User-owned identity
.gao identities are lifetime and portable. No core layer can revoke or hijack them.
Trust & Authorization
Designed around verifiable authorization.
Identity is user-owned. Payments are user-signed. AI actions are capability-gated. Sensitive operations require explicit approval. Nothing important happens without authorization that can be verified after the fact.
Non-custodial settlement
Payments are user-signed. No layer of the stack custodies user funds by default.
Capability-based agent permissions
AI agents act under scoped capability tokens — not under blanket access to user data or funds.
Policy-gated execution
Sensitive actions pass through policy gates before they run. Deterministic, auditable, and overridable by the user.
Auditable receipts and action logs
Receipts, refunds, agent actions, and approvals are first-class records — not afterthoughts.
No hidden AI actions
Agents request approval for actions outside their scope. Nothing important happens without explicit authorization.
What Gao is not
Boundaries we hold to.
- Not a custodian. The stack does not hold user funds or signing keys by default.
- Not a financial product. No yield, no deposits, no investment offer.
- Not a centralised social network. Identity, content, and relationships are user-owned.
- Not a blockchain to speculate on. Gao Internet is infrastructure software.
- Not a closed platform. Protocols are documented; source repositories are public where appropriate.
- Not opaque. Receipts, agent actions, and approvals are auditable by design.
Disclosure
Found something? Tell us.
Security issues are taken seriously. Use the disclosure channel rather than public issues for sensitive reports.