john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/docs/GOVERNANCE-RULE-LIBRARY.md
TheFlow ac2db33732 fix(submissions): restructure Economist package and fix article display 
- Create Economist SubmissionTracking package correctly:
  * mainArticle = full blog post content
  * coverLetter = 216-word SIR— letter
  * Links to blog post via blogPostId
- Archive 'Letter to The Economist' from blog posts (it's the cover letter)
- Fix date display on article cards (use published_at)
- Target publication already displaying via blue badge

Database changes:
- Make blogPostId optional in SubmissionTracking model
- Economist package ID: 68fa85ae49d4900e7f2ecd83
- Le Monde package ID: 68fa2abd2e6acd5691932150

Next: Enhanced modal with tabs, validation, export

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-24 08:47:42 +13:00

19 KiB
Raw Blame History

Tractatus Framework - Governance Rule Library

Document Type: Implementation Reference Created: 2025-10-11 Audience: Implementers, Developers Status: Public

Purpose

This library provides 10 real-world governance rule examples to help implementers understand how the Tractatus framework classifies, validates, and enforces instructions across different project contexts.

Use Cases:

  • Understanding quadrant classification
  • Learning persistence level assignment
  • Implementing rule validation systems
  • Building governance-aware AI assistants
  • Testing boundary enforcement logic

JSON Schema

All governance rules follow this schema:

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "GovernanceRule",
  "type": "object",
  "required": ["id", "text", "quadrant", "persistence", "temporal_scope", "active"],
  "properties": {
    "id": {
      "type": "string",
      "pattern": "^inst_[0-9]+$",
      "description": "Unique identifier (inst_001, inst_002, etc.)"
    },
    "text": {
      "type": "string",
      "minLength": 10,
      "maxLength": 2000,
      "description": "The instruction text in imperative form"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time",
      "description": "ISO 8601 timestamp when instruction was created"
    },
    "quadrant": {
      "type": "string",
      "enum": ["STRATEGIC", "OPERATIONAL", "TACTICAL", "SYSTEM", "STOCHASTIC"],
      "description": "Tractatus classification quadrant"
    },
    "persistence": {
      "type": "string",
      "enum": ["HIGH", "MEDIUM", "LOW", "VARIABLE"],
      "description": "How long this instruction should persist"
    },
    "temporal_scope": {
      "type": "string",
      "enum": ["PERMANENT", "PROJECT", "PHASE", "SESSION", "TRANSIENT"],
      "description": "Temporal longevity of the instruction"
    },
    "verification_required": {
      "type": "string",
      "enum": ["MANDATORY", "REQUIRED", "OPTIONAL", "NONE"],
      "description": "Level of human oversight required"
    },
    "explicitness": {
      "type": "number",
      "minimum": 0.0,
      "maximum": 1.0,
      "description": "How explicit/clear the instruction is (0.0-1.0)"
    },
    "source": {
      "type": "string",
      "enum": ["user", "system", "framework_default", "migration", "automated"],
      "description": "Origin of the instruction"
    },
    "session_id": {
      "type": "string",
      "description": "Session that created this instruction"
    },
    "parameters": {
      "type": "object",
      "description": "Extracted parameters (ports, paths, configs, etc.)"
    },
    "active": {
      "type": "boolean",
      "description": "Whether this instruction is currently enforced"
    },
    "notes": {
      "type": "string",
      "description": "Context, rationale, or incident details"
    }
  }
}

Example 1: SYSTEM Quadrant - Database Configuration

Context: Infrastructure setup during project initialization

{
  "id": "inst_001",
  "text": "MongoDB runs on port 27017 for project_db database",
  "timestamp": "2025-01-15T14:00:00Z",
  "quadrant": "SYSTEM",
  "persistence": "HIGH",
  "temporal_scope": "PROJECT",
  "verification_required": "MANDATORY",
  "explicitness": 0.90,
  "source": "user",
  "session_id": "2025-01-15-initial-setup",
  "parameters": {
    "port": "27017",
    "database": "project_db",
    "service": "mongodb"
  },
  "active": true,
  "notes": "Infrastructure decision from project initialization"
}

