// FILE 2026.05.01BRIEF — WICK ZERO

FORMAL PROOF INFRASTRUCTUREFOR SOFTWARE THAT CANNOT FAIL SILENTLY

SCROLL ▼

FORMAL · DETERMINISTICSAT // UNSAT

§ 00 · DOCTRINE

Some failuresmust notbe possible.

WICK is formal proof infrastructure for systems where probabilistic security is unacceptable. We do not detect. We do not score. We prove — that defined failure classes are ruled out under formal constraints. WICK turns critical software, AI agent actions, and infrastructure controls into machine-verifiable proof artifacts: showing exactly which failures are possible, impossible, or reachable under defined constraints.

Request Technical Briefing →View Proof Artifact →

§ 01 · METHODOLOGY

Autonomous code made probabilistic security insufficient.

Smart contracts move capital. AI agents take real-world actions. Critical infrastructure runs on systems code with no runtime guard-rails. In these environments, alerts and confidence scores are not enough. What is required is evidence — formal, machine-verifiable, deterministic.

// Validated at scale

Artifacts analyzed

3,500

AI-generated · production code

Provably vulnerable

55.8%

formal proof · not heuristic

Read the full paper — arXiv 2604.05292↗

THE OLD MODEL

Detection.

Signals that something may be wrong
Heuristic. Probabilistic. Alert-driven.
No evidence of how — or whether — failure is reachable
Confidence scores. Not certificates.

THE WICK MODEL

Proof.

Shows exactly where failure becomes possible
Formal. Deterministic. Evidence-backed.
Machine-verifiable verdict — SAT or UNSAT
Witness values when the chain is reachable

// Proven in the field — confirmed findings

Mozilla NSS

TLS Library

Fixed

wolfSSL

Crypto Library

PR Merged

Zephyr RTOS

Embedded OS

CVE Filed

libupnp

UPnP Library

CVE-2026-41682

§ 02 · FIELD

Tested where guessing is not enough.

WICK has been applied to security-critical open-source systems — with CVE filings, vendor acknowledgments, and formally defined bug classes across each target. All findings are production-accessible code, not synthetic benchmarks.

#	Target	Domain	Status
i	Mozilla NSS TLS Library	TLS / Cryptography	Fixed
ii	wolfSSL Crypto Library	TLS / Cryptography	PR Merged
iii	FreeRTOS Amazon RTOS	Real-Time Kernel	ACK Amazon
iv	Zephyr RTOS Embedded OS	Real-Time Kernel	CVE Filed
v	Mosquitto MQTT Broker	IoT Messaging	2× CVE Filed
vi	libupnp UPnP Library	Network / IoT	CVE-2026-41682
vii	libmodbus Industrial Protocol	SCADA / ICS	CVE Filed
viii	Mongoose Embedded Web Server	HTTP / Networking	CVE Filed
ix	lwIP TCP/IP Stack	Networking	CVE Filed
x	strongSwan VPN · IKEv2	VPN / Tunneling	Fix Pending

§ 03 · OUTPUT

Not alerts. Not scores.
Proof artifacts.

Every scan produces structured evidence showing what was tested, which constraint was evaluated, where failure becomes possible, and what supports the result. No black box. No guessing. A document — not a guess.

Each artifact contains

iVulnerability class tested
iiConstraint evaluated
iiiCode path or action path analyzed
ivFailure condition found or rejected
vEvidence trail generated
viReview status assigned

ARTIFACT // COBALT-OH-1FAILURE DETECTED

// SAMPLE PROOF — REVIEW READY

Silent insulin-on-board calculation failure under defined input.

ArtifactCOBALT-OH-1

SystemOpenAPS · oref0

FunctioniobCalcBilinear()

Failure cond.dia = 0

ResultSilent IOB calc failure

EvidenceConstraint violation under defined input

ScopeDefined input condition

StatusReview-ready

§ 04 · OPERATIONAL THEATRES

One proof core.
Three operational phases.

// WICK is not a suite of disconnected tools. It is a single formal proof core deployed across three operational phases: harden before the attack, intercept at contact, and recover after breach.

THEATRE I

Critical Software Verification

Formal proof applied at the source — before deployment, before breach. For teams building systems where memory, cryptography, or supply chain failure cannot be silent.

CobaltSRF-01→Cobalt COBOLSRF-19→ForgeSRF-02→CassandreSRF-03→BedrockSRF-16→Cobalt PQCSRF-15→VeinSRF-14→

THEATRE II

Autonomous Systems Control

Formal constraints at every execution boundary — before, during, and after action. For organizations deploying AI agents, autonomous decision systems, or on-chain capital operations.

SentinelSRF-06→VerdictSRF-05→The AnswerSRF-12→AugurSRF-04→

THEATRE III

Sovereign Intelligence Infrastructure

For defence, government, and regulated industries where jurisdictional control is non-negotiable. Canadian-sovereign deployment. Architected to minimize foreign jurisdictional exposure. Formally verified at every layer.

