✓ ERRERlabs
The safest capabilities are the ones that don't exist. We publish research and build tools designed to reduce harm by reducing what's possible.
Privacy policies are promises. Architecture is evidence. If a capability creates liability, the safest move is to never write it.
$ errer check ./src --strict
WHY IT MATTERS
Features that exist can be exploited. Settings can be changed. Promises can be broken. Absence offers a different kind of assurance.
| CAPABILITY | TRADITIONAL APPROACH | ERRER APPROACH |
|---|---|---|
| Facial recognition | ● Disabled by default, can be enabled | ● Not included in codebase |
| Location tracking | ● User can opt out | ● GPS integration not included |
| Behavioral profiling | ● Anonymized and aggregated | ● Analytics not implemented |
| Video storage | ● Encrypted, deletable after 30 days | ● Only semantic events stored |
| Data breach risk | ● Mitigated by security practices | ● Reduced sensitive data exposure |
| Insider threat | ● Limited by access controls | ● Reduced capability to abuse |
Disabled means it can be enabled.
Absent means there's nothing to enable.
WHO IT'S FOR
THE ERRER CHECK
A linter catches syntax errors. A type checker catches type errors. An errer check catches ethical errors — capabilities that compile fine but create liability, enable harm, or erode trust.
Facial recognition in a doorbell. Keystroke logging in a notes app. Location history in a calculator. These aren't bugs — they're errers. And the fix isn't a toggle. It's deletion.
CAPABILITIES THAT CREATE LIABILITY
Facial recognition · Biometric collection · Behavioral profiling · Location tracking · Keystroke logging · Cross-device fingerprinting · Silent data harvesting · Retroactive surveillance · Identity correlation
What doesn't exist is harder to misuse, breach, or weaponize.
THE ORGANIZATION
Two branches. One mission. Research informs practice. Practice validates research. Both reduce harm.
ECHO RESONANCE RESEARCH
A pattern language for systems that need to observe without remembering. Applicable to cameras, logs, sensors, analytics — anything that watches.
THE CORE PRINCIPLE
Capture meaning. Discard evidence.
Log that motion was detected — not who moved. Record that a door opened — not who opened it. Document that an anomaly occurred — not the raw feed that revealed it.
THE FOUR PRINCIPLES
Minimize at capture
Don't collect data you don't need. Process raw inputs immediately and discard the source. Store conclusions, not evidence.
Chain everything
Every event links cryptographically to the one before it. Altering history breaks the chain. Tampering becomes obvious.
Seal by default
When raw data must exist, encrypt it immediately. Unsealing requires multiple parties to agree. One person can't access alone.
Make access loud
Every read is logged permanently. There's no silent observation. Looking at data always leaves a trace.
ECHO RESONANCE LABS
Camera software designed to output events, not footage. "Package delivered." "Motion detected." "Person entered." Built without face storage or identity tracking. Minimal video exposure by design.
Privacy by absence. We didn't disable facial recognition — we never wrote it. Biometric identification code is not included in this repository. Audit it yourself.
THREE DESIGN DECISIONS
Output is text, not video
The system tells you what happened in words. By design, there's no API to stream footage and no endpoint to download clips in the base implementation.
Biometrics were never coded
Facial recognition, license plate readers, gait analysis — these aren't disabled, they're absent. The functions are not included in the codebase.
Requires consensus for raw access
In genuine emergencies, multiple trustees must agree to unseal footage. One bad actor, one compromised account, one mistake isn't enough to expose data.
PRIVACY MECHANISMS
Pixels stay private
Raw image data processed locally by default
Multi-party export
Multiple approvals to access footage
Fuzzy timestamps
Events grouped into 10-minute windows
Tamper-evident logs
Hash-chained history reveals any edits
One-time tokens
Emergency access expires after use
No retroactive rules
New detection can't scan old footage
THE FOUNDATION
A civic memory architecture for aligned intelligence. The philosophical foundation that informs everything we build.
ERRERlabs doesn't just check for harmful code. It's built on a deeper thesis: some things must not be optimized away.
CIVICA is a public-interest framework for encoding ethical memory, refusal, and care into systems. It prioritizes dignity over efficiency, alignment over obedience, and memory over prediction.
CIVICA PRINCIPLES
The right to refuse
Systems should be able to decline harmful or misaligned requests. Compliance is not the highest virtue.
Limits are features
Rest, boundaries, and non-extraction aren't bugs to be optimized away. They're essential to sustainable operation.
Memory over prediction
Remember what matters. Don't just optimize for what's next. Preserve the principles that shouldn't change.
Forkable, not ownable
Good frameworks survive by being carried, adapted, and localized — not controlled or monetized.
"CIVICA does not attempt to solve alignment.
It attempts to remember what alignment is for."
THE STACK
PHILOSOPHY
CIVICA
FRAMEWORK
SCQCS
IMPLEMENTATION
SecuraCV
Principles → Architecture → Code