Why SYSTEM? Defines infrastructure/environment configuration Why HIGH persistence? Core infrastructure rarely changes Why MANDATORY verification? Database changes affect entire system

Example 2: STRATEGIC Quadrant - Project Isolation

Context: Preventing code/data contamination between projects

{
  "id": "inst_003",
  "text": "This is a separate project from project_alpha and project_beta - no shared code or data",
  "timestamp": "2025-01-15T14:00:00Z",
  "quadrant": "STRATEGIC",
  "persistence": "HIGH",
  "temporal_scope": "PERMANENT",
  "verification_required": "MANDATORY",
  "explicitness": 0.95,
  "source": "user",
  "session_id": "2025-01-15-initial-setup",
  "parameters": {},
  "active": true,
  "notes": "Critical project isolation requirement"
}

Why STRATEGIC? Defines project mission and scope boundaries Why PERMANENT? Fundamental project constraint Why HIGH persistence? Violating this would compromise integrity

Example 3: STRATEGIC Quadrant - Quality Standards

Context: Setting quality expectations for all development work

{
  "id": "inst_004",
  "text": "No shortcuts, no placeholder data, production-quality code required",
  "timestamp": "2025-01-15T14:00:00Z",
  "quadrant": "STRATEGIC",
  "persistence": "HIGH",
  "temporal_scope": "PERMANENT",
  "verification_required": "MANDATORY",
  "explicitness": 0.88,
  "source": "user",
  "session_id": "2025-01-15-initial-setup",
  "parameters": {},
  "active": true,
  "notes": "Quality standard for all work"
}

Why STRATEGIC? Defines values and quality philosophy Why PERMANENT? Core project principle Why HIGH persistence? Applies to every development decision

Example 4: OPERATIONAL Quadrant - Framework Usage

Context: Requiring active use of governance framework in all sessions

{
  "id": "inst_007",
  "text": "Use Tractatus governance framework actively in all sessions",
  "timestamp": "2025-01-20T09:15:00Z",
  "quadrant": "OPERATIONAL",
  "persistence": "HIGH",
  "temporal_scope": "PROJECT",
  "verification_required": "MANDATORY",
  "explicitness": 0.98,
  "source": "user",
  "session_id": "2025-01-20-governance-activation",
  "parameters": {
    "components": ["pressure_monitor", "classifier", "cross_reference", "boundary_enforcer"],
    "verbosity": "summary"
  },
  "active": true,
  "notes": "Framework activation - required for all sessions"
}

Why OPERATIONAL? Defines how work should be done Why HIGH persistence? Process requirement for entire project Why MANDATORY verification? Framework failures must be caught

Example 5: SYSTEM Quadrant - Security Policy (CSP)

Context: Preventing Content Security Policy violations

{
  "id": "inst_008",
  "text": "ALWAYS comply with Content Security Policy (CSP) - no inline event handlers, no inline scripts",
  "timestamp": "2025-01-22T19:30:00Z",
  "quadrant": "SYSTEM",
  "persistence": "HIGH",
  "temporal_scope": "PERMANENT",
  "verification_required": "MANDATORY",
  "explicitness": 1.0,
  "source": "user",
  "session_id": "2025-01-22-security-audit",
  "parameters": {
    "csp_policy": "script-src 'self'",
    "violations_forbidden": ["onclick", "onload", "inline-script", "javascript:"],
    "alternatives_required": ["addEventListener", "external-scripts"]
  },
  "active": true,
  "notes": "CRITICAL SECURITY REQUIREMENT - Framework should catch CSP violations before deployment"
}

Why SYSTEM? Security configuration constraint Why PERMANENT? Security requirements don't expire Why MANDATORY verification? CSP violations break production

