Global precision
Fractal drift-corrected time for worldwide alignment across apps, services, and devices.
Enterprise-grade
Scalable infrastructure on AWS, low-latency endpoints, and hardened service boundaries.
Secure by design
API keys, usage plans, Stripe billing, and least-privilege policies. Compliance-ready.
How it works
- Run the GAL-2 Time Contract daemon locally.
- Connect your application to the local
/contractendpoint. - Receive governed time plus an application-facing safety decision.
- Act only when
safe_to_consumeis true.
curl -s http://127.0.0.1:9095/contract
GAL-2 Time Contract answers two questions:
What time is it?
Is this time safe for the application to consume?
Your timing stack delivers time. GAL-2 tells your applications whether that time is safe to use.
GAL-2™ | Time Contract
GAL-2™ Time Contract RC3.1
A local application-facing time contract for software systems that need governed time consumption, explicit holdover policy, local continuity, and controlled rejoin behavior. Free download. Activation requires a valid GAL-2 API key.
Precision protects the reference. GAL-2 protects the consumer.
GAL-2 Time Contract RC3.1 is a Limited Availability release intended for developer pilots, architecture review, and non-production technical evaluation. The macOS package is Developer ID signed, Apple notarized, stapled, Gatekeeper accepted, validated as an installed LaunchDaemon, and regenerated with post-codesigning SHA256 manifest integrity. The Linux evaluator release is GPG signed and validated through Ubuntu 24.04 Docker no-key and API reconciliation gates.
Last updated: May 2, 2026
Primary local endpoint: http://127.0.0.1:9095/contract
RC3.1 status: macOS ships as a standalone notarized runtime with no external Python prerequisite. The macOS manifest was regenerated after codesigning and validated. Linux ships as a signed evaluator release for controlled technical validation.
What it does
GAL-2 Time Contract exposes a local contract that applications can read before trusting time. The contract reports mode, health, reason, safe_to_consume, valid_until, monotonic_sequence, local receive and serve timestamps, API latency, cache age, quota status, and source lineage.
Release scope
RC3.1 is intended for developer pilots, architecture review, and controlled non-production technical evaluation. It is not production critical infrastructure readiness yet, and it is not a metrology claim. It is an application-facing temporal governance contract release that wraps the GAL-2 API into a local consumer contract.
Architecture boundary
The daemon is the local contract layer. The GAL-2 API and protected core remain the authority. The daemon reconciles with the API whenever possible, preserves local continuity when policy allows, and exposes safe_to_consume before applications act.
Time Contract states
LIVE, DEGRADED, HOLDOVER, REJOIN, WARMING, and FAIL_CLOSED. These states help applications understand whether governed time is fresh, recovering, degraded, locally held, or unsafe to consume.
HOLDOVER policy
HOLDOVER is not a silent failure when safe_to_consume=true. It means the daemon is serving governed continuity from the last good GAL-2 API state inside explicit policy limits. If policy limits are exceeded, the contract moves toward FAIL_CLOSED and safe_to_consume=false.
Verification
macOS RC3.1 manifestfix SHA256: fb3ad98c13f97cb855ef46585a275032be397d3f7cdbc8dfad612358fd9d5233
Linux RC3.1 signed release SHA256: 9cb9a40f65234df0aefeeb023265e44f28d19c59ee6e01f0bba4f196d52d4f57
Linux GPG key ID: 2F9528A0EE6D77170B6947FF9CAB67A8AFA08B75
macOS package is Developer ID signed, Apple notarized, stapled, Gatekeeper accepted, and built with a post-codesigning SHA256 manifest. Linux release includes detached GPG signature, public key, signed inner source package, Docker validation evidence, and secret scan evidence.
Built for developer pilots, architecture review, controlled technical evaluation, and design-partner preparation where governed continuity, explicit holdover policy, and cloud reconciliation matter. Without a valid API key, the daemon exposes local status and WARMING semantics, but it does not serve production GAL-2 Time. GAL-2 Time Contract does not replace UTC, GNSS, PTP, NTP, TAP, chrony, atomic clocks, or timing receivers.
Quickstart for macOS
Install the notarized macOS package, add your GAL-2 API key, restart the LaunchDaemon, and verify the local Time Contract. RC3.1 does not require installing Python separately.
1. Install the macOS package
Open GAL2-TimeContract-RC31-macos-arm64-founder-notarized.pkg and complete the installer.
