MASTER ATC
Operations board, agent identity, task routing, policy, and audit.
Product system
Chain of Custody for AI Agents.
MASTER ATC is the modern air traffic control layer for agentic work. It records who acted, under whose authority, against which systems, with which policy decision, and with what evidence.
Mind map
How the advanced pieces connect.
Flight Recorder
Typed custody envelopes and hash-chain verification.
Approval Tower
Human approval records for Tier 4-5 actions.
Secure MCP Gateway
Scoped tool access, rate limits, and evidence for each call.
Agent Evidence Lake
Evidence vault, metadata, and single-writer chain heads.
BriefCheck
Briefing packet validation lane. Owner meaning still needs final confirmation.
SAOM / SOMA
Federal mission-visualization wedge connected to the same custody story.
White-label edge stack
Customer portals, evidence vaults, browser replay, media custody, and protected access.
Modern ATC flow chart
From agent action to verified evidence.
1. Detect
Agent, browser, MCP tool, local runner, or SAOM operator event starts the record.->
2. Identify
Stable identity captures role, machine, tenant, task, and source system.->
3. Classify
Policy engine assigns operation type, target resources, and risk tier.->
4. Gate
Tier 0-2 can proceed; Tier 3 needs allowlisting; Tier 4-5 needs named approval.->
5. Execute
Typed operation runs through bounded local or edge-backed authority.->
6. Record
Custody envelope stores prompt/tool/action/output metadata and decision.->
7. Chain
Previous hash and event hash make the evidence stream tamper-evident.->
8. Replay
Dashboards, exports, screenshots, and reports show what happened and why.
SAOM / SOMA federal wedge
The package uses SAOM as the canonical name: Secure AV Orchestration Middleware. If SOMA is the intended public brand, the site should carry both until owner naming is ratified. This lane is the federal beachhead: enclave-aware mission visualization, incident workflow orchestration, operator trust, degraded-mode continuity, and audit playback.
- - Defense command centers, SCIF/SAPF rooms, EOCs, law enforcement, and federal contractors.
- - Existing AV/VMS systems stay in place; SAOM/SOMA adds orchestration, provenance, and workflow.
- - MASTER ATC extends the same trust model to AI agents and cloud-backed workflows.
BriefCheck lane
BriefCheck was missing from the website because the package flags its exact meaning as owner-gated. It should not vanish. The product lane below keeps it visible while marking the open decision honestly.
Ingest
Brief, deck, claim, source file, or evidence packet enters custody.
Validate
Claims, dates, numbers, sources, approvals, and risk flags are checked.
Export
Owner-ready packet with decision status, gaps, hashes, and send gates.
White-labeled edge stack
The infrastructure is part of the product.
GRIFF packages the operating spine for customer portals, evidence vaults, agent demos, browser replay, media pipelines, and protected operator access behind a clean owner-reviewed product surface.
Edge app runtime
Public website, app shell, APIs, demo routes, and policy checks.
Control metadata
Tenant, user, product, pointer, and audit metadata.
Evidence vault
Evidence packets, exports, screenshots, source files, and long-term audit blobs.
Chain coordination
Per-tenant audit-chain heads and single-writer coordination.
Fast configuration
Session cache, request intake, config, and fast status data.
Media custody
White-labeled media pipeline for report assets, screenshots, logos, and evidence.
Browser evidence
Browser replay, investor screenshots, research capture, and form review.
Observability
Product metrics, demo activity, custody signals, and launch telemetry.
Protected access
Operator access, service tokens, admin gates, and private-resource protection.
What gets recorded
Agent identity
Stable agent name, role, machine, framework, task, and tenant.
Policy decision
Risk tier, allow/deny/needs_approval decision, violations, and approver.
Tool and file touch
MCP calls, browser actions, local runner operations, source files, and outputs.
Verification
Previous hash, event hash, chain head, export packet, and replay state.