From c5dd328b6aeb74fb892db094c47a8bea3904af0e Mon Sep 17 00:00:00 2001 From: Midia Kiasat Date: Sun, 8 Mar 2026 00:32:21 +0100 Subject: [PATCH 1/2] Unify limenward public package surface and release contract --- .npmignore | 6 ++ README.md | 205 ++++++++++++++++++++------------------------------- package.json | 26 +++++++ 3 files changed, 111 insertions(+), 126 deletions(-) create mode 100644 .npmignore create mode 100644 package.json diff --git a/.npmignore b/.npmignore new file mode 100644 index 0000000..fa70dfc --- /dev/null +++ b/.npmignore @@ -0,0 +1,6 @@ +* +!limenward.sh +!README.md +!LICENSE +!VERSION +!package.json diff --git a/README.md b/README.md index 65ede7c..1b1eb05 100644 --- a/README.md +++ b/README.md @@ -1,195 +1,148 @@ -PRIM-006 -PRIM-005 -LIMENWARD -Boundary enforcement +# LIMENWARD -STATUS: REGISTERED -REGISTRY: https://speedkit.eu -SNAPSHOT: https://speedkit.eu/REGISTRY_SNAPSHOT.json -``` +Primitive ID: PRIM-004 +Package: @verifrax/limenward +Binary: limenward -Registered artifact. Identity governed by SPEEDKIT registry. - -STATUS: FINAL +Verifrax primitive — boundary enforcement primitive for deterministic irreversible systems. --- -**LIMENWARD v0.0.0** is a boundary primitive. - -It does not decide. -It does not verify. -It does not witness. -It does not execute. - -It enforces **transition discipline**. - -LIMENWARD exists only at the threshold between states. - ---- +## Status -## Philosophy +Current release status: pre-stable primitive release line. -Most failures occur *between* steps, not within them. +Canonical release target: -LIMENWARD exists to make transitions explicit, deliberate, and auditable. -It does not evaluate content. -It evaluates **whether passage is permitted**. +package version: 0.1.0 +tag: v0.1.0 -If a boundary matters, it must be guarded. +LIMENWARD is part of the Verifrax primitive layer and follows the canonical primitive governance, naming, version, and packaging rules. --- -## What LIMENWARD Guards - -LIMENWARD is invoked when something attempts to cross a boundary, including but not limited to: +## Purpose -* draft → final -* private → public -* uncommitted → committed -* unverifiable → verifiable -* observation → action +LIMENWARD enforces deterministic boundaries after origin, custody, and time have already been fixed. -It answers one question only: +Once an artifact has a stable origin, preserved custody, and explicit time boundary, the system still needs a deterministic threshold between what is inside the valid operating boundary and what is outside it. LIMENWARD exists to make that boundary explicit, enforceable, and non-ambiguous. -> **Is this allowed to cross, right now?** +It does not establish origin. It does not preserve custody. It does not fix temporal order. It does not verify correctness. It does not witness, judge, or terminate. Its role is narrower: enforce boundary conditions for downstream interpretation and action. --- -## What It Enforces - -LIMENWARD enforces *preconditions*, not outcomes. - -Specifically: - -* No ambiguity exists at the moment of transition -* Explicit intent or finality is present -* Forbidden states are blocked at the boundary +## What This Primitive Does -LIMENWARD does not judge correctness. -It judges **right to proceed**. +- enforces a deterministic boundary surface around an artifact or state +- distinguishes in-boundary from out-of-boundary conditions +- emits boundary-governed output suitable for downstream primitives --- -## What It Is Not +## What This Primitive Does Not Do -* Not a judge -* Not a verifier -* Not a witness -* Not an executor -* Not a safety mechanism - -Anything that changes state is out of scope. +- does not establish first origin +- does not preserve custody continuity +- does not fix temporal ordering +- does not verify correctness +- does not witness or attest +- does not judge validity +- does not terminate lifecycle --- -## Behavior - -* Consumes context via `stdin` -* Refuses silent invocation -* Evaluates boundary conditions deterministically -* Emits exactly one verdict -* Appends allowed transitions to a ledger -* Exits immediately after evaluation +## Behavioral Contract -No retries. -No flags. -No configuration. +Invocation model: ---- +executable: limenward +package: @verifrax/limenward +runtime: CLI-first -## Verdicts +The primitive operates on an artifact whose origin, custody, and time surfaces are already fixed. -LIMENWARD emits exactly one of the following: +If the boundary conditions are absent, ambiguous, or non-deterministic, LIMENWARD must not fabricate a stable in-boundary result. -* `ALLOWED` — the transition may proceed -* `DENIED` — the transition is blocked +Exit codes: -The verdict concerns **permission**, not quality. +0 — boundary enforcement completed successfully +non-zero — invocation failed or contract violated --- ## Usage -LIMENWARD is never run alone. -It must guard a transition. - -```sh - | ./limenward.sh -``` - -### Example +Install: -```sh -echo "ready for release" | ./limenward.sh -``` +npm install -g @verifrax/limenward -If all boundary conditions are satisfied: +Execute: -```text -ALLOWED -``` +limenward artifact.json -If a boundary condition is violated: +stdin example: -```text -DENIED -``` +cat artifact.json | limenward --- -## Contract +## Determinism Guarantees -Once a verdict is emitted: +For identical canonical input, LIMENWARD must produce identical boundary-enforcement output. -* The decision stands -* Responsibility transfers to the caller -* Circumvention is explicit, not accidental +No hidden environmental state may influence the result. -LIMENWARD guarantees **clarity at the boundary**. +LIMENWARD assumes an already-bounded origin, custody, and time surface and does not substitute for those earlier primitives or for downstream verification and judgment. --- -## Relationship to Other Artifacts +## Security Model -* **GUILLOTINE** — destroys state -* **IRREVOCULL** — judges output -* **ATTESTORIUM** — witnesses reality -* **VALIDEXOR** — verifies claims -* **LIMENWARD** — guards transitions +LIMENWARD protects against ambiguity in operational or semantic boundary enforcement. -Each artifact is orthogonal. -None can replace another. +Its security value is to prevent silent drift between allowed and disallowed states once prior primitive conditions are fixed. It does not guarantee correctness, attestation, or irreversible judgment. --- -## Warning +## Relationship to Other Primitives -Boundaries create accountability. +Canonical primitive order: -If you do not want to be responsible for crossing one, -do not invoke LIMENWARD. +1 originseal +2 archicustos +3 kairoclasp +4 limenward +5 validexor +6 attestorium +7 irrevocull +8 guillotine ---- - -## About +Repositories: -LIMENWARD is a minimal, deterministic boundary guard for irreversible systems. - -If transitions do not matter, do not use it. -If they do, nothing else is sufficient. +https://github.com/Verifrax/originseal +https://github.com/Verifrax/archicustos +https://github.com/Verifrax/kairoclasp +https://github.com/Verifrax/limenward +https://github.com/Verifrax/validexor +https://github.com/Verifrax/attestorium +https://github.com/Verifrax/irrevocull +https://github.com/Verifrax/guillotine --- -## Responsibility Boundary +## Installation -This software is provided under the MIT License. +npm install -g @verifrax/limenward -The MIT License permits use, copying, modification, and redistribution of the code, but it does not provide assurance, certification, audit defense, operational guarantees, or liability coverage. +command -v limenward -Use of this software in environments where failure, compliance, legal exposure, or irreversible decisions matter requires an accountable party. +Repository: +- GitHub: https://github.com/Verifrax/limenward +- Package: @verifrax/limenward +- Binary: limenward -The original maintainer is available for assurance, adaptation, and responsibility when such accountability is required. +--- -Contact: contact@speedkit.eu +## License -Authoritative signed records are issued separately and are not produced by the software. +MIT diff --git a/package.json b/package.json new file mode 100644 index 0000000..abd6fb0 --- /dev/null +++ b/package.json @@ -0,0 +1,26 @@ +{ + "name": "@verifrax/limenward", + "version": "0.1.0", + "description": "Verifrax primitive — boundary enforcement primitive for deterministic irreversible systems.", + "license": "MIT", + "repository": { + "type": "git", + "url": "git+https://github.com/Verifrax/limenward.git" + }, + "homepage": "https://github.com/Verifrax/limenward#readme", + "bugs": { + "url": "https://github.com/Verifrax/limenward/issues" + }, + "bin": { + "limenward": "limenward.sh" + }, + "files": [ + "limenward.sh", + "README.md", + "LICENSE", + "VERSION" + ], + "publishConfig": { + "access": "public" + } +} From 839cbd9dffac284572f78602b9b399e764c7ba2d Mon Sep 17 00:00:00 2001 From: Midia Kiasat Date: Sun, 8 Mar 2026 00:36:10 +0100 Subject: [PATCH 2/2] Align limenward identity verification with canonical primitive contract --- .github/workflows/identity.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/identity.yml b/.github/workflows/identity.yml index a6a345a..a1c1ae6 100644 --- a/.github/workflows/identity.yml +++ b/.github/workflows/identity.yml @@ -1,17 +1,25 @@ name: Identity + on: push: branches: [ "main" ] pull_request: + permissions: contents: read + jobs: verify: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Verify README identity (PRIM-006) + + - name: Verify README identity (PRIM-004) shell: bash run: | set -euo pipefail - head -n 1 README.md | tr -d "\r" | grep -Fx "PRIM-006" + grep -q "^# LIMENWARD$" README.md || { echo "FAIL: title missing"; exit 1; } + grep -q "^Primitive ID: PRIM-004" README.md || { echo "FAIL: PRIM-004 not found"; exit 1; } + grep -q "^Package: @verifrax/limenward" README.md || { echo "FAIL: package line missing"; exit 1; } + grep -q "^Binary: limenward" README.md || { echo "FAIL: binary line missing"; exit 1; } + echo "PASS: PRIM-004 identity verified"