john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/For Claude Web/tractatus-claude-web-complete/docs/markdown/introduction-to-the-tractatus-framework.md
TheFlow a4db3e62ec
Some checks are pending
CI / Run Tests (push) Waiting to run
Details
CI / Lint Code (push) Waiting to run
Details
CI / CSP Compliance Check (push) Waiting to run
Details
chore(vendor-policy): sweep project-self GitHub URLs to Codeberg (partial) 
Addresses the documentation-layer gap after Phase A/B moved the git REMOTE from
GitHub to Codeberg but left ~100 project-self GitHub URLs embedded in markdown,
HTML, JS, and Python files. The remote-layer migration was generalised as
"GitHub is gone from the codebase" without verifying the content layer.

22 files swept in this commit. 27 additional files hold pre-existing inst_016/017/018
or inst_084 debt that would transfer on touch (hook whole-file scan). Those
await a companion hygiene-first commit before their GitHub->Codeberg flip
can land cleanly.

Sweep scope this commit:
  - README.md, SECURITY.md
  - 3 For-Claude-Web bundle files (GitHub URLs noted as "separate concern" in
    today's earlier licence-swap commits)
  - docs/markdown/deployment-guide.md
  - docs/AUTOMATED_SYNC_SETUP, PLURALISM_CHECKLIST, github/AGENT_LIGHTNING_README
  - docs/business-intelligence/governance-bi-tools
  - docs/outreach/EXECUTIVE-BRIEF-BI-GOVERNANCE (+ v2)
  - docs/research/ARCHITECTURAL-SAFEGUARDS-*
  - email-templates/README.md, base-template.html
  - 3 scripts/seed-*-blog-post.js (blog-seeding scripts)
  - scripts/upload-document.js
  - SESSION_HANDOFF_2025-10-23_FRAMEWORK_ANALYSIS.md
  - SECURITY_INCIDENT_POST_MORTEM_2025-10-21.md

Pattern swaps (longest-first):
  github.com/AgenticGovernance/tractatus-framework/issues -> codeberg.org/mysovereignty/tractatus-framework/issues
  github.com/AgenticGovernance/tractatus-framework/discussions -> .../issues (Codeberg has no discussions feature)
  github.com/AgenticGovernance/tractatus-framework.git -> codeberg.org/mysovereignty/tractatus-framework.git
  github.com/AgenticGovernance/tractatus-framework -> codeberg.org/mysovereignty/tractatus-framework
  git@github.com:AgenticGovernance/... -> git@codeberg.org:mysovereignty/...
  github.com/AgenticGovernance/tractatus (old org/repo path) -> codeberg.org/mysovereignty/tractatus-framework
  AgenticGovernance/tractatus-framework (bare) -> mysovereignty/tractatus-framework

Hook validator update (scripts/hook-validators/validate-credentials.js):
  PROTECTED_VALUES.github_org:  'AgenticGovernance'  -> 'mysovereignty'
  PROTECTED_VALUES.license:     'Apache License 2.0' -> EUPL-1.2 long form
  URL detection regex:          /github\.com\/.../   -> /codeberg\.org\/.../
  Placeholder checks + error messages updated to reflect Codeberg as
  authoritative post-migration host. Key names (e.g. `github_org`) retained
  for backward compatibility with validate-file-edit.js.

Held back from this commit (27 files total, documented reasons):

  11 historical session handoffs / closedown docs / incident reports
    (2025-10 through 2026-02) — modifying them rewrites the record to contain
    URLs that did not exist at the time of writing, AND ownership of their
    pre-existing inst_084 exposures transfers on touch.

  8 live-content docs with pre-existing inst_084 debt (port/API-endpoint/
    file-path exposures): docs/markdown/case-studies.md, technical-architecture,
    introduction-to-the-tractatus-framework, implementation-guide-v1.1,
    docs/plans/integrated-implementation-roadmap-2025, docs/governance/*,
    docs/ANTHROPIC_*, docs/GOVERNANCE_SERVICE_*, docs/RESEARCH_DOCUMENTATION_*,
    deployment-quickstart/*.

  8 live-content docs with pre-existing inst_016/017/018 debt:
    CHANGELOG.md, CONTRIBUTING.md, docs/LAUNCH_ANNOUNCEMENT, LAUNCH_CHECKLIST,
    PHASE_4_REPOSITORY_ANALYSIS, PHASE_6_SUMMARY, docs/plans/research-enhancement-
    roadmap-2025, docs/case-studies/pre-publication-audit-oct-2025.

  Also NOT in this commit (separate concerns):
  - scripts/add-inst-084-github-url-protection.js (detection-rule logic needs
    framework-level decision on post-migration semantics).
  - .claude/* (framework state).
  - docs/PRODUCTION_DOCUMENTS_EXPORT.json (DB dump).
  - package-lock.json (npm sponsor URLs, third-party).
  - .git/config embedded credentials (requires out-of-band rotation on both
    remote hosts + auth-strategy decision; user-action task).

