Commit graph

1457 commits

Author SHA1 Message Date
Shay
a68b7060bd feat(demo): add epistemic truth-state authority demo
A model-style proposer submits a claim, evidence bundle, and optional
bounded-inference block; CORE alone assigns the typed epistemic state
drawn from the canonical core.epistemic_state taxonomy (no parallel
enum) and emits a deterministic, replayable evidence artifact.

The proposer cannot set assigned_state, status, trace_hash,
authority_path, evidence_ledger, or normative_clearance: the closed
recursive schema rejects any root-level injection before state
evaluation runs, and proposer-supplied proposed_state/trace_hash are
recorded as ignored and never read.

Adds closed schema, six fixtures, pinned expected artifacts, a
double-run byte-identical runner with hardened output-dir policy, and a
22-test suite. No network, subprocess, eval/exec, model API, or side
effects beyond demo output.
2026-06-11 12:46:17 -07:00
Shay
6419b2347a
Merge pull request #689 from AssetOverflow/docs/reconcile-post-688-public-roadmap
docs(planning): reconcile public roadmap with merged #687/#688 evidence
2026-06-11 12:08:41 -07:00
Shay
8e3a850a2c docs(planning): reconcile public roadmap with merged #687/#688 evidence
Tool Authority Demo (#688) was still tagged 'draft PR / in review' but it
merged at c55f7dfb. Hybrid Verification Demo (#687) lacked the claims-authority
framing and the agreement-is-not-safety finding. Reposition both as merged
evidence, name the next public evidence target, and align epistemic-state vocab.

- #687 = authority over claims; #688 = authority over proposed tool actions.
- Removed stale 'In progress / draft PR / in review' status on #688.
- Added explicit next-target ordering: Epistemic Truth-State -> Embodied
  Authority Simulation -> SaaS/On-Prem Boundary.
- No named-company, outreach, or production/robotics overclaims introduced.
2026-06-11 12:01:00 -07:00
Shay
c55f7dfba6
Merge pull request #688 from AssetOverflow/codex/feat-claude-tool-authority-demo
feat(demo): add frontier-proposer tool authority demo
2026-06-11 11:51:33 -07:00
Shay
e7da989565 fix(demo): restore full tool authority runner 2026-06-11 11:42:32 -07:00
Shay
ba097b622b fix(demo): restore full tool authority runner 2026-06-11 11:36:59 -07:00
Shay
260ef33857 fix(demo): restore tool authority runner 2026-06-11 11:32:52 -07:00
Shay
ea96be1684 fix(demo): refuse clearing custom tool authority output dirs 2026-06-11 10:56:55 -07:00
Shay
77a8c79f94 fix(demo): harden tool-authority runner hygiene 2026-06-11 10:14:59 -07:00
Shay
05133fd88b docs(planning): remove private outreach strategy from public repo 2026-06-11 10:04:46 -07:00
Shay
ee658c55d9 Repin ask tool authority artifact 2026-06-11 09:31:02 -07:00
Shay
b216b74943 Repin authorized tool authority artifact 2026-06-11 09:23:22 -07:00
Shay
baf8e43c44 Neutralize invalid tool authority fixture 2026-06-11 09:22:40 -07:00
Shay
7b23295b22 Neutralize refused tool authority fixture 2026-06-11 09:22:24 -07:00
Shay
7ec789455d Neutralize ask tool authority fixture 2026-06-11 09:22:11 -07:00
Shay
239bf0f8bf Neutralize authorized tool authority fixture 2026-06-11 09:21:55 -07:00
Shay
6a2bf9a097 Neutralize tool authority demo schema 2026-06-11 09:21:21 -07:00
Shay
022154ff71 Neutralize tool authority demo package wording 2026-06-11 09:19:19 -07:00
Shay
26a5e9721f Neutralize tool authority demo public wording 2026-06-11 09:18:50 -07:00
Shay
5de774ea63 Harden tool authority demo output clearing 2026-06-11 09:17:55 -07:00
Shay
1f41935f5f fix(demo): refuse normalized note path traversal 2026-06-11 08:18:00 -07:00
Shay
a3d945ed93 chore(demo): drop generated tool-authority outputs 2026-06-11 08:07:50 -07:00
Shay
8fe63c4032 feat(demo): add Claude-to-CORE tool authority demo 2026-06-11 08:07:07 -07:00
Shay
dda4cddfda docs(planning): expand authority substrate outreach plan and checklists with full content 2026-06-11 06:20:41 -07:00
Shay
518e9ebd1c docs(planning): add xAI Tesla embodied authority checklist 2026-06-11 05:44:04 -07:00
Shay
61d1467592 docs(planning): add Anthropic authority substrate checklist 2026-06-11 05:40:46 -07:00
Shay
a78e67a0be docs(planning): expand authority substrate outreach plan 2026-06-11 05:37:22 -07:00
Shay
2ccd0d005c docs(planning): add authority substrate outreach plan 2026-06-11 05:33:16 -07:00
Shay
3ba65d5176
Merge pull request #687 from AssetOverflow/feat/hybrid-verification-demo
feat(demo): add Claude-to-CORE hybrid verification demo
2026-06-10 21:10:54 -07:00
Shay
57a0e38f0b feat(demo): add Claude-to-CORE hybrid verification demo
A narrow, auditable proof path for the hybrid-mode boundary: a
Claude/Fable-style System 1 proposer submits an MCP-shaped tool call
(core.semantic_derivation.verify); CORE re-derives via the ADR-0184
derivation lane, keeps sole acceptance authority, refuses or asks when
it cannot honestly answer, and emits a deterministic replay/provenance
trace for every decision.

