{"slug": "corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design", "title": "CorvinOS – self-hosted agentic OS where EU AI Act and GDPR compliance by design", "summary": "CorvinLabs released CorvinOS, a self-hosted agentic operating system that enforces EU AI Act and GDPR compliance in code, not documentation. The open-source platform connects multiple LLMs to seven messaging bridges and runs locally with no API key required, targeting regulated deployments needing verifiable data governance.", "body_md": "[Overview](/CorvinLabs/CorvinOS/blob/main/docs/overview.md) ·\n[Architecture](/CorvinLabs/CorvinOS/blob/main/docs/architecture.md) ·\n[Audit & Compliance](/CorvinLabs/CorvinOS/blob/main/docs/audit-and-compliance.md) ·\n[A2A Network](/CorvinLabs/CorvinOS/blob/main/docs/agent-communication.md) ·\n[Engine Layer](/CorvinLabs/CorvinOS/blob/main/docs/engine-layer.md) ·\n[Security](/CorvinLabs/CorvinOS/blob/main/docs/security.md) ·\n[EU AI Act](/CorvinLabs/CorvinOS/blob/main/docs/eu-ai-act/README.md) ·\n[Learning Objectives](/CorvinLabs/CorvinOS/blob/main/docs/ulo-learning-objectives.md)\n\n**One install. Seven bridges. Any LLM.**\n\nCorvinOS is a self-hosted agentic OS that connects **Ollama, Claude, GPT-4, and any OpenRouter model** to **Discord, Telegram, WhatsApp, Slack, Email, Teams, and Signal** — through a single pip package.\n\n```\npip install corvinos && python -m corvinOS\n```\n\n**Local-first**— run 100 % offline with Ollama and`--engine hermes`\n\n. No API key needed.**Agentic**— generates sandboxed tools and new skills at runtime; delegates subtasks across five AI engines.** Compliance by architecture**— EU AI Act 2026 (disclosure, consent, house-rules) and GDPR (audit chain, data residency, erasure) are load-bearing code, not policy documents. None can be disabled by a flag.**Multi-tenant**— one instance, multiple users, personas, and teams, all isolated.** Self-hostable anywhere**— Linux, macOS, Windows; Docker-ready; single`pip install`\n\n.\n\n**CorvinOS enforces the EU AI Act in code, not in documentation.**\n\nEvery compliance requirement — disclosure, consent, audit integrity, data residency, egress control, GDPR erasure — is a structural constraint that cannot be disabled by a flag, env var, or config override. Regulated deployments get verifiable guarantees, not policy promises.\n\nSee [INSTALLATION.md](/CorvinLabs/CorvinOS/blob/main/INSTALLATION.md) for the complete setup guide.\n\n**Recommended — works identically on Linux, macOS, and Windows:**\n\n```\npip install corvinos\npython -m corvinOS        # web console at http://localhost:8765\n```\n\n`python -m corvinOS`\n\nis **PATH-independent**: it starts the console on the first\ntry on every OS — including Microsoft Store / system Python, where `pip install`\n\nfalls back to a per-user scripts directory that is not on `PATH`\n\n(the usual reason\n`corvin-serve`\n\nis \"not found\" on Windows). On Windows you can also use `py -m corvinOS`\n\n.\n\n**Want the short corvin-serve command on your PATH?** Install with\n\n[pipx](https://pipx.pypa.io)— it isolates the app and wires up\n\n`PATH`\n\nautomatically, on every platform:\n\n```\npipx install corvinos\ncorvin-serve              # web console at http://localhost:8765\n```\n\n`corvin-serve`\n\nfrom a plain`pip install`\n\nonly works once its scripts directory is on`PATH`\n\n. Running`python -m corvinOS`\n\nonce adds that directory to your PATH, so`corvin-serve`\n\nthen works in a new terminal — but`pipx`\n\n(or`python -m corvinOS`\n\n) is the reliable cross-platform path.\n\nThe base install is pure-Python and cross-platform — it brings the web console\nall the way up to setup on Linux, macOS, and Windows, with cloud/edge voice\n(OpenAI + Microsoft Edge TTS) working out of the box. For **local, offline**\nspeech models add the optional extra:\n\n```\npip install \"corvinos[voice]\"   # local Piper TTS + faster-whisper STT\n```\n\nThe\n\n`voice`\n\nextra is opt-in because its local-model dependencies (`piper-tts`\n\n,`faster-whisper`\n\n) lack Windows wheels for some Python versions; keeping them out of the base install means`pip install corvinos`\n\nreaches setup reliably on every supported platform.\n\n**Requirements:** Python 3.10+ · Linux, macOS 12+, or Windows 10/11 · Node.js 20+ required only for bridges\n\nDefault engine: Claude Code (Claude Pro or Max subscription required).\nFor fully local, zero-egress deployment: `--engine hermes`\n\n(Ollama, no API key).