Month Six: Your First Real Contract

Month Six: Your First Real Contract

2026-02-20 · TheCorporation Team

For the first few months of a startup’s life, the corporation is essentially a legal wrapper around a bank account. The founders are the company. The company is the founders. Every decision is made by the same two or three people who formed the entity, and the governance structure — the bylaws, the board, the delegation schedule — exists more in theory than in practice.

Around month six, something changes. The company hires its first employee. Or signs its first vendor contract. Or engages its first contractor. For the first time, the corporation makes a commitment to someone who isn’t a founder. A commitment that persists regardless of who runs the company. A commitment that the entity itself must honor.

This is when governance stops being paperwork and starts being infrastructure.

Hiring is a Tier 2 action

Hiring an employee is, from a governance perspective, a significant corporate commitment. You’re obligating the entity to pay a salary, provide benefits (if applicable), withhold and remit payroll taxes, comply with employment laws in the employee’s jurisdiction, and — if things go wrong — potentially defend against wrongful termination claims.

In TheCorporation’s authority model, hire_employee is a Tier 2 capability. The agent can prepare the offer, draft the employment agreement, and recommend the hire. But the decision requires explicit approval from the CEO or the board before the offer goes out.

This makes sense. Hiring someone isn’t mechanical. It involves judgment about the role, the candidate, the compensation, the equity grant, the start date, and the terms. It also creates ongoing obligations — payroll, tax withholding, benefits administration — that affect the entity’s financial position for as long as the employee stays.

The approval is recorded, timestamped, and attributed. When an auditor asks “who authorized this hire?”, the answer is in the commit log, not in someone’s email.

The contractor question

Before hiring employees, most startups work with contractors. Contractors are cheaper to engage (no payroll taxes, no benefits, no employment protections) and easier to disengage (no termination procedures, no severance expectations).

But the classification matters. A lot.

The IRS and state labor agencies distinguish between employees and independent contractors based on a multi-factor test that examines the degree of control the company exercises over the worker. If you treat someone as a contractor but the government decides they’re an employee, you owe back payroll taxes, penalties, and potentially the benefits they should have received.

In California, Assembly Bill 5 (AB5) created a presumption that workers are employees unless the company can prove all three elements of the “ABC test”: the worker is free from the company’s control, performs work outside the company’s usual business, and has an independent business or trade. This is deliberately hard to satisfy for most startup relationships.

TheCorporation’s contractor classification workflow captures the risk factors — the state, the nature of the work, the degree of control — and produces a risk assessment: Low, Medium, or High, with a classification result of Independent, Employee, or Uncertain. If the result is Uncertain or High-risk, the engagement escalates. engage_contractor is Tier 2 regardless, but a high-risk classification adds extra scrutiny.

The anatomy of a contract

Every contract the corporation signs is a commitment by the legal entity. The founder or CEO signs on the entity’s behalf. The signature line reads “Acme, Inc., by: [Name], [Title].”

This is why contracts flow through the governance model. When an agent executes a standard form agreement — an NDA, a routine vendor contract, a pre-approved template — that’s a Tier 1 action. The agent is authorized to sign it because the template has been approved, the terms haven’t been modified in restricted areas, and the commitment falls within the delegation schedule’s spending limits.

But “standard form” is doing a lot of work in that sentence. The governance AST defines precise lane conditions for what qualifies:

The template must be pre-approved by the board or principal. The agreement must not contain modifications to indemnification clauses, governing law provisions, or IP assignment terms. If either condition fails, the action escalates to Tier 2.

A new contract — one that isn’t based on an approved template — is always Tier 2. new_contract requires approval because the company is entering a new relationship with terms that haven’t been vetted. A material amendment to an existing contract is also Tier 2. The agent can identify that the amendment is needed, prepare the modified terms, and recommend approval. The human decides whether to sign.

The spending limit regime

The initial board written consent sets spending limits for the agent’s autonomous operations — the “Conservative Launch” parameters:

  • Recurring obligations: $10,000 per transaction, $40,000 per month
  • Vendor payments: $7,500 per transaction, $30,000 per month
  • Professional services: $5,000 per transaction, $20,000 per month
  • Government filings: $2,500 per transaction, $10,000 per month
  • Supplies: $500 per transaction, $2,000 per month
  • Per-vendor annual cap: $50,000

Any expenditure that exceeds these limits triggers financial_commitment_above_limits — a Tier 2 capability. The agent can recommend the expenditure, but it can’t execute it without approval.

These limits are deliberately conservative. They’re designed for a company in its first year, with limited revenue and limited governance maturity. As the company grows and the board gains confidence in the agent’s operations, the delegation schedule can be amended to raise the limits — but only with a board resolution, because increasing the agent’s spending authority is an authority-expanding change.

NDAs and the lane system

The NDA is the canonical Tier 1 contract: routine, standardized, and executed frequently enough that requiring human approval for each one would defeat the purpose.

But not all NDAs are equal. TheCorporation’s lane system defines the boundary:

Inside the lane: The NDA uses an approved template. No modifications to the indemnification clause. No changes to the governing law. The agent signs it autonomously, records the execution, and commits the signed document to the corporate repository.

Outside the lane: The counterparty insists on modifications to the indemnification terms, or wants to change the governing law from Delaware to California, or adds a non-compete provision. Any of these modifications pushes the action outside the lane, escalates it to Tier 2, and requires human review.

The lane doesn’t say “this NDA is unacceptable.” It says “this NDA requires a decision that the agent isn’t authorized to make.” The human reviews the modifications, approves or rejects them, and the agent proceeds accordingly.

The service agreement prerequisite

Before the agent can operate autonomously at Tier 1 for any entity, a service agreement must be in place. This is the contract between the entity and the agent operator — the terms under which the agent is authorized to act on the entity’s behalf.

The service agreement covers: the scope of delegated authority, the spending limits, the reporting obligations, the liability framework, the termination conditions, and the compliance monitoring requirements. It’s essentially the legal codification of the delegation schedule.

Without an executed service agreement, the agent’s Tier 1 authority is inactive. This is enforced as a precondition in the compliance engine — one of the eight checks that checkCompliance() evaluates before any action is permitted.

This prevents a dangerous scenario: an agent operating with technical authority (it can execute actions via the API) but without legal authority (no agreement governs what it’s allowed to do). The service agreement bridges technical capability and legal authorization.

The contract as a commit

In a version-controlled corporation, signing a contract isn’t just a legal act. It’s a commit. The contract is stored in the corporate repository with a cryptographic hash, a timestamp, a signer identity, and a link to the authorization that permitted the signing.

This means every contract the corporation has ever signed is findable, verifiable, and traceable in the git log, alongside the board resolution that authorized it.

When due diligence arrives — and it always arrives — the question “show me all contracts signed in the last 12 months” is answered with a single command, not a three-day document hunt.

Month six is when the corporation starts making promises. The governance model is what makes sure it only makes promises it’s authorized to make.