316 lines
8.5 KiB
Markdown
316 lines
8.5 KiB
Markdown
# VaultMesh Engine Specifications
|
|
|
|
## Receipt Types by Scroll
|
|
|
|
### Drills
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `security_drill_run` | Drill completed |
|
|
|
|
### Compliance
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `oracle_answer` | Compliance question answered |
|
|
|
|
### Guardian
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `anchor_success` | Anchor cycle succeeded |
|
|
| `anchor_failure` | Anchor cycle failed |
|
|
| `anchor_divergence` | Root mismatch detected |
|
|
|
|
### Treasury
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `treasury_credit` | Credit entry recorded |
|
|
| `treasury_debit` | Debit entry recorded |
|
|
| `treasury_settlement` | Multi-party settlement completed |
|
|
| `treasury_reconciliation` | Periodic balance verification |
|
|
|
|
### Mesh
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `mesh_node_join` | Node registered |
|
|
| `mesh_node_leave` | Node deregistered |
|
|
| `mesh_route_change` | Route added/removed/modified |
|
|
| `mesh_capability_grant` | Capability granted |
|
|
| `mesh_capability_revoke` | Capability revoked |
|
|
| `mesh_topology_snapshot` | Periodic topology capture |
|
|
|
|
### OffSec
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `offsec_incident` | Incident closed |
|
|
| `offsec_redteam` | Red team engagement closed |
|
|
| `offsec_vuln_discovery` | Vulnerability confirmed |
|
|
| `offsec_remediation` | Remediation verified |
|
|
| `offsec_threat_intel` | New IOC/TTP added |
|
|
| `offsec_forensic_snapshot` | Forensic capture taken |
|
|
|
|
### Identity
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `identity_did_create` | New DID registered |
|
|
| `identity_did_rotate` | Key rotation completed |
|
|
| `identity_credential_issue` | Credential issued |
|
|
| `identity_credential_revoke` | Credential revoked |
|
|
| `identity_auth_event` | Authentication attempt |
|
|
| `identity_capability_grant` | Capability granted |
|
|
| `identity_capability_exercise` | Capability used |
|
|
|
|
### Observability
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `obs_metric_anomaly` | Anomaly detected/resolved |
|
|
| `obs_log_alert` | Log-based alert triggered |
|
|
| `obs_trace_summary` | Critical operation traced |
|
|
| `obs_health_snapshot` | Daily health capture |
|
|
| `obs_slo_breach` | SLO target missed |
|
|
| `obs_capacity_event` | Resource threshold crossed |
|
|
|
|
### Automation
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `auto_workflow_run` | Workflow execution completed |
|
|
| `auto_scheduled_task` | Scheduled task executed |
|
|
| `auto_agent_action` | Agent took action |
|
|
| `auto_trigger_event` | External trigger received |
|
|
| `auto_approval_gate` | Approval gate resolved |
|
|
| `auto_error_recovery` | Error recovery completed |
|
|
|
|
### PsiField
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `psi_phase_transition` | Phase change |
|
|
| `psi_emergence_event` | Emergent behavior detected |
|
|
| `psi_transmutation` | Negative → capability transform |
|
|
| `psi_resonance` | Cross-system synchronization |
|
|
| `psi_integration` | Learning crystallized |
|
|
| `psi_oracle_insight` | Significant Oracle insight |
|
|
|
|
### Federation
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `fed_trust_proposal` | Trust proposal submitted |
|
|
| `fed_trust_established` | Federation agreement active |
|
|
| `fed_trust_revoked` | Federation terminated |
|
|
| `fed_witness_event` | Remote root witnessed |
|
|
| `fed_cross_anchor` | Remote root included in anchor |
|
|
| `fed_schema_sync` | Schema versions synchronized |
|
|
|
|
### Governance
|
|
| Type | When Emitted |
|
|
|------|--------------|
|
|
| `gov_proposal` | Proposal submitted |
|
|
| `gov_vote` | Vote cast |
|
|
| `gov_ratification` | Proposal ratified |
|
|
| `gov_amendment` | Constitution amended |
|
|
| `gov_executive_order` | Executive order issued |
|
|
| `gov_violation` | Violation detected |
|
|
| `gov_enforcement` | Enforcement action taken |
|
|
|
|
---
|
|
|
|
## Engine Contract Templates
|
|
|
|
### Treasury Settlement Contract
|
|
```json
|
|
{
|
|
"settlement_id": "settle-YYYY-MM-DD-NNN",
|
|
"title": "Settlement Title",
|
|
"initiated_by": "did:vm:node:portal-01",
|
|
"initiated_at": "ISO8601",
|
|
"parties": ["did:vm:node:...", "did:vm:node:..."],
|
|
"entries": [
|
|
{
|
|
"entry_id": "entry-NNN",
|
|
"type": "debit|credit",
|
|
"account": "acct:vm:node:...:type",
|
|
"amount": 0.00,
|
|
"currency": "EUR",
|
|
"memo": "Description"
|
|
}
|
|
],
|
|
"requires_signatures": ["node-id", "node-id"],
|
|
"settlement_type": "inter_node_resource|vendor_payment|..."
