Open source compliance-first AI operating system for SEC-registered investment advisers.

Live: pwos.app | Demo: pwos.app/demo | Disclosures: pwos.app/disclosures

PWOS Core is the open source foundation of the Protocol Wealth Operating System — a self-hosted AI platform built for SEC-registered investment advisers (RIAs), FINRA-regulated financial advisors, family offices, and anyone who needs regulatory-grade compliance in AI-assisted financial operations.

This is not a toy. It was built and tested in production by an SEC-registered RIA (Protocol Wealth LLC, CRD #335298) with real compliance requirements.

• AI Chat IDE — Multi-model LLM chat with streaming SSE, projects, folders, templates, conversation management
• 4-Layer PII Guard — Regex (31 patterns) + NER + financial recognizers + domain allow-list with per-user modes (warn/block/redact)
• Streaming PII Rehydrator — Buffer-aware placeholder rehydrator for SSE / chunked LLM output (handles placeholders split across chunks)
• Prompt Injection Detection — 23 patterns across 6 attack categories
• Immutable Audit Trail — Append-only log meeting SEC Rule 204-2 Books & Records requirements
• Inline Tool Orchestration — LLM autonomously selects and executes tools during chat (multi-turn, up to 5 rounds)
• Confirmation Gate for Write Tools — Stateless, payload-bound two-turn gate so LLMs can't fudge fields between preview and execute
• Tool-Call Audit Builder — SHA-256 hashed input + scrubbed-output audit rows for compliance-grade per-tool-call trails
• Practice Management — Task tracking, meeting notes with AI action item extraction, CRM integration
• Financial Calculator — Compound interest, CAGR, mortgage, RMD, future/present value, rule of 72
• Document Gen — PDFs via pdfme/pdf-lib/react-pdf, Word via docx, PowerPoint via pptxgenjs
• Onchain Portfolio — Viem + Wagmi for EVM wallets, DeFi positions, statements
• Workflow Engine — Durable execution via Temporal or BullMQ
• Chart Generator — SVG bar, pie, and line charts
• Template System — Reusable templates with variable substitution
• Compliance Center — AI tool inventory, PII dashboard, governance docs, email archiving (SEC 17a-4)
• Google OAuth + RBAC — Role-based access (admin/partner/user/intern)
• Mobile Responsive — Sidebar drawer, full-width chat, touch-optimized

The @protocolwealthos/* packages are what's published. The deployed app at pwos.app is the reference consumer; you can use the packages standalone or compose them into your own platform.

PWOS Core (single deployment)
├── React 19 + Tailwind v4 (frontend)
├── Hono 4 (API server, serves frontend)
├── 4-Layer PII Guard Pipeline
├── Tool Orchestration (extensible via HTTP)
├── Document Generation (pdfme, pdf-lib, react-pdf, docx, pptxgenjs)
├── Onchain SDK (Viem, Wagmi, Ox)
├── Workflow Engine (BullMQ + optional Temporal)
├── Email Archive (OpenArchiver integration for SEC 17a-4)
├── Gemma Engine (optional local AI)
└── LLM API (Claude/GPT/Gemini with tool_use)
    ├── PostgreSQL (Drizzle ORM)
    ├── Redis (sessions)
    └── External integrations (HTTP)

PWOS Core stands on a foundation of exceptional open-source projects. We bundle or extend these libraries with full attribution — see NOTICE and THIRD_PARTY_LICENSES.md for complete legal notices.

• Hono (MIT) — Edge-first web framework
• React 19 (MIT) — UI library
• Vite (MIT) — Build tool + dev server
• Zustand (MIT) — State management
• Tailwind CSS (MIT) — Utility CSS
• Drizzle ORM (Apache 2.0) — TypeScript ORM
• jose (MIT) — JWT signing/verification
• Zod (MIT) — Schema validation

• pdfme (MIT) — WYSIWYG PDF template designer (~10ms/report)
• @react-pdf/renderer (MIT) — React → PDF rendering
• pdf-lib (MIT) — Modify existing PDFs (fill forms, merge)
• pdfmake (MIT) — JSON-declarative PDFs
• pdfkit (MIT) — Programmatic PDF generation
• docx (MIT) — Word documents
• pptxgenjs (MIT) — PowerPoint presentations

• Viem (MIT) — Type-safe Ethereum interactions
• Wagmi (MIT) — React hooks for wallet connection
• Ox (MIT) — Low-level Ethereum utilities

• BullMQ (MIT) — Redis-backed job queue
• Temporal (MIT) — Durable execution engine
• Trigger.dev (MIT) — Background jobs with checkpoints
• Activepieces (MIT) — Workflow automation with MCP servers