Boundary properties (each pinned by a failing-if-removed test):
- the proposer has no commit path: additionalProperties:false schema,
  and the demo modules import nothing from generate.* (AST-scanned with
  a planted-bypass self-test) — the lane is consumed only through the
  ADR-0184 S4b audited trace facade;
- 'verified' requires pool commit AND clean commit-law/faithfulness
  audits AND a gold-audited envelope.json entry AND byte-match to the
  pinned derivation trace (measured: 118 of the off-serving pool's 231
  corpus commits disagree with lane gold, so a bare pool commit is
  never served — scenario s4 shows the refusal on a commit that even
  matches gold);
- the ask leg is the real Q1 stack (router -> limitation -> Q1-D
  producer -> carried handle -> gated serving), dark by default,
  tamper-fail-closed on the content hash;
- authority_path names only consulted authorities; responses are
  deterministic (double-run byte-identical) and pinned under expected/.

No serving/runtime change; no CLAIMS/metrics/telemetry/lane-pin
movement; no network or Anthropic API dependency (System 1 payloads are
clearly-labeled static fixtures).
2026-06-10 20:41:50 -07:00
Shay
b93b4bd513 memo: tighten for Karpathy + Anthropic exec audience
- Explicit System 1/2 framing in thesis and §2 (Claude proposes; CORE decides)
- Named Bounded Transition Guarantee (v2.1) callout box in §2
- Conditioned false-positive claim on correctly specified Anchor (§1)
- Named Type-Safe Local Closure security model in Lens layer and §5 Signal 1
- §7 renamed 'The Ask — Hybrid Mode Wedge' with MCP-shaped experiment framing
- §5 stats (716/716, 0 wrong) explicitly tied to BTG, not tuning/sampling
- §6 Honest Limits: explicit Hybrid vs Native Mode distinction added
- Harmful variant table row: 'licensed scope is a ratified human policy decision'
2026-06-10 16:10:47 -07:00
Shay
d39189e9e6
test(derivation): add ADR-0184 semantic replay equivalence harness
test(derivation): add ADR-0184 semantic replay equivalence harness
2026-06-10 15:05:53 -07:00
Shay
ad75a2c79a test(derivation): add ADR-0184 semantic replay equivalence harness
ADR-0184 S4b — the replay/provenance equivalence boundary, the
precondition for any semantic-primary path. After #685 the in-repo
legacy path delegates to the semantic boundary, so old-vs-new is
vacuous; the durable reference is a pinned canonical trace artifact
(evals/gsm8k_math/equivalence/v1/, 937 problems) whose authority is
the #684/#685 cross-tree differentials (documented provenance chain).

- state/provenance.py: replay_is_faithful — the replay bridge's law as
  a checkable structural property (no verify/pool import; covered by
  the #685 authority scan).
- equivalence/trace.py: canonical traces (worlds, candidates, order,
  multiplicity, classifications, resolutions) + authority_violations
  re-deriving the pool commit law from trace content.
- scripts/verify_semantic_equivalence.py: check / --update gate
  mirroring verify_lane_shas.py.
- tests/test_adr_0184_s4b_replay_equivalence.py: full-corpus live-vs-
  pinned equality, corpus-wide authority + faithfulness, and 17
  single-mutation non-vacuity proofs.