VantumSRF-11→TraceSRF-07→WraithSRF-08→SkyveilSRF-09→PhantomSRF-10→SovereigntySRF-18→IRISSRF-13→

Proof Integration Layer

LatticeSRF-17

Aggregates proof artifacts from all theatres into a single tamper-evident cross-layer proof chain. One document. One deterministic verdict — the artifact a CISO or regulator signs.

VIEW →

View full surface index ↓

§ 05 · FULL SURFACE INDEX

Every surface.
One formal core.

// The same Z3 proof engine, applied at every layer — from embedded firmware to on-chain capital to maritime intelligence. Each surface operates autonomously. The methodology is invariant.

Theatre I — Critical Software Verification

SRF—01

Cobalt

Formal proof for critical infrastructure.

Formal verification engine for C, C++, RTOS, embedded systems, and crypto libraries. Identifies vulnerabilities with formal evidence — not heuristics. Validated against wolfSSL, Zephyr RTOS, libmodbus, Mongoose.

Formal security for smart contracts.

Formal vulnerability detection for Solidity and EVM contracts. Analyzes call graphs, state transitions, and taint propagation to produce provable failure conditions — not scanner output. Built for protocol teams and technical diligence.

Verified transpilation for legacy COBOL.

Formally verified COBOL-to-Python transpilation pipeline. Produces a Z3 proof of semantic equivalence after migration — detecting logic errors that LLMs naturally miss. Validated against 2,345 benchmark programs across NIST, GnuCOBOL, and enterprise COBOL. Deloitte reports 66% error rate in enterprise migrations. COBALT produces proof instead of risk.

She speaks before the exploit.

Continuous formal verification for deployed DeFi protocols. Infers invariants automatically — no human specifications required — and flags violated constraints before exploitation. Recovered the invariant failure pattern behind the Euler $197M exploit in post-incident analysis.

$197MEuler

PostIncident

→

Theatre II — Autonomous Systems Control

SRF—12

The Answer

Formal proof of algorithmic fairness.

Applies Z3 formal verification to AI model decision outputs to prove — or disprove — that protected attributes causally influence outcomes. Produces machine-verifiable fairness certificates designed for AI governance frameworks including the EU AI Act and emerging Canadian requirements. Validated against COMPAS recidivism data.

Multi-agent simulation and prediction.

Formal verification applied to emergent multi-agent behavior. Simulates swarm dynamics under adversarial conditions and produces proof artifacts showing exactly where collective behavior diverges from intended outcomes — for systems where no single agent controls the result.

Behavioral drift monitoring for autonomous agents.

Detects when an agent's operating pattern diverges from its approved behavioral envelope — across time, sessions, and operational context. No thresholds. No confidence scores. Proof the envelope was violated.

Pre-execution control for AI agents.

Verifies formal constraints before each agent action — workspace boundaries, spending limits, command guards, approval gates. Immutable audit trail. No action without a formal verdict.

<100msLatency

100%Audit

→

Theatre III — Sovereign Intelligence Infrastructure

SRF—07

Trace

Forensics across chains and time.

Real-time multi-chain fund tracing and DeFi hack recovery across 6+ networks. Traces stolen funds across chains and mixers, detects exploit patterns, and coordinates emergency freeze requests with exchange compliance teams.

Adversarial proof analysis.

Models bounded attack paths and proves whether critical failure states are reachable under adversarial input. Built for internal red teams, technical diligence, and pre-deployment validation. Know the attack path before the attacker does.

Multi-domain military intelligence. Live. Sovereign.

Real-time open-source military intelligence console fusing ADS-B aircraft telemetry, AIS maritime tracking, GDELT conflict clustering, and active NOTAMs into a single threat picture. Military aircraft identified by callsign prefix and ICAO hex range. Threat score computed from squawks, formations, and GDELT tone. Claude Intel Briefs in NATO INTSUM format. Zero foreign data hops.

Probe intelligence. The attacker found us first.

Deploys a formal mirror of your protocol in the dark. Every probe is recorded before it reaches you — classified and converted into formal attack signatures. The attacker believes they found a target. They found Phantom first.

Sovereign multi-domain intelligence. Zero foreign jurisdiction.

Multi-domain intelligence inference engine operating entirely on Canadian-sovereign nodes. Finance, AML/FINTRAC, defence, border/CBSA, supply chain, maritime, and health intelligence under one platform — formally verified at every layer. Real-time AIS, STR queuing, cross-domain correlation, and append-only audit trail. Zero U.S. hops. Zero foreign jurisdiction.

Sovereign biometric watchlist. Zero cloud.

Real-time facial recognition against formal watchlists — entirely on-device. No cloud API. No foreign biometric processing. Every match produces an immutable audit entry. PIPEDA/Law 25 compliant by design. On-premise. Sovereign.

Jurisdiction-proof deployment. Canadian-controlled.

Formal proof that a system operates under Canadian jurisdiction — compute, storage, and transit. Sovereignty produces machine-verifiable attestations that data has not crossed foreign borders, that no foreign legal process can compel access, and that the deployment chain is Canadian-controlled end to end. The certificate a government CISO signs.

