v11 · under 50 KB · zero dependencies · by Cognis Digital LLC

One file.
One cognition unit.

COG bundles data, behavior, and proof into a single content-addressed file. Ship AI knowledge packs, audit trails, and operational runbooks — all in under 50 KB with zero dependencies.

Install COGExplore Architecture
# Build a bundle from any folder
$ cog pack ./my_knowledge base.cog
COG bundle created: base.cog
  UUID:   a1b2c3d4-e5f6-7890-abcd-ef1234567890
  Blocks: 8
  Size:   12,480 bytes (12.2 KB)

# Verify integrity + proof chain
$ cog verify base.cog
Phase 1: Block integrity … ✓ All 8 blocks OK
Phase 2: Proof chain …     ✓ Chain OK (5 records)
Phase 3: Rule seal …       ✓ Rule seal matches
VERIFIED: bundle is intact ✓
< 50 KB
Total engine size
2
Files to deploy
0
External dependencies
24
Block types
80+
CLI commands
4
Cognition planes

Tiny but powerful

Everything you need for cognitive data management, nothing you don't.

Content-Addressed

Zero conflicts

Every block is identified by its SHA-256 hash. No IDs to manage, no conflicts, deterministic everywhere. Deduplication is automatic.

Zero Dependencies

2 files, 0 installs

Python stdlib only. No pip, no npm, no containers. Ships as two files totaling under 50 KB. Deploy anywhere Python runs.

Streaming First

Fetch only what you need

Block directory at end for range-fetch + append. Use curl --range to download specific blocks without pulling the whole file.

Copy-on-Write Forks

Instant branching

Instant snapshots via shard maps. Branch, experiment, merge back. Blocks are shared, not copied — zero storage overhead.

Tamper-Evident

Built-in trust

Hash chain over all events + blocks. HMAC signatures. Anti-replay stamps. Rule seals prevent silent policy swaps.

Deterministic Rebuilds

Fully auditable

Indexes rebuild from logs. Ship diffs, not artifacts. Every operation is replayable — perfect for compliance and audit trails.

Built for real-world workflows

Use cases

From AI research labs to enterprise compliance teams, COG replaces fragile toolchains with a single, portable, verifiable file.

AI & ML Knowledge Packs

Bundle training data, model configs, embeddings, and evaluation rules into a single portable file. Ship cognition, not infrastructure.

Vector search built inEmbed + query in one fileVersion with forks

Compliance & Audit

Tamper-evident proof chains and HMAC signatures make COG ideal for regulatory compliance, legal holds, and audit trails.

Immutable event logCryptographic proof chainRule seal verification

Edge & Offline Deployment

A single file under 50 KB carries its own tools. No internet, no package manager, no runtime — just Python and a .cog file.

Works air-gappedNo network requiredSelf-contained ops

Research & Experimentation

Fork bundles to create isolated experiments. Compare branches, replay event logs, and merge results — all without copying data.

Zero-cost branchingReplayable experimentsDiff stream comparison

Enterprise Knowledge Bases

Consolidate runbooks, policies, and operational rules into signed, verifiable bundles that teams can trust and share.

Signed & verifiablePortable across teamsSelf-documenting

Data Pipelines & ETL

Content-addressed blocks enable deduplication across pipeline stages. Append-only writes make COG a natural fit for streaming data.

Automatic dedupStreaming appendDeterministic rebuilds

Why teams choose COG

Traditional knowledge management requires databases, APIs, authentication layers, and deployment pipelines. COG replaces all of that with a single file that carries its own data, rules, proofs, and tools.

< 30s
Setup time
< 50 KB
Engine size
Zero
Dependencies
Built-in
Integrity

Four planes of cognition

24 block types organized across 4 planes, plus 3 built-ins orchestration blocks. Each plane handles a distinct concern while sharing the same content-addressed store.

Memory Plane

6 blocks

Retrieve fast — packed vectors, ANN graphs, hot caches, and filter maps

BUNDLE_HEADVEC_PAGESNEIGH_GRAPHCODEBOOKSHOTCACHEFILTERMAP

Behavior Plane

6 blocks

Act consistently — rules, state, events, tasks, and knowledge links

RULE_PACKKV_STATEEVENT_LOGTASK_TAPEREL_MAPADAPT_PATCH

Evolution Plane

4 blocks

Fork + merge — copy-on-write shards, ref counting, sparse diffs

SHARD_MAPSHARE_TALLYVIS_SCOPEDIFF_STREAM

Proof Plane

5 blocks

Trust + audit — hash chains, signatures, anti-replay stamps

PROOF_CHAINSIGN_RECORDSKEYRINGSTAMP_TOKENSRULE_SEAL

Built-ins Orchestration

3 blocks · MD + Python + Bash

Embedded operational runbooks, Python scripts (stdlib only), and POSIX shell glue. The bundle carries its own tools.