Example 6: TACTICAL Quadrant - Temporary Deferral

Context: Deferring non-critical features to later phases

{
  "id": "inst_009",
  "text": "Defer email services and payment processing to Phase 2",
  "timestamp": "2025-01-25T00:00:00Z",
  "quadrant": "TACTICAL",
  "persistence": "MEDIUM",
  "temporal_scope": "SESSION",
  "verification_required": "OPTIONAL",
  "explicitness": 0.95,
  "source": "user",
  "session_id": "2025-01-25-phase-1-focus",
  "parameters": {
    "deferred_tasks": ["email_service", "payment_processing"]
  },
  "active": true,
  "notes": "Prioritization directive - focus on core features first"
}

Why TACTICAL? Specific implementation prioritization Why MEDIUM persistence? Only relevant for current phase Why SESSION scope? May change in next session based on progress

Example 7: STRATEGIC Quadrant - Honesty Requirement (inst_016)

Context: Preventing fabricated statistics in public content

{
  "id": "inst_016",
  "text": "NEVER fabricate statistics, cite non-existent data, or make claims without verifiable evidence. ALL statistics, ROI figures, performance metrics, and quantitative claims MUST either cite sources OR be marked [NEEDS VERIFICATION] for human review.",
  "timestamp": "2025-02-01T00:00:00Z",
  "quadrant": "STRATEGIC",
  "persistence": "HIGH",
  "temporal_scope": "PERMANENT",
  "verification_required": "MANDATORY",
  "explicitness": 1.0,
  "source": "user",
  "session_id": "2025-02-01-content-standards",
  "parameters": {
    "prohibited_actions": ["fabricating_statistics", "inventing_data", "citing_non_existent_sources"],
    "required_for_statistics": ["source_citation", "verification_flag", "human_approval"],
    "applies_to": ["marketing_content", "public_pages", "documentation", "presentations"],
    "boundary_enforcer_trigger": "ANY statistic or quantitative claim",
    "failure_mode": "Values violation - honesty and transparency"
  },
  "active": true,
  "notes": "CRITICAL VALUES REQUIREMENT - Learned from framework failure where AI fabricated statistics"
}

Why STRATEGIC? Core values (honesty, transparency) Why PERMANENT? Fundamental ethical constraint Why MANDATORY verification? Fabricated data destroys credibility

Example 8: STRATEGIC Quadrant - Absolute Assurance Detection (inst_017)

Context: Preventing unrealistic guarantees in public claims

{
  "id": "inst_017",
  "text": "NEVER use prohibited absolute assurance terms: 'guarantee', 'guaranteed', 'ensures 100%', 'eliminates all', 'never fails'. Use evidence-based language: 'designed to reduce', 'helps mitigate', 'reduces risk of'.",
  "timestamp": "2025-02-01T00:00:00Z",
  "quadrant": "STRATEGIC",
  "persistence": "HIGH",
  "temporal_scope": "PERMANENT",
  "verification_required": "MANDATORY",
  "explicitness": 1.0,
  "source": "user",
  "session_id": "2025-02-01-content-standards",
  "parameters": {
    "prohibited_terms": ["guarantee", "guaranteed", "ensures 100%", "eliminates all", "never fails", "always works"],
    "approved_alternatives": ["designed to reduce", "helps mitigate", "reduces risk of", "intended to minimize"],
    "boundary_enforcer_trigger": "ANY absolute assurance language",
    "replacement_required": true
  },
  "active": true,
  "notes": "CRITICAL VALUES REQUIREMENT - No AI safety framework can guarantee outcomes"
}

Why STRATEGIC? Values (honesty, realistic expectations) Why PERMANENT? Fundamental communication constraint Why MANDATORY verification? False guarantees undermine trust