Context: today's EUPL-1.2 sweep closed the licence-text-content layer
(5c386d0d / 6d49bfbf / ab0a6af4 / 4c1a26e8). This commit starts closing the
matching vendor-URL-content layer. Next: hygiene-first pass on the 16
live-content docs held back, then a second URL-flip pass on them.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-20 10:53:13 +12:00

11 KiB
Raw Blame History

Introduction to the Tractatus Framework

Version: 0.5.0 (Phase 5 Proof-of-Concept) Last Updated: 2025-10-12 Status: Active development with production deployment

What Is Tractatus?

Tractatus is an architectural AI safety framework that enforces boundaries through system structure rather than behavioral training. Instead of hoping LLMs "behave correctly," Tractatus makes certain decision types structurally prevented without human approval.

The framework operates through six specialized services that continuously monitor LLM operations, detect unsafe conditions, and enforce mandatory human judgment for values-sensitive decisions.

The Core Problem

Current AI safety approaches rely on alignment training (teaching "correct" values), Constitutional AI (embedding principles in training), and RLHF (Reinforcement Learning from Human Feedback).

Fundamental flaw: These assume AI maintains alignment regardless of context pressure or competing constraints. Empirical evidence shows this fails.

The Tractatus Solution

Rather than training AI to make "good decisions," Tractatus removes certain decisions from AI authority entirely.

Core Principle

"Whereof the AI cannot safely decide, thereof it must request human judgment."

Inspired by Wittgenstein's Tractatus Logico-Philosophicus: recognize limits, enforce them structurally, and be explicit about boundaries.

Decision Boundaries

AI defers to humans when decisions involve:

  1. Irreducible values conflicts - Privacy vs safety, autonomy vs harm prevention
  2. Irreversible consequences - Data deletion, architectural changes, security modifications
  3. Cultural/social context - Decisions requiring human cultural understanding
  4. Competing moral frameworks - Cases where legitimate values conflict

Six Core Services

1. InstructionPersistenceClassifier

Function: Classifies every instruction by strategic importance and temporal scope.

Quadrants:

  • STRATEGIC - Mission/values (persistence: PERMANENT)
  • OPERATIONAL - Processes/standards (persistence: HIGH)
  • TACTICAL - Specific tasks (persistence: LOW-MEDIUM)
  • SYSTEM - Technical config (persistence: HIGH)
  • STOCHASTIC - Creative exploration (persistence: VARIABLE)

Why it matters: Prevents instruction drift and ensures critical directives persist across sessions.

2. CrossReferenceValidator

Function: Validates proposed actions against stored instruction history before execution.

Prevents: Pattern recognition bias where LLM training overrides explicit instructions.

Example: User says "MongoDB non-default project port", LLM's training pattern autocorrects to "27017". CrossReferenceValidator blocks this as instruction conflict.

3. BoundaryEnforcer

Function: Structurally blocks decisions in protected domains, requiring human approval.

Protected domains:

  • Values decisions (privacy, user agency, ethics)
  • Irreversible changes (deletions, schema changes)
  • Security modifications (authentication, access control)
  • Financial decisions (pricing, billing, payments)

Result: AI is prevented from executing these decisions without explicit human approval.

4. ContextPressureMonitor

Function: Tracks session degradation across five factors.

Monitors:

  • Conversation length (40% weight) - PRIMARY factor: message count drives compaction events
  • Token usage (30% weight) - Context window pressure
  • Task complexity (15% weight) - Competing demands
  • Error frequency (10% weight) - Quality indicators
  • Instruction density (5% weight) - Directive overload

Action: Recommends session handoff before quality degrades.

5. MetacognitiveVerifier

Function: LLM evaluates its own reasoning before proposing complex actions.

Checks:

  • Alignment with stated goals
  • Internal coherence
  • Completeness (edge cases considered)
  • Safety risks
  • Alternatives explored

Output: Confidence score + recommendation (PROCEED / REQUIRE_REVIEW / BLOCKED)

6. PluralisticDeliberationOrchestrator

Function: Manages decisions involving competing values frameworks.

Process:

  1. Detects values conflicts (privacy vs safety, rights vs consequences)
  2. Identifies affected stakeholder groups
  3. Structures multi-perspective deliberation
  4. Documents all positions (including dissent)
  5. Creates reviewable precedents

Principle: When values genuinely conflict, deliberation quality matters more than decision speed. AI facilitates; humans decide.

Why "Tractatus"?

Named after Ludwig Wittgenstein's Tractatus Logico-Philosophicus (1921), which established:

  1. Language has limits - Not everything can be meaningfully stated
  2. Boundaries are structural - Limits are inherent, not defects
  3. Clarity through precision - Define what can and cannot be said

Applied to AI safety:

  1. AI judgment has limits - Not every decision can be safely automated
  2. Safety through architecture - Build boundaries into system structure
  3. Reliability through specification - Precisely define where humans must decide

Demonstrated Failure Modes Prevented

Non-default project port Incident (2025-10-06)

What happened: User specified MongoDB non-default project port. LLM immediately used 27017 instead—not through forgetting, but through pattern recognition autocorrection. Training data "MongoDB=27017" was so strong it overrode the explicit instruction in real-time.