0Foreign hops

CLOUD ActIsolated

→

Theatre I — Supply Chain & Quantum

SRF—14

Vein

Every dependency. Every CVE. Formally proven.

Formal supply chain analysis for CycloneDX and SPDX SBOMs. Cross-references every component against live CVE databases and applies Z3 to source code. Every finding is a proven constraint violation — not a scanner heuristic.

Your quantum migration — formally verified.

Formal verification of post-quantum cryptography against NIST FIPS 203/204/205. Proves Kyber, Dilithium, and Falcon implementations are parameter-correct, constant-time, and timing-safe. Built for the mandatory PQC migration that governments cannot afford to get wrong.

Formal proof below the OS.

Formal vulnerability analysis for firmware, bootloaders, UEFI drivers, and embedded MCU code — below OS visibility. Lifts binary or C source and applies Z3 to prove stack overflow conditions, unsafe call paths, and integer failures in memory operations.

UEFIDXE

MCUEmbedded

→

Proof Integration Layer

SRF—17

Lattice

One chain. Every layer. One verdict.

Aggregates proof artifacts from multiple surfaces into a unified cross-layer proof chain. One tamper-evident document, one deterministic verdict — the single artifact a CISO or regulator signs off on.

18Surfaces

SHA-256Chain

→

§ 06 · ARCHITECTURE

Three theatres.
One proof core.

// WICK is not a suite of tools. It is a formal proof layer deployed across operational theatres — from embedded C to on-chain capital to sovereign intelligence infrastructure. Each surface operates autonomously. The proof core is invariant.

HARDEN — proof before the attack

CobaltSRF-01

Cobalt COBOLSRF-19

ForgeSRF-02

SkyveilSRF-09

WraithSRF-08

AugurSRF-04

The AnswerSRF-12

VeinSRF-14

Cobalt PQCSRF-15

BedrockSRF-16

LatticeSRF-17

INTERCEPT — proof at contact

CassandreSRF-03

PhantomSRF-10

SentinelSRF-06

VerdictSRF-05

RECOVER — proof after breach

TraceSRF-07

VantumSRF-11

IRISSRF-13

SovereigntySRF-18

§ 07 · SOVEREIGNTY

Built under
Canadian jurisdiction.
Architected for sovereign control.

U.S.-headquartered vendors may remain subject to foreign legal process regardless of where their servers are located. WICK is architected for Canadian-controlled deployment, Canadian data residency, and reduced foreign jurisdictional exposure. For government procurement, defence, and regulated industries, jurisdiction is not a feature. It is the foundation.

Discuss Sovereign Deployment →

■

CCCS Alignment

Canadian Centre for Cyber Security guidance. Formal verification as a control — not an assertion. Every WICK proof artifact is evidence-grade under CCCS technical frameworks.

■

Protected B Path

Designed with Protected B requirements in mind — compute, storage, and transit on Canadian sovereign nodes. WICK infrastructure targets PBMM cloud profile alignment for government and defence engagements.

■

Emerging Canadian AI Governance

Canada's evolving AI governance landscape includes requirements for impact assessment, bias mitigation, and auditability of high-impact AI systems. The Answer produces machine-verifiable compliance artifacts designed for these frameworks as they come into force.

■

CLOUD Act Isolation

WICK engagements are architected to reduce foreign jurisdictional exposure through Canadian-controlled deployment and data residency. Structured to minimize US CLOUD Act surface for sensitive government and defence engagements.

■

PSPC Procurement Path

Structured for Public Services and Procurement Canada engagement. WICK is a Canadian-founded, Canadian-operated security infrastructure company.

// Jurisdiction comparison

Vendor	Jurisdiction	CLOUD Act Exposure	Canadian Sovereign
WICK Technology Formal Proof Infrastructure	🇨🇦 Canada	Minimized by architecture	Canadian-controlled deployment
Palantir Intelligence Platform	🇺🇸 United States	Subject to U.S. jurisdiction	Deployment-dependent
CrowdStrike Endpoint / Detection	🇺🇸 United States	Subject to U.S. jurisdiction	Deployment-dependent
Microsoft Sentinel SIEM / XDR	🇺🇸 United States	Subject to U.S. jurisdiction	Deployment-dependent

Some failuresmust notbe possible.

Autonomous code made probabilistic security insufficient.

Detection.

Proof.

Tested where guessing is not enough.

Not alerts. Not scores.Proof artifacts.

Silent insulin-on-board calculation failure under defined input.

One proof core.Three operational phases.

Critical Software Verification

Autonomous Systems Control

Sovereign Intelligence Infrastructure

Every surface.One formal core.

Three theatres.One proof core.

Built underCanadian jurisdiction.Architected for sovereign control.

If a failure exists,we will show it to you.

Not alerts. Not scores.
Proof artifacts.

One proof core.
Three operational phases.

Every surface.
One formal core.

Three theatres.
One proof core.

Built under
Canadian jurisdiction.
Architected for sovereign control.

If a failure exists,
we will show it to you.