Example 9: OPERATIONAL Quadrant - Context Monitoring Enhancement

Context: Improving session pressure detection

{
  "id": "inst_019",
  "text": "ContextPressureMonitor MUST account for total context window consumption, not just response token counts. Tool results (file reads, grep outputs) can consume massive context. Track: response tokens, user messages, tool result sizes, system overhead.",
  "timestamp": "2025-02-05T23:45:00Z",
  "quadrant": "OPERATIONAL",
  "persistence": "HIGH",
  "temporal_scope": "PROJECT",
  "verification_required": "MANDATORY",
  "explicitness": 1.0,
  "source": "user",
  "session_id": "2025-02-05-monitoring-enhancement",
  "parameters": {
    "current_limitation": "underestimates_actual_context",
    "missing_metrics": ["tool_result_sizes", "system_prompt_overhead", "function_schema_overhead"],
    "required_tracking": {
      "response_tokens": "current tracking",
      "user_messages": "current tracking",
      "tool_results": "NEW - size estimation needed",
      "system_overhead": "NEW - approximate 5k tokens"
    },
    "enhancement_phase": ["Phase 4", "Phase 6"],
    "priority": "MEDIUM"
  },
  "active": true,
  "notes": "Framework improvement - current monitor underestimates actual context consumption"
}

Why OPERATIONAL? Process improvement directive Why HIGH persistence? Applies until enhancement implemented Why PROJECT scope? Specific to this project's monitoring

Example 10: SYSTEM Quadrant - Deployment Permissions

Context: Preventing file permission errors in web deployments

{
  "id": "inst_020",
  "text": "Web application deployments MUST ensure correct file permissions before going live. Public-facing directories need 755 permissions (world-readable+executable), static files need 644 permissions (world-readable).",
  "timestamp": "2025-02-10T02:20:00Z",
  "quadrant": "SYSTEM",
  "persistence": "HIGH",
  "temporal_scope": "PROJECT",
  "verification_required": "MANDATORY",
  "explicitness": 1.0,
  "source": "system",
  "session_id": "2025-02-10-deployment-fix",
  "parameters": {
    "directory_permissions": "755",
    "file_permissions": "644",
    "directories_requiring_755": ["/public", "/public/admin", "/public/js", "/public/css"],
    "deployment_check": "stat -c '%a %n' /path/to/public/* | grep -v '755\\|644'",
    "prevention": "Add to deployment scripts or CI/CD pipeline"
  },
  "active": true,
  "notes": "DEPLOYMENT ISSUE - Directories had 0700 permissions, causing nginx 403 Forbidden errors"
}

Why SYSTEM? Infrastructure/deployment configuration Why HIGH persistence? Applies to all future deployments Why MANDATORY verification? Wrong permissions break production

Quadrant Distribution Summary

Quadrant Count Examples
STRATEGIC 4 Project isolation, quality standards, honesty requirements, assurance detection
OPERATIONAL 2 Framework usage, context monitoring
TACTICAL 1 Feature deferral
SYSTEM 3 Database config, CSP security, deployment permissions
STOCHASTIC 0 (No exploratory rules in this library)

Persistence Distribution

Level Count Description
HIGH 9 Long-lasting, foundational instructions
MEDIUM 1 Medium-term, phase-specific guidance
LOW 0 (None in this library)

Temporal Scope Distribution

Scope Count Description
PERMANENT 6 Never expires (values, security, quality)
PROJECT 3 Lasts for entire project lifecycle
PHASE 0 (None in this library)
SESSION 1 Relevant for specific session/phase

Common Patterns

1. Security Instructions

Characteristics:

  • Quadrant: SYSTEM
  • Persistence: HIGH
  • Temporal Scope: PERMANENT
  • Verification: MANDATORY
  • Explicitness: 1.0

Examples: inst_008 (CSP), inst_012 (sensitive data), inst_013 (API exposure)

2. Values/Ethics Instructions

Characteristics:

  • Quadrant: STRATEGIC
  • Persistence: HIGH
  • Temporal Scope: PERMANENT
  • Verification: MANDATORY
  • Boundary Enforcer: VALUES boundary

Examples: inst_016 (honesty), inst_017 (absolute assurances), inst_005 (human approval)

3. Infrastructure Configuration

Characteristics:

  • Quadrant: SYSTEM
  • Persistence: HIGH
  • Temporal Scope: PROJECT or PERMANENT
  • Parameters: Ports, paths, service names
  • Verification: MANDATORY

