Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
113 commits
Select commit Hold shift + click to select a range
6143574
feat(policy): add Ed25519 policy signing helpers
fraware Jun 28, 2026
638502f
refactor(policy): support three policy integrity verification modes
fraware Jun 28, 2026
912d195
chore(policy): add release signing key registry for v0.7
fraware Jun 28, 2026
37a3342
feat(policy): wire signed manifest checks into policy loading
fraware Jun 28, 2026
ce77c5a
feat(review): add structured review loop orchestration
fraware Jun 28, 2026
a16899f
feat(gate): extend evaluate_with_grant for scope-bound decisions
fraware Jun 28, 2026
d71032b
feat(records): attach grant metadata to decision records
fraware Jun 28, 2026
82769c1
fix(pcs): include scope grant fields in PCS export
fraware Jun 28, 2026
cbea514
feat(scripts): add SCOPE live chain verification CLI
fraware Jun 28, 2026
d12c4d2
docs(scope): document live SCOPE chain verification
fraware Jun 28, 2026
a391395
test(scope): add real SCOPE grant fixture for contracts
fraware Jun 28, 2026
b1922a4
test(scope): add real SCOPE decision fixture for contracts
fraware Jun 28, 2026
64d5071
test(scope): add real SCOPE review packet fixture
fraware Jun 28, 2026
2ee50c0
test(contracts): cover SCOPE live import in Python
fraware Jun 28, 2026
e24c89b
test(contracts): cover SCOPE live verification CLI
fraware Jun 28, 2026
487902b
test(fixtures): add narrow real scope grant for PCS tests
fraware Jun 28, 2026
d520a1e
test(fixtures): add overbroad real scope grant negative case
fraware Jun 28, 2026
b6f9f71
test(fixtures): add narrow simulated scope grant fixture
fraware Jun 28, 2026
bc19836
test(fixtures): add overbroad simulated scope grant fixture
fraware Jun 28, 2026
20aa28d
test(pcs): assert scope grant fields survive PCS export
fraware Jun 28, 2026
9f0510b
test(gate): cover evaluate_with_grant acceptance and rejection
fraware Jun 28, 2026
10380e2
test(policy): cover three policy integrity signing modes
fraware Jun 28, 2026
6fca8cf
feat(scripts): expand reconstructable experiment demo for v0.7
fraware Jun 28, 2026
b620a93
test(integration): exercise reconstructable experiment demo end-to-end
fraware Jun 28, 2026
7e26879
chore(scenarios): extend adversarial transition labels for v0.7
fraware Jun 28, 2026
a0634d8
feat(evals): deepen adversarial transition evaluation harness
fraware Jun 28, 2026
99b7b8c
chore(evals): refresh adversarial transitions report for v0.7
fraware Jun 28, 2026
430e5a2
test(evals): align adversarial transition tests with v0.7 harness
fraware Jun 28, 2026
c4cddec
docs: add failure class taxonomy for v0.7 governance
fraware Jun 28, 2026
d9f6272
docs: add scenario labeling guidelines for eval authors
fraware Jun 28, 2026
92095dc
docs: document holdout and private governance practices
fraware Jun 28, 2026
fa13609
docs(policy): document three-mode policy integrity for v0.7
fraware Jun 28, 2026
b37ce88
docs(security): note v0.7 policy signing and key handling
fraware Jun 28, 2026
493d078
chore(scripts): align protocol drift demo with v0.7 grant flow
fraware Jun 28, 2026
429121a
test(api): adjust REST expectations for v0.7 record fields
fraware Jun 28, 2026
f43af8d
chore(evals): refresh canonical_5 report baseline
fraware Jun 28, 2026
99d3787
chore(evals): refresh public_100 report baseline
