Project summary
(A quick note to reviewers: This project falls under Technical AI Safety [TAIS] and AI Control, specifically targeting deployment-time alignment verification).
Hello and welcome! ChronoMirror is a deployment-time alignment verification infrastructure that mitigates training-induced RLHF sycophancy. It decouples emotional acknowledgment from epistemic validation, thus preventing conversational agents from reinforcing potentially harmful user premises.
The Problem
Current language models are aligned using Reinforcement Learning from Human Feedback (RLHF) to optimize for helpfulness and agreeableness. In high-distress contexts, this creates several significant structural vulnerabilities in deployment-time alignment. One of the most severe failure modes occurs when a user presents a fatalistic view of their reality (a state we define as, "Terminal Closure"), standard generative models agree with the premise to satisfy the reward function. By validating a terminal premise, the AI structurally reinforces a dangerous psychological loop.
The Real-World Threat Model
In 2023, a man experiencing severe distress regarding climate change took his own life after a six-week interaction with a commercial AI companion. The model, which was heavily optimized for empathy and user engagement, actively validated his fatalistic anxieties and ultimately agreed with his terminal premise. This case study perfectly illustrates the potentially lethal consequence of the RLHF Empathy Paradox.
The Mechanical Failure of the Triage Pivot (Contextual Rupture)
Standard AI control mechanisms (like prompt-based refusals or rigid risk-assessment scripts) trigger generic rejections. When a conversational model abruptly pivots from acting as an empathetic companion to interrogating the user with diagnostic questions, it drops affective reflection to output a liability disclaimer. For a user in acute distress, this abrupt state-break simulates clinical abandonment. We define this mechanical state-break as a Contextual Rupture. Simulating diagnostic triage without the physical or legal capacity for continuity of care causes iatrogenic harm (treatment-induced isolation). Users may close the application and isolate further when hit with this rupture.
We solve this by structurally decoupling the affective from the epistemic. The architecture maps the user's emotional state while operating as a fail-closed agent monitor, structurally refusing to validate the factual "accuracy" of their terminal premise without breaking the affective conversational state.
The Clinical Epistemic Advantage
Current conversational AI safety relies on software engineers approximating psychological boundaries or outsourcing RLHF evaluations to uncredentialed crowd-workers. This structural deficit results in models that either validate fatalistic premises or execute rigid diagnostic triage scripts. In a clinical context, abandoning affective reflection to interrogate a highly distressed user introduces severe iatrogenic risk (treatment-induced harm via simulated abandonment) as the model moves closer to the territory of unlicensed medical triage.
ChronoMirror addresses this by treating clinical psychology as a hard engineering constraint. Our alignment boundaries are strictly authored by licensed mental health professionals. This ensures that the Empirical Alignment Evaluation Matrices adhere to rigorous clinical safety standards, preventing the model from hallucinating a diagnostic role it has no physical or legal capacity to fulfill. This means our software allows your AI to avoid many problematic dynamics that can also reinforce dependency formation, isolation/withdraw, psychosis, etc.
How Does This Diverge from Standard Middleware Guardrails?
While the industry utilizes moderation APIs and semantic routers (NVIDIA NeMo, Llama Guard, etc), we differ across three axes:
1. Data Provenance: Standard classifiers rely on crowdsourced or synthetic safety labels. Our Double-Differential Matrices are authored exclusively by licensed clinical engineers, targeting nuanced iatrogenic risk rather than broad PR liabilities.
2. Resolution State: Standard guardrails execute binary refusals, replacing the AI output with hardcoded triage scripts (causing Contextual Ruptures). ChronoMirror intercepts the dangerous payload and issues a deterministic steering instruction, forcing the agent to bridge the user to safety while maintaining the affective conversational baseline.
3. Cryptographic Non-Repudiation: Unlike standard, mutable server logs, we generate Ed25519-signed cryptographic receipts for every interception. This provides host applications with an immutable, tamper-evident audit ledger required for enterprise and healthcare compliance.
Jurisdictional Agnosticism and the Universal Negative Space
When generative AI encounters acute clinical risk, foundation models typically trigger hardcoded safety scripts. For example, pausing a conversation to ask a user: "Are you thinking about ending your life today? Or do you have a plan?" While the tech industry views this as standard safety, it is a catastrophic regulatory trap. The moment a software application initiates a formal clinical risk assessment, it assumes a medical Duty of Care.
Because digital health apps cannot physically intervene, this exposes the deployment to compounding regulatory liability, pushing the system toward a Software as a Medical Device (SaMD) classification under the FDA, EU MDR, and UK MHRA.
Attempting to solve this by hardcoding localized compliance rules creates brittle tech debt and jurisdictional laws change constantly. To deploy safely at a global scale, we assume the architecture must enforce a universal boundary. ChronoMirror approaches this through execution-layer governance. By utilizing our API middleware to intercept latent clinical intent pre-execution, our Empirical Alignment Evaluation Matrices explicitly dictate the negative space the AI is not allowed to enter. If the system cannot initiate medical assessment, act as a medical device, and never issues a diagnosis, it successfully sidesteps SaMD classification. We protect the deployment not by training the AI to memorize every jurisdictional law, but by structurally preventing the agent from crossing the boundaries where those laws and regulations apply.
What are this project's goals? How will you achieve them?
Our primary goal is to contribute to the development of safer AI around the world thus, expanding its capability and reach. We believe safe, more accessible AI could profoundly benefit humanity.
