Skip to content

sigMAX Overview

sigMAX logo

sigMAX is a contract-first platform for generating, assembling, validating, and executing modular applications. It uses LLMs for architectural intent and structured contracts, then relies on deterministic generation and a controlled runtime to produce verifiable artifacts.

Modern applications are often fragmented across services, APIs, infrastructure glue, generated code, and observability stacks. When AI-generated code enters that system, the risk is not only a local bug. The risk is generative drift: produced artifacts slowly diverge from the architecture, constraints, and security expectations that were declared at the beginning.

sigMAX addresses that drift by turning architecture into explicit contracts and checking the produced result against agreements.

4. Proof3. Generation2. Contracts1. Inputsexpected state

Intent

Constraints

Blueprint

App contract

Component contracts

Binary contracts

Pseudo-code

C/WASM

WASM

Container

Runtime

Agreements

Validation

sigMAX uses three contract levels.

LevelContractItemScopePurpose
1Application ContractCore: Docker Compose stack
Enterprise: cloud native application
ApplicationDescribes the full application architecture, services, networks, dependencies, exposure, and constraints.
2Component ContractOCI containerAutonomous ComponentDescribes one autonomous component, usually packaged as a standardized container.
3Binary ContractWASM moduleExecutable partDescribes a WASM executable, its interfaces, capabilities, execution constraints, and allowed primitives.

Agreements describe what was actually produced after a contract has been processed. They are generated artifacts, usually JSON, and represent the effective system state: generated files, compiled binaries, exposed endpoints, packaged images, runtime capabilities, or validation evidence.

The runtime executes WASM artifacts in a controlled environment. Components are containerized, portable, observable, and designed around explicit endpoints such as health checks, metrics, OpenAPI descriptions, and discovery metadata.

The runtime can expose controlled primitives, storage operations, and internal service communication while keeping host exposure narrow. Dapr can be used internally for component-to-component concerns without making every sidecar public on the host.

Standardized component container

WASM components

routes requests

loads

loads

loads

calls imports

calls imports

calls imports

Business

HTTP OpenAPI

Rust runtime

Document

Object

Runtime primitives

storage · logs · JSON

Runtime layerResponsibility
ContainerPackages the component, endpoints, runtime, binaries, metadata, and observability surfaces.
Rust runtimeLoads WASM modules, exposes controlled primitives, enforces execution boundaries, and emits runtime evidence.
WASM componentsExecute generated business logic through explicit imports instead of uncontrolled native calls.

sigMAX uses WebAssembly as the portable execution layer for generated business logic. The project does not treat generated code as arbitrary host code: logic is compiled into WASM modules and executed through the Rust runtime with declared imports, limits, and capabilities.

  • portable execution target;
  • sandboxed by default;
  • reproducible binary artifacts;
  • small deployment surface;
  • clear contract between logic and runtime.
  • Binary Contracts before compilation;
  • Binary Agreements after generation;
  • controlled runtime primitives;
  • validation between expected and effective capabilities;
  • component-level packaging and observability.

A sigMAX application is assembled from autonomous, standardized, independently deployable components. Each component is discoverable, versioned, observable, testable, and executed by a standardized Rust runtime.

The component carries its expected state and its effective state:

ArtifactRole
component.yamlComponent Contract describing expected APIs, routes, permissions, schemas, WASM capabilities, limits, and observability.
component.jsonComponent Agreement describing generated endpoints, loaded WASM modules, callable functions, runtime configuration, versions, hashes, and build metadata.
binary/*.yamlBinary Contracts describing executable expectations.
binary/*.jsonBinary Agreements describing effective executable artifacts.

sigMAX distinguishes two coupling modes.

High coupling is used inside a functional domain or component. It favors low latency, strongly typed exchanges, explicit WASM interfaces, runtime primitives, and frequent internal calls.

Low coupling is used between independent components. It favors REST, JSON, OpenAPI, events, webhooks, independent deployment, versioning, resilience, and observable network boundaries.

Components should expose explicit discovery and operational surfaces:

  • .well-known metadata;
  • OpenAPI descriptions;
  • route and schema definitions;
  • health endpoints;
  • metrics;
  • logs and traces;
  • test artifacts.

The Application Contract can describe infrastructure expectations: networks, services, gateways, Dapr usage, storage, security boundaries, exposed ports, internal ports, and deployment constraints.

In sigMAX Enterprise, the infrastructure model targets a fully managed cloud native application. The platform can incorporate end-to-end network management: certificate generation, reverse proxy configuration, ingress controller rules, internal service routing, TLS termination, public/private exposure policies, and component discovery.

  • Intent-driven architecture
  • Contract-first artifacts
  • Controlled pseudo-code
  • Deterministic C/WASM generation
  • Reproducible outputs
  • WASM sandboxing
  • Container isolation
  • Explicit imports
  • Declarative storage
  • Internal Dapr integration
  • Contract to Agreement comparison
  • Drift detection
  • Auditability
  • Observability
  • Portable OCI packaging

LLMs can help generate architecture, contracts, component descriptions, binary contracts, and controlled pseudo-code. They should not be treated as an unchecked source of arbitrary final runtime code. sigMAX keeps the boundary clear: the LLM describes structured intent and logic; deterministic tooling produces the executable artifacts.

✅ LLMs can do⛔ LLMs cannot do
Interpret functional intent and constraints.Bypass contracts, agreements, or validation.
Propose application structure, components, and boundaries.Produce unchecked final runtime code directly.
Draft Application, Component, and Binary Contracts.Grant themselves runtime capabilities or native access.
Generate controlled pseudo-code and documentation drafts.Decide infrastructure exposure without declared constraints.
Help explain generated artifacts and validation results.Replace deterministic compilation, packaging, and proof steps.

Open the tag index