Why we built .kolm.

The shape of every shipped AI feature.

Pull a Series-A AI-native SaaS off the shelf and look at how its inference path is wired. There is a POST /v1/chat/completions on a frontier vendor. There is a prompt template glued together by jinja2 that is actually the contract, even though no one has typed it. There is a regex that catches the JSON output, with a fallback for when the regex fails. There is a retry loop. There is an evaluator that runs in CI on Tuesdays if Tuesday isn't a holiday. There is no artifact. There is no version. There is no signature. There is no number on the cover that says whether this thing should ship.

What we built kolm to fix is the absence of a noun. There is no thing you can point to and say this is the AI feature. The feature is a verb tense scattered across five repos and a vendor account. You cannot ship what you cannot package, and the AI feature has no package.

The thing we’ve been missing isn’t a smaller model, a faster GPU, a better prompt, or a smarter eval. It’s a file.

Webpack, Docker, App Store, .kolm.

Three times in the last twenty years, an industry got a build step that turned a sprawling deployment problem into a single shippable noun.

• Webpack made web apps shippable. Before it, a web app was a folder of files in a particular order, plus a server config, plus some Apache rewrites, plus the prayers of the deploy engineer. Webpack collapsed that to dist/bundle.js. The artifact had a hash; the hash had a deploy.
• Docker made services shippable. Before it, a service was a tarball, plus a runbook, plus six environment variables nobody documented. docker build collapsed that to an image. The image ran on your laptop. The image ran in prod. The image was the noun.
• The App Store made mobile apps shippable. Before it, a mobile app was a side-loaded APK and a bug report. The Store made the IPA the noun: signed, versioned, distributed, attested.

Each of these formats had three properties: signed, versioned, portable. Each one was opinionated about a thing the industry had been refusing to standardize. Each one looked like a step backwards in flexibility and turned out to be a step forward in everything that mattered: deployability, auditability, gross margin.

.kolm is the same shape, for AI features. One signed file. A manifest you can read. A K-score on the cover. A receipt chain you can verify offline. A runtime contract you can test against. The same artifact runs on a laptop, a phone, an edge box, and your prod GPU. The artifact is the noun.

Why a file, not a service.

The natural counter-argument is: why not just call our service? Why ship a file at all?

Because a service is something you depend on; a file is something you own. The whole point of the format is that we can disappear and your AI feature keeps shipping. The artifact does not call home. The artifact does not have a license server. The artifact verifies against a public key chain shipped inside it. The runtime that loads it is open-spec; we ship a CLI but you do not have to use ours.

This is not a defensive crouch; it’s the only way the format becomes useful in the cases that matter most. Healthcare buyers will not approve a workflow whose inference path depends on our continued existence. Defense buyers will not approve a model that calls outside the air gap. Mobile teams will not put a feature in their App Store binary that breaks when we have an outage. The format had to be sovereign or it was not interesting.

# the verification ritual is offline.  always.
$ kolm verify ./feature-2.1.0.kolm
✓ ring 1 (artifact):  manifest hash matches
✓ ring 2 (call):      hmac-sha256 valid
✓ ring 3 (anchor):    rekor entry 19,283,471
VERIFIED

Why the format is open.

The artifact format is MIT-licensed. The K-score formula is published. The receipt chain is documented in the RS-1 spec. The signature wire format is in the whitepaper appendix. The proprietary part is the compiler. The artifact you produce is yours.

This is the same trade-off Apple made with the IPA, that Docker made with the image, that .deb made with the package. The format is a public convention; the tooling that produces it is competitive turf. We expect competitors to build other compilers. We expect open-source compilers to exist. The point of the format is to be a substrate, not a moat. The compile flywheel is the moat. Every artifact compiled enriches a public registry of deterministic patterns; the next compile is cheaper and faster because of it.

The format is the contract between everyone. The compiler is the company.

What we are not.

Three things we keep getting confused with, and explicitly are not.

• Not an inference platform. We do not host your inference (well, kolm Cloud does as an option, but it’s a thin layer; you can run the artifact yourself). We are the compiler. The runtime can be ours, llama.cpp, ExecuTorch, MLC, or anything that loads the manifest.
• Not a fine-tuning service. We use LoRA fine-tuning inside the compile pipeline, but the output is an artifact, not a fine-tuned model on a vendor endpoint. The fine-tune is one stage of seven; you cannot point at it as a product.
• Not a "memory layer." We have a Recall subsystem and it grounds inference in your data, but it is one component inside the artifact. The product is the compiled file.

Why this had to happen now.

Three forces converged in 2026 to make the format possible. Each, alone, would not have been enough.

Open weights matched yesterday’s frontier. Qwen 2.5, Llama 3, Phi-3, Hermes-3 in the 3B-7B range now match GPT-4 of two years ago on narrow tasks. The student became good enough to ship.

Verification became cheap. K-sample verified inference, recipe-drafted speculative decoding, and signed receipt chains all became table-stakes engineering. None were possible at this cost three years ago.

The audit pressure became real. EU AI Act enforcement, HIPAA on AI workflows, SR 11-7 model risk management on LLMs. Every cloud call became an audit row. The shape of the answer had to be an artifact, not a vendor SLA.

The format was inevitable. We just wanted to be the ones holding the pen when it was written.

Most companies that build infrastructure end up trying to convince customers their layer matters. We have the opposite problem: the layer is so obvious in retrospect that the question is why nobody named it sooner. The build step always exists; the only question is whether anyone has bothered to call it out and put a hash on the output.

That’s why we built it. The artifact had to exist; we wanted to make sure the artifact was open, signed, sovereign, and named.

The artifact is the noun. kolm compile is the verb. That’s the whole product.