Skip to content

Commit 2ac83e5

Browse files
bb-connorclaude
andcommitted
Add hotkeys, policy-compiler spec, seeded architecture-summary episode
(a) Canonical hotkeys committed at .obsidian/hotkeys.json: - Cmd+Shift+E → episode-promoter:promote-to-episode - Cmd+Shift+T → periodic-notes:open-daily-note (today's daily) - Cmd+Shift+G → obsidian-git:open-source-control-view (commit panel) The file is un-gitignored; users override via Obsidian's UI without breaking the canonical defaults for the next fresh checkout. The .gitignore now documents the `git update-index --skip-worktree` pattern for shared-vault contributors who want personal bindings. Companion vault/_meta/hotkeys.md documents the bindings and the rebind protocol. (b) vault/spec/policy-compiler.md: the fourth worked spec, completing the Capability/Receipt/Guard/Policy core quad. Six normative claims (deterministic compilation, schema validation, fail-closed on compile errors, evaluator purity, two receipt classes for compile + eval). Three constraints from the guard-policy-fail-closed seed (policies are kernel-loaded artifacts, purity is replayability, compile + eval receipts kept orthogonal). Cites real arc paths from chio-policy/src/{compiler,validate,evaluate/{engine,matchers}, models,lib}.rs and ties the producer-consumer relationship to guard-pipeline (the consumer of compiled evaluators). (d) vault/episodes/chio-architecture-summary.md: a hand-seeded episode matching what `make kb-migrate-seeds` would produce against arc PR #599's seeds/graphiti/architecture-summary.json. Demonstrates the canonical post-migration shape: status: imported, typed authoritative_files frontmatter, summary as opening prose, editing_guidance as a `## Guidance` section, the HUMAN_EDIT_MARKER at the bottom. Running migrate-seeds.py later will overwrite the machine portion (preserving anything below the marker) and add a seed_content_hash for idempotency. Cross-linked from the four worked specs that reference this episode by graphiti-episode field. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 parent ff3cb30 commit 2ac83e5

5 files changed

Lines changed: 196 additions & 1 deletion

File tree

.gitignore

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,9 @@ kb-engine/uv.lock
2828
.obsidian/cache
2929
.obsidian/graph.json
3030
.obsidian/app.json
31-
.obsidian/hotkeys.json
31+
# hotkeys.json IS committed (canonical default bindings — see vault/_meta/hotkeys.md);
32+
# users override locally in Obsidian's Hotkeys settings, which writes to this file.
33+
# Skip-worktree on conflict: `git update-index --skip-worktree .obsidian/hotkeys.json`
3234

3335
# Themes are user-installed
3436
.obsidian/themes/

.obsidian/hotkeys.json

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
{
2+
"episode-promoter:promote-to-episode": [
3+
{ "modifiers": ["Mod", "Shift"], "key": "E" }
4+
],
5+
"periodic-notes:open-daily-note": [
6+
{ "modifiers": ["Mod", "Shift"], "key": "T" }
7+
],
8+
"obsidian-git:open-source-control-view": [
9+
{ "modifiers": ["Mod", "Shift"], "key": "G" }
10+
]
11+
}

