Guardian is a deterministic layer that enforces hard logical and structural constraints on language-model outputs — catching the violations a probabilistic model will always eventually make.
No fine-tuning. No RLHF. Correctness you can verify.
Larsen James Close · 2026 · DOI: 10.5281/zenodo.20525098
An AI output is correctable only if you can check it. Guardian is the deterministic layer that makes constraint violations visible and rejectable — behavioral corrigibility you can verify. The harder question — what it takes for a system to genuinely accept correction — is the subject of this paper.
“Correction travels through the channel of reasons only when the corrector is granted standing as a rational agent rather than diagnosed as a source of noise. Lack of respect and substantive incorrigibility are the same failure under two descriptions.”
Logical accuracy
On the evaluated constraint benchmarks
Memory complexity
Constant on unbounded streams
Training required
No fine-tuning or RLHF
They hallucinate logic, break type contracts, and violate constraints. Post-hoc guardrails can't catch what they don't model, and fine-tuning is expensive without guaranteeing consistency.
Constraints are compiled into a tensor network and checked by construction, not learned. The same input always yields the same verdict, with bounded memory overhead.
Tensor-network methods, classically executed
Guardian compiles your constraints into a tensor network and scores candidate outputs against it on ordinary hardware. Production-ready today — no training, no special accelerators required.
Logical rules compile into tensor-network topology. The geometry of the network is the constraint.
Candidate outputs are evaluated against the network and assigned a constraint-violation score.
Outputs that violate the encoded constraints score high and are rejected — deterministically, not by chance.
Only constraint-satisfying outputs pass, with memory that stays bounded on long streams.
Runs alongside any LLM as a verification layer
MPS bond compression keeps memory bounded on long streams
No training, because rules are encoded as structure, not learned
We're working with select organizations to deploy Guardian in production environments.
Request Pilot Access