MD_RUNBOOKPY_CORESH_MINI

Stream-friendly layout

Directory at end for append-only writes and range-fetch reads.

HEADERFixed 40 bytes: magic, version, UUID, directory pointer
BLOCK 0BUNDLE_HEAD — metadata
BLOCK 1Content blocks (append-only) …
BLOCK NPROOF_CHAIN, SHARD_MAP, RULE_SEAL …
DIRECTORYJSON block index with offsets + hashes

curl --range fetches directory first, then only needed blocks

System architecture

The complete COG system — from CLI to on-disk binary format — in one diagram.

                        ┌─────────────────────────────────────────────┐
                        │          COG v11 — System Overview           │
                        │        Built by Cognis Digital LLC           │
                        └────────────────────┬────────────────────────┘
                                             │
                    ┌────────────────────────┼────────────────────────┐
                    │                        │                        │
              ┌─────▼─────┐          ┌───────▼───────┐        ┌──────▼──────┐
              │  cog.sh   │          │    cog.py     │        │ cog_tui.py  │
              │  Bash CLI │          │ Python Engine │        │ Interactive │
              │  Wrapper  │          │  (stdlib only)│        │   TUI       │
              └─────┬─────┘          └───────┬───────┘        └──────┬──────┘
                    │                        │                       │
                    └────────────┬───────────┘                       │
                                 │                                   │
                    ┌────────────▼───────────────────────────────────┘
                    │
        ┌───────────▼───────────────────────────────────────────────────┐
        │                      .cog Bundle File                         │
        │  ┌─────────────────────────────────────────────────────────┐  │
        │  │  HEADER (40 bytes)                                      │  │
        │  │  magic · version · UUID · directory_offset              │  │
        │  ├─────────────────────────────────────────────────────────┤  │
        │  │                                                         │  │
        │  │  ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐      │  │
        │  │  │ Memory  │ │Behavior │ │Evolution│ │  Proof  │      │  │
        │  │  │  Plane  │ │  Plane  │ │  Plane  │ │  Plane  │      │  │
        │  │  ├─────────┤ ├─────────┤ ├─────────┤ ├─────────┤      │  │
        │  │  │VEC_PAGES│ │RULE_PACK│ │SHARD_MAP│ │PROOF_   │      │  │
        │  │  │NEIGH_   │ │KV_STATE │ │SHARE_   │ │ CHAIN   │      │  │
        │  │  │ GRAPH   │ │EVENT_LOG│ │ TALLY   │ │SIGN_    │      │  │
        │  │  │CODEBOOKS│ │TASK_TAPE│ │VIS_SCOPE│ │ RECORDS │      │  │
        │  │  │HOTCACHE │ │REL_MAP  │ │DIFF_    │ │KEYRING  │      │  │
        │  │  │FILTERMAP│ │ADAPT_   │ │ STREAM  │ │STAMP_   │      │  │
        │  │  │         │ │ PATCH   │ │         │ │ TOKENS  │      │  │
        │  │  │         │ │         │ │         │ │RULE_SEAL│      │  │
        │  │  └─────────┘ └─────────┘ └─────────┘ └─────────┘      │  │
        │  │                                                         │  │
        │  │  ┌───────────────────────────────────────────────────┐  │  │
        │  │  │  Built-ins: MD_RUNBOOK · PY_CORE · SH_MINI       │  │  │
        │  │  └───────────────────────────────────────────────────┘  │  │
        │  │                                                         │  │
        │  ├─────────────────────────────────────────────────────────┤  │
        │  │  DIRECTORY (JSON)                                       │  │
        │  │  block index · offsets · content IDs · branch map       │  │
        │  └─────────────────────────────────────────────────────────┘  │
        └───────────────────────────────────────────────────────────────┘

        12 CLI verbs:  pack · list · get · put · query · fork
                       verify · embed · replay · compact · log · sign