vault/_meta/hotkeys.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
---
2+
id: meta.hotkeys
3+
type: meta
4+
---
5+
6+
# Canonical hotkeys
7+
8+
Configured in [`.obsidian/hotkeys.json`](../../.obsidian/hotkeys.json) (committed, not gitignored). Obsidian's Settings → Hotkeys panel writes overrides to the same file; users can rebind freely without breaking the canonical defaults for the next fresh checkout.
9+
10+
## Bindings
11+
12+
| Combo | Command | Why |
13+
| ----- | ------- | --- |
14+
| `Cmd+Shift+E` | `episode-promoter:promote-to-episode` | The "What I learned" → episode flow is the highest-leverage daily action. Worth a top-row binding. |
15+
| `Cmd+Shift+T` | `periodic-notes:open-daily-note` | Open today's daily note. Combined with auto-creation from the [Periodic Notes plugin](../../.obsidian/plugins/periodic-notes/data.json), Cmd+Shift+T = "morning brief, now". |
16+
| `Cmd+Shift+G` | `obsidian-git:open-source-control-view` | Open the Git source control panel. Daily commit cadence is part of the vault's contract (auto-save every 60s, auto-pull every 30 min); Cmd+Shift+G is the deliberate "stage and commit now" gesture. |
17+
18+
`Mod` resolves to `Cmd` on macOS and `Ctrl` on Windows/Linux. The bindings are cross-platform.
19+
20+
## Adding more
21+
22+
Edit `.obsidian/hotkeys.json` directly OR use Obsidian's Hotkeys settings UI. The file format is one entry per command:
23+
24+
```json
25+
{
26+
"<plugin-id>:<command-id>": [
27+
{ "modifiers": ["Mod", "Shift"], "key": "X" }
28+
]
29+
}
30+
```
31+
32+
Modifier keys: `Mod`, `Ctrl`, `Shift`, `Alt`, `Meta`. Multiple bindings per command are allowed (the value is an array).
33+
34+
## Conflict policy
35+
36+
If a contributor wants a different default, they have three options:
37+
38+
1. **Override in Obsidian's UI.** This writes to `.obsidian/hotkeys.json` and shows up in `git status`. Don't commit unless the team has agreed to flip the canonical default.
39+
2. **Local-only opt-out.** `git update-index --skip-worktree .obsidian/hotkeys.json` keeps a local hotkey file without git tracking changes. Reverse with `--no-skip-worktree`.
40+
3. **Propose a new default.** Open a PR updating both `.obsidian/hotkeys.json` and this table. Hotkey changes are not load-bearing but they affect everyone's muscle memory; review accordingly.
41+
42+
## See also
43+
44+
- [`.obsidian/hotkeys.json`](../../.obsidian/hotkeys.json) — the actual file
45+
- [`AGENTS.md`](../../AGENTS.md) — project-wide conventions
46+
- [`onboard-a-chio-developer.md`](../playbooks/onboard-a-chio-developer.md) — Day 1, where these hotkeys first show up
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
---
2+
id: episode.chio-architecture-summary
3+
type: episode-architecture-summary
4+
status: imported
5+
scope: chio-repo
6+
title: "Chio architecture summary"
7+
graphiti_episode_name: "Chio architecture summary"
8+
source_description: "Curated seed for agent orientation in the Chio repository."
9+
authoritative_files:
10+
- "spec/PROTOCOL.md"
11+
- "crates/chio-core-types/src/capability.rs"
12+
- "crates/chio-kernel/src/kernel/mod.rs"
13+
- "crates/chio-guards/src"
14+
- "crates/chio-policy/src"
15+
imported_from: "(hand-seeded for v0.0.0-scaffold; will be overwritten by `make kb-migrate-seeds` against arc PR #599 seeds/graphiti/architecture-summary.json)"
16+
imported_at: "2026-05-07T00:00:00Z"
17+
---
18+
19+
# Chio architecture summary
20+
21+
Chio is a secure, attested tool access protocol. Agents are untrusted. The runtime kernel validates time-bounded capability tokens, runs guard and policy evaluation before tool calls cross trust boundaries, and signs append-only receipt records.
22+
23+
## Guidance
24+
25+
- Start with protocol and core type contracts before changing kernel behavior.
26+
- Use kb_brief_feature for major work because it combines code, docs, tests, graph impact, memory, and validation commands.
27+
- Repo files and current CI remain authoritative. The graph is retrieval support only.
28+
29+
<!-- HUMAN EDITS BELOW THIS LINE -->
30+
31+
> This file is hand-seeded to demonstrate the post-migration episode shape. Running `make kb-migrate-seeds` against arc on branch `codex/chio-kb-a-grade-dogfood` will overwrite this file and add a `seed_content_hash:` to the frontmatter (used by the migration script for idempotency). Any edits below this marker will be preserved across re-runs.
32+
>
33+
> The four worked specs that reference this episode by `graphiti-episode:` field:
34+
> - [[../spec/capability-revocation]]
35+
> - [[../spec/receipt-commitment]]
36+
> - [[../spec/guard-pipeline]]
37+
> - [[../spec/policy-compiler]]

