← All explorations

What would successful AI governance actually look like — what do nuclear non-proliferation, IAEA, the Montreal Protocol, and chemical weapons conventions tell us about feasible architectures for AGI oversight

Can We Build Rules for AI the Same Way We Built Rules for Nuclear Bombs?

| 143 nodes · 447 edges
↓ .md ↓ .db Take this into your AI — the full analysis + graph as markdown, ready to paste into ChatGPT, Claude, Gemini or any AI.

Based on analysis of a 143-node, 447-edge knowledge graph exploring historical arms control regimes and their applicability to AGI oversight.


The Question

People worried about powerful AI often ask: could we govern it the same way we govern nuclear weapons? There are real agreements that slowed nuclear proliferation, banned chemical weapons, and healed the ozone layer. Could something like that work for AI?

A knowledge graph mapping the connections between these historical governance attempts — and AI governance proposals — reveals a detailed structural answer. Not “yes” or “no,” but: here is the load-bearing piece, here is where the historical analogy breaks, and here is the race you didn’t know was happening.


The Map Has a Shape

The first thing to understand about this graph is its shape. Some nodes are like drain holes — everything flows toward them, almost nothing flows out. “AGI Governance Vacuum” is the biggest drain hole: 47 connections point into it, but almost nothing useful flows back out. This is the graph’s way of saying: governance failure is not a mystery. It is a destination that many different paths lead to.

The one exception — the node that is both highly connected and highly weighted — is called “Feasible AI Governance Stack Architecture.” Think of it as the graph’s proposal for what a working governance system would actually look like. Unlike the drain holes, it has real outbound connections to real mechanisms. It is the only candidate for a solution that the graph treats as structurally active, not just a label.


Why the Ozone Layer Got Fixed and AI Governance Hasn’t

The Montreal Protocol — the 1987 agreement that successfully reduced ozone-depleting chemicals — is often held up as a model. The graph identifies exactly why it worked, and why that lesson probably does not transfer to AI.

The key was substitutability. When the world said “stop using CFCs,” DuPont — the largest CFC manufacturer — had already developed a replacement chemical. Banning CFCs helped DuPont by forcing competitors onto a product DuPont controlled. The biggest industry player had a financial reason to want the regulation.

The graph marks the absence of this condition in AI governance as one of the most important structural facts in the whole analysis. There is no AI equivalent of DuPont-with-HFCs: no frontier AI company whose competitive position is clearly enhanced by mandatory safety regulations. Until that alignment exists — until some major incumbent finds that governance helps them win — the graph predicts that voluntary safety agreements will keep collapsing into what it calls a “prisoner’s dilemma”: every actor would prefer a world with rules, but each actor individually does better by defecting, so no rules hold.


The Single Chokepoint — and Its Three Holes

Right now, the most advanced AI chips in the world require a machine called an EUV lithography system. Only one company (ASML, in the Netherlands) makes them. This creates a chokepoint: if you can control who gets these machines, you can control who can build the most powerful AI.

The proposed governance architecture — the “Feasible AI Governance Stack” — depends on this chokepoint at the highest weight in that portion of the graph. But the same chokepoint has three identified attack vectors encoded in the graph:

  1. The AQ Khan network showed that nuclear technology spread across multiple jurisdictions over 15 years despite controls — a proof of concept that determined actors can route around supply-side chokepoints.
  2. The Wassenaar Arrangement (an export control club) is structurally paralyzed by consensus requirements: any member can veto any action.
  3. The NSG (Nuclear Suppliers Group) India waiver demonstrated that exceptions get carved out for geopolitically important actors.

The graph does not say the chokepoint is useless. It says: the primary proposed solution has a single dependency, and that dependency has three demonstrated failure modes. That is a structural fact worth sitting with.


The Ratchet That Only Turns One Way

Open-weight AI models — AI systems whose underlying code is publicly released — function in this graph as a one-way ratchet. Once powerful open-weight models exist, they cannot be un-released. The graph encodes this as irreversibility: the node has more than ten outbound edges, all pointing toward failure modes, and zero inbound edges from any node that mitigates or reverses it.

What does open-weight proliferation do? It undermines the compute chokepoint (you no longer need cutting-edge chips if you have an efficient open model). It collapses the concept of “breakout time” — the governance proxy borrowed from nuclear arms control that asks: how long would it take a bad actor to build a weapon once they decided to? If the weapon is already built and publicly available, breakout time is zero.

