01

Preamble

Preamble

Covenant is a smart contract language in active development. Version 0.1 Basics shipped April 2026; the first public contract is deployed on Ethereum Sepolia. This document describes the language design, its cryptographic substrate, and the roadmap to production readiness. The specifications herein are published under CC0-1.0; the compiler is Apache-2.0. We write in the present tense where implementations exist, and in the conditional where they are planned. The reader is invited to distinguish the two.

02

Why a declarative language for cryptography

A senior Solidity engineer who wishes to deploy a contract with fully homomorphic computation, post-quantum signature verification, and selective disclosure of state must, today, assemble four or more independent libraries, each with its own ABI conventions, gas models, and key serialization formats. The integration code is not checked by any compiler. The bugs live at the joints.

This is not merely inconvenient. It is a structural failure of the toolchain. When a developer writes fhe.decrypt(pk, ciphertext) after a zkVerify(proof, publicInputs), the compiler does not know whether the key used for FHE encryption is the same key identity that the ZK proof asserts. It cannot know, because these primitives are not part of the language; they are external calls. The composition is the developer's responsibility, and the developer is fallible.

Covenant treats FHE, post-quantum signatures, ZK proofs, and cryptographic amnesia as first-class language primitives. The compiler reasons about key identities, data flows, and privacy invariants across all four layers simultaneously. An operation that would violate a privacy guarantee fails at compile time, not at runtime — not in production, not in an audit, not in a postmortem.

Assertion

"The class of integration bugs that arise from composing independent cryptographic libraries does not exist in Covenant. These bugs cannot be written, because the composition is expressed in the type system."

// Covenant: compiler-enforced primitives 
fn process_private_vote(
    vote:  fhe<u256>,       // FHE-encrypted ballot
    voter: identity<pq>    // post-quantum identity
) -> amnesia {
    // @non_reentrant        auto-injected by compiler
    // privacy flow          verified: fhe → pq → zk consistent
    // compiled to           2,847 bytes

    let cleartext = decrypt(vote, voter.key);  // key identity enforced
    self.tally(cleartext);

} // scope exit: amnesia auto-triggered, ciphertext destroyed, proven on-chain
03

Architecture: four cryptographic layers

Styx Protocol is Covenant's native standard library — the substrate on which every Covenant contract runs. It is not a dependency to be imported. It is the runtime. Styx defines four named cryptographic layers, each responsible for a distinct class of guarantee. A Covenant contract may use any subset; the compiler verifies that compositions are sound.

The four layers are not independent modules. OBLIVION can trigger termination of keys held by FORTRESS. VEIL's homomorphic computations may be verified by PRISM without decrypting. FORTRESS provides the identity substrate for all three. These interactions are the reason a language-level approach is necessary: no library-level API can express them.

04

What ships today

Version 0.1 Basics shipped April 2026. The first public Covenant contract is live on Ethereum Sepolia.

Compiler Rust · ~15,000 lines GA · V0.1 github.com/Valisthea/covenant-lang
First Deployment Sepolia Coin contract 0x6C7986a3d79E1AFECfE242f92f2A0DFeC3397133 sepolia.etherscan.io ↗
Codex 20 working examples · 4 tiers V0.4 · COMPLETE
Tooling CLI + LSP + Security Linter V0.5 · V0.6 IN PROGRESS

810+ tests · 21+ detectors · VS Code extension

05

Trajectory

What follows is the public roadmap. Shipped phases are marked accordingly. The current phase is distinguished by a live indicator on the left margin.

V0.1 BASICSApril 2026Shipped
Core language and first deployment

The Covenant compiler ships in Rust. Core language semantics are implemented and tested. The first public contract deploys on Ethereum Sepolia.

V0.2–0.4 CODEXQ2 2026Shipped
Twenty canonical examples, four tiers

The Codex establishes the Covenant idiom across Basics, Intermediate, Advanced, and Edge Cases. Each example is tested and annotated.

V0.5 CLIQ2 2026Shipped
Command-line toolchain

The CLI provides compile, check, deploy, and test subcommands. 810+ tests cover the full language surface. Minimal and composable by design.