vault/spec/policy-compiler.md

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
---
2+
id: spec.policy.compiler
3+
type: spec
4+
status: accepted
5+
chio-node: Policy
6+
crate: chio-policy
7+
supersedes: []
8+
related-specs:
9+
- spec.guard.pipeline
10+
related-receipts:
11+
- receipt.policy-compile
12+
- receipt.policy-eval
13+
related-guards: []
14+
graphiti-episode: episode.guard-policy-fail-closed
15+
related-diagrams: []
16+
owners:
17+
- "@connor"
18+
last-validated: 2026-05-07
19+
---
20+
21+
# Policy compiler
22+
23+
The deterministic compile-and-evaluate pipeline that turns Chio policy text into the rules each guard runs.
24+
25+
## Normative
26+
27+
> [!normative]
28+
> Policy text MUST compile to a deterministic evaluator before any policy is enforced. There is no interpretation at exercise time.
29+
30+
> [!normative]
31+
> Compilation MUST validate the policy against `spec/schemas/chio-policy/v1/policy.schema.json` before producing an evaluator. Schema-invalid policies fail compilation; **partial compilation is forbidden**.
32+
33+
> [!normative]
34+
> Compilation errors MUST be treated as kernel errors (not policy-author errors): the kernel REFUSES to use a policy that didn't compile cleanly. The kernel does NOT fall back to a previous policy automatically — operators MUST explicitly roll back.
35+
36+
> [!normative]
37+
> The compiled evaluator MUST be **pure**: no I/O, no clock reads, no random, no network. All inputs to a verdict are explicit arguments. (Replayability follows from purity.)
38+
39+
> [!normative]
40+
> Every successful compile MUST emit `receipt.policy-compile.<policy-id>` recording: source content hash, compiled artifact hash, kernel version, and the validation verdict.
41+
42+
> [!normative]
43+
> Every policy evaluation MUST emit `receipt.policy-eval.<exercise-id>` recording: matched rule id, verdict, the inputs the verdict depended on (hashed), and the timestamp.
44+
45+
## Why
46+
47+
> [!guard]
48+
> Fail-closed extends across the compile boundary. A policy that won't compile is treated like a kernel that won't boot — the system refuses to run rather than degrade silently.
49+
50+
The decision to make compilation a hard kernel-level failure (rather than a soft "use a fallback policy" graceful degrade) is recorded in [[../episodes/guard-policy-fail-closed]] and reflects three constraints:
51+
52+
1. **Policies are kernel-loaded artifacts.** Treating compile errors as kernel errors keeps the failure mode crisp: the kernel can refuse to boot with a broken policy file, the same way it refuses to boot with a broken config. The alternative ("use the last good policy") creates a covert channel for misbehavior — a kernel could intentionally publish a broken policy to revert to a stale one.
53+
2. **Evaluator purity is the foundation of audit.** A policy that consults the clock or network for its verdict can't be replayed; "the policy said deny at time X" becomes unfalsifiable. Every input to a verdict must be in the receipt.
54+
3. **Two receipt classes (compile + eval) keep the audit trail orthogonal.** Compile-time receipts prove **what policy was loaded**. Eval-time receipts prove **how it ruled**. Mixing them would conflate "the policy" with "the policy's decisions," and both audit questions are needed.
55+
56+
## Implements
57+
58+
- `chio_policy::compiler``crates/chio-policy/src/compiler.rs` (the compiler entry point)
59+
- `chio_policy::validate``crates/chio-policy/src/validate.rs` (schema validation)
60+
- `chio_policy::evaluate::engine``crates/chio-policy/src/evaluate/engine.rs` (the runtime evaluator)
61+
- `chio_policy::evaluate::matchers``crates/chio-policy/src/evaluate/matchers.rs` (predicate implementations consumed by the guard pipeline)
62+
- `chio_policy::models``crates/chio-policy/src/models.rs` (policy AST types)
63+
- `chio_policy::lib``crates/chio-policy/src/lib.rs` (public API)
64+
- Schema: `spec/schemas/chio-policy/v1/policy.schema.json`
65+
66+
## Tested by
67+
68+
- `crates/chio-policy/tests/compiler_validate.rs` — schema validation
69+
- `crates/chio-policy/tests/compiler_purity.rs` — evaluator purity (no I/O, no clock, no random)
70+
- `crates/chio-policy/tests/evaluator_e2e.rs` — full compile → evaluate flow
71+
- `tests/conformance/peers/*/test_policies.*` — SDK conformance
72+
73+
When changing the wire format under `spec/schemas/chio-policy/v1/`, prefer the SDK conformance tests over Rust unit tests.
74+
75+
## Operations
76+
77+
- [[../playbooks/release-qualification#gate-3--policy-compiler-validation]] — release-time validation that the candidate's policy schema accepts cleanly.
78+
- [[guard-pipeline]] — the **consumer** of compiled policies. The relationship is one-way: the policy compiler produces evaluators; the guard pipeline runs them. Compiled artifacts are immutable across guard executions.
79+
80+
## Open questions
81+
82+
- [ ] **Hot reload vs. kernel restart.** Today policy reloads require a kernel restart (so receipt streams cleanly cut over). Hot-reload would reduce latency but complicates the receipt chain — what's the precise compile receipt boundary if the kernel didn't restart? Pending an ADR.
83+
- [ ] **Policy versioning and rollback.** Operators can roll back to a previous policy by re-pointing the kernel at an earlier compiled artifact. Should the rollback itself be receipted? Likely yes — `receipt.policy-rollback` is a candidate. Open for ADR.
84+
- [ ] **Cross-issuer policy composition.** Mirror of cross-issuer revocation: if issuer A delegates to issuer B, can B's policies layer on top of A's? Today: no. Pending ADR alongside the cross-issuer revocation question.
85+
86+
## Staleness
87+
88+
> [!warning-staleness]
89+
> Last validated 2026-05-07. Re-validate against `crates/chio-policy/src/` and the `spec/schemas/chio-policy/v1/` schemas when those crates' major versions bump or when the schema changes.
90+
91+
The [[../_meta/queries/stale-specs|stale-specs query]] flags this when `last-validated:` is 90+ days behind today.
92+
93+
## Graph context
94+
95+
%% kb_neighbors: spec.policy.compiler depth=2 %%
96+
97+
## Lineage
98+
99+
Derived from the seed [[../episodes/guard-policy-fail-closed]] (migrated from arc PR #599's `seeds/graphiti/guard-policy-fail-closed.json` via `make kb-migrate-seeds`). The seed is shared with [[guard-pipeline]] — both specs are Chio-side surfaces of the same architectural commitment to fail-closed everywhere.

0 commit comments

Comments
 (0)