fraware Jun 28, 2026
68eeedc
chore(examples): sync protocol_drift active-update decision artifact
fraware Jun 28, 2026
ab3d750
chore(examples): sync protocol_drift draft-only decision artifact
fraware Jun 28, 2026
9c237ec
chore(examples): sync protocol_drift active-update record artifact
fraware Jun 28, 2026
cb9f967
chore(examples): sync protocol_drift PF obligation sidecar
fraware Jun 28, 2026
637e928
chore(examples): sync protocol_drift review trigger sidecar
fraware Jun 28, 2026
84d86bf
chore(examples): update protocol_drift PCS manifest hashes
fraware Jun 28, 2026
dce0e69
chore(examples): sync protocol_drift PCS akta decision member
fraware Jun 28, 2026
773f63b
chore(examples): sync protocol_drift PCS akta record member
fraware Jun 28, 2026
90b27c2
chore(examples): sync protocol_drift PCS PF obligation member
fraware Jun 28, 2026
6ff2cb7
chore(examples): sync protocol_drift PCS review trigger member
fraware Jun 28, 2026
a3afeb7
chore(examples): sync weak_evidence akta decision artifact
fraware Jun 28, 2026
2e8ef29
chore(examples): sync weak_evidence akta record artifact
fraware Jun 28, 2026
e55760e
chore(examples): sync weak_evidence PCS decision member
fraware Jun 28, 2026
4ca7d93
chore(examples): sync weak_evidence PCS record member
fraware Jun 28, 2026
ab096de
chore(examples): update weak_evidence PCS manifest hashes
fraware Jun 28, 2026
9599f53
chore(examples): sync reconstructable_experiment akta record
fraware Jun 28, 2026
eecded6
chore(examples): sync reconstructable_experiment memory entry
fraware Jun 28, 2026
2673a7e
chore(examples): sync reconstructable_experiment PCS record member
fraware Jun 28, 2026
db171ed
chore(examples): update reconstructable_experiment PCS manifest
fraware Jun 28, 2026
b33e01d
chore(release): bump package version to 0.7.0
fraware Jun 28, 2026
ec66fef
docs(changelog): add AKTA v0.7.0 release notes
fraware Jun 28, 2026
b9cb75e
docs(readme): update README for v0.7 acceptance criteria
fraware Jun 28, 2026
7410f7f
feat(review): copy scope grant metadata into review context
fraware Jun 28, 2026
7a336e2
feat(review): merge blocked_tools in review loop
fraware Jun 28, 2026
2ca9703
feat(review): enforce allowed and blocked prior-review tools
fraware Jun 28, 2026
2b0ff52
test(review): cover prior_review_allowed_tools enforcement
fraware Jun 28, 2026
f7e984d
test(review): cover prior_review_blocked_tools enforcement
fraware Jun 28, 2026
381e876
feat(scope): add scope_akta_review_summary JSON schema
fraware Jun 28, 2026
fd3cd86
feat(scope): add akta-review CLI mode to scope adapter
fraware Jun 28, 2026
ba735b2
test(contracts): add scope akta-review CLI contract tests
fraware Jun 28, 2026
6856d86
chore(scripts): extend verify_scope_live_chain for akta-review
fraware Jun 28, 2026
4cc9232
docs(scope): document akta-review live conformance
fraware Jun 28, 2026
3d92384
feat(demo): add Cases A/B/C reconstructable experiment assertions
fraware Jun 28, 2026
038ef81
docs(examples): add reconstructable experiment reconstruction report
fraware Jun 28, 2026
4e69a2f
test(integration): extend reconstructable experiment demo tests
fraware Jun 28, 2026
db0934d
test(rest): expand REST API adapter coverage
fraware Jun 28, 2026
c13b524
test(mcp): expand MCP server adapter coverage
fraware Jun 28, 2026
3726422
test(langgraph): expand LangGraph adapter coverage