        Key properties:
          ✓ Content-addressed (SHA-256)    ✓ Append-only writes
          ✓ Copy-on-write forking          ✓ HMAC-SHA256 signatures
          ✓ Tamper-evident proof chain     ✓ Zero external dependencies
          ✓ Streaming range-fetch          ✓ < 50 KB total engine size

12 verbs, complete control

One CLI, twelve commands. Everything you need, nothing more.

cog pack

<source> <out.cog>

Build bundle from folder or file

cog list

<bundle.cog>

List blocks, branches, stats

cog get

<bundle.cog> <id>

Extract a block by ID or type

cog put

<bundle.cog> <file> <type>

Append a block to bundle

cog query

<bundle.cog> <text>

Hybrid text + vector similarity search

cog fork

<bundle.cog> <name>

Create a copy-on-write branch

cog verify

<bundle.cog>

Verify integrity + proof chain

cog embed

<bundle.cog> <files…>

Embed text as vectors (feature hashing)

cog replay

<bundle.cog>

Replay event log + diff streams

cog compact

<bundle.cog> [out]

Compact bundle (dedup + rebuild)

cog log

<bundle.cog> [-n N]

Show event log timeline

cog sign

<bundle.cog> --key <k>

HMAC-SHA256 sign bundle

# Pack a project folder into a bundle
$ cog pack ./research paper.cog

# List everything inside
$ cog list paper.cog

# Search across all text blocks
$ cog query paper.cog "neural architecture"

# Fork for experimentation
$ cog fork paper.cog experiment-v2

# Add new data to the fork
$ cog put paper_experiment-v2.cog new_results.json RULE_PACK

# Verify the fork is intact
$ cog verify paper_experiment-v2.cog -v
Encrypted sharing · 3 interop modes · zero dependencies

Share a COG

Send encrypted bundles to anyone. Sync over files, HTTP, or peer-to-peer mesh — with custom encryption, content-addressed dedup, and a tiny wire protocol that runs everywhere.

File Exchange

Offline / Airgapped / USB

Export an encrypted .cog.enc file, copy it via USB or sneakernet. Recipient imports and decrypts with a shared passphrase. No network needed.

Best for: Clinics, regulated environments, disconnected teams
# Export encrypted
cog sync export data.cog shared.cog.enc -p secret

# Import & decrypt on another machine
cog sync import shared.cog.enc -p secret

HTTP Range Fetch

CDN-friendly / Static hosting

Host bundles as static files. Clients fetch the directory first, then only the blocks they need via HTTP Range requests. Scales via any CDN.

Best for: Edge clients, mobile, mass distribution
# Pull from any static host
cog sync pull https://cdn.example.com/data.cog local.cog

# Push to an upload endpoint
cog sync push data.cog https://api.example.com/upload

Peer / Mesh Gossip

TCP or SSH pipe sync

Nodes exchange directory tips, request missing blocks by ID, stream them with optional encryption. Works over TCP, SSH pipes, or any bidirectional channel.

Best for: Mesh nodes, team collaboration, sovereign infra
# Serve a bundle over TCP
cog sync serve data.cog --port 9473

# Pull from a peer
cog sync pull host:9473 local.cog

# Pipe over SSH
python3 cog_sync.py pipe-server data.cog | \
  ssh remote python3 cog_sync.py pipe-client

Custom Encryption

Two cipher modes · Encrypt-then-MAC · stdlib-only

COG uses its own encryption suite built entirely from Python stdlib primitives:

COG-XOR-256
SHA-256 counter-mode XOR stream cipher
COG-CHACHA-LITE
ChaCha quarter-round mixer (20 rounds)
HKDF-SHA256
Key derivation from passphrase + salt
HMAC-SHA256
Encrypt-then-MAC tamper detection

Every sealed envelope: COGX magic + version + cipher ID + 32-byte salt + 16-byte nonce + 32-byte HMAC tag + ciphertext

Wire Protocol

Newline-delimited · text frames + raw bytes

HELLO COG/1 NODE=<id> CAP=<caps>
TIP   DIR=<hash> CHAIN=<tip> SIZE=<n>
NEED  <block_id> ...
HAVE  <block_id> ...
SEND  <block_id> <type> <len> [ENC=CHACHA]
<raw data bytes>
DONE
ERR   <code> <msg>
FILEVERIFYGOSSIPFORKMERGERANGEENCRYPT

Nodes negotiate via HELLO → exchange TIPs → request missing blocks → stream with optional per-block encryption

Fork & Merge Across Systems

Treat COG bundles like git, but for events — not text. Fork creates a new branch ID referencing the parent chain tip. Only new diffs generate new blocks; unchanged blocks are shared via content addressing.