• @anthropic-ai/sdk (MIT) — Claude SDK

• csv-parse (MIT) — CSV parsing
• pdf-parse (MIT) — PDF text extraction
• exceljs (MIT) — Excel read/write

• Twenty CRM (AGPL-3.0) — CRM custom object system
• Ghostfolio (AGPL-3.0) — Portfolio data model
• Wealthfolio (AGPL-3.0) — React+Vite financial UI
• Sure (AGPL-3.0) — MCP-exposed finance features
• Firefly III (AGPL-3.0) — Double-entry bookkeeping API
• Ignidash — AI-powered planning UI patterns
• OpenArchiver — SEC 17a-4 email archiving
• Wealthbot (MIT, dormant PHP) — RIA rebalancing/billing algorithms (ported to TS)

Huge thanks to every maintainer and contributor of these projects. RIA software has historically been locked behind proprietary walls — PWOS Core would not exist without the open-source ecosystem.

git clone https://github.com/Protocol-Wealth/pwos-core.git
cd pwos-core
pnpm install
cp .env.example .env          # Add your API keys
pnpm --filter @protocolwealthos/shared build
pnpm --filter @protocolwealthos/api migrate
pnpm --filter @protocolwealthos/api seed
pnpm dev

Open http://localhost:5173 — sign in with Google, start chatting.

Every outbound message passes through 4 layers before reaching any AI model:

1. Layer 1: Regex — 31 deterministic patterns (SSN, CC, email, phone, crypto keys, API keys, etc.)
2. Layer 2: NER — Named entity recognition for person names, addresses, contextual PII
3. Layer 3: Financial Recognizers — CUSIP, account references, policy numbers (context-boosted scoring)
4. Layer 4: Allow-List — 60+ financial terms that should never be redacted ($amounts, AGI, 401k, etc.)

Per-user modes: off | warn (confirm before send) | block (must remove PII) | redact (auto-mask with <TYPE_N> placeholders)

Deploy your own instance on Fly.io (~$62/month) with your own database. Your data stays yours. Every AI interaction is logged in an immutable audit trail. Export Books & Records as JSON for SEC examiners.

• Architecture
• Packages Reference
• GCP Reference Architecture — generic, vendor-agnostic GCP posture for regulated workloads (Cloud Run private services, Cloud SQL with IAM auth, retention-locked GCS audit archive, Workload Identity Federation for CI, org-wide Cloud Audit Logs sinks); control-framework mapping table to ISO 27001 Annex A + SOC 2 TSC
• Attribution — detailed provenance per capability
• Contributing
• Code of Conduct
• Security

Patent Pending — USPTO Application #64/034,215 "Compliance-First AI Operating System with Per-User PII Guard Pipeline and Immutable Audit Trail for SEC/FINRA-Regulated Financial Advisory Services"

• USPTO Patent Center
• Applicant: Protocol Wealth, LLC
• Inventor: Nicholas Rygiel
• Filed: April 9, 2026
• Status: Patent Pending

This patent was filed defensively under Apache 2.0. The intent is to establish formal prior art and prevent third parties from patenting these concepts and restricting their use by independent financial advisors. Under Apache 2.0, you receive an automatic, perpetual, royalty-free patent grant. If you sue Protocol Wealth for patent infringement related to this software, your license terminates automatically.

Open Invention Network (OIN) Member — Protocol Wealth is a member of the OIN 2.0 community, the world's largest patent non-aggression network with 4,100+ members including Google, IBM, Toyota, Meta, Microsoft, and Amazon. Learn more

See PATENTS for full non-assertion pledge.

Apache License 2.0 — see LICENSE.

Apache 2.0 includes an explicit patent retaliation clause that MIT lacks. If someone sues you for patent infringement related to PWOS, their right to use the software terminates automatically. This is why we chose Apache 2.0 over MIT.

Third-party components retain their original licenses. See NOTICE and THIRD_PARTY_LICENSES.md.

We welcome contributions. All commits must include a Signed-off-by: line certifying agreement with the Developer Certificate of Origin:

git commit -s -m "feat: your change"

See CONTRIBUTING.md for full guidelines.

• Nexus Core — Quantitative research engine (nexusmcp.site)

• Live App: pwos.app
• Product Demo
• Open Source Manifesto
• Patent Documentation
• Regulatory Disclosures
• Regulatory References
• Protocol Wealth

Built by Protocol Wealth LLC — SEC-Registered Investment Adviser (CRD #335298)