diff --git a/docs/sovereignty-audit.md b/docs/sovereignty-audit.md
new file mode 100644
index 0000000..0a913da
--- /dev/null
+++ b/docs/sovereignty-audit.md
@@ -0,0 +1,147 @@
+# Sovereignty Audit — Runtime Dependencies
+
+**Issue:** #1508
+**Date:** 2026-04-15
+**Status:** Draft
+
+## Purpose
+
+SOUL.md mandates: *"If I ever require permission from a third party to function, I have failed."*
+
+This document audits all runtime dependencies, classifies each as essential vs replaceable, and defines a path to full sovereignty.
+
+---
+
+## Dependency Inventory
+
+### 1. LLM Inference
+
+| Provider | Role | Status |
+|----------|------|--------|
+| Nous Research (OpenRouter) | Primary inference (mimo-v2-pro) | Third-party |
+| Anthropic | Claude models (BANNED per policy) | Third-party, disabled |
+| OpenAI | Codex agent | Third-party |
+| Google | Gemini agent | Third-party |
+
+**Classification:** REPLACEABLE
+**Local path:** Ollama + GGUF models (Gemma, Llama, Qwen) on local hardware
+**Current blocker:** Frontier model quality gap for complex reasoning
+**Sovereignty score impact:** -40% (inference is the heaviest dependency)
+
+### 2. Bitcoin Network
+
+| Provider | Role | Status |
+|----------|------|--------|
+| Bitcoin Core (local or remote node) | Chain heartbeat, inscription verification | Acceptable |
+
+**Classification:** ACCEPTABLE — Bitcoin is permissionless infrastructure, not a third party
+**Sovereignty score impact:** 0% (running own node = sovereign)
+
+### 3. Git Hosting (Gitea)
+
+| Provider | Role | Status |
+|----------|------|--------|
+| forge.alexanderwhitestone.com | Issue tracking, PR workflow, agent coordination | Self-hosted |
+
+**Classification:** ACCEPTABLE — self-hosted on own VPS
+**Sovereignty score impact:** 0% (self-hosted)
+
+### 4. Telegram
+
+| Provider | Role | Status |
+|----------|------|--------|
+| Telegram Bot API | User-facing chat interface | Third-party |
+
+**Classification:** REPLACEABLE
+**Local path:** Matrix (self-hosted homeserver) or direct CLI/SSH
+**Current blocker:** User adoption — Alexander uses Telegram
+**Sovereignty score impact:** -10%
+
+### 5. DNS / Network
+
+| Provider | Role | Status |
+|----------|------|--------|
+| Domain registrar | DNS resolution | Third-party |
+| Cloudflare (if used) | CDN/DDoS protection | Third-party |
+
+**Classification:** REPLACEABLE
+**Local path:** Direct IP access, local DNS, Tor hidden service
+**Current blocker:** Usability — direct IP is fragile
+**Sovereignty score impact:** -5%
+
+### 6. Operating System
+
+| Provider | Role | Status |
+|----------|------|--------|
+| macOS (Apple) | Primary development host | Third-party |
+| Linux (VPS) | Production agent hosts | Acceptable (open source) |
+
+**Classification:** ESSENTIAL (no practical alternative for current workflow)
+**Notes:** macOS dependency is hardware-layer, not runtime-layer. Agents run on Linux VPS.
+**Sovereignty score impact:** -5% (development only, not runtime)
+
+---
+
+## Sovereignty Score
+
+```
+Sovereignty Score = (Operations that work offline) / (Total operations)
+
+Current estimate: ~50%
+  - Inference: can run locally (Ollama) but currently routes through Nous
+  - Communication: Telegram routes through third party
+  - Everything else: self-hosted or local
+
+Target: 90%+
+  - Move inference to local Ollama for non-complex tasks (DONE partially)
+  - Add Matrix as primary comms channel (in progress)
+  - Maintain Bitcoin node for chain heartbeat
+```
+
+---
+
+## Classification Summary
+
+| Dependency | Essential? | Replaceable? | Local Alternative | Priority |
+|------------|-----------|-------------|-------------------|----------|
+| LLM Inference (Nous) | No | Yes | Ollama + local models | P1 |
+| Telegram | No | Yes | Matrix homeserver | P2 |
+| DNS | No | Yes | Direct IP / Tor | P3 |
+| macOS | Dev only | N/A | Linux | N/A |
+| Bitcoin | Yes | N/A | Already sovereign | N/A |
+| Gitea | Yes | N/A | Already self-hosted | N/A |
+
+---
+
+## Local-Only Fallback Path
+
+**Tier 1 — Fully sovereign (no network):**
+- Local Ollama inference
+- Local file storage
+- Local git repositories
+- Direct CLI interaction
+
+**Tier 2 — Sovereign with network:**
+- + Bitcoin node (permissionless)
+- + Self-hosted Gitea (own VPS)
+- + Self-hosted Matrix (own VPS)
+
+**Tier 3 — Pragmatic (current state):**
+- + Nous/OpenRouter inference (better quality)
+- + Telegram (user adoption)
+- + DNS resolution
+
+**Goal:** Every Tier 3 dependency should have a Tier 1 or Tier 2 alternative tested and documented.
+
+---
+
+## Acceptance Criteria Status
+
+1. **Document all runtime third-party dependencies** — DONE (this document)
+2. **Classify each as essential vs replaceable** — DONE (table above)
+3. **Define local-only fallback path for each** — DONE (tiered system)
+4. **Create sovereignty score metric** — DONE (formula + current estimate)
+
+---
+
+*Sovereignty and service always.*