Fork
New branch ID + FORK event + shared unchanged blocks
Merge
Union of event logs + deterministic conflict policy
Dedup
Content-addressed blocks deduplicate naturally
Rebuild
Ship events + content; rebuild indexes locally
# Fork for experimentation
cog fork data.cog experiment

# Work on the fork...
cog put data_experiment.cog new.json KV_STATE

# Merge back
cog sync merge data.cog data_experiment.cog merged.cog

# Share the encrypted result
cog sync export merged.cog share.cog.enc -p s3cret

Cross-System Compatibility

Compatibility lives at the event layer, not the index layer. Always ship EVENT_LOG + content blocks. Optional accelerators (NEIGH_GRAPH, FILTERMAP) are cache artifacts — if a system can't use them, it ignores them and rebuilds locally. This makes Windows, Linux, macOS, mobile, and airgapped environments fully interoperable.

10 modules · 70+ actions · stdlib-only

Enterprise Toolkit

Document management, compliance, data provenance, knowledge bases, workflows, incident response, SLA monitoring, secret vaulting, data classification, and reporting — all powered by COG bundles with zero external dependencies.

# Install is automatic — enterprise is built in
cog enterprise doc create --title "Security Policy" --content "All systems require MFA"
cog enterprise compliance check SOC2
cog enterprise vault store --name API_KEY --value sk-secret --rotation-days 30
cog enterprise incident create --title "DB Outage" --severity P0_CRITICAL --desc "Primary down"

Document Management

cog enterprise doc
13 actions

Version-controlled document storage with locking, classification, retention policies, and full-text search.

createCreate a new document
updateUpdate document content (creates new version)
listList all documents, optionally filtered by type
searchFull-text search across all documents
getRetrieve document (specific version or latest)
lockLock document to prevent concurrent edits
unlockUnlock a locked document
diffDiff two versions of a document
deleteDelete a document
exportExport document as Markdown
classifySet classification level
tagAdd tags to a document
retentionSet retention policy in days

Compliance & Audit

cog enterprise compliance
5 actions

Regulatory compliance checks against SOC2, HIPAA, GDPR, PCI-DSS, ISO 27001, NIST CSF, and FedRAMP frameworks.

checkRun compliance check (SOC2, HIPAA, GDPR, PCI-DSS, ISO27001, NIST-CSF, FedRAMP)
reportGenerate compliance report
verifyVerify audit log chain integrity
frameworksList all supported compliance frameworks
searchSearch audit log entries

Data Provenance

cog enterprise provenance
7 actions

Track data lineage from sources through transforms to sinks. Trace upstream/downstream and run impact analysis.

sourceRegister a data source
transformRegister a transform step
sinkRegister a data sink / output
traceTrace lineage path
graphVisualize the full provenance graph
impactImpact analysis — what depends on this source
listList all provenance entities

Knowledge Base

cog enterprise kb
7 actions

Searchable knowledge base with articles, categories, ratings, cross-links, and popularity tracking.

addAdd a knowledge article
searchSearch articles by content
popularShow most-viewed articles
recentShow recently updated articles
categoriesList all categories with article counts
linkCross-link two related articles
rateRate an article (0.0–5.0)

Workflows

cog enterprise workflow
7 actions

Multi-step workflows with assignments, approvals, rejections, and progress tracking.

createCreate a new workflow
assignAssign a user to a step
completeMark a step as completed
approveApprove the workflow
rejectReject with reason
listList workflows, optionally by status
statusShow workflow progress and step details

Incident Response

cog enterprise incident
7 actions

Incident lifecycle management with severity tracking, timelines, escalation, and MTTR analytics.

createOpen a new incident
assignAssign responder
resolveResolve with root cause
escalateEscalate severity
listList incidents
timelineShow incident timeline
mttrMean Time to Resolve across all incidents

SLA Monitoring

cog enterprise sla
5 actions

Define SLA targets, record measurements, detect breaches, and generate compliance reports.

defineDefine an SLA target
measureRecord a measurement
reportGenerate SLA compliance report
listList all SLAs
statusShow SLA status and breach history

