Conversation
Local fail-closed discipline layer (4 core gates). Advisory only - CI remains mandatory for merge. Gates: - ABI stability - Boundary enforcement - Hygiene check - Constitutional compliance Execution: ./pre-ci-discipline.sh Runtime: ~30-60s Policy: Fail-closed, no auto-fix, manual intervention required
Formal contract definition between three substrate layers: - ABDF: data substrate (typed container) - BCIB: execution substrate (intent) - Phase-11: verification substrate (kernel reality) Critical matrices: - Layer responsibilities - Data flow boundaries - Hash production rules - Replay dependencies - Type system compatibility - Evidence export format - Multicore coordination - Proof composition - CI gate validation - Evolution policy Status: NORMATIVE Authority: Architecture Board This document is binding for Phase-11 implementation.
Critical improvements: 1. Data Flow Matrix - Add BCIB → Phase-11 indirect flow (via kernel events) - Clarify ABDF → Phase-11 indirect flow (via Replay Engine) - Add Replay Engine as explicit intermediary 2. Hash Production Matrix - Add execution_trace_hash for replay verification 3. Replay Flow - Add explicit replay flow diagram - Add execution trace replay invariant 4. Type System Compatibility - Mark as NON-NORMATIVE EXAMPLES - Add normative rule: kernel MUST NOT know ABDF types - Add normative rule: kernel MUST NOT know BCIB semantics 5. Multicore Coordination - Separate DLT (ordering) from GCP (finalization) - Add explicit multicore architecture diagram - Clarify DLT assigns ltick, GCP ensures commit Rationale: - Kernel must remain agnostic to high-level semantics - Replay engine is critical intermediary, not direct ABDF→Phase-11 - DLT and GCP serve distinct roles in multicore determinism Authority: Architecture Board review Status: NORMATIVE (except Type System examples)
Formal state machine for execution flow: BCIB Instruction → Syscall → Kernel Event → Phase-11 Entry Key sections: 1. State machine overview (Ring3 → Ring0 → Phase-11) 2. BCIB → Syscall mapping (DataCreate, DataQuery, UiRender, AiAsk) 3. Syscall → Kernel event mapping (all 11 syscalls) 4. Kernel event → Phase-11 entry mapping (ledger + transcript) 5. State transition rules (normal, context switch, interrupt) 6. Error handling (capability violation, ordering violation) 7. Multicore coordination (DLT + GCP) 8. Replay state machine (init, execution, verification) 9. Implementation checklist (kernel, userspace, CI) 10. Critical invariants (monotonicity, hash chain, completeness) Purpose: - Canonical reference for Phase-11 implementation - Defines exact mapping between layers - Specifies state transitions and error handling - Provides implementation checklist Status: NORMATIVE Authority: Architecture Board Prerequisite: ABDF_BCIB_PHASE11_CONTRACT_MATRIX.md
1. Contract Matrix Refinements: - Add ledger_root_hash to hash production matrix - Add Replay Engine → BCIB Runtime data flow - Add ledger append-only invariant - Add ledger_root_hash invariant 2. Phase-11 Event Taxonomy (NEW): - Complete event type enumeration (30+ events) - Event recording rules (MUST/SHOULD/MAY/MUST NOT) - Event specification by category (9 core events) - Event payload specifications - Event ordering rules (global, logical time, per-CPU) - Event filtering rules (high-frequency, syscall) - Event validation rules (ledger, transcript) - Event serialization format (binary, JSON lines) - CI gate validation (completeness, integrity) - Implementation checklist - Critical invariants Purpose: - Canonical event specification for Phase-11 - Defines which kernel events produce ledger/transcript - Specifies exact event payload formats - Provides validation and serialization rules Status: NORMATIVE Authority: Architecture Board This completes the Phase-11 architectural foundation: - Contract Matrix: layer boundaries - State Machine: execution flow - Event Taxonomy: event specification
Comprehensive requirements for Phase-11 verification substrate. Core Components: - Decision Ledger (P11-02): kernel decision record - Execution Transcript (P11-13): kernel reality record - Event Ordering (P11-10): deterministic sequencing - Replay Engine (P11-04): verification system - DLT (P11-14): multicore logical time - GCP (P11-15): multicore commit protocol - Proof Manifest (P11-11): cryptographic sealing 12 Requirements with 115 acceptance criteria covering: - Ledger/transcript recording - Hash chain integrity - Deterministic ordering - Replay verification - Multicore coordination - Proof generation - Evidence export - CI gate integration - Constitutional compliance - Backward compatibility Prerequisites: - ABDF_BCIB_PHASE11_CONTRACT_MATRIX.md - RUNTIME_STATE_MACHINE.md - Phase 10-A2 (Ring3 execution proof) Status: Draft (awaiting design document)
- Normalize event naming to AY_EVT_* across taxonomy/contract/spec docs - Add AY_EVT_MAX bound to taxonomy enum - Resolve taxonomy contradiction: record requirements are per event class - Canonicalize ledger hashing: payload_hash = H(normalized_payload) entry_hash = H(prev_hash || payload_hash) - Align evidence policy with repo behavior: CI artifact export required, git commit optional - Clarify requirements scope: BCIB plan identity is in-scope; BCIB runtime redesign out-of-scope - Update requirements issue range to P11-01..P11-18
- Add design.md with normative event pipeline, data model, replay identity binding, CI gate mapping, implementation order, and closure criteria - Add tasks.md with issue-aligned workstreams, branch names, gate mapping, evidence outputs, dependency order, and per-PR validation checklist - Enforce 1 PR = 1 invariant execution policy
- Add Created/Maintained/Edited metadata with Kenan AY to spec docs - Add mandatory documentation synchronization policy and PR Documentation Delta rule - Add language selection policy (C/Rust/Bash/Python) by subsystem suitability - Add explicit security and performance verification controls - Add owner assignment (Kenan AY) to Phase-11 task entries - Extend requirements with Security/Performance and Documentation Sync requirements
…ive gate - add normative MAILBOX_PROTOCOL_V2_CAPABILITIES contract - add fail-closed capability envelope checks in Ring0 mailbox validation - standardize reject aliases: REJ_BAD_SIG/REJ_CAP_MISSING/REJ_BUDGET_EXCEEDED/REJ_INVALID_PID - add ci-gate-mailbox-capability-negative with negative_matrix evidence - wire freeze/local-freeze gate chain and evidence/report exports - sync phase11 requirements/design/tasks + taxonomy/contract-matrix updates Validation: - python3 -m unittest tools/ci/test_validate_mailbox_capability_negative.py (PASS) - make ci-gate-mailbox-capability-negative RUN_ID=local-p11-34-clean (PASS) - make ci-gate-scheduler-mailbox-phase10c RUN_ID=local-p11-34-regression (PASS) Notes: - v1 mailbox ABI layout freeze preserved (size/offset/alignment unchanged) - local performance gate remains host-baseline mismatch (Darwin arm64 vs CI baseline)
…es (#43) Bootstrap ETI layer for Phase-11 verification substrate. Introduces CI-side ETI materialization and validation gates: - ci-gate-eti-sequence - ci-gate-ledger-eti-binding - ci-gate-transcript-integrity Artifacts: - eti_transcript.jsonl/.bin - binding_report.json - violations.txt - eti_diff.txt (bootstrap placeholder) Scope: ETI is materialized deterministically from Phase10-A2 evidence. Kernel hot-path ETI emission is intentionally deferred. Documentation: tasks.md, design.md, requirements.md updated to reflect bootstrap semantics.
…gates Add explicit missing_or_empty checks before validator execution: - gate_ledger_eti_binding.sh: decision_ledger.jsonl, eti_transcript.jsonl - gate_transcript_integrity.sh: eti_transcript.jsonl, eti_transcript.bin This prevents validator-level crashes and keeps gate semantics fail-closed (exit 3 on usage/input errors).
…tes, proofd observability
…nkhole, trust reuse runtime, diversity gates
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8029f8a54a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
ayken-core/crates/proof-verifier/src/diversity_ledger_producer.rs
Outdated
Show resolved
Hide resolved
P1: pass explicit --replay-source/--trust-source paths to companion producer
(flow sources live under gates/proofd-service/, not artifact-root)
P1: read gate verdicts from gates/<gate>/report.json in closure bundle generator
(not from summary[gates] which may be stale)
P2: validate calendar dates per-month in days_from_civil
(reject impossible dates like Feb-30 instead of silently normalizing)
Owner
Author
|
. |
This was referenced Mar 14, 2026
kenanay
force-pushed
the
feat/phase12-trust-reuse-authority-sinkhole
branch
from
0b40163 to
b3f1408
Compare
This was referenced Mar 14, 2026
…use-authority-sinkhole
…1-X64" This reverts commit a55310c.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Phase 12 trust layer tamamlama: authority sinkhole absorption, trust reuse runtime surface, verification diversity gates ve ilgili CI gate entegrasyonları.
Changes
New Files
proof-verifier: authority_sinkhole_absorption, companion_flow/producer, trust_reuse_runtime_evaluator/surface/emitter, verification_context_object, verifier_attestationdocs/specs/phase12-trust-layer: AUTHORITY_SINKHOLE_COMPANION_FLOW_SPEC, CROSS_SURFACE_BASIN_ALIGNMENT_METRICS, TRUST_REUSE_RUNTIME_SURFACE_SPECscripts/ci: gate_authority_sinkhole_absorption.sh, produce_authority_sinkhole_companion_flows.shtools/ci: test_validate_authority_sinkhole_absorption_gate.py, test_produce_authority_sinkhole_companion_flows.pyModified
CI Gates
make ci-gate-constitutionalMUST passmake ci-gate-abiMUST passmake ci-gate-boundaryMUST pass