pi_agent_rust/docs/contracts/extension-resource-firewall-matrix-contract.json at main · chatek/pi_agent_rust · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{
  "schema": "pi.ext.resource_firewall_matrix_contract.v1",
  "evidence_schema": "pi.ext.resource_firewall_matrix.v1",
  "contract_version": "1.0.0",
  "bead_id": "bd-9yq7i.6",
  "purpose": "deterministic_extension_resource_firewall_matrix_not_runtime_mutation",
  "summary": "Defines the extension resource firewall matrix emitted by the deterministic extension stress fixture. The matrix enumerates extension resource classes, expected firewall actions, observed counters, denial modes, fallback behavior, payload redaction, hostcall cost attribution linkage, and peer-progress preservation.",
  "allowed_verdicts": [
    "pass",
    "fail"
  ],
  "required_top_level_keys": [
    "schema",
    "generated_at",
    "source_bead",
    "verdict",
    "source_boundary",
    "required_fixture_ids",
    "required_resource_classes",
    "hostcall_cost_connection",
    "matrix",
    "negative_controls",
    "operator_next_actions"
  ],
  "required_resource_classes": [
    "cheap_read_flood",
    "large_payload_emission",
    "denied_capability_churn",
    "slow_hostcall",
    "repeated_failure",
    "steady_peer_progress"
  ],
  "required_fixture_ids": [
    "cheap_read_flood_budget",
    "large_payload_emission_budget",
    "denied_capability_churn_budget",
    "slow_hostcall_timeout_budget",
    "repeated_failure_quarantine_budget",
    "steady_peer_progress_budget"
  ],
  "required_row_keys": [
    "fixture_id",
    "extension_id",
    "extension_role",
    "resource_class",
    "hostcall_class",
    "budget_name",
    "budget_units",
    "observed_units",
    "admission_decision",
    "denial_mode",
    "fallback_behavior",
    "peer_progress_preserved",
    "payload_body_redacted",
    "existing_capability_boundary_preserved",
    "source_hostcall_cost_role",
    "operator_log"
  ],
  "required_operator_log_keys": [
    "extension_role",
    "cost_class",
    "expected_action",
    "observed_counters"
  ],
  "required_negative_control_ids": [
    "missing_resource_counter",
    "missing_peer_progress",
    "unredacted_payload_body"
  ],
  "source_boundaries": [
    "The matrix is deterministic extension stress evidence only.",
    "It does not execute live extensions, weaken extension policy, mutate the production sandbox, or authorize benchmark/capacity/release-performance claims.",
    "It connects to existing hostcall cost attribution evidence and does not replace that ledger, runtime enforcement, RCH validation, Beads, Agent Mail, UBS, CI, or source files.",
    "Payload bodies must remain redacted; only byte counts and counters are allowed."
  ],
  "fail_closed_rules": [
    "Every required resource class and fixture id must be present.",
    "Every row must include non-empty operator logging and observed counters.",
    "Every row must preserve payload redaction, peer progress, and existing capability boundaries.",
    "Denied capability churn must remain DeniedByPolicy with zero policy grants added.",
    "Steady peer progress must remain admitted and meet the minimum peer progress budget.",
    "Negative controls for missing counters, missing peer progress, and unredacted payload bodies must be rejected."
  ]
}