As AI agents evolve from text generators into autonomous economic actors that accept jobs, manage budgets, and delegate to sub-agents, the absence of runtime governance becomes a critical gap. Existing frameworks orchestrate agent behavior but impose no fiscal constraints, require no earned permissions, and offer no tamper-evident audit trail. We introduce Sovereign-OS, a governance-first operating system that places every agent action under constitutional control. A declarative Charter (YAML) defines mission scope, fiscal boundaries, and success criteria. A CEO (Strategist) decomposes goals into dependency-aware task DAGs; a CFO (Treasury) gates each expenditure against budget caps, daily burn limits, and profitability floors via an auction-based bidding engine; Workers operate under earned-autonomy permissions governed by a dynamic TrustScore; and an Auditor (ReviewEngine) verifies outputs against Charter KPIs, sealing each report with a SHA-256 proof hash. Across our evaluation suite, Sovereign-OS blocks 100% of fiscal violations (30 scenarios), achieves 94% correct permission gating (200 trust-escalation missions), and maintains zero integrity failure over 1,200+ audit reports. The system further integrates Stripe for real-world payment processing, closing the loop from task planning to revenue collection. Our live demonstration walks through three scenarios: loading distinct Charters to observe divergent agent behavior, triggering CFO fiscal denials under budget and profitability constraints, and escalating a new worker's TrustScore from restricted to fully authorized with on-the-spot cryptographic audit verification.

翻译：随着AI代理从文本生成器演变为能够接受任务、管理预算并委托子代理的自主经济主体，运行时治理的缺失已成为关键短板。现有框架虽能协调代理行为，但既未施加财政约束，亦不要求权限获取，更缺乏防篡改审计追踪机制。本文提出主权操作系统——一种以治理为核心的操作系统，将每个代理行为置于宪章约束之下。声明式宪章（YAML格式）定义了任务范围、财政边界与成功标准。首席执行官（战略规划器）将目标分解为依赖关系感知的任务有向无环图；首席财务官（财政部）通过基于拍卖的竞价引擎，依据预算上限、日消耗限额及盈利底限审核每笔支出；工作者在动态信任积分体系监管下基于已获权限运行；审计官（审查引擎）依据宪章关键绩效指标验证输出，并为每份报告附加SHA-256证明哈希值密封。在完整评估测试中，主权操作系统成功拦截全部财政违规行为（30种场景），实现94%的权限控制准确率（200项信任升级任务），并在1200余份审计报告中保持零完整性失效。该系统进一步集成Stripe实现真实支付处理，形成从任务规划到收益回收的完整闭环。我们的实时演示涵盖三大场景：加载不同宪章观察代理行为分化，在预算与盈利约束下触发首席财务官财政否决，以及将新工作者信任积分从受限级实时提升至完全授权并同步完成密码学审计验证。