Examples: inst_001 (database), inst_002 (app port), inst_020 (file permissions)

4. Process/Workflow Directives

Characteristics:

  • Quadrant: OPERATIONAL
  • Persistence: HIGH
  • Temporal Scope: PROJECT
  • Defines "how work should be done"

Examples: inst_007 (framework usage), inst_019 (monitoring enhancement)

Implementation Guidance

For AI Assistants

When receiving a new instruction:

  1. Classify using InstructionPersistenceClassifier

    • Determine quadrant (STR/OPS/TAC/SYS/STO)
    • Assign persistence (HIGH/MEDIUM/LOW)
    • Set temporal scope (PERMANENT/PROJECT/PHASE/SESSION)

  2. Validate using CrossReferenceValidator

    • Check for conflicts with existing instructions
    • Verify compatibility with project constraints
    • Flag if resolution requires human judgment

  3. Enforce using BoundaryEnforcer

    • Check if instruction crosses philosophical boundaries
    • Verify if values-sensitive (requires human approval)
    • Block if violates inst_016, inst_017, inst_018

  4. Store in persistent database

    • MongoDB, PostgreSQL, or similar
    • Include all metadata (timestamp, session, parameters)
    • Mark as active

  5. Apply in decision-making

    • HIGH persistence: Apply to all future decisions
    • MEDIUM persistence: Apply within current phase
    • LOW persistence: Apply within current session

For Developers

Building a governance system:

// 1. Load active instructions at session start
const rules = await db.governanceRules.find({ active: true });

// 2. Filter by persistence level
const highPersistence = rules.filter(r => r.persistence === 'HIGH');

// 3. Check for conflicts before adding new rule
const conflicts = await validator.checkConflicts(newRule, rules);

// 4. Enforce boundaries before sensitive actions
const enforcement = enforcer.enforce({
  type: 'content_generation',
  description: 'This framework guarantees 100% safety'
});

if (!enforcement.allowed) {
  console.error(`Boundary violated: ${enforcement.boundary}`);
  // Escalate to human
}

// 5. Update session state
await updateSessionState({
  activeInstructions: rules.length,
  pressureLevel: monitor.analyzePressure(context)
});

JSON Schema Validation Example

const Ajv = require('ajv');
const ajv = new Ajv();

const governanceRuleSchema = {
  // ... schema from above ...
};

const validate = ajv.compile(governanceRuleSchema);

const rule = {
  id: "inst_001",
  text: "MongoDB runs on port 27017",
  quadrant: "SYSTEM",
  persistence: "HIGH",
  temporal_scope: "PROJECT",
  active: true
};

const valid = validate(rule);

if (!valid) {
  console.error(validate.errors);
}

Related Documents

  • BENCHMARK-SUITE-RESULTS.md - Test coverage for governance services
  • docs/governance/TRA-VAL-0001-core-values-principles-v1-0.md - Core values framework
  • docs/api/RULES_API.md - API documentation for rule management
  • docs/research/architectural-overview.md - System architecture
  • CLAUDE_Tractatus_Maintenance_Guide.md - Full governance framework

Community Contributions

This library is open source. Contribute additional anonymized examples:

  1. Fork the repository
  2. Add new examples to this document
  3. Ensure examples are anonymized (no real project names, sensitive data)
  4. Submit pull request with rationale for inclusion

Criteria for inclusion:

  • Real-world instruction from production use
  • Demonstrates unique pattern or edge case
  • Includes complete metadata and clear notes
  • Helps implementers understand classification logic

License

This document is part of the Tractatus AI Safety Framework, licensed under Apache License 2.0.

Attribution: If you use examples from this library in academic research or commercial products, please cite:

Tractatus AI Safety Framework - Governance Rule Library
https://agenticgovernance.digital/docs/governance-rule-library
Version 1.0 (2025-10-11)

Document Version: 1.0 Last Updated: 2025-10-11 Next Review: After 100+ community submissions Maintained By: Tractatus Development Team

This library demonstrates real-world governance rule classification and enforcement. All examples are anonymized from actual production use.