Secret Vault

cog enterprise vault
6 actions

Encrypted secret storage with access logging, rotation tracking, and expiry alerts.

storeStore a secret
getRetrieve a secret (logged)
rotateRotate a secret with new value
check-rotationCheck which secrets need rotation
listList all secrets (values redacted)
deleteDelete a secret

Data Classification

cog enterprise classify
3 actions

Automatic PII detection (email, SSN, credit card, phone, IP) and manual classification levels.

scanAuto-scan text for PII and classify
manualManually classify data
listList all classifications

Reports & Export

cog enterprise report
2 actions

Executive summaries and data export in JSON and CSV formats across all enterprise modules.

summaryGenerate executive summary across all modules
exportExport section data
512/1024-bit · lattice-based · quantum-resistant

Post-Quantum Cryptography

Custom polymetric lattice-based cryptographic suite operating over the polynomial ring Rq = Zq[x]/(xn + 1). Key encapsulation, digital signatures, hybrid encryption, certificates, and polynomial arithmetic — all stdlib-only.

COG-LATTICE-512

n
256
q
7681
η
3
k
2
d_u
10
d_v
4

COG-LATTICE-1024

n
512
q
12289
η
2
k
3
d_u
11
d_v
5
# Generate a 1024-bit KEM keypair
cog pqc keygen --name alice --security 1024

# Encapsulate a shared secret for alice
cog pqc encapsulate --recipient alice

# Sign a message with Merkle-tree signature
cog pqc sign-keygen --name alice-sig --security 512
cog pqc sign --key alice-sig --message "Verified by COG"

# Hybrid encrypt a message
cog pqc encrypt --recipient alice --message "Top secret data"

# Full security analysis
cog pqc analyze --security 1024

Key Encapsulation (KEM)

5 commands
cog pqc keygenGenerate KEM keypair for lattice-based key exchange
cog pqc list-keysList all stored keypairs
cog pqc inspectInspect keypair details and parameters
cog pqc encapsulateKEM encapsulate — generate shared secret + ciphertext
cog pqc decapsulateKEM decapsulate — recover shared secret from ciphertext

Digital Signatures (Merkle)

3 commands
cog pqc sign-keygenGenerate Merkle-tree signature keypair (1024 one-time keys)
cog pqc signSign a message or file using WOTS+ hash chains
cog pqc verifyVerify a signature against public key and message

Hybrid Encryption

2 commands
cog pqc encryptHybrid encrypt: lattice KEM + symmetric XOR-stream cipher
cog pqc decryptHybrid decrypt: recover plaintext from ciphertext

Certificates

3 commands
cog pqc cert-createCreate a PQC certificate with lattice-signed binding
cog pqc cert-verifyVerify a certificate signature and expiry
cog pqc cert-inspectInspect certificate fields and metadata

Key Derivation

1 commands
cog pqc kdfHKDF-SHA256 key derivation with PBKDF2 strengthening

Analysis & Benchmarks

3 commands
cog pqc analyzeFull security analysis: norms, entropy, noise budget
cog pqc benchmarkPerformance benchmark: keygen, encap, decap, sign, verify
cog pqc compareSide-by-side comparison of 512 vs 1024 parameters

Polynomial Arithmetic

4 commands
cog pqc poly-genGenerate a random polynomial in R_q
cog pqc poly-addAdd two polynomials mod q
cog pqc poly-mulMultiply two polynomials in R_q = Z_q[x]/(x^n + 1)
cog pqc poly-normCompute L2 and L-infinity norms of a polynomial
Module-LWE
Key encapsulation over polynomial lattices
WOTS+ Merkle
Hash-based one-time signatures with Merkle trees
Hybrid XOR
Lattice KEM + SHA-256 CTR stream + HMAC MAC
SHAKE-256 XOF
Deterministic randomness via extendable output
PoW mining · Merkle trees · smart contracts

COG Blockchain

A full content-addressed blockchain with proof-of-work mining, wallets, transactions, Merkle inclusion proofs, smart contracts, consensus, and chain management — all in a single stdlib-only Python file.

