The v1 surface.
Everything the brain exposes.
Titan Core OS is an open SDK around a closed safety kernel. This is the v1 API: what integrators can call, implement, and extend — and the short list of what is deliberately not exposed.
Call it. Implement it.
Extend it.
Three kinds of surface: functions you call (runtime, missions, link, lifecycle), interfaces you implement (skills, models, HAL drivers), and records you verify (audit, evidence). Everything below is v1 — versioned with the runtime, stable within the major.
Runtime & Modes
Boot a machine as a deployment profile, drive the control loop, read its state. The mode machine is observable, never directly settable — modes follow evidence.
boot(profile) → CoreRuntimeCompose a machine from a named profile: skills + HAL + mode semanticsruntime.tick(telemetry) → ActuatorCommandOne control-loop step: sense → localize → plan → decide → actruntime.snapshot() → RuntimeSnapshotMode, active intent, health, buffered-telemetry depthorchestrator.acceptIntent(intent) → booleanPriority-arbitrated mission intake; FAULT rejectsorchestrator.degrade(reason) / resetFault(operator)Explicit mode transitions — always attributed, always auditedSkill Registry
The extension point. A skill is one signed registration; redundancy is a wrapper, not a rewrite.
registry.register(skill, manifest) → LoadDecisionSigned manifests only — unsigned code never loads in productionregistry.unregister(name, operator)Audited removal; the machine keeps running without the capabilityredundant({ providers, arbiter }) → SkillN providers in one slot; the group is a drop-in for the skill typepreferPrimary({ failAfterMisses })Sticky-primary arbiter: fail over on repeated faults, reclaim on recoveryconfidenceAbove(threshold)Confidence-gated arbiter: switch on decay, hand back on recoveryMissions
Verticals are compiled, not coded. A mission profile turns operator parameters into intent sequences the planner consumes.
compileMission(vertical, params) → MissionIntent[]patrol-security · delivery-logistics · agriculture-fieldwork · search-rescueMissionProfile (interface)Implement + register to ship a new vertical — no runtime changesCommand Link (ECL)
The machine's side of the Titan Command Center conversation. Latency is a safety property here, enforced in the API.
link.sendIntent(intent) / nextIntent()Prioritized mission intent queuelink.queueOverride(override) → booleanRefused when link RTT p99 exceeds 200ms — the guard is not optionallink.publishTelemetry(sample) / drainTelemetry()Continuous uplink; buffered while disconnectedlink.buildResyncReplay() → ResyncFrame[]Hash-chained disconnected history — verifiable, tamper-evidentlink.quality() → good | degraded | lostOne link-health contract; recommendedMode() maps it to the mode machineModel Slot
The decision layer is a first-class model interface — swap the VLA, compose vision with an LLM, or route hard calls to the datacenter.
VlaModel.decide(observation) → { skill, confidence }Observation in: pose, map summary, mission context. Skill out, confidence attachedmodel composition & offload policyOn-device by default; datacenter-scale models when the link allows — the runtime decides, continuouslylow-confidence escalationDecisions under threshold route to a named operator, never guessed throughHAL Drivers
The seam hardware modules plug into. Implement four methods and the runtime drives your hardware — or Titan Matrix's simulation of it.
driver.apply(command)Uniform ActuatorCommand in — wheels, rotors, hand, emittersdriver.heartbeat(ts)Feed the dead-man watchdog; silence stops motorsdriver.tick() → HalActuatorStateActuator state, fault codes, watchdog escalation outdriver.safeStop(reason)The last-resort path — every driver must implement itLifecycle & OTA
Updates are staged, health-checked, and reversible — kernel images to model weights.
ota.stage(manifest)Signed manifests only; A/B slot prepared, nothing switchedota.commit(healthCheck)Atomic swap gated on the health check passingota.rollback(reason)One call back to the known-good slotAudit & Evidence
Every actuation, load, override, and switchover is chained. The API exposes verification, not editing.
audit.list() → AuditEntry[]Attributed history: who or what commanded, when, whyaudit.verify() → booleanWalk the hash chain end to end — tampering is detectable, not deniableevidence recording (MCAP, traces, dumps)Ships to Titan Command Center on resyncWhat the API
refuses to offer.
An autonomy API is defined as much by what it withholds. These are absent by design, not omission — the line that lets integrators extend behavior without weakening deterministic control.
Safety executor internals
The dead-man watchdog shares no fate with the smart stack — including its API
Raw actuator buses
Every command flows through the audited ActuatorCommand path or it doesn't flow
Watchdog thresholds at runtime
Deadline budgets are profile configuration, signed and staged like code
Unsigned anything
The registry gate has no bypass parameter
Versioning: the API is versioned with the runtime — v1 signatures are stable within the major, additive changes ship in minors, and every skill, driver, and model declares the API version it was built against in its signed manifest. The wire protocol between machine and Titan Command Center is specified separately and versioned on the same policy.