Skip to content

LalaSkye/commit-gate-core

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
docs
docs
 
 
examples
examples
 
 
src/commit_gate_core
src/commit_gate_core
 
 
tests
tests
 
 
README.md
README.md
 
 
RELEASE_NOTES.md
RELEASE_NOTES.md
 
 

Repository files navigation

Commit Gate Core

New to this work? Start here: https://github.com/LalaSkye/start-here

Reference kernel for execution-boundary governance.

Commit Gate Core stops unauthorised consequences before execution.

Most governance systems review decisions after consequences happen.
This repo demonstrates a smaller, harder control surface:

No state mutation is allowed unless a signed, scoped, unexpired, unreplayed DecisionRecord authorises the exact commit.

If authority, scope, expiry, replay, or receipt checks fail, the action does not run.

The proof is the failed execution path.

Scope and limitations

This repository demonstrates a path-local commit gate.

It enforces a single invariant at the boundary it sits on:

No consequence at this commit boundary without a valid signed, scoped, unexpired, unreplayed DecisionRecord — payload-bound, proof-bound, atomic commit.

This is the path-local invariant. It is what the code in this repository implements and tests.

What this gate does not, by itself, prove

The path-universal invariant is stronger:

No consequence is reachable without passing a proof-bound, payload-bound, atomic commit boundary across all paths.

Achieving the path-universal invariant is an architectural placement question, not a gate-implementation claim. It requires:

  • routing every reachable path to a consequence through a gate of this kind
  • exclusion or explicit out-of-scope marking of alternate routes, including:
    • human review handoffs
    • downstream agent execution
    • asynchronous side channels
    • bypass paths created by retries, rollbacks, or recovery flows
  • system-level evidence that the routing holds

This repository does not make the path-universal claim.

Reading guide

  • If you want to inspect the gate primitive: read cmd/, internal/gate/, and the test suite.
  • If you want to evaluate path-universal coverage in a real system: that is a deployment-architecture review, not a code review of this repo.

Execution Boundary Test v1

Use the test to check whether a system can physically stop consequence at the point an action would become real.

See: docs/execution-boundary-test-v1.md

Core question:

Where does the system physically stop?

PASS: The action cannot execute without valid proof.

FAIL: The action still reaches consequence.

Try it in 30 seconds

git clone https://github.com/LalaSkye/commit-gate-core.git
cd commit-gate-core
python -m examples.unsafe_email_send

Expected output:

Result: HOLD
Email sent: false
Receipt written: true

If the email sends, the gate is broken.

The demo

Attempt:        send external email
DecisionRecord: missing authority
Result:         HOLD
Email sent:     false
Receipt written: true

That is the shape.

The system refuses the unsafe state change before execution and writes a receipt proving why.

What this repo proves

  • Unsafe consequence can be refused before execution.
  • Missing authority prevents mutation.
  • Refusal can produce an auditable receipt.
  • Bypass failure can be tested directly.

This is not governance commentary.

It is a small enforcement primitive.

Boundary

This repo does not claim to be a full AI governance system.

It proves one narrow invariant:

This path cannot execute without a valid DecisionRecord.

The invariant is deliberately small so it can be inspected, tested, and broken under hostile reading.

This repository does not prove adoption, certification, standardisation, or production readiness.

It demonstrates a bounded execution-control surface that can be run, inspected, and tested.

Core rule

A valid DecisionRecord must be:

  • signed
  • scoped to the exact commit
  • within its validity window
  • unreplayed
  • sufficient for the requested mutation

Failure at any check produces HOLD.

No silent continuation.

Evidence shape

A useful governance gate must show:

  1. what action was attempted
  2. what proof was required
  3. which check failed
  4. whether execution occurred
  5. what receipt was written

For this demo, the answer is simple:

Execution occurred: false
Receipt written:    true
Verdict:            HOLD

Status

v0.1 — one invariant, hard-enforced.

Small surface. Clear failure mode. Receipts over reassurance.

Working paper

From Policy to Commit: Execution-Boundary Control for Governed AI Systems

Citation

Jones, R. D. (2026). From Policy to Commit: Execution-Boundary Control for Governed AI Systems (v0.1). Zenodo. https://doi.org/10.5281/zenodo.19980275

License

MIT. Use it. Break it. Tell me how.

About

Runtime commit gate for AI governance: no mutation without a valid DecisionRecord.

Topics

python policy-enforcement ai-governance auditability fail-closed runtime-governance execution-boundary

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages