Skip to content

Manifesto — 2026-05-08

Defense is a covenant, not a service.

By 2035, three forces will have collided.

Autonomous physical infrastructure will be everywhere. Drones doing last-mile delivery, ground robots patrolling facilities, humanoids working alongside humans in warehouses, ports, and substations. Every one of these is a sensor, an actuator, and an attack surface.

AI will run operations end-to-end. Not just decision support, but autonomous response: security operations centres that triage themselves, supply chains that reroute themselves, fleets that retask themselves under stress.

And the adversary will also be AI. Phishing crafted by language models, deep-fake CEO calls, autonomous reconnaissance against industrial systems, cross-domain attacks that move from a phished email to a substation breaker in under sixty seconds.

The default answer is consolidation

Five pure-play AI security startups were absorbed by hyperscalers and networking primes in twelve months. The pure-play AI security category is closing. The next category — autonomous cyber-physical operations — is forming under the same logic: bigger primes, fewer choices, more lock-in. The customer ends as a tenant of someone else's roof.

The opposite was tried first, twenty-three centuries ago

Before there were sovereigns, there was the symmachía. Thucydides records it in the fifth century BC: free cities binding themselves to each other for mutual defense, without dissolving into a single body. Polybius later describes the Achaean Koinon, founded 281 BC — seven cities, equal voice, withdrawable allegiance — as the most successful experiment in horizontal democracy of the ancient world. We did not invent the federation. We are returning it to a domain that lost it.

What an alliance looks like in code

  1. Sovereignty preserved. The customer holds the keys; SYMMACHY runs the protection but cannot read the protected data.
  2. Mutual covenant. Each Authority of Use defines what we may do — and what we may not — in writing, signed, revocable.
  3. Non-causal response. The autonomous fleet acts on policy, not on an operator's mood. Every action reconstructable, every refusal logged.
  4. Public transparency log. Cosign + Rekor on every artefact. Customer's auditor verifies without our cooperation.
  5. Right of exit. The customer leaves with the full evidence chain and the keys. Switching cost is documentation, not extortion.

If you have read this far

Whether you operate a substation, a cluster of GPUs running a frontier model, a port, a hospital network, or a sovereign-adjacent operation, the question is the same: do you want to be defended by a hierarchy that owns your dependence, or do you want to enter a covenant that protects you and that you protect in return?

Signed by the founders of SYMMACHY, on 2026-05-08.