2. Add your API key
sudo mkdir -p /usr/local/gal2/config sudo sh -c 'printf "%s\n" "GAL2_API_KEY=your_client_api_key_here" > /usr/local/gal2/config/daemon.env' sudo chmod 600 /usr/local/gal2/config/daemon.env sudo chown root:wheel /usr/local/gal2/config/daemon.env
3. Restart the daemon
sudo launchctl kickstart -k system/com.gal2.daemon
4. Check status
curl -s http://127.0.0.1:9095/status | python3 -m json.tool
5. Check the local Time Contract
curl -s http://127.0.0.1:9095/contract | python3 -m json.tool
6. Run GAL-2 Doctor
/usr/local/gal2/bin/gal2-doctor-rc3/gal2-doctor-rc3 --base-url http://127.0.0.1:9095
Expected after activation
"schema": "gal2-daemon-time-contract-v1" "version": "1.0.0-contract-rc3" "mode": "LIVE" "safe_to_consume": true "reason": "fresh_api_sync"
Quickstart for Linux Evaluator Release
Download the signed Linux evaluator release, verify the SHA256 hash and GPG signature, then extract and run the included evaluation gates in a controlled environment.
1. Download the release and verification files
curl -O https://gal2-marketplace-assets.s3.amazonaws.com/public/time-contract/v1.0.0-rc3.1/downloads/linux/GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz curl -O https://gal2-marketplace-assets.s3.amazonaws.com/public/time-contract/v1.0.0-rc3.1/downloads/linux/GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz.sha256.txt curl -O https://gal2-marketplace-assets.s3.amazonaws.com/public/time-contract/v1.0.0-rc3.1/downloads/linux/GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz.asc curl -O https://gal2-marketplace-assets.s3.amazonaws.com/public/time-contract/v1.0.0-rc3.1/downloads/linux/GAL2_RC31_LINUX_RELEASE_PUBLIC_KEY.asc
2. Verify SHA256
shasum -a 256 GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz cat GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz.sha256.txt
3. Verify GPG signature
gpg --import GAL2_RC31_LINUX_RELEASE_PUBLIC_KEY.asc gpg --verify GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz.asc GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz
4. Extract the evaluator release
tar -xzf GAL2-TimeContract-RC31-linux-evaluator-signed-release-v2.tar.gz cd GAL2_TimeContract_RC31_LINUX_EVALUATOR_RELEASE_20260502
5. Review included evidence
cat README.md cat RC31_LINUX_FINAL_CLOSEOUT.md cat RC31_LINUX_SIGNED_CLOSEOUT_V2.md
Validated Linux gates
No-key Docker gate: PASS API reconciliation Docker gate: PASS Final secret scan: PASS Inner source package GPG signature: PASS Final archive GPG signature: PASS
Linux RC3.1 is an evaluator release for controlled technical validation. It includes signed source materials, Docker gate evidence, public verification key, and signature materials. It does not include API keys, private signing keys, or the protected GAL-2 formula/core.
Bounded application-facing continuity
Monotonic application-facing continuity
Works with Existing Timing Stacks
Technical Support
Preserve continuity, ordering, and resilience across modern distributed systems with software-defined temporal governance.
Evidence
GAL-2 Red Light Test v2
Raw time keeps going. GAL-2 knows when to stop.
Modern software usually assumes that if time is moving, time is safe.
That assumption is dangerous.
When an upstream time source becomes unreachable, stale, degraded, or operationally unsafe, many applications continue committing state as if nothing happened.
GAL-2 Time Contract introduces a local application-facing safety layer.
It does not only answer:
What time is it?It also answers:
Is this time safe for the application to consume?Raw application
21 commits
6 unsafe commits
GAL-2-aware application
15 allowed commits
6 unsafe operations blocked
0 unsafe commits
Your timing stack delivers time. GAL-2 tells your applications whether that time is safe to use.
Claim boundary
This is not a metrology claim.
This is not a nanosecond or microsecond accuracy claim.
This is not a replacement claim for UTC, GNSS, PTP, NTP, chrony, TAP, atomic clocks, or timing receivers.
This is an application-facing temporal governance demonstration.
Evidence status
Public asset package created, scanned, hashed, and sealed locally.
Package SHA256:
0d74fd26dc0d62b6c812cc940b9a020ef9f142852d7e33f898ec1bc300f81aae
Public name scan: PASS
Public secret scan: PASS
Package hash verification: OK
Governed time consumption.
Time delivered by your stack. Safety governed by GAL-2.
Application-facing alignment
Helps applications consume time through explicit safety states instead of trusting raw time blindly.
Reduces application exposure to unsafe timing conditions through governed contract states.
Seamless integration
Works with GPS, NTP, blockchain, embeded real-time systems and IoT for broad compatibility.
Continuous precision
Delivers real-time, uninterrupted accuracy for essential operations.
Enterprise-ready scalability
Supports global, high-volume deployments and complex infrastructures.
![[digital project]](https://cdn.prod.website-files.com/685afad17f3992f181741fec/685afbdb03a0066fc64dd8a4_380bdb8f-1635-426d-9ed9-7ce1fbcc6e55.avif)