The graph is not making a policy argument about open-weight models. It is recording a structural fact: the knowledge graph has no encoded mechanism for reversing this condition once it occurs.


The Race Nobody Named

The highest-weighted destructive edge in the entire graph — weight 9.8 out of 10 — connects “Compute Governance Window Closing Race” to the proposed governance stack, via “undermines.”

Here is what that means in plain terms. The governance architecture that scholars and policymakers are working toward has layers. The first layers rely on hardware controls (the chip chokepoint). The last layer — the verification layer that would let inspectors actually check whether an AI system is dangerous — depends on a technology called mechanistic interpretability: the science of understanding what is happening inside an AI model.

That technology does not fully exist yet. It is marked in the graph as a “future layer.”

So the race is: can governance institutions get the hardware-layer controls in place and can interpretability science mature before alternative chip manufacturing pathways make the hardware chokepoint irrelevant?

If the window closes first, the governance stack gets deployed without its verification layer. The graph explicitly compares this to the Biological Weapons Convention — an arms control agreement from the 1970s that bans bioweapons but has no inspection mechanism, because verification technology for biological agents did not exist when the treaty was written. The BWC is widely considered the weakest of the major arms control regimes for exactly this reason.


When Solving One Problem Creates Another

Two non-obvious connections in the graph are worth highlighting.

The first: a “Like-Minded Tech Club” — a smaller group of democratic, technologically advanced countries that coordinates on AI governance without needing consensus from Russia or China — simultaneously solves and worsens the governance problem. It solves the Wassenaar paralysis problem (smaller clubs can act faster). But the graph also shows it amplifying what it calls a “tripolar governance fracture”: the formal split of the world into governed and ungoverned AI development zones. The mechanism that breaks the deadlock also deepens the divide.

The second: the nuclear power plants that tech companies are now buying to power AI data centers. This trend appears in the graph as creating an unexpected dependency chain. Compute governance (controlling AI chips) depends partly on energy infrastructure. That energy infrastructure is now nuclear. Nuclear energy governance has its own regime — and that regime uses voluntary, non-binding peer review with low accountability. The weakness of nuclear safety governance propagates into compute governance through the energy layer. This connection does not appear in mainstream AI governance literature, and the graph flags it as structurally load-bearing.


What Historical Success Actually Required

The IAEA (the nuclear inspection agency) has successfully upgraded its powers twice — once after Iraq’s secret weapons program was discovered, and once after the Gulf War revealed further violations. Both upgrades happened after incidents that shocked the international community into action.

The graph encodes this as a “triggering event pattern”: governance gets better after something goes wrong, because the incident creates a brief window when political will aligns with institutional change.

But the graph also identifies a paradox at the edge of this pattern. Sub-existential incidents — serious enough to motivate action, but bounded enough that deliberate response is still possible — generate governance upgrades. Incidents that approach civilizational scale may not, because the conditions for deliberate collective response break down under existential pressure.

The CTBT (Comprehensive Nuclear Test Ban Treaty) inverts this pattern entirely: it built monitoring infrastructure before a triggering event. The graph flags both models without resolving which one is applicable to AI governance.


The Bottom Line

Four structural findings from this graph are worth carrying away:

The proposed solution has an acknowledged dependency on technology that does not yet exist. The verification layer of the governance stack — the ability to inspect AI systems the way IAEA inspectors can verify nuclear declarations — requires interpretability science that is still in early development. The governance architecture is real; its most important layer is future.

The primary chokepoint is real and circumventable. EUV chip controls are the strongest available lever. The historical record (AQ Khan, NSG exceptions, Wassenaar paralysis) shows that supply-side controls on technically complex chokepoints erode over years to decades under sustained pressure. The graph does not say controls are useless — it says the window is finite.

The Montreal Protocol lesson is specific, not general. That regime worked because the dominant industry player had commercial reasons to support it. The graph treats this condition as absent from AI governance. Without it, the structural prediction is continued prisoner’s dilemma dynamics in voluntary safety agreements.

Open-weight proliferation and the compute window are racing the governance stack. The graph encodes no mechanism for reversing open-weight proliferation once it occurs, and marks the compute governance window as closing. The governance stack’s completion depends on which finishes first: the stack (including its interpretability layer) or the conditions that make the stack’s hardware-layer controls irrelevant.

The graph does not conclude that AI governance is impossible. It concludes that the feasible architecture exists, that it is partially built, that it depends on a hardware chokepoint with known vulnerabilities and a verification layer that is not yet ready, and that the time available to complete it is itself a governance variable — not a fixed background condition.