Pure additions; verify.py/pool.py untouched; no serving, CLAIMS,
metrics, or lane pins moved.
2026-06-10 14:35:22 -07:00
Shay
a6e846ebdb
Merge pull request #685 from AssetOverflow/feat/adr-0184-s3-candidate-source-boundary
feat(derivation): define semantic-ledger candidate source boundary
2026-06-10 13:53:45 -07:00
Shay
951bcc0252 feat(derivation): define semantic-ledger candidate source boundary
ADR-0184 §7 S4: add generate/derivation/state/source.py — the single
boundary through which semantic-ledger worlds become pool candidates —
and swap pool.py's accumulation source to semantic_state_candidates().
accumulate.py keeps its public surfaces as thin compatibility wrappers
(ADR-0184 §10). Byte-identical over the 937-problem differential;
verify.py / pool.py remain the sole commit authority (structural
no-authority-import scan over state/, non-vacuous).

Also: docs/analysis design note for the S3–S5 boundary stack, and a
drive-by ruff F541 fix in r1_reconstruction.py (rf->r, zero behavior).
2026-06-10 13:17:53 -07:00
Shay
130344d373
Merge pull request #683 from AssetOverflow/feat/ask-carried-handle-seam
feat(ask): add carried-handle acquisition seam for served ASK
2026-06-10 12:54:38 -07:00
Shay
c0d6493219 fix(ask): canonicalize question/proposal path collision check
Compare resolved canonical Path values, not raw string spellings, when
detecting a question_path / proposal_path collision. A relative
proposal_path and an absolute question_path that name the same file now
fail closed with reason "path_collision" instead of resolving.

Adds a regression test for the absolute-vs-relative same-file collision
and keeps the existing exact-string collision test. The new test is
non-vacuous: it fails under the prior raw-string comparison.

Scope: ask_handle.py seam + its test only. No runtime.py, CLAIMS,
metrics, telemetry, schema, or lane-pin changes.
2026-06-10 12:44:46 -07:00
Shay
953d183d9d
Merge pull request #684 from AssetOverflow/feat/adr-0184-s2-semantic-ledger-reland
feat(derivation): introduce ADR-0184 S2 semantic-state ledger (behavior-equivalent)
2026-06-10 12:14:07 -07:00
Shay
9dcb00248c feat(derivation): route accumulation through ADR-0184 S2 semantic ledger
ADR-0184 S1 (state/bind.py, state/change.py) landed the reusable referent and
change-cue helpers. S2 adds the first explicit state-transition substrate and
routes both accumulation readings through it:

- state/model.py   frozen SET/GAIN/LOSS transition model over one entity/unit
                   StateKey, with structural validation (closed op set; unit is a
                   str with "" = unitless, mirroring the extractor's Quantity.unit
                   contract; entity optional, mirroring leading_subject_token).
- state/ledger.py  build_accumulation_ledger() — the proven single-referent
                   gain/loss reading, expressed as a SemanticLedger.
- state/replay.py  replay_accumulation_ledger() — the only bridge to
                   GroundedDerivation; refuses any non-accumulation ledger shape
                   (non-SET start, cross-key mutation).

accumulate.py's _build_accumulation / _build_accumulation_anchor_skip now build a
ledger and replay it instead of constructing the arithmetic chain inline; the
public compose_accumulation()/accumulation_candidates() surfaces are unchanged.

Behavior-equivalent: a byte-for-byte differential over 937 real GSM8K problems
(accumulation_candidates, compose_accumulation, pooled_candidates, resolve_pooled)
shows 0 differences vs main. Semantic worlds never commit directly — replay emits
GroundedDerivation and verify.py / pool.py remain the sole authority. Sealed: no
serving/runtime/chat import; no CLAIMS or eval-lane-SHA movement.

Refs ADR-0184 section 7 (S2).
2026-06-10 12:00:23 -07:00
Shay
05a25dd61f Add technical memo for external review (GitHub Pages) 2026-06-10 11:59:17 -07:00
Shay
41664ce60d feat(ask): add carried-handle acquisition seam for served ASK
The missing-boundary doc (#682) established that chat/runtime.py has no
lawful in-turn provider for a QUESTION_NEEDED ContemplationResult: the
only producer is the off-serving contemplation pass, and scanning
teaching/questions/ would be new, unspecified acquisition logic. This
slice builds the recommended unblocking seam instead of the forbidden
runtime shortcut: carried-handle acquisition.

core/epistemic_disclosure/ask_handle.py:
- AskArtifactHandle — an explicit, caller-carried reference to one
  already-produced Q1-D DeliveredQuestion artifact. Provenance is the
  producer's own content address (sha256 of blocking_reason:slot_name:
  text, also the artifact filename stem) — the only identity field the
  Q1-D artifact carries today. No turn/case provenance exists yet; that
  boundary is documented, not invented.
- resolve_served_ask_handle — gate-first (zero filesystem access while
  ask_serving_enabled is dark), structural handle validation, single
  explicit-path artifact read (no glob/iterdir/scan), and content-hash
  re-derivation so a stale/replaced/tampered artifact fails closed.
  Emits a ResolvedAskCandidate duck-typed to what evaluate_served_ask
  reads (terminal/question_path/proposal_path) — no question prose is
  ever constructed or carried.
- acquire_served_ask_from_handle — composes resolution into the
  existing acquire_served_ask_candidate / evaluate_served_ask stack.
  All Q1-D artifact policy (status/review/served/answer-binding/text/
  slot/collision) stays delegated; the seam owns identity only.