Tractatus prevention: InstructionPersistenceClassifier + CrossReferenceValidator store explicit parameters and block any action conflicting with stored instructions—even from training patterns.

Context Degradation (Multiple sessions)

What happens: Beyond 150k tokens, LLM quality silently degrades: forgets instructions, makes careless errors, fails to verify assumptions.

Tractatus prevention: ContextPressureMonitor calculates degradation score and recommends session handoff at 75% threshold—before failure occurs.

Values Creep (Ongoing risk)

What happens: LLM gradually makes values-sensitive decisions without recognizing them as such: privacy vs performance trade-offs, "harmful" content definitions, user agency boundaries.

Tractatus prevention: BoundaryEnforcer structurally blocks these decisions. LLM cannot execute them without explicit human approval.

Current Implementation Status

Production deployment: agenticgovernance.digital (this website) Development governance: Active (this website built under Tractatus governance) Test coverage: 192 unit tests passing (100% coverage on core services) Database: Instruction persistence operational (MongoDB) Phase: 5 PoC - Value pluralism integration active

Dogfooding: The Tractatus framework governs its own development. Every decision to modify this website passes through Tractatus services.

Technical Architecture

  • Runtime: Node.js (Express)
  • Database: MongoDB (instruction persistence, precedent storage)
  • Frontend: Vanilla JavaScript (no framework dependencies)
  • API: RESTful (OpenAPI 3.0 spec available)
  • Services: Six independent modules with defined interfaces

Key design decision: No machine learning in governance services. All boundaries are deterministic and auditable.

Who Should Use Tractatus?

AI Safety Researchers

  • Architectural approach to alignment problem
  • Formal specification of decision boundaries
  • Empirical validation of degradation detection
  • Novel framework for values pluralism in AI

Software Teams Deploying LLMs

  • Code under active maintenance (tested, documented)
  • Immediate safety improvements
  • Integration guides for existing systems
  • Prevents known failure modes

Policy Makers / Advocates

  • Clear framework for AI safety requirements
  • Non-technical explanations available
  • Addresses agency preservation
  • Demonstrates practical implementation

Integration Requirements

Minimum: LLM with structured output support, persistent storage for instruction history, ability to wrap LLM calls in governance layer.

Recommended: Session state management, token counting, user authentication for human approval workflows.

Limitations

What Tractatus does NOT do:

  • Train better LLMs (uses existing models as-is)
  • Architecturally constrain "aligned" AI behaviour
  • Reduce failure classes addressable by structural enforcement
  • Replace human judgment

What Tractatus DOES do:

  • Designed to detect specific known failure modes before execution
  • Architecturally enforce boundaries on decision authority
  • Monitor session quality degradation indicators
  • Require human judgment for values-sensitive decisions

Getting Started

  1. Read Core Concepts - Understand the six services in detail
  2. Review Case Studies - See real failure modes and prevention
  3. Check Technical Specification - API reference and integration guide
  4. Explore Implementation Guide - Step-by-step deployment

Research Foundations

Tractatus integrates concepts from:

  • Philosophy of language (Wittgenstein) - Limits and boundaries
  • Organizational theory (March, Simon) - Bounded rationality, decision premises
  • Deliberative democracy (Gutmann, Thompson) - Structured disagreement
  • Value pluralism (Berlin, Chang) - Incommensurable values
  • Systems architecture (Conway, Brooks) - Structural constraints and boundaries

See Research Foundations for academic grounding and citations.

Contributing

Tractatus is open source and welcomes contributions:

  • Code: GitHub pull requests (Node.js, tests required)
  • Research: Theoretical extensions, formal verification
  • Case studies: Document real-world applications
  • Documentation: Clarity improvements, translations

Repository: https://codeberg.org/mysovereignty/tractatus-framework Issues: https://codeberg.org/mysovereignty/tractatus-framework/issues

Contact

Email: john.stroh.nz@pm.me Website: https://agenticgovernance.digital

License

Copyright 2025 John Stroh

Licensed under the European Union Public Licence, Version 1.2 (the "Licence"); you may not use this file except in compliance with the Licence. You may obtain a copy of the Licence at:

https://interoperable-europe.ec.europa.eu/collection/eupl/eupl-text-eupl-12

Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the Licence for the specific language governing permissions and limitations under the Licence.

Summary:

  • Commercial use allowed
  • Modification allowed
  • Distribution allowed
  • Patent grant included
  • Private use allowed
  • ⚠️ Must include license and copyright notice
  • ⚠️ Must state significant changes
  • No trademark rights granted
  • No liability or warranty

Document Metadata

  • Version: 0.5.0
  • Created: 2025-10-12
  • Last Modified: 2025-10-13
  • Author: John Stroh
  • Word Count: 1,372 words
  • Reading Time: ~7 minutes
  • Document ID: introduction-to-the-tractatus-framework
  • Status: Active

Next Steps: