Governance Kernel · Validation Status · AUTHREX Systems

News Part of the AUTHREX Application Set: one Kernel architecture, six application profiles
VIEWING 01 / 01GOVERNANCE KERNELAUTHREX SYSTEMS
[ Governance Kernel ]

Agents Get Authority Tiers, Not Admin Keys.

AUTHREX Governance Kernel is a Docker-verified, synthetic-data MVP prepared for structured external technical review. It demonstrates agent authority-tier enforcement, human approval gating, signed audit evidence, reviewer packet export, latency/load testing, and ledger tamper detection. No operational validation or agency endorsement is claimed.

[ POSITION IN THE ARCHITECTURE ]

The Governance Kernel is the core runtime decision and enforcement engine of the AUTHREX program. It calculates and enforces authority. A mission-authority continuity profile currently in design will carry that authority through disconnected operations; it is part of the Kernel architecture, not a parallel product line. The Kernel bounds and records authorized behavior at its enforcement point. Its guarantees depend on placement, platform integrity, protected keys, and the integrity of downstream actuation paths.

[ Validation Status · QA10 ]
FINAL CODE ARTIFACTQA10 closed the internal QA sequence after repeated structured review passes. The current internal QA cycle is complete. Independent external reproduction and adversarial review are the next evidence priorities.FINAL
LOCAL INSTALLPython 3.11 fast install path completed on a clean environment.PASS
DOCKER BUILD (MAC)Built on Docker Desktop for Mac after adding .venv/, venv/, env/, and ENV/ to .dockerignore.PASS
DOCKER DEMO RUNContainerized demo executed end to end as an unprivileged runtime user.PASS
DOCKER TEST SUITEpytest inside a python:3.11-slim container, package v1.0-QA10, July 2026: 83 passed, 1 skipped (environment-dependent) across 53 test functions; archive hash recorded in the internal QA log. Site claim pending external reproduction.PASS
ALPHA DEMOReal HTTP agent-to-proxy-to-tool governance: requests are gated by authority tier before any tool executes.DEMO
MVP DEMOReal MCP SDK governance with a human approval queue, RBAC-enabled localhost web UI, signed audit evidence, reviewer packet export, loopback latency measurement, and sustained concurrent-load testing.DEMO
LEDGER VERIFICATIONTamper detection distinguishes clean ledgers, forged records, and tail truncation on the checkpointed hash-chain.PASS
[ PUBLIC RELEASE STATUS ]

The public GitHub release is pending counsel review. The next step is a structured handoff to an external technical reviewer. Source access is by request only while counsel review is pending.

[ DISCLAIMER ]

AUTHREX is a synthetic-data, defense-relevant AI governance and assurance research system. It is not an operational defense product, a deployed system, or an agency-validated technology. All results are from synthetic scenarios on self-generated test suites. No operational validation is claimed. No agency endorsement is claimed.

[ FOR REVIEWERS ]

The current package demonstrates MCP-based agent tool governance, authority-tier enforcement, human approval gating with RBAC, signed policy loading, checkpointed audit evidence, reviewer report export, loopback latency measurement, sustained concurrent-load testing, resumable full validation, and internally tested ledger tamper detection in the stated package and test environment. The self-generated suite passes its full test set with zero unauthorized privileged executions in synthetic scenarios.

[ Source Access · By Request ]

Source access is available only for structured external technical review while counsel review is pending. The review package is not publicly hosted. Qualified reviewers may request access directly.

authrex_kernel/ · tests/ (53 test functions) · harness/ · docs/EXTERNAL-REVIEWER-PACKET.md · demo_alpha.py · demo_mvp.py · Dockerfile · install.sh · VALIDATION-REPORT.md · CHANGELOG.md

Request review access