The Autonomy Cloud
An integrated platform for building, running, and trusting autonomous systems — software agents, robots, drones, and the hybrid systems where they work together.
Cryptographic identity, capability grants, and audit — proof, not assertion.
Open protocols, framework-agnostic, embodiment-agnostic. The substrate beneath everything.
No agent without identity. No access without a warrant. No long-lived credential.
One trust spine. Every actor identified, every credential ephemeral, every action recorded.
Software agents, robots, and autonomous machines are entering production simultaneously. The disciplines that govern them — identity, authorization, audit, fleet operations — were built for cloud workloads and break on the first contact with non-human, ephemeral, delegated actors.
Trust deficit
Production agents today operate with admin tokens or service accounts with wildcard permissions. Prompt injection becomes credential exfiltration. The third option — per-action, scoped, ephemeral, identity-bound — does not exist in cloud-era infrastructure.
Operational fragmentation
Agent frameworks, observability tools, sandboxes, vector stores, and tool gateways each solve a slice. None share an identity, an audit substrate, or a deployment shape. Hybrid software-plus-embodied estates run on two disjoint stacks.
No system of record
The information needed to answer accountability questions is scattered across framework traces, tool-side logs, identity events, and model-provider logs. For security and compliance, that's the blocker on production adoption.
Pick the agent your team actually uses. See where the operational gaps are today, and how Visca closes them — without changing the agent itself.
Anthropic's official CLI. Top of the coding-agent leaderboards in 2026.
Identity
SigilClaude Code runs as your shell user. Sub-agents it spawns inherit the same UID. No cryptographic root, no per-session identity, nothing to revoke.
Every Claude Code session is issued a Sigil at startup, bound to the human invoker and the runtime. Sub-agents chain their Sigils to it. One call revokes the entire chain.
Credentials
WarrantAPI keys live in `.env`; MCP server tokens sit in `~/.claude/settings.json`. A prompt injection that can read the workspace reads every key.
Claude Code requests a Capability Grant per action — scoped to verb, resource, duration, and constraint. No reusable secret in any file.
Discovery
PlexusMCP servers configured by URL in `.mcp.json`. Hardcoded endpoints, no authentication discovery, no Sigil-rooted attestation.
MCP servers found by capability descriptor through Plexus. mTLS by default. URL changes don't break anything.
5 more concerns — Declarative state, Packaging, Runtime, Audit, Dev surface.
See the full comparisonIdentity, access, fleet, runtime, audit, record — every operational concern of autonomy, on one substrate. Each piece has a narrow, deep scope. None overlap. All compose.
The whole is more than the sum because the pieces were never built as sums. Every product roots its security claims in the same Sigil identity and emits to the same Chronicle audit.
System of Record
SoROpen foundation · MPL 2.0
Lattice Runtime
Bundle · Sigil · Capability Grant · Plexus wire · Audit envelope. Open specifications, reference runtime, conformance suite.
Read the foundation →ALM · Pillar
How autonomous systems are declared, packaged, deployed, and run.
Data model as code.
The declarative primitive for your data model. Agents write it as source; humans edit it as a spreadsheet. Plan, apply, drift-detect.
Reproducible bundles for autonomous actors.
Immutable, content-addressed, Sigil-signed bundles. Everything an autonomous actor needs to execute, packaged as a single attestable artifact.
Autonomy-aware runtime.
Runs autonomous workloads across cloud, edge, on-device, and on-robot — with first-class awareness of tokens, models, memory, and embodiment.
The developer surface.
Where developers build autonomous systems. CLI, SDKs, local runtime, eval harness, replay, documentation, templates — one surface.
TLM · Pillar
How autonomous systems are identified, authorized, and networked.
Cryptographic identity for autonomous actors.
Issues, verifies, and revokes the cryptographic identity every autonomous actor holds — bound to principal, runtime, and lineage from the moment of instantiation.
Zero-trust access for autonomous actors.
Brokers every access from an autonomous actor to a consequential resource — identity-bound, scoped, time-limited, audited. Long-lived credentials disappear.
The autonomic fabric.
Discovery, mTLS, and routing across every autonomous actor and every resource an actor reaches — rooted in Sigil identities, not hardcoded URLs.
SoR · Pillar
The queryable graph and tamper-evident audit of everything in the estate.
Visca's primitives are designed for the operational realities of autonomy: pilots that need to reach production, security teams that need accountability, finance teams that need cost governance.
Lattice Runtime is the open substrate beneath every Visca product. Open specifications, a reference runtime in Rust, SDKs in TypeScript, Python, Go, and Rust. Foundation-track governance. No license rug-pulls — ever.
The covenant
MPL 2.0 — fixed at v0.1, forever.
Foundation donation once the project has gravity.
Developer Certificate of Origin. No CLA, ever.
Features in the open never move behind the paywall.
No rent-seeking on the substrate.
The autonomy economy is shipping
Build, run, and trust autonomous systems on an integrated platform — software, embodied, and hybrid. Open foundation. Enterprise cloud. No license rug-pulls, ever.