50 COG
Block Reward
Halves every 210 blocks
10 sec
Target Block Time
Difficulty adjusts every 10 blocks
100 tx
Max Block Size
Transactions per block
5
Contract Types
increment, transfer, vote, store, escrow
# Create wallets
cog chain wallet create --name alice
cog chain wallet create --name bob

# Mine some blocks to get rewards
cog chain mine --miner alice --count 5

# Send a transaction
cog chain tx send --from alice --to bob --amount 25 --fee 0.1

# Mine to confirm the transaction
cog chain mine --miner alice

# Deploy a smart contract
cog chain contract deploy --owner alice --id token \
  --code '{"mint":{"type":"increment","key":"supply"}}'

# Check chain stats
cog chain stats
cog chain validate

Wallet Management

cog chain wallet <action>
5 actions

Create and manage wallets with HMAC-based keypairs, balance tracking, and transaction history.

createCreate a new wallet with keypair
listList all wallets
balanceCheck wallet balance
historyTransaction history for wallet
exportExport wallet details as JSON

Transactions

cog chain tx <action>
4 actions

Create, sign, and broadcast transactions with configurable fees and optional data payloads.

sendCreate, sign, and submit a transaction
getLook up a transaction by hash
listList all confirmed transactions
pendingShow mempool (pending transactions)

Mining

cog chain mine
1 command

Proof-of-work mining with automatic difficulty adjustment and halving reward schedule.

mineMine blocks (default 1, or continuous with --auto)

Block Operations

cog chain block <action>
5 actions

Inspect blocks, verify Merkle roots, and generate inclusion proofs for any transaction.

getGet block by index or hash
latestShow the latest block
listList recent blocks
merkleShow Merkle root and transaction tree
merkle-proofGenerate and verify Merkle inclusion proof

Smart Contracts

cog chain contract <action>
4 actions

Deploy and execute smart contracts with actions: increment, transfer, vote, store, escrow.

deployDeploy a smart contract
callExecute a contract action
stateQuery contract state
listList all deployed contracts

Chain Utilities

validate

Validate entire chain integrity (hashes, proof-of-work, balances)

stats

Chain statistics: height, supply, difficulty, block times, mempool

top-holders

[--limit N]

Top balance holders

export

--format json|csv

Export entire chain to file

search

[--miner M] [--limit N]

Search blocks by miner or criteria

snapshot

Create state snapshot of balances and nonces

rollback

--height H

Rollback chain to a specific block height

fork-detect

Detect chain forks and inconsistencies

reset

Reset entire chain to genesis (destructive)

info

Chain info summary with key metrics

Merkle-Verified Transactions

Every block contains a Merkle root computed from all transactions. Generate and verify inclusion proofs for any transaction without downloading the entire block.

Double SHA-256
Block and transaction hashing
Proof-of-Work
Adjustable difficulty targeting 10s blocks
HMAC Wallets
Deterministic keypair derivation
State Snapshots
Checkpoint and rollback support
# Verify a Merkle inclusion proof
cog chain block merkle-proof 5 --tx-index 2

# Check chain integrity
cog chain validate

# Snapshot current state
cog chain snapshot

# View top holders
cog chain top-holders --limit 5

# Export to JSON
cog chain export --format json

Built-ins only

No pip. No npm. No containers. Just what ships with your OS.

Python stdlib

Core engine — hashing, compression, binary I/O, CLI

hashlibhmacstructzlibsqlite3jsonargparseuuid

Bash built-ins

Streaming glue — piping, range-fetch, deployment

catddheadtailwcshasum*

Markdown

Operator UX — plain text, no renderer needed

RunbooksProceduresRecoveryChecklists

*If shasum not present, Python provides hashing/verify fallback

Install

One unified installer — COG engine plus optional Sovereign Dev Architect stacks. Requires Python 3.8+. Append flags to provision AI, Web3, security, or server environments.

COG engine only — one line

curl -fsSL https://cognis.work/install.sh | sudo bash

Or just grab the two files

# System-wide install — two files, zero dependencies
sudo curl -o /usr/local/lib/cog/cog.py https://cognis.work/cog.py
sudo curl -o /usr/local/lib/cog/cog.sh https://cognis.work/cog.sh
sudo chmod +x /usr/local/lib/cog/cog.sh
sudo ln -sf /usr/local/lib/cog/cog.sh /usr/local/bin/cog
cog help
Sovereign Dev Architect · Air-gapped · Modular

Append stack flags to the same install.sh to provision a fully modular Ubuntu/WSL dev environment. Prefetch everything into a portable .cog bundle for air-gapped installs.