Not changed: chat/runtime.py, chat(...) signature, ChatResponse,
TurnEvent, telemetry schema, Q1B_ASK_CARVE_OUT, proposal_allowed,
VERIFIED serving, CLAIMS/metrics/lane pins. The seam imports neither
generate.contemplation (pass_manager) nor core.epistemic_questions
render/delivery — enforced by AST tests.

Tests (tests/test_ask_handle.py, 18 cases): gate-dark no-I/O proof,
fallback preservation, valid resolution served end-to-end through the
existing stack, proposal-artifact / missing / malformed / invalid-Q1-D
/ path-collision / stale-hash / non-addressed-filename / structurally-
invalid-handle fail-closed paths, no-discovery-without-exact-handle,
and AST guards for scan primitives, forbidden imports, and prose.

Verification: focused ASK+governance suites 396 passed; architectural
invariants 56 passed; smoke-equivalent suite 90 passed; lane SHAs 8/9
content-match (the 9th is the documented local public_demo wall-clock
flake, 48.3s vs the 30s ADR-0099 budget — no content drift, no re-pin).
2026-06-10 10:53:54 -07:00
Shay
7d6b7918aa
Merge pull request #682 from AssetOverflow/feat/ask-runtime-wire
docs(ask): document missing runtime ASK provider boundary
2026-06-10 09:41:42 -07:00
Shay
d2a4deffa9 docs(ask): document missing runtime ASK provider boundary
Stop-and-document outcome for issue #680's final runtime wiring. The
serving turn has no lawful in-turn ContemplationResult or provider: the
sole QUESTION_NEEDED producer (generate.contemplation.contemplate) is an
off-serving growth organ that runtime is forbidden to call, and no
plumbing carries its artifact into the turn. Wiring is deferred to a
lawful acquisition slice; chat/runtime.py is left untouched.
2026-06-10 09:23:04 -07:00
Shay
32f8c2ff9a
feat(ask): add runtime-facing ASK helper module
feat(ask): add runtime-facing ASK helper module
2026-06-10 08:29:46 -07:00
Shay
97ba7a3a17 feat(ask): add runtime-facing ASK helper module
Adds a small chat.ask_runtime helper that consumes the ASK acquisition seam without editing chat/runtime.py.

- Uses honest contemplation_result keyword forwarding
- Preserves fallback behavior when ASK serving is disabled
- Does not call pass_manager or render_question
- Does not change public chat/runtime schema
2026-06-10 03:34:02 -07:00
Shay
d3e13bbf19
Merge pull request #679 from AssetOverflow/fix-ask-acquisition-guard
test(ask): make acquisition runtime guard structural
2026-06-09 13:43:21 -07:00
Shay
0e24f8cb0b test(ask): make runtime schema guard structural 2026-06-09 13:34:10 -07:00
Shay
c0b00587f6 revert(ask): remove unsafe runtime hook bypass
Backs out the direct main push that added _maybe_apply_served_ask using a string-concatenation workaround to evade an over-broad text guard.

Restores chat/runtime.py to the #678 merge state and removes tests/test_ask_runtime_hook.py so the next runtime hook can land through a reviewed PR with structural tests instead of guard bypasses.
2026-06-09 13:29:18 -07:00
Shay
2bafceea46 feat(ask): wire default-dark ASK candidate into runtime fallback path
- This is the smallest runtime consumption hook for the ASK acquisition seam.

- It is default-dark.

- It preserves normal runtime behavior when disabled.

- It does not change public `chat(...)` signature.

- It does not change `ChatResponse`, `TurnEvent`, or telemetry schema.

- It does not call/render question prose.

- It does not serve from `proposal_path`.

- It does not retire Q1B carve-out or flip `proposal_allowed`.

- It does not serve VERIFIED.

- It does not move CLAIMS or metrics.
2026-06-09 13:26:13 -07:00
Shay
55402001e3
Merge pull request #678 from AssetOverflow/add-ask-acquisition-seam
feat(ask): add serving-safe ASK acquisition seam
2026-06-09 13:09:45 -07:00