A drop-in runtime governor for autonomous AI systems. Gates every action — trade, tool call, email, API hit — and halts the system the moment behavior degrades. Framework-agnostic. 1.7 µs overhead.
No API keys. No hosted service. Pip-install the library, wrap the functions you care about, and decisions start flowing through Rein with microsecond overhead.
# $ pip install rein-ai from rein_ai import Rein, ReinConfig brain = Rein(cfg=ReinConfig.from_env()) await brain.start() # Gate every action your agent takes @brain.governed(source="llm_agent") async def send_email(to, body): ... # Halted on drawdown, errors, anomalies, regime shifts. # Every decision logged with a cryptographic chain.
Libraries like Guardrails and NeMo check the text an LLM produces. Essential, but content is validated before action. Once the agent places the trade, sends the email, or calls the paid API — there is no circuit breaker.
Rein sits inline. Every action passes a gate. Decisions score each (source × series) with Bayesian time-decay, classify the regime, and halt the system when observed behavior degrades — not after someone notices.
Stop writing YAML. Describe a rule in English and Rein compiles it to an enforceable config. Review the expansion before deploy.
Before your policy ships, Rein attacks it. Five baseline attack classes — runaway loops, deny-storms, enumeration, portfolio-drain, cost-bombs — run in CI.
A strategy that thrives in calm markets but dies in shocks is two different strategies to Rein. Every (source × action) is scored separately per regime.
Every action call passes through a single decision engine that synthesizes regime, scoring, rate-limits, and anomaly signals.
The library is AGPL — free forever for OSS, research, and self-hosted use. Commercial teams license the AGPL waiver; Pro customers get the closed-source extensions.
Mid-market ($50–100K/yr) and Enterprise ($100–250K/yr) tiers available. Contact sales.
Pro is for teams running real money, real users, or real compliance surface area. Trade-secret-protected. Access under signed NDA. If that sounds like overkill, the open-source version is production-ready on its own.
Opens your mail client. Zero tracking, zero auto-enroll. We respond within 2 business days.
Strong copyleft is the right default for a governance library. If your agent is running Rein as part of a network service, the community benefits from being able to inspect how that service is governed. Teams that can't comply with AGPL buy a Commercial License — which is how the project stays funded.
No. Rein was extracted from a trading bot but is framework-agnostic. It works for LLM agents, scrapers, RPA, workflow orchestration, and anything else that takes actions you don't want spiraling. The gate interface doesn't know what kind of action is being gated.
1.7 µs mean, 2.7 µs p99 per gate() call on a 2021 MacBook Pro running Python 3.14. Well over 500,000 calls per second on a single core. Far smaller than the network round-trip of any real action.
Commercial is a legal waiver for AGPL — you pay for the right to ship Rein in closed-source products. Pro is a product — closed-source extensions (extended attacks, trained detectors, managed service, priority support) that live behind an NDA. You can buy Commercial without buying Pro.
Rein Cloud ships as part of Pro — same governor, managed control plane, multi-tenant, with a web dashboard. The OSS library remains the reference implementation; you can always self-host.
60 seconds to a first gated action. Wrap one more tomorrow. Never look at a runaway postmortem the same way again.