A drop-in runtime governor for autonomous AI systems. Gates every action your agent takes: trades, tool calls, emails, API hits. Halts the system the moment behavior degrades. Framework-agnostic. 1.7 µs overhead.
No API keys. No hosted service. Pip-install the library, wrap the functions you care about, and decisions start flowing through Rein with microsecond overhead.
# $ pip install rein-ai from rein_ai import Rein, ReinConfig brain = Rein(cfg=ReinConfig.from_env()) await brain.start() # Gate every action your agent takes @brain.governed(source="llm_agent") async def send_email(to, body): ... # Halted on drawdown, errors, anomalies, regime shifts. # Every decision logged with a cryptographic chain.
Libraries like Guardrails and NeMo check the text an LLM produces. Essential, but content is validated before action. Once the agent places the trade, sends the email, or calls the paid API, there is no circuit breaker.
Rein sits inline. Every action passes a gate. Decisions score each (source × series) with Bayesian time-decay, classify the regime, and halt the system when observed behavior degrades, not after someone notices.
Stop writing YAML. Describe a rule in English and Rein compiles it to an enforceable config. Review the expansion before deploy.
Before your policy ships, Rein attacks it. Five baseline attack classes run in CI: runaway loops, deny-storms, enumeration, portfolio-drain, and cost-bombs.
A strategy that thrives in calm markets but dies in shocks is two different strategies to Rein. Every (source × action) is scored separately per regime.
Every action call passes through a single decision engine that synthesizes regime, scoring, rate-limits, and anomaly signals.
I'm not a traditional founder. I spent ten years at sea as a merchant mariner before I wrote a line of code.
Along the way, I built The FreeGame Podcast to 13K+ followers and 2M+ views across platforms. Audience-building turned out to be the unexpected second skill of going independent.
In 2024 I started teaching myself Python. By early 2025 I was building Predbot, an autonomous agent that would trade BTC prediction markets on Kalshi. Let Claude read signals. Score confidence. Execute through the Kalshi API with RSA-signed auth. A WebSocket dashboard to watch it run.
It worked. Technically.
What it didn't do was make money.
What it did do was teach me something I didn't expect. Every week I'd find the bot doing something I hadn't imagined. Placing trades on dead-book markets with no counterparty. Holding positions past expiration because the exit manager returned a 400 and kept retrying. Chasing stale signals after the model had drifted. Each time I'd patch it: a filter, a timeout, a sanity check.
After a few months I realized I wasn't writing a trading bot anymore. I was writing the guardrails around the trading bot. The governance layer had become the product.
Then I looked at what's actually available for autonomous agents and found: almost nothing. Content-level guardrails, sure: dozens of libraries that check whether an LLM output is toxic or off-policy. But nothing at the action layer that said: before you actually execute this trade, this tool call, this email, this API hit, let me check.
That gap is Rein-AI.
Predbot's failure gave me twelve months of evidence about what an autonomous agent actually does when no one's watching. Every bug became a test case. Every runaway trade became a policy rule. Rein-AI ships with 135 tests passing, 1.7µs gate latency, and twelve documented runaway trades caught in production in week one. All from the bot that didn't work.
I'm releasing it AGPL-3.0 because this layer should be something everyone can audit. There's a Pro tier for teams who need the hard parts without rebuilding them. But the core, the thing I wish I'd had a year ago, is free.
If you're building an autonomous agent and you've had that feeling of "I have no idea what this thing is actually going to do when I turn it on." That's the feeling Rein-AI was built to answer.
— John N.W. Hampton Jr
Former merchant mariner. Self-taught. Shipping.
The library is AGPL, free for OSS, research, and self-hosted use. Commercial teams license the AGPL waiver; Pro customers get the closed-source extensions.
Mid-market ($50–100K/yr) and Enterprise ($100–250K/yr) tiers available. Contact sales.
Pro is for teams running real money, real users, or real compliance surface area. Trade-secret-protected. Access under signed NDA. If that sounds like overkill, the open-source version is production-ready on its own.
Opens your mail client with a short intake template. Zero tracking, zero auto-enroll. We respond within 2 business days.
Strong copyleft is the right default for a governance library. If your agent is running Rein as part of a network service, the community benefits from being able to inspect how that service is governed. Teams that can't comply with AGPL buy a Commercial License, which is how the project stays funded.
No. Rein was extracted from a trading bot but is framework-agnostic. It works for LLM agents, scrapers, RPA, workflow orchestration, and anything else that takes actions you don't want spiraling. The gate interface doesn't know what kind of action is being gated.
1.7 µs mean, 2.7 µs p99 per gate() call on a 2021 MacBook Pro running Python 3.14. Well over 500,000 calls per second on a single core. Far smaller than the network round-trip of any real action.
Commercial is a legal waiver for AGPL: you pay for the right to ship Rein in closed-source products. Pro is a product: closed-source extensions (extended attacks, trained detectors, managed service, priority support) that live behind an NDA. You can buy Commercial without buying Pro.
Rein Cloud ships as part of Pro: same governor, managed control plane, multi-tenant, with a web dashboard. The OSS library remains the reference implementation; you can always self-host.
60 seconds to a first gated action. Wrap one more tomorrow. Read the audit log on Monday morning instead of the postmortem.