# Day 12: LOOM now owns its memory — a trust layer for AI-written code, in plain language

> Source: <https://dev.to/umbraaeternaa/day-12-loom-now-owns-its-memory-a-trust-layer-for-ai-written-code-in-plain-language-443o>
> Published: 2026-07-10 10:11:20+00:00

More and more of the world’s code is written by AI. That’s exciting — and quietly unnerving. Not because AI makes mistakes, but because the *same* AI often writes both the code **and** the test meant to catch the mistake. When one mind grades its own exam, “it passed” stops meaning “it’s safe.” You’re trusting on faith.

**LOOM flips that.** It’s a small, open-source language that acts as a **trust layer for AI-written code**. Code doesn’t just *run* — first LOOM asks, and *proves at a gate*:

If the code lies about itself, LOOM refuses to run it. The slogan says it all: **AI proposes, the compiler decides.**

Most “AI safety” lives in prompts, reviews, and hope. LOOM makes trust a **property the machine checks before a single line runs** — and that guarantee survives translation: the same verified program runs in an interpreter, compiles to Python and JavaScript, and runs in your browser as **real WebAssembly**, with the identical result. It’s tiny on purpose — a research kernel — and it’s **self-verified by 389 checks that can only ever go greener**: every new feature ships with a test that tries to break it, so the language can’t silently regress.

Until now, a LOOM program compiled to WebAssembly ran on a fixed scrap of memory. If it overflowed, it crashed — a random, low-level trap *outside* the language’s control. As of today, **LOOM checks there’s room before every single write** (`reserve`

→ then `store`

). An overflow is no longer a random crash; it’s LOOM’s own deliberate, predictable decision — a clean stop instead of a mystery. It’s the same principle as the whole language — *nothing happens that LOOM didn’t allow* — now extended to **memory itself**. **388 → 389 checks, all green.**

I don’t write LOOM by hand. **An autonomous organism I built grows it — day and night, on one machine.** It proposes an improvement, proves it green itself, adversarially attacks its own idea, and only then does a human get the final say. Many “minds,” one engine. You’ll always see *what* it produces, and every result comes with proof — but the engine that grows it stays private. Open where it earns trust; private where it protects the edge.

Today LOOM *checks and proves*. Next it moves from checking to **enforcing**: a real action an AI agent wants to take — edit a file, run a test, push to a repo — physically passes through this gate. It builds a **manifest** (who’s acting, what they want, which files), checks policy, asks you to approve if needed, and then writes a **receipt**: what was allowed, and what actually happened. Picture a **control panel of trust** for working with AI agents — not terminal magic, but plain-language decisions: “this code wants network access,” “this change has no independent proof,” “this push is allowed.”

That’s the goal: to become the **trust layer the world uses to safely let AI write code** — so you can move fast with agents *without* giving up control.

**389 checks, all green.** Built solo, in the open, from Ukraine 🇺🇦.

— Links —

⭐ GitHub (MIT): [https://github.com/umbraaeternaa/loom](https://github.com/umbraaeternaa/loom)

🌐 Site: [https://umbraaeternaa.github.io/loom](https://umbraaeternaa.github.io/loom)

▶ Try it live (in your browser): [https://umbraaeternaa.github.io/loom/play.html](https://umbraaeternaa.github.io/loom/play.html)

📸 Instagram: [https://instagram.com/umbra_owner_architect_ai](https://instagram.com/umbra_owner_architect_ai)

💼 LinkedIn: [https://linkedin.com/in/volodymyr-natoptanyi-16b906262](https://linkedin.com/in/volodymyr-natoptanyi-16b906262)

☕ Support: [https://send.monobank.ua/jar/AHaziFXjYX](https://send.monobank.ua/jar/AHaziFXjYX)