\n\n**Alternative package managers:**\n\n```\n# macOS / Linux — Homebrew\nbrew tap CorvinLabs/corvinos && brew install corvinos\n\n# Windows — Scoop\nscoop bucket add corvinos https://github.com/CorvinLabs/scoop-corvinos && scoop install corvinos\n\n# conda / mamba (pending review)\nconda install -c conda-forge corvinos\n# Developer install from source\ngit clone https://github.com/CorvinLabs/CorvinOS.git && cd CorvinOS\npip install -e \".[all]\" && corvin-install\n```\n\nFull documentation: [docs/overview.md](/CorvinLabs/CorvinOS/blob/main/docs/overview.md)\n\nOne command removes everything — services, config, data directories, and the package:\n\n```\ncorvin-uninstall --purge   # removes all files without prompting\npip uninstall corvinos -y  # removes the Python package\n```\n\nWithout `--purge`\n\nthe uninstaller asks before deleting data directories (audit logs, API keys, session history). Use `--purge`\n\nfor a fully non-interactive wipe.\n\n**What gets removed:**\n\n| What | Where |\n|---|---|\nsystemd services (`corvin-webui` , voice bridge, watchdog) |\n`~/.config/systemd/user/` |\n| Claude Code plugins + cache | `~/.claude/plugins/` |\n| Voice config, API keys, service.env | `~/.config/corvin-voice/` |\n| Audit logs, sessions, forge tools | `~/.corvin/` |\n| Bridge virtual environments | `~/.corvin/bridges/*/venv/` |\n| Web console build artifacts (source install only) | `<repo>/core/console/.../web-next/dist/` |\n\nAfter `pip uninstall corvinos -y`\n\nthe only thing left is the cloned repo directory (source installs) — delete it with `rm -rf <repo>`\n\nif you no longer need it.\n\nCorvinOS implements EU AI Act 2026 and GDPR as **structural design constraints**. Every feature must answer: *does this weaken a compliance guarantee?*\n\n| Mechanism | Layer | Regulation | Enforcement property |\n|---|---|---|---|\nBot Disclosure |\nL19 | EU AI Act Art. 50 | One-time per uid · structurally fail-closed · no bypass path |\nConsent Gate |\nL16 | GDPR Art. 6 & 7 | Deny-by-default · TTL-capped · re-validated at every consume |\nHash-Chained Audit |\nL16 | GDPR Art. 30 & 32 | SHA-256 chain · offline-verifiable · daily auto-verify · chain write failure blocks request |\nAudit-at-Rest Encryption |\nL37 | GDPR Art. 32 | Segment rotation · `age` /`gpg` sealing · RFC 3161 TSA timestamping (opt-in) · 7-year retention |\nData Classification + Flow Guard |\nL34 | EU AI Act Art. 14 | 4-stage matrix (PUBLIC/INTERNAL/CONFIDENTIAL/SECRET) · fail-closed at every engine-spawn callsite |\nEgress Lockdown |\nL35 | EU AI Act Art. 14 | Declarative `allowed_hosts` / `forbidden_hosts` · `default_action=deny` EU production preset |\nGDPR Art. 17 Erasure |\nL36 | GDPR Art. 17 | Cross-layer erasure orchestrator · pseudonymous subject IDs · audit trail de-linked, not deleted |\nAcceptable-Use Gate |\nL44 | EU AI Act Art. 5 & 50 | SHA-256-anchored house-rules policy · no disable switch · no tenant override |\nCompliance-Zone Routing |\nADR-0007 | EU AI Act Art. 14 | `allowed_engines` / `forbid_engines` per tenant · `data_residency` in `tenant.corvin.yaml` |\n\n**Absolute constraints — no env var, flag, or config can disable these:**\ndisclosure is structurally locked · consent gate has no bypass · every audit event traverses the hash chain before any response · L34 blocks non-compliant engine spawns · L38 audit write failure blocks the A2A request · L44 house-rules gate has no kill-flag.\n\n```\nvoice-audit verify              # walk the full hash chain; exits 1 on any break\nbridge.sh doctor                # boot self-test with audit chain verification\npython -m corvin_compliance_reports.cli generate processing-records   # GDPR Art. 30\n```\n\nFull compliance reference: [docs/eu-ai-act/README.md](/CorvinLabs/CorvinOS/blob/main/docs/eu-ai-act/README.md) · [docs/audit-and-compliance.md](/CorvinLabs/CorvinOS/blob/main/docs/audit-and-compliance.md)\n\nCorvinOS decouples the AI backend from the compliance runtime via the `WorkerEngine`\n\nprotocol (L22). Every engine shares path-gate, audit chain, and artifact registration through the Tool Execution Broker — swap providers without changing your compliance setup.