This work addresses the critical absence of runtime governance mechanisms in autonomous AI agents, which often leads to fiscal indiscipline, rigid permissioning, and non-auditable behavior. We propose the first governance-centric operating system for AI agents, wherein a declarative YAML charter defines task scope and fiscal boundaries. A policy officer decomposes high-level objectives, a finance officer enforces expenditure control via auction-based mechanisms, and workers receive dynamically scoped permissions based on a TrustScore metric. An audit engine generates cryptographically verifiable proofs using SHA-256 hashing. By integrating charter-based governance, dynamic trust-based authorization, fiscal discipline, and cryptographic auditing, our system enables verifiably autonomous AI agents across their full lifecycle. Experiments demonstrate 100% prevention of fiscal violations, 94% accuracy in permission enforcement, zero integrity failures across over 1,200 audits, and support for real-world payment execution via Stripe integration.

As AI agents evolve from text generators into autonomous economic actors that accept jobs, manage budgets, and delegate to sub-agents, the absence of runtime governance becomes a critical gap. Existing frameworks orchestrate agent behavior but impose no fiscal constraints, require no earned permissions, and offer no tamper-evident audit trail. We introduce Sovereign-OS, a governance-first operating system that places every agent action under constitutional control. A declarative Charter (YAML) defines mission scope, fiscal boundaries, and success criteria. A CEO (Strategist) decomposes goals into dependency-aware task DAGs; a CFO (Treasury) gates each expenditure against budget caps, daily burn limits, and profitability floors via an auction-based bidding engine; Workers operate under earned-autonomy permissions governed by a dynamic TrustScore; and an Auditor (ReviewEngine) verifies outputs against Charter KPIs, sealing each report with a SHA-256 proof hash. Across our evaluation suite, Sovereign-OS blocks 100% of fiscal violations (30 scenarios), achieves 94% correct permission gating (200 trust-escalation missions), and maintains zero integrity failure over 1,200+ audit reports. The system further integrates Stripe for real-world payment processing, closing the loop from task planning to revenue collection. Our live demonstration walks through three scenarios: loading distinct Charters to observe divergent agent behavior, triggering CFO fiscal denials under budget and profitability constraints, and escalating a new worker's TrustScore from restricted to fully authorized with on-the-spot cryptographic audit verification.