ADDENDUM (JUNE 8, 2026): INDUSTRY ALIGNMENT AND EMPIRICAL VALIDATION.

1. The Failure of Downstream Governance: Four Industry Confessions

On June 8, 2026, Le Monde Informatique published the convergent statements of four agentic AI practitioners operating in enterprise environments. Their findings document three structural impasses that the SOURCE 0® Doctrine addresses architecturally.

The SIEM/EDR Rupture — Mahesh Kumar Goyal, Data and AI Specialist, Google

Traditional detection tools were designed to identify human behavioral anomalies. They are structurally blind to compromised agentic behavior. Mahesh Kumar Goyal states it plainly: "An agent executing compromised code perfectly 10,000 times in a row appears normal, even if it has been hacked." He adds that most organizations have no inventory of their active agents — they are attempting to manage what they cannot see.

The Code Review Impasse — Adel El Hallak, VP AI Software, Nvidia

Code review is inoperable for AI agents. Adel El Hallak establishes this with precision: "To identify problems, engineers could analyze the code. Impossible with agents, because they make decisions directly within the execution environment of an AI model." The source of truth must now come from execution traces — but those traces are probabilistic, dynamic, and generated within a potentially compromised environment.

The Human-in-the-Loop Bottleneck — Nirmal Ganesh, Senior Director of Product Management, Box

Systematic human validation of every agentic output reconstructs a manual process that destroys the operational benefit of the agent. Nirmal Ganesh confirms: "With a large volume of agents, governance becomes a growth inhibitor rather than a safety net."

The Ultimate Legal Challenge — Marcelo Lorenzetti, Founder and Chief AI Officer, SavvyLex

"The biggest challenge is not simply knowing whether an agent produced a good response, but whether the organization can prove what the agent accessed, what instructions it followed, what tools it used, what decisions it made, when a human intervened, and whether it stayed within its authorized boundaries." Without this structured proof, organizations are left with screenshots and post-hoc explanations that do not satisfy legal and regulatory requirements.

The Quantified Void

A TrueFoundry survey published in May 2026 among more than 200 AI executives establishes that 54% of organizations do not precisely track the activity of their agents and 56% have no centralized control or governance system in place. These figures document the scale of the compliance deficit under NIS 2 Art. 21(2)(g) and DORA Art. 12.

2. The Doctrinal Contrast: Observability versus Opposability

The practitioners cited above converge on the same operational conclusion: agents must be traced, monitored, and logged. This is the observability market. Google, Nvidia, Box, and their partner ecosystems operate within it.

The SOURCE 0® Doctrine addresses a distinct, complementary, and non-substitutable segment: the opposability market.

The Fundamental Distinction

Observability produces behavioral traces of the agent — probabilistic, generated within the execution environment, potentially compromised, and contestable before any supervisory authority. Opposability produces proof of human arbitration — deterministic, prior to execution, cryptographically sealed, and structurally robust against adversarial cross-examination.

What SOURCE 0® Does Not Do — The Constitutive Architectural Constraint

The SOURCE 0® Doctrine does not capture downstream execution traces of the agent. It does not log the agent's probabilistic behavior during execution. It does not attempt to audit the agent in offline mode. Any architecture claiming to produce opposable proof from offline agentic traces is exposed to the environment contamination impasse confirmed by the statements of Goyal and El Hallak.

What SOURCE 0® Does — The Human Validation Atom at T-0

The protocol deterministically captures the human arbitration that precedes any agentic action. At the T-0 instant, the instruction produced by the decision-maker is frozen. A salt-free SHA-256 hash is applied to this atom, whose perimeter is defined ex-ante to guarantee strict reproducibility. This hash is coupled with a qualified timestamp provided by a QTSP whose status on the European TSL is verified programmatically at T-0. The DRH is instantaneously deposited with a Justice Commissioner, who certifies the bit-by-bit identity of the escrowed file with the SHA-256 hash via a Formal Report of Cryptographic Equivalence. Date certaine under Book 8 of the New Civil Code.

The Response to the Lorenzetti Requirements Framework

SOURCE 0® responds structurally to Lorenzetti's requirements on their ex-ante dimensions: the initial instruction is dated, intact, and opposable; the authorization perimeter is defined and sealed before the agent acts; the continuous automation framework structurally excludes opportunistic selectivity. What SOURCE 0® does not attest — in accordance with its constitutive epistemological limit — is the effective behavior of the agent after receipt of the instruction.

Market Positioning

The industry sells observability. SOURCE 0® delivers opposability. These two segments are complementary and non-competing. An organization deploying AI agents in a NIS 2 or DORA environment requires both: observability to manage real-time agentic behavior, and opposability to demonstrate director diligence before a supervisory authority following an incident.

The SOURCE 0® Doctrine stands as the documented reference architecture combining, in a native and constrained manner, audited structural dissociation, salt-free SHA-256 eIDAS-qualified sealing with programmatic TSL verification, and ministerial escrow formalized by a certificate of cryptographic equivalence — applied to the human decisional atom upstream of any agentic execution.

Source: Le Monde Informatique, "L'observabilité incontournable pour l'IA agentique", June 8, 2026 (Grant Gross / Hanne Elgodjam)