Layer 0–1

Core Toolchain

--minimal
  • build-essential, cmake, clang, llvm
  • git + git-lfs + git-crypt
  • Python 3 + pip + venv + pipx
  • tmux, vim, zsh + Oh My Zsh
  • ufw + fail2ban (hardened)
  • htop, btop, ncdu, jq, yq
Layer 2a

AI Stack

--ai
  • PyTorch (CPU or CUDA)
  • transformers, accelerate, peft, trl
  • langchain, openai, anthropic
  • llama-cpp-python + Ollama
  • JupyterLab, scikit-learn, pandas
  • FastAPI + uvicorn
Layer 2b

Web3 Stack

--web3
  • Node.js LTS (nvm)
  • Hardhat, ethers, viem, OpenZeppelin
  • Foundry (forge, cast, anvil)
  • Rust + cargo-contract + Solana CLI
  • Slither, Mythril, eth-brownie
  • IPFS Kubo (localhost daemon)
Layer 2c

Security Stack

--sec
  • nmap, masscan, tcpdump, wireshark
  • Metasploit, Burp Suite, Ghidra
  • hashcat, john, hydra
  • gobuster, ffuf, nikto, sqlmap
  • pwntools, impacket, scapy
  • SecLists wordlists
Layer 2d

Server Stack

--server
  • Docker CE + Compose (hardened)
  • Nginx (security headers)
  • PostgreSQL (localhost-only)
  • Redis (hardened, renamed cmds)
  • Certbot / Let's Encrypt
  • docker-compose.yml template
Layer 5–6

Identity & Finalize

--offline
  • GPG + SSH hardening
  • pass (password-store)
  • .gitignore_global template
  • .env.template (all stacks)
  • Manifest + verification
  • UFW audit + cleanup

Online install (COG + pick your stacks)

# COG engine + full sovereign stack
curl -fsSL https://cognis.work/install.sh | sudo bash -s -- --ai --web3 --sec --server --gpu

# Just COG + AI development
sudo bash install.sh --ai --gpu

# Minimal baseline only
sudo bash install.sh --minimal

Air-gapped install via .cog bundle

# Step 1: On a machine WITH internet — prefetch & bundle into .cog
sudo bash prefetch.sh --ai --web3 --sec --server --gpu
# → produces sovereign-cache.cog (single portable file)

# Step 2: Transfer sovereign-cache.cog + install.sh to airgapped host
# (USB drive, SCP, sneakernet, etc.)

# Step 3: On the air-gapped host — install from .cog bundle
sudo bash install.sh --offline --ai --web3 --sec --server --gpu
# → unpacks sovereign-cache.cog, installs everything offline

Download scripts

curl -fsSL https://cognis.work/install.sh -o install.sh
curl -fsSL https://cognis.work/prefetch.sh -o prefetch.sh
chmod +x install.sh prefetch.sh

.cog Bundled Prefetch

prefetch.sh downloads all packages, wheels, binaries, and repos then bundles everything into a single sovereign-cache.cog file using the COG format. Transfer one file, run install.sh --offline, and the installer unpacks the bundle automatically. No internet required.

sovereign-cache.cog
One bundle, fully offline

Offline AI — No Internet Required

COG AI is its own local inference engine. During prefetch, cog ai --seed-knowledge distills ~35 key topics (AI, Web3, security, server admin, dev patterns) into a compact brain.cog knowledge base. On the air-gapped host, COG AI auto-detects offline mode and answers queries entirely from pre-distilled knowledge — extractive recall, n-gram scoring, and summarization. No external LLM, no API keys, no internet. Stdlib-only.

brain.cog
Distilled AI, zero dependencies

After install

Each stack creates its own isolated venv and workspace scaffolding. Use the aliases to activate: aienv for AI, secenv for Security. All services bind to localhost only. Manifest saved to /etc/sovereign-dev-manifest.

aienv
AI venv
secenv
Sec venv
dc
Docker
zsh
Shell

Design rules

Built-ins only

Python stdlib, Bash built-ins, plain Markdown. If a tool might not exist, fall back to Python.

Content-addressed

Every block identified by hash. No IDs to generate, no coordination needed.

Streaming first

Directory at end (or duplicated) for range-fetch + append. Designed for curl --range.

Deterministic

Indexes rebuild from logs. Ship diffs, not rebuild artifacts. Every state is replayable.

Append-only

Blocks are never modified in place. New data appends, directory rewrites at end.

Small surface

One CLI with 12 verbs. Two files total under 50 KB. Minimal API, maximum capability.