Glossary

AI where governance occurs BEFORE execution, not after.

An architectural posture where every meaningful action must pass through a governance decision surface that emits an ALLOW / DENY / SAFE_HALT verdict before the runtime is permitted to act. Contrasts with post-hoc safety dashboards and approval workflows.

Controlled, signed shutdown of an execution path.

A first-class decision outcome (alongside ALLOW and DENY) emitted when the governance layer cannot adjudicate safely or when continuity invariants are violated. SAFE_HALT produces a signed audit receipt; it is never silent.

Six-tier classification of execution authority.

AC0 (read-only, sandboxed) through AC5 (irreversible real-world effects). Capability requests are bound to an AC tier; governance policies are tier-aware. Higher AC tiers require stricter intake and higher-quorum decisions.

Accumulated count of unverifiable claims an AI carries.

Quantitative score of how many of a system's emitted claims cannot be independently verified against signed artifacts. Rising admissibility debt is the leading indicator of trust collapse. See /admissibility-debt for the calculator.

Scoped, signed grant authorizing a specific execution path.

Issued only after a successful governance decision. Bound to an AC tier, a capability descriptor, an actor, and an expiry. Required at the runtime gate before execution proceeds.

Three-layer governance arbitration: Galahad · Cerberus · Codex Deus Maximus.

Galahad enforces ethical bounds; Cerberus enforces safety/security perimeter; Codex Deus Maximus is the consistency arbiter and final authority. A decision must satisfy all three layers to emit ALLOW.

Ethics layer of the Triumvirate.

Evaluates intents against the FourLaws ethical framework. Emits a Galahad verdict that feeds into the Triumvirate arbitration.

Safety / security perimeter layer.

Enforces capability bounds, policy compliance, and threat-model constraints. Includes the Cerberus-Codex bridge and GateGuardian wiring.

Consistency arbiter and final authority.

Reconciles Galahad and Cerberus verdicts, checks doctrinal consistency, and produces the signed final decision. Final authority means: no path bypasses Codex.

Runtime continuity and state verification gate.

Verifies that the current runtime state matches its last signed state. A mismatch triggers SAFE_HALT. Implemented via TSCG-B binary frame encoding.

Protocol / Sovereign Immune Architecture.

The composite architecture that combines Triumvirate, NIRL Cascade, STATE_REGISTER, and Universal Thirsty Family into an end-to-end execution-governed surface.

Thirsty's Symbolic Compression Grammar.

Symbolic expression layer for governance state encoding (e.g. COG → DNT → SHD). Sibling to the state encoder. CLI: tscg parse.

Binary frame codec for TSCG (CRC32 + SHA-256, 54-byte frame).

Binary serialization of TSCG expressions with cryptographic integrity. Used by STATE_REGISTER for fast continuity checks. CLI: tscgb roundtrip.

Compilation boundary that promotes vetted draft rules to runtime law.

Shadow rules are mutated, analyzed, and replayed offline. Only after invariant analysis passes can they be promoted to canonical, runtime-enforced rules. Implemented in T4 Shadow Thirst.

Governance-oriented DSL for expressing executable policy.

Lexer / parser / type-checker / interpreter / CLI. Validated against TARL boundary policies via thirsty_lang_validator. CLI: thirsty run <file.thirsty>.

Nested Intention-Response Loop runtime engine.

Composed of Heart (global tick), MiniBrain (section controller), Antibody (single-lifecycle escort), and Forge (HMAC-SHA256 purification). Enforces single-lifecycle integrity per execution intent.

Append-only, hash-chained, TSA-timestamped record of every decision.

Each receipt carries prev_hash, receipt_hash, signature, public_key_id, and policy_version. No update or delete permitted. See /ledger and /verify.

Absence of a positive decision is a denial.

If governance does not emit ALLOW, the runtime does not execute. There are no trusted shortcuts, side paths, or fallback execution paths.