V0.6 LSP + LINTERQ2–Q3 2026In Progress
Language server and security analysis

LSP implementation brings Covenant to VS Code and any LSP-compatible editor. The security linter ships with 21+ detectors covering the most common classes of cryptographic misuse. This is the current active phase.

V0.7 SECURITYQ3 2026Planned
Security primitives, tiers 1 and 2

Implementation of the full security primitive set from Doc 16: tier 1 (access control, reentrancy, overflow) and tier 2 (flash loan resistance, oracle manipulation). Language-level, not library-level.

V1.0 PRODUCTIONQ1 2027Planned
Post-external-audit release

V1.0 follows a full external security audit of compiler and runtime. Semantic versioning guarantee takes effect: no breaking changes without a major version increment.

V1.5 FORMALQ3 2027Planned
Formal verification artifacts

Coq and Lean proofs of the Covenant type system's key invariants. A mechanically verified proof that the privacy flow checker is sound relative to the operational semantics. We state the goal here as a public commitment.

06

Why Covenant is not another smart contract language

The question arises. A number of projects have occupied adjacent positions. The distinctions are not trivial.

Not another Solidity fork. Solidity is the runtime we target. Covenant compiles to EVM bytecode via the same backend. But Covenant is not a dialect of Solidity, nor a superset, nor a compatibility layer. It is a different language with a different type system and different compiler semantics.

Not an FHE-specific DSL. fhEVM and its contemporaries specialize in fully homomorphic computation. They solve one problem well. Covenant treats FHE as one primitive among four: post-quantum key infrastructure, fully homomorphic computation, zero-knowledge verification, and cryptographic amnesia. The integration between these four layers is where the most dangerous bugs live.

Not a research toy. A contract runs on Sepolia today. The CLI accepts input and produces bytecode. The linter catches bugs in real Covenant code. The VS Code extension syntax-highlights and autocompletes. This is not a paper describing a language that might one day be implemented. It is working infrastructure.

07

How to read this document

This site is both a project document and a living specification. The sections on language design and architecture are normative: any deviation between the compiler and this document is a compiler bug. The roadmap sections are informative: they describe our intentions, which are subject to revision.

The specifications published here are released under CC0-1.0. You may use them, fork them, implement them independently, and publish derivative work without attribution. The compiler implementation is released under Apache-2.0.

08

Invitation to contribute

Covenant is early. We have a working compiler, a deployed contract, a test suite, and a roadmap. We are selectively seeking collaborators in four areas.

Compiler engineers

Rust engineers with experience in type systems, compiler backends, or formal semantics. Particularly interested in MIR-style intermediate representations or incremental compilation.

Protocol cryptographers

Cryptographers with depth in lattice-based post-quantum constructions, FHE schemes, or recursive SNARK proof systems. The Styx Protocol interface definitions are open; formal critique is welcome.

Security researchers

Smart contract auditors who can stress-test the language semantics — the privacy flow checker, the reentrancy model, the amnesia scope rules. Break it before it ships.

Formal verification specialists

Mathematicians working in Coq, Lean, or Isabelle interested in mechanizing the Covenant type system soundness proof. The longest-horizon contribution; also the most consequential.

On compensation

Covenant has no venture funding and no token. There is currently no paid position available for contributors. We acknowledge this openly — the project cannot pay competitive market rates today, and we do not ask collaborators to pretend otherwise.

What we can offer

What we cannot offer

If this arrangement doesn't align with your constraints, we understand. Covenant is not for everyone at this stage, and we would rather you commit your time to work that compensates you properly than contribute with unvoiced expectations.

For contributors whose interest is fundamentally in the work itself — the research, the systems design, the opportunity to shape a language from first principles — we welcome you. The road from V0.1 to V1.0 is long and technically substantive. Every serious contribution will be acknowledged as such.

Reach out: covenant@kairos-lab.org

09

Contact

Contact

covenant@kairos-lab.org

@Covenant_Lang on X

@Valisthea on X

Repository

github.com/Valisthea/covenant-lang

Specs: CC0-1.0 · Compiler: Apache-2.0

Watch this space. Private until V1.0.