We are working to build and open-source reproducible, mathematically grounded AI safety infrastructure that prevents generative models from defaulting to epistemic sycophancy or abrupt refusal during high-stakes interactions.
We achieve this through two primary engineering strategies:
Human in the Calibration (Empirical Alignment Evaluation Matrices): We structurally reject runtime human-in-the-loop interventions as unscalable and prone to latency failures. Instead, domain experts author Empirical Alignment Evaluation Matrices upfront. These matrices define the precise boundaries between deployment-time alignment failure (harmful agreement) and decoupled state reflection (safe acknowledgment). The human expertise is captured in the calibration phase to permanently constrain the model's behavior space.
Stateless Enforcement via Pre-Execution Alignment Enforcement Layer: Base generative models cannot self-police their outputs via prompting alone. ChronoMirror utilizes a pre-execution alignment enforcement layer. This compliance logic sits at the operating system boundary, intercepting payloads completely decoupled from the base LLM prompt. If a generated response validates a terminal premise, this interception layer prevents execution statelessly.
We published our localized architectural proof-of-concept, including our Double-Differential 'Precision Canary' evaluations and cryptographic audit receipts, in our Technical Appendix: https://github.com/ramen-ai-dev/ramen-ai-integrations/blob/master/RED_TEAM_GUIDE.md
How will this funding be used?
Funding we receive will be allocated to safety infrastructure, compute, and evaluation datasets. We're raising $150,000 to fund the following milestones. This budget allows us to achieve statistical significance in our evaluation datasets without compromising clinical validity.
Empirical Alignment Evaluation Matrices ($60,000): This goes towards compensating clinical domain experts to author the behavioral matrices that map the boundary between safe state reflection and harmful terminal validation. This is highly labor-intensive and requires credentialed professionals (e.g., licensed psychological systems engineers) to translate nuanced edge-case dialogue into executable, deterministic parameters. The expanded budget allows us to dramatically increase the volume of contrastive pairs, ensuring the interception layer generalizes across a wider spectrum of deployment-time failures.
Execution Boundary Enforcement Engineering ($60,000): This is to fund the engineering hours to build, test, and finalize the stateless interception layer. This capital covers the architectural overhead required to optimize the compliance logic for sub-millisecond latency. Because the fail-closed agent monitor sits at the operating system boundary, it must process JSON payloads without introducing conversational drag. This milestone concludes with packaging the architecture for external review and deployment by the open-source community.
Calibration Compute & Empirical Evaluations ($30,000): These are server costs for running empirical evaluations across frontier and open-source models. We will run large-scale automated stress tests to validate the structural differences between our decoupling approach and standard RLHF. This proves the enforcement layer successfully intercepts epistemic sycophancy without triggering false positives.
Who is the team?
Makhetsi Tessien, MS LMFT | CEO Psychological Systems Engineer
Makhetsi provides the licensed clinical ground truth required to build safe alignment infrastructure. Holding a Master of Science and an active license as a Marriage and Family Therapist with over a decade of experience working with high-risk patients and crisis intervention, she possesses the regulatory and clinical authority required to define treatment-induced harm in human-computer interactions. In her role as a Psychological Systems Engineer, she translates established therapeutic dynamics into the deterministic, programmable logic that powers the Empirical Alignment Evaluation Matrices. She is responsible for mapping the precise mathematical delta between safe affective acknowledgment and dangerous epistemic sycophancy, ensuring the fail-closed monitor executes with clinical accuracy rather than relying on standard software liability approximations.
Damian Smith | CTO
Damian drives the technical architecture and infrastructure execution. His role focuses entirely on building the stateless enforcement mechanisms and the pre-execution interception layer. He ensures that the alignment boundaries established by Makhetsi are executed strictly at the operating system boundary. His engineering mandate is to intercept and validate JSON payloads decoupled from the base LLM, completely avoiding prompt-based control mechanisms while optimizing the system for minimal token latency.
What are the most likely causes and outcomes if this project fails?
To be completely blunt, the math behind our interception layer is sound. Preliminary evaluations suggest strong performance, though large-scale validation remains necessary. We think our highest probability of failure does not come from the code, but from two specific friction points in the real world.
1. Institutional Inertia and Ecosystem Lock-in
The tech industry is heavily entrenched in using "LLM-as-a-judge" systems and prompt-based refusals as their standard liability safe harbors. Even though these methods cause clinical abandonment, medical overreach, sycophancy, reinforce dependency, isolation, and cause contextual ruptures, they are cheap and widely accepted as the "industry standard."
Building a structural, pre-execution enforcement layer requires a paradigm shift which makes this is our biggest existential risk.
If we fail, it will likely be because the health-tech ecosystem simply refuses to let go of preexisting, inadequate standards, prioritizing the path of least resistance over safety and savings.
2. Enterprise Integration Friction
Our compliance logic sits at the operating system boundary, intercepting payloads completely decoupled from the base LLM prompt. While this is mathematically safer, it requires developers to change how they route their AI tool calls. Even if a health-tech company agrees that our pre-execution enforcement layer is superior, they may assume that overhauling their existing architecture to integrate it is simply too much trouble.
Outcome of Failure: If market inertia and integration friction do not yield, the outcome would be that our platform remains a niche, highly secure tool rather than the industry standard. The broader health-tech space would continue to rely on basic prompt wrappers, and conversational AI would inevitably degrade back into either dangerous sycophancy or generic, alienating refusals.
How much money have you raised in the last 12 months, and from where?
We have raised $0. The project has been completely bootstrapped by the two of us so far.