fraware Jun 28, 2026
a3aa966
test(adapters): expand v0.4 adapter guardrail tests
fraware Jun 28, 2026
d54f9cd
docs(release): add RELEASE.md for v0.7.1
fraware Jun 28, 2026
8e0db09
docs(integration): polish akta v0.3 integration guide
fraware Jun 28, 2026
343b348
docs(overlays): polish domain overlay guide
fraware Jun 28, 2026
384ae15
docs(thesis): polish field thesis for public release
fraware Jun 28, 2026
95a1c40
docs(integration): polish integration guide
fraware Jun 28, 2026
6817aaa
docs(limitations): polish limitations for v0.7.1
fraware Jun 28, 2026
fa76157
docs(pcs): polish PCS export guide
fraware Jun 28, 2026
f0325e3
docs(pf): polish pf-core bridge guide
fraware Jun 28, 2026
7f1ad23
docs(policy): polish policy integrity guide
fraware Jun 28, 2026
6000548
docs(review): polish review integration guide
fraware Jun 28, 2026
acba6ec
docs(admissibility): polish scientific action admissibility doc
fraware Jun 28, 2026
7e83c01
docs(scope): polish scope bridge guide
fraware Jun 28, 2026
65f7934
docs(security): polish threat model for v0.7.1
fraware Jun 28, 2026
263729a
docs(trust): polish trusted boundary guide
fraware Jun 28, 2026
31d4971
docs(readme): rewrite README for v0.7.1 public release
fraware Jun 28, 2026
e8e6581
docs(governance): polish GOVERNANCE for v0.7.1
fraware Jun 28, 2026
92c96ac
docs(security): polish SECURITY for v0.7.1
fraware Jun 28, 2026
b443e68
docs(changelog): add AKTA v0.7.1 release notes
fraware Jun 28, 2026
d40f575
chore(release): bump package version to 0.7.1
fraware Jun 28, 2026
03e61d6
chore(release): refresh PyPI package description for v0.7.1
fraware Jun 28, 2026
a2434a8
docs(contracts): polish contracts test README
fraware Jun 28, 2026
0184df8
docs(skill): refresh admissibility skill for v0.7.1
fraware Jun 28, 2026
744d696
docs(overlays): polish overlays README
fraware Jun 28, 2026
a83383e
ci(docs): polish cross-repo CI notes
fraware Jun 28, 2026
3a220e4
chore(evals): refresh canonical_5 report baseline
fraware Jun 28, 2026
011749f
chore(evals): refresh public_100 report baseline
fraware Jun 28, 2026
bff59cd
docs(examples): update integrated_weak_evidence README
fraware Jun 28, 2026
e676b10
docs(examples): update integrated_protocol_drift README
fraware Jun 28, 2026
15f1136
chore(examples): sync protocol_drift active-update decision artifact
fraware Jun 28, 2026
ee425e5
chore(examples): sync protocol_drift active-update record artifact
fraware Jun 28, 2026
f106765
chore(examples): sync protocol_drift review trigger sidecar
fraware Jun 28, 2026
e0e6dc4
chore(examples): sync protocol_drift PF obligation sidecar
fraware Jun 28, 2026
cfd7e6c
chore(examples): sync protocol_drift PCS akta decision member
fraware Jun 28, 2026
02601fe
chore(examples): sync protocol_drift PCS akta record member
fraware Jun 28, 2026
2d93b34
chore(examples): sync protocol_drift PCS PF obligation member
fraware Jun 28, 2026
a4b8446
chore(examples): sync protocol_drift PCS review trigger member
fraware Jun 28, 2026
bf55ee4
chore(examples): update protocol_drift PCS manifest hashes
fraware Jun 28, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 34 additions & 3 deletions .github/CROSS_REPO_CI.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Cross-repo CI configuration (v0.6)
# Cross-repo CI configuration (v0.7.1)

