at Talent Grind.