|
|
}
|
|
```
|
|
|
|
### Mesh Change Contract
|
|
```json
|
|
{
|
|
"change_id": "mesh-change-YYYY-MM-DD-NNN",
|
|
"title": "Change Title",
|
|
"initiated_by": "did:vm:node:portal-01",
|
|
"initiated_at": "ISO8601",
|
|
"change_type": "node_expansion|route_update|...",
|
|
"operations": [
|
|
{
|
|
"op_id": "op-NNN",
|
|
"operation": "node_join|route_add|capability_grant|...",
|
|
"target": "did:vm:node:...",
|
|
"config": {}
|
|
}
|
|
],
|
|
"requires_approval": ["node-id"],
|
|
"rollback_on_failure": true
|
|
}
|
|
```
|
|
|
|
### OffSec Incident Contract
|
|
```json
|
|
{
|
|
"case_id": "INC-YYYY-MM-NNN",
|
|
"case_type": "incident",
|
|
"title": "Incident Title",
|
|
"severity": "critical|high|medium|low",
|
|
"created_at": "ISO8601",
|
|
"phases": [
|
|
{
|
|
"phase_id": "phase-N-name",
|
|
"name": "Triage|Containment|Eradication|Recovery",
|
|
"objectives": ["..."],
|
|
"checklist": ["..."]
|
|
}
|
|
],
|
|
"assigned_responders": ["did:vm:human:..."],
|
|
"escalation_path": ["..."]
|
|
}
|
|
```
|
|
|
|
### Identity Operation Contract
|
|
```json
|
|
{
|
|
"operation_id": "idop-YYYY-MM-DD-NNN",
|
|
"operation_type": "key_rotation_ceremony|...",
|
|
"title": "Operation Title",
|
|
"initiated_by": "did:vm:human:...",
|
|
"initiated_at": "ISO8601",
|
|
"target_did": "did:vm:node:...",
|
|
"steps": [
|
|
{
|
|
"step_id": "step-N-name",
|
|
"action": "action_name",
|
|
"params": {}
|
|
}
|
|
],
|
|
"rollback_on_failure": true
|
|
}
|
|
```
|
|
|
|
### Transmutation Contract
|
|
```json
|
|
{
|
|
"transmutation_id": "psi-transmute-YYYY-MM-DD-NNN",
|
|
"title": "Transmutation Title",
|
|
"initiated_by": "did:vm:human:...",
|
|
"initiated_at": "ISO8601",
|
|
"input_material": {
|
|
"type": "security_incident|vulnerability|...",
|
|
"reference": "INC-YYYY-MM-NNN"
|
|
},
|
|
"target_phase": "citrinitas",
|
|
"transmutation_steps": [
|
|
{
|
|
"step_id": "step-N-name",
|
|
"name": "Step Name",
|
|
"action": "action_name",
|
|
"expected_output": "output_path"
|
|
}
|
|
],
|
|
"witnesses_required": ["node-id", "node-id"],
|
|
"success_criteria": {}
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
## State Machine Transitions
|
|
|
|
### Settlement Status
|
|
```
|
|
draft → pending_signatures → executing → completed
|
|
↘ disputed → resolved → completed
|
|
↘ expired
|
|
```
|
|
|
|
### Incident Status
|
|
```
|
|
reported → triaging → investigating → contained → eradicating → recovered → closed
|
|
↘ false_positive → closed
|
|
```
|
|
|
|
### Mesh Change Status
|
|
```
|
|
draft → pending_approval → in_progress → completed
|
|
↘ partial_failure → rollback → rolled_back
|
|
↘ failed → rollback → rolled_back
|
|
```
|
|
|
|
### Alchemical Phase
|
|
```
|
|
nigredo → albedo → citrinitas → rubedo
|
|
↑ │
|
|
└──────────────────────────────┘
|
|
(cycle continues)
|
|
```
|
|
|
|
---
|
|
|
|
## Capability Types
|
|
|
|
| Capability | Description | Typical Holders |
|
|
|------------|-------------|-----------------|
|
|
| `anchor` | Submit roots to anchor backends | Guardian nodes |
|
|
| `storage` | Store receipts and artifacts | Infrastructure nodes |
|
|
| `compute` | Execute drills, run agents | BRICK nodes |
|
|
| `oracle` | Issue compliance answers | Oracle nodes |
|
|
| `admin` | Grant/revoke capabilities | Portal, Sovereign |
|
|
| `federate` | Establish cross-mesh trust | Portal |
|
|
|
|
---
|
|
|
|
## Trust Levels (Federation)
|
|
|
|
| Level | Name | Description |
|
|
|-------|------|-------------|
|
|
| 0 | `isolated` | No federation |
|
|
| 1 | `observe` | Read-only witness |
|
|
| 2 | `verify` | Mutual verification |
|
|
| 3 | `attest` | Cross-attestation |
|
|
| 4 | `integrate` | Shared scrolls |
|
|
|
|
---
|
|
|
|
## Account Types (Treasury)
|
|
|
|
| Type | Purpose |
|
|
|------|---------|
|
|
| `operational` | Day-to-day infrastructure spend |
|
|
| `reserve` | Long-term holdings, runway |
|
|
| `escrow` | Held pending settlement |
|
|
| `external` | Counterparty accounts |
|
|
|
|
---
|
|
|
|
## Node Types (Mesh)
|
|
|
|
| Type | Purpose |
|
|
|------|---------|
|
|
| `infrastructure` | BRICK servers, compute |
|
|
| `edge` | Mobile devices, field endpoints |
|
|
| `oracle` | Compliance oracle instances |
|
|
| `guardian` | Dedicated anchor/sentinel |
|
|
| `external` | Federated nodes |
|
|
|
|
---
|
|
|
|
## Severity Levels
|
|
|
|
| Level | Description |
|
|
|-------|-------------|
|
|
| `critical` | Active breach, data exfiltration |
|
|
| `high` | Confirmed attack, potential breach |
|
|
| `medium` | Suspicious activity, policy violation |
|
|
| `low` | Anomaly, informational |
|