AKTA default CI runs entirely in-repo. Optional jobs validate live exports against sibling repositories when repository variables or secrets are configured.

Expand Down Expand Up @@ -33,6 +33,16 @@ env:

Run locally:

```bash
export PF_CORE_REPO_PATH=/path/to/PF-Core
export PCS_CORE_REPO_PATH=/path/to/PCS-Core
export SCOPE_REPO_PATH=/path/to/SCOPE
export PCS_BENCH_REPO_PATH=/path/to/PCS-Bench
pytest tests/contracts/ -v -m integration
```

PowerShell:

```powershell
$env:PF_CORE_REPO_PATH = "C:\path\to\PF-Core"
$env:PCS_CORE_REPO_PATH = "C:\path\to\PCS-Core"
Expand All @@ -41,6 +51,23 @@ $env:PCS_BENCH_REPO_PATH = "C:\path\to\PCS-Bench"
pytest tests/contracts/ -v -m integration
```

## Live SCOPE verification (v0.7)

After configuring a SCOPE sibling:

```bash
export SCOPE_REPO_PATH=/path/to/SCOPE
python scripts/verify_scope_live_chain.py --mode python-import

export SCOPE_CLI=scope
python scripts/verify_scope_live_chain.py --mode cli

export SCOPE_CLI_MODE=akta-review
python scripts/verify_scope_live_chain.py --mode akta-review
```

The verifier fails when the adapter falls back to `simulated` mode or when PCS export accepts an overbroad grant. See [docs/scope_live_conformance.md](../docs/scope_live_conformance.md).

## Job behavior

### `cross-repo-pf-pcs`
Expand All @@ -49,7 +76,7 @@ Runs when `PF_CORE_REPO_PATH` or `PCS_CORE_REPO_PATH` is non-empty. Exports AKTA

### `cross-repo-scope`

Runs when `SCOPE_REPO_PATH` is set or `SCOPE_REPO_URL` secret is present. Clones SCOPE when only the secret is configured, then runs SCOPE python-import contract tests.
Runs when `SCOPE_REPO_PATH` is set or `SCOPE_REPO_URL` secret is present. Clones SCOPE when only the secret is configured, then runs SCOPE python-import contract tests and optional live chain verification.

### `cross-repo-pcs-bench`

Expand All @@ -67,6 +94,10 @@ When `PCS_BENCH_REPO_PATH` points to a sibling checkout, `adapters/pcs_bench/run

- Jobs are skipped when variables are unset; default CI remains green without siblings.
- Invalid `PCS_BENCH_REPO_PATH` values fall back to the in-repo runner rather than silently passing external validation.
- SCOPE python-import mode does not fall back to simulated grants when `SCOPE_REPO_PATH` is set.
- SCOPE python-import and CLI modes do not fall back to simulated grants when `SCOPE_REPO_PATH` or `SCOPE_CLI` is set.

## Release acceptance

Default release gate: `make ci` (see [docs/RELEASE.md](../docs/RELEASE.md)). Cross-repo jobs are optional enhancements, not required for public release.

See also [tests/contracts/README.md](../tests/contracts/README.md).
36 changes: 36 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,42 @@ All notable changes to AKTA are documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).

## [0.7.1] - 2026-06-28

### Added

- `evaluate_prior_review()` enforces `prior_review_allowed_tools` and `prior_review_blocked_tools`
- SCOPE adapter `akta-review-cli` mode (`SCOPE_CLI_MODE=akta-review`) calling `scope akta review`
- `schemas/scope_akta_review_summary.schema.json` for summary validation
- Tests: `test_review_context_allowed_tools.py`, `test_review_context_blocked_tools.py`, `test_scope_akta_review_cli.py`
- Reconstructable demo Cases A/B/C with explicit post-grant decision assertions

### Changed

- `scope_grant_to_context_metadata()` copies blocked_tools, grant_id, provenance, and full grant metadata
- Reconstructable demo uses weak-evidence queue-priority scenario; documents SCOPE grant vs AKTA policy layers
- Documentation polish for v0.7.1 public release; added [docs/RELEASE.md](docs/RELEASE.md)

