d803bfe2b1
git-subtree-dir: vendor/ruvector git-subtree-split: b64c21726f2bb37286d9ee36a7869fef60cc6900
1.2 KiB
1.2 KiB
ADR-CE-005: First-Class Governance Objects
Status: Accepted Date: 2026-01-22 Parent: ADR-014 Coherence Engine Architecture
Context
Governance decisions (thresholds, policies, approvals) must be:
- Versioned and traceable
- Signed by authorized parties
- Immutable once approved
- Addressable for reference in witnesses
Decision
Governance objects are first-class, immutable, addressable.
Three governance object types:
-
PolicyBundle: Versioned threshold configurations
- Signed by required approvers
- Content-addressed (ID = hash of contents)
- Immutable once created
-
WitnessRecord: Proof of gate decisions
- Links to PolicyBundle used
- Chains to previous witness (hash chain)
- Content-addressed
-
LineageRecord: Provenance of writes
- Links to authorizing witness
- Tracks causal dependencies
- Enables "why did this change?" queries
Consequences
Benefits
- Complete audit trail for compliance
- Multi-party approval for sensitive changes
- Content addressing prevents substitution attacks
Risks
- Cannot modify bad policies (must create new version)
- Storage overhead for immutable objects
References
- ADR-014: Coherence Engine Architecture, Section 4