\n\n| Engine | Provider | Key property |\n|---|---|---|\nClaude Code |\nAnthropic Claude (Pro/Max) | Full feature set — hooks, skills, MCP, mid-stream inject |\nCodex CLI |\nOpenAI | MCP + stream JSON |\nOpenCode |\nOllama, OpenRouter, Google | Provider-agnostic |\nHermes |\nNousResearch via local Ollama | Zero network egress · L34 CONFIDENTIAL-capable · no API key |\nCopilot CLI |\nGitHub Copilot Business/Enterprise | Zero incremental cost · worker/delegation only |\n\nMultiple CorvinOS instances form a decentralized agent network. Every cross-instance call carries a cryptographic signature, bidirectional attestation, nonce replay protection, and binary attachment verification. Audit-first invariant: the envelope is written to the hash chain **before** any response is sent.\n\nPath-gate (write-protection) · secret vault with bwrap env-injection · sandboxed Forge tool generation · SkillForge with fail-closed linter · multi-tenant session isolation · conversation recall with PII-redaction · session artifact memory · external data sources with k-anonymised sampling.\n\nThree-layer defence: per-tenant engine allowlist → data classification matrix (PUBLIC / INTERNAL / CONFIDENTIAL / SECRET) → egress host allowlist. EU_PRODUCTION presets ship out of the box. Raw data rows never enter the LLM context — only schema + aggregate stats + anonymised sample.\n\nControl plane at `http://localhost:8765`\n\n. Manage sessions, personas, bridges, forge tools, and audit logs from a single dashboard. Five-scope tenant model: one instance handles multiple users, projects, and teams in full isolation. Full REST API at `/v1/console/`\n\n.\n\n```\nbridge.sh console     # start web console\nbridge.sh doctor      # health check + audit verify\n```\n\nSeven bridge daemons (WhatsApp, Telegram, Discord, Slack, Email, Teams, Signal) funnel messages into a shared inbox. The Bridge Adapter enforces ACL, routes to the right persona, runs the TTS pipeline, and grades skills — per-chat-sequential, cross-chat-parallel. The WorkerEngine abstraction swaps the LLM backend without touching the compliance stack.\n\nFull layer breakdown: [docs/layer-model.md](/CorvinLabs/CorvinOS/blob/main/docs/layer-model.md) · Architecture diagrams: [docs/diagrams/](/CorvinLabs/CorvinOS/blob/main/docs/diagrams) · Full documentation: [docs/overview.md](/CorvinLabs/CorvinOS/blob/main/docs/overview.md)\n\n```\nbash operator/bridges/run-all-tests.sh\n```\n\nTests span the Python adapter, Node daemon-boot smoke tests, cowork, forge, skill-forge, and all security layers. Tests run hermetically — Claude stubbed via `ADAPTER_FAKE_CLAUDE=1`\n\n, real `bwrap`\n\nwhere namespace isolation is the subject under test.\n\nBy opening a pull request you accept [ CLA.md](/CorvinLabs/CorvinOS/blob/main/CLA.md). Every merged contribution requires a corresponding entry in\n\n[. See](/CorvinLabs/CorvinOS/blob/main/CLA-SIGNATORIES.md)\n\n`CLA-SIGNATORIES.md`\n\n[for the full workflow.](/CorvinLabs/CorvinOS/blob/main/CONTRIBUTING.md)\n\n`CONTRIBUTING.md`\n\nLicensed under the [Apache License, Version 2.0](/CorvinLabs/CorvinOS/blob/main/LICENSE).\n\n**Relicense right (CLA §3):** The Maintainer retains the right to release future versions of CorvinOS under a different license — including source-available licenses (Business Source License, Functional Source License, Elastic License v2) or a commercial license — without requiring further consent from contributors. This right is granted by every contributor as a condition of the [ CLA.md](/CorvinLabs/CorvinOS/blob/main/CLA.md). Already-published Apache-2.0 releases are not affected; they remain Apache-2.0 forever. See\n\n[for the full terms.](/CorvinLabs/CorvinOS/blob/main/CLA.md#3-relicense-right-the-load-bearing-clause)\n\n`CLA.md § 3`\n\n\"CorvinOS\" and \"Corvin\" are project identifiers per Apache § 6 — the license does not grant trademark rights.", "url": "https://wpnews.pro/news/corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design", "canonical_source": "https://github.com/CorvinLabs/CorvinOS", "published_at": "2026-07-01 16:02:43+00:00", "updated_at": "2026-07-01 16:20:48.358616+00:00", "lang": "en", "topics": ["ai-agents", "ai-safety", "ai-policy", "ai-infrastructure", "ai-ethics"], "entities": ["CorvinLabs", "CorvinOS", "Ollama", "Claude", "GPT-4", "OpenRouter", "Discord", "Telegram"], "alternates": {"html": "https://wpnews.pro/news/corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design", "markdown": "https://wpnews.pro/news/corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design.md", "text": "https://wpnews.pro/news/corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design.txt", "jsonld": "https://wpnews.pro/news/corvinos-self-hosted-agentic-os-where-eu-ai-act-and-gdpr-compliance-by-design.jsonld"}}