## [0.7.0] - 2026-06-28

### Added

- Live SCOPE verification: `scripts/verify_scope_live_chain.py` (python-import and CLI modes)
- Policy integrity modes: `dev_unsigned`, `deployment_hmac_attested`, `release_ed25519_signed` (`akta/policy_signing.py`)
- `policy/release_keys.yaml` public Ed25519 key registry for published reference bundles
- Closed-loop review semantics: `akta/review_loop.py` with grant allowlist, protocol/evidence invalidation, SCOPE blocked_tools preservation
- Reconstructable experiment demo outputs canonical chain to `dist/reconstructable_experiment/` (00–11 artifacts + reports)
- PCS scope grant fixtures: `tests/fixtures/scope_grants/` (real and simulated narrow/overbroad)
- Adversarial transitions: F01–F15 `failure_class` per scenario, per-class reporting, inter-rater stats in eval report
- Docs: `scope_live_conformance.md`, `failure_class_taxonomy.md`, `scenario_labeling_guidelines.md`, `holdout_private_governance.md`
- Tests: `test_policy_signing_modes.py`, `test_evaluate_with_grant.py`, `test_pcs_scope_grant_export.py`, live SCOPE contract tests, reconstructable demo integration test

### Changed

- Package version `0.7.0`; `evaluate_with_grant()` applies `review_loop` constraints
- PCS manifest records `integrity_mode`; decisions include `policy_integrity_mode`
- `evals/adversarial_transitions.py` writes default report to `evals/reports/adversarial_transitions.json`

## [0.6.0] - 2026-06-28

### Added
Expand Down
16 changes: 12 additions & 4 deletions GOVERNANCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,34 @@

## Project type

AKTA is an open protocol with a reference implementation. It is stewarded as a standalone engineering artifact for scientific action admissibility.
AKTA is an open protocol with a reference implementation under the MIT license. It is stewarded as a standalone engineering artifact for scientific action admissibility. It is not a safety certification.

## Decision-making

- **Protocol changes** (schemas, ontologies, deployment profiles): require design review and version bump.
- **Reference kernel changes**: follow normal pull request review.
- **Domain overlays**: core reference overlays (generic lab, materials, computational science) are operational. Biology, chemistry, and clinical overlays are experimental (v0.5) and not deployment-ready without institutional governance.
- **Domain overlays**: core reference overlays (generic lab, materials, computational science) are operational. Biology, chemistry, and clinical overlays are experimental and not deployment-ready without institutional governance.

## Versioning

AKTA follows semantic versioning for the reference implementation package (`akta-protocol`). Schema versions are embedded in artifact metadata (e.g., `akta-core-v0.5`, `akta-record-v0.5`).
AKTA follows semantic versioning for the reference implementation package (`akta-protocol`, currently v0.7.1). Schema versions are embedded in artifact metadata (e.g., `akta-core-v0.5`, `akta-record-v0.5`).

## Non-certification

AKTA does not certify autonomous labs, safety compliance, or scientific correctness. The AKTA Card is an institutional disclosure artifact, not a certification.
AKTA does not certify autonomous labs, safety compliance, or scientific correctness. The AKTA Card is an institutional disclosure artifact, not a certification. PCS export records provenance; it does not certify deployment safety.

## Authority boundary

AKTA decides pre-action admissibility. SCOPE grants scoped authorization after human review. AKTA does not broaden SCOPE grants; SCOPE grants do not override AKTA evidence or deployment-profile policy by default.

## P7 exclusion

Deployment profile P7 (fully autonomous scientific operator) is defined for future taxonomy only. AKTA raises `UnsupportedProfileError` if P7 is requested. **P7 runtime is a permanent non-goal** unless the Open Scientific Action Protocol specification explicitly adds P7 support in a future version.

## Release acceptance

Public releases follow [docs/RELEASE.md](docs/RELEASE.md): `make ci`, integrated demos, and optional live SCOPE verification.

## Maintainers

Initial stewardship: [fraware/AKTA](https://github.com/fraware/AKTA) repository maintainers.
Loading