Albert Dobmeyer

← Work

COBOL Legacy Ledger

A working six-node inter-bank settlement system written in COBOL, wrapped in a cryptographic integrity layer, an AI tutor, and a static-analysis console, all without modifying a single line of the legacy code.

legacy-codeaisecurityfullstack

Context

The world’s money still moves through COBOL. Most of it runs untouched, because the people who could explain it have retired and the people who could rewrite it cannot accept the risk. COBOL Legacy Ledger is a fully functional six-node inter-bank settlement network written in real COBOL through GnuCOBOL. A modern observability and AI layer wraps that core and makes the legacy code legible, verifiable, and teachable without modifying a single line of it.

The problem

Rewriting legacy code is the expensive and dangerous answer that everyone reaches for and few survive. The real failure mode is not the language itself. It is that nobody can see what the code is actually doing.

“COBOL isn’t the problem. Lack of observability is.”

So I set out to answer one narrow, concrete question. Can you make sixty-year-old, safety-critical code trustworthy and understandable entirely from the outside, adding integrity guarantees and explanation without ever performing the rewrite?

Approach

The system is built as a legacy core surrounded by an observation layer that never reaches in to change it.

  • The COBOL core is 18 programs, ten written cleanly and eight deliberately tangled, implementing six independent banking nodes and a clearing house, all compiled and run for real through GnuCOBOL.
  • A Python read/write bridge wraps the COBOL input and output and layers a SHA-256 hash chain across all six nodes, bolting cryptographic tamper detection around code it never modifies.
  • An AI layer, running on Ollama locally or Claude in the cloud, performs genuine tool use over the codebase. It explains any paragraph, traces execution paths, scores complexity, maps cross-file dependencies, and renders orthogonal call graphs, including a direct comparison of the tangled and clean implementations.
  • A glass-morphism web console presents three faces. The Dashboard shows the live network with health rings, a split transaction log, and a syntax-highlighted COBOL ticker. The Analysis view holds the call graph, the execution trace, and the dead-code and complexity tooling. The Chat view is an LLM tutor with tool-use cards and provider switching.

The whole lifecycle is provable in a single command. The proof compiles the 18 programs, seeds six nodes with 42 accounts and more than $100 million in balances, settles a real inter-bank transfer through the clearing house, verifies that every hash chain is intact, then tampers one ledger directly and catches the tampering in under 100 milliseconds.

What’s interesting

The thesis is modernization by observation rather than by rewrite. The integrity layer shows that you can add cryptographic trust to untouchable code entirely from the outside. The AI layer shows that the real unlock for a legacy system is making it explain itself. The deliberate pairing of tangled and clean implementations turns the codebase into a teaching instrument, and the live demonstration of tampering and detection makes the integrity guarantee something you can watch happen rather than something you take on faith.

Outcome

The result is a deployed, open-source system under the MIT license. It runs 18 COBOL programs across six nodes, with 820 automated tests covering unit, integration, and end-to-end browser flows, all executed in CI against a multi-version Python matrix. It is live on Railway with an in-browser console that anyone can drive. This is the project I point to when the question is whether I can move comfortably across a sixty-year language gap and still ship something rigorous, observable, and genuinely useful.

The stack is COBOL on GnuCOBOL, Python 3.9 or newer, FastAPI, SQLite, vanilla JavaScript, and Docker.