Policy is now "society's law" - not just configuration, but a hash-tracked,
witnessable entity in the trust network.
Key changes:
- PolicyEntity class with hash-identified entityId (policy:<name>:<version>:<hash>)
- PolicyRegistry for registration and witnessing
- Policy evaluation with rate limiting integration
- Session witnesses policy at initialization
- Policy witnesses tool decisions in after_tool_call
- R6 records include policyEntityId in rules field
- CLI command: `moltbot policy entities` to list registered policies
- 26 new tests for PolicyEntity (177 total tests passing)
The witnessing flow:
1. Session start → register policy entity → session witnesses policy
2. Tool call → policy evaluates decision → policy witnesses outcome
3. Bidirectional trust accumulation in the witnessing chain
Co-authored-by: dp-web4 <dp@metalinxx.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Four features to complete the open-source governance tier:
1. Policy Presets (presets.ts): Built-in rule sets (permissive, safety,
strict, audit-only) users can reference by name. Merge order:
preset defaults → top-level overrides → additional rules appended.
2. Rate Limiting (rate-limiter.ts): Sliding window counters per key
(tool or category). RateLimiter integrated into PolicyEngine —
rate limit rules only match when threshold exceeded within window.
Memory-only, resets on session restart.
3. Audit Query (audit.ts filter()): Filter audit records by tool,
category, status, target pattern (glob), time range (ISO or
relative like "1h"), and limit. CLI: moltbot audit query.
4. Audit Reporter (reporter.ts): Aggregates audit data into tool stats,
category breakdown, policy decisions, error summaries, and
per-minute timeline. Text and JSON output formats.
All wired into index.ts with CLI commands (policy presets, audit query,
audit report) and plugin.json schema updated with preset field.
151 tests pass across 9 test files.
Co-authored-by: dp-web4 <dp@metalinxx.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* Add policy engine to web4-governance (Tier 1.5)
Configurable rule-based pre-action gating via before_tool_call hook.
Rules match by tool name, category, and target pattern (glob/regex).
Decisions (allow/deny/warn) enforced or dry-run, recorded in R6 constraints.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add policy admin CLI: status, rules, test commands
* Add README and update ARCHITECTURE.md for Tier 1.5 policy engine
---------
Co-authored-by: dp-web4 <dp@metalinxx.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Adds a governance extension that creates verifiable audit trails for
agent tool usage using the R6 framework (Rules+Role+Request+Reference+
Resource→Result). Uses the typed after_tool_call hooks wired in #1
to capture every tool invocation with provenance, timing, and
hash-linked chain integrity.
Includes:
- R6 request framework with tool classification
- Hash-linked JSONL audit chain with verification
- Software-bound session identity tokens (Soft LCT)
- Session state tracking with tool/category counts
- CLI commands: audit summary, audit verify, audit last
- 39 unit tests across all modules
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>