ALIGN: Rename Protocol to Communication and unify terminology
This commit is contained in:
@@ -11,7 +11,7 @@ Probabilistic Engine proposals involving `shell` or `eval` were executed immedia
|
||||
** Root Cause
|
||||
Architecture gap. The system lacked an authorization state between "Safe" and "Executed".
|
||||
** Resolution
|
||||
1. **Interceptor:** Added `bouncer-check` to `symbolic.lisp`. It flags high-risk actions that lack the `:approved t` property.
|
||||
1. **Interceptor:** Added `bouncer-check` to `deterministic.lisp`. It flags high-risk actions that lack the `:approved t` property.
|
||||
2. **Asynchronous Event:** If flagged, the harness emits an `:approval-required` event.
|
||||
3. **Flight Plan Skill:** Created `org-skill-bouncer.org` to:
|
||||
- Catch the event and create a serialized Org node with state `PLAN`.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
#+FILETAGS: :rca:security:formal-verification:psf:
|
||||
|
||||
* Executive Summary
|
||||
Implemented a Lisp-Native Symbolic Prover to replace heuristic whitelisting with formal security invariants. This ensures that every high-impact action (shell, file I/O) is mathematically proven safe against the Sovereign's core mandates.
|
||||
Implemented a Lisp-Native Deterministic Prover to replace heuristic whitelisting with formal security invariants. This ensures that every high-impact action (shell, file I/O) is mathematically proven safe against the Sovereign's core mandates.
|
||||
|
||||
* 1. Architectural Shift: Native vs. External
|
||||
** Issue
|
||||
@@ -22,7 +22,7 @@ Incorrect assumption about the Quicklisp system name vs. the package name. The l
|
||||
3. Verified via explicit `ql:quickload` in the test runner.
|
||||
|
||||
* 3. Formal Invariants Implemented
|
||||
- **Path Confinement:** Symbolically proves that any file operation or absolute path in a shell command is strictly within the `/home/user/memex` root.
|
||||
- **Path Confinement:** Deterministically proves that any file operation or absolute path in a shell command is strictly within the `/home/user/memex` root.
|
||||
- **No Network Exfiltration:** Prevents the shell from invoking common exfiltration tools (`nc`, `ssh`, etc.) by inspecting the parsed command structure.
|
||||
|
||||
* 4. PSF Mandate Alignment
|
||||
|
||||
@@ -11,8 +11,8 @@ During compilation, `gateway-telegram.lisp` failed with `UNDEFINED-FUNCTION` for
|
||||
** Root Cause
|
||||
Poorly scoped foundational functions. These were defined in `core.lisp` (the loop orchestrator), which was loaded *after* the gateways in `org-agent.asd`. This created a "Circular Intention" where the gateways needed the harness to exist before the harness could load the gateways.
|
||||
** Resolution
|
||||
1. **Relocation:** Moved `*actuator-registry*` and `register-actuator` to `protocol.lisp` (the foundation).
|
||||
2. **Reordering:** Adjusted `org-agent.asd` to load `core.lisp` (containing the stimulus loop) immediately after the symbolic gates but before the physical sensors (gateways).
|
||||
1. **Relocation:** Moved `*actuator-registry*` and `register-actuator` to `communication.lisp` (the foundation).
|
||||
2. **Reordering:** Adjusted `org-agent.asd` to load `core.lisp` (containing the stimulus loop) immediately after the deterministic gates but before the physical sensors (gateways).
|
||||
|
||||
* 2. Issue: Hardcoded Chat UI
|
||||
** Symptoms
|
||||
|
||||
@@ -7,7 +7,7 @@ Reimplemented the `org-skill-lisp-repair` to align with the "Sovereign Boundary"
|
||||
|
||||
* 1. Issue: Core Bloat & Synchronous Coupling
|
||||
** Symptoms
|
||||
The initial implementation of the Lisp Repair gate placed a `handler-case` and a dynamic function call (`repair-lisp-syntax`) directly inside the core `think` function (`neuro.lisp`). This forced the core to wait for repairs and made it "aware" of specific repair logic.
|
||||
The initial implementation of the Lisp Repair gate placed a `handler-case` and a dynamic function call (`repair-lisp-syntax`) directly inside the core `think` function (`probabilistic.lisp`). This forced the core to wait for repairs and made it "aware" of specific repair logic.
|
||||
** Root Cause
|
||||
Architectural shortcutting. By placing repair logic in the core execution path, we violated the microkernel principle which mandates that the core should be a "dumb" signal processor.
|
||||
** Resolution
|
||||
@@ -20,7 +20,7 @@ Architectural shortcutting. By placing repair logic in the core execution path,
|
||||
** Root Cause
|
||||
Mismatched expectations of signal nesting. The skill expected the code at `(getf context :payload)`, but in the `decide-gate`, `context` is the full signal, and the error details were nested inside the `:candidate` field of that signal.
|
||||
** Resolution
|
||||
Updated the symbolic logic to correctly traverse the nested signal structure: `(getf (getf context :candidate) :payload)`.
|
||||
Updated the deterministic logic to correctly traverse the nested signal structure: `(getf (getf context :candidate) :payload)`.
|
||||
|
||||
* 3. PSF Mandate Alignment
|
||||
** Sovereign Boundary
|
||||
@@ -30,4 +30,4 @@ Leveraged the pipeline's ability to re-inject `EVENT` signals to flatten the rec
|
||||
|
||||
* 4. Permanent Learnings
|
||||
- **Emit, Don't Call:** In a microkernel, if a non-fatal error occurs, always emit a signal rather than calling a recovery function. This allows the system to remain asynchronous and modular.
|
||||
- **Signal Inspection:** When writing symbolic gates, always verify the exact shape of the `context` signal being passed by the harness to avoid nesting errors.
|
||||
- **Signal Inspection:** When writing deterministic gates, always verify the exact shape of the `context` signal being passed by the harness to avoid nesting errors.
|
||||
|
||||
@@ -17,10 +17,10 @@ Implemented a robust `get-nested` helper function that safely traverses both nes
|
||||
** Symptoms
|
||||
Provider logic was present in the codebase but inaccessible during tests and runtime.
|
||||
** Root Cause
|
||||
The `credentials-vault.lisp` and `llm-gateway.lisp` files (consolidated in a previous session) were never added to the `org-agent.asd` system definition. Furthermore, an incorrect loading order caused `UNDEFINED-FUNCTION` errors for `register-neuro-backend`.
|
||||
The `credentials-vault.lisp` and `llm-gateway.lisp` files (consolidated in a previous session) were never added to the `org-agent.asd` system definition. Furthermore, an incorrect loading order caused `UNDEFINED-FUNCTION` errors for `register-probabilistic-backend`.
|
||||
** Resolution
|
||||
1. Added both files to `org-agent.asd`.
|
||||
2. Enforced strict loading order: `neuro` (defines registry) -> `credentials-vault` -> `llm-gateway` (uses registry).
|
||||
2. Enforced strict loading order: `probabilistic` (defines registry) -> `credentials-vault` -> `llm-gateway` (uses registry).
|
||||
|
||||
* 3. Issue: Credential Key Mismatch
|
||||
** Symptoms
|
||||
|
||||
@@ -36,5 +36,5 @@ This eliminates unnecessary nesting levels and drastically reduces the surface a
|
||||
- *Institutional Memory:* This RCA documents the decision to flatten the `.asd` structure to prevent future "Parenthesis Hell" incidents.
|
||||
|
||||
* 4. Permanent Learnings
|
||||
- **Flatten Configuration:** Keep `defsystem` definitions as flat as possible. The overhead of `:module` blocks often outweighs their organizational benefit in a neurosymbolic environment where agents frequently edit these files.
|
||||
- **Flatten Configuration:** Keep `defsystem` definitions as flat as possible. The overhead of `:module` blocks often outweighs their organizational benefit in a probabilistic-deterministic environment where agents frequently edit these files.
|
||||
- **Mocking Probabilistic Engine:** For verifying *loop mechanics*, mocking LLM responses is essential to ensure test determinism, while integration tests can use live LLM calls.
|
||||
|
||||
@@ -17,7 +17,7 @@ Defined `lisp-validator-validate` as a wrapper around `read-from-string` and `li
|
||||
** Requirement
|
||||
Multi-backend support to reduce hallucinations and increase reliability.
|
||||
** Solution
|
||||
Implemented `bt:make-thread` parallel queries in `ask-neuro`.
|
||||
Implemented `bt:make-thread` parallel queries in `ask-probabilistic`.
|
||||
** Trade-off
|
||||
Selected "Majority Rules" over "First-to-Finish".
|
||||
- *Pros:* Higher accuracy, mathematically consistent.
|
||||
@@ -29,7 +29,7 @@ Aligns with PSF Mandate 4 (Radical Transparency) and Invariant 2 (Technical Mast
|
||||
** Requirement
|
||||
Prevent illegal GTD state transitions.
|
||||
** Solution
|
||||
Added `task-integrity-check` in `symbolic.lisp`.
|
||||
Added `task-integrity-check` in `deterministic.lisp`.
|
||||
** Invariant Alignment
|
||||
Enforces the "High-Integrity Memory" mandate by ensuring the Org-mode AST remains semantically valid according to GTD rules (e.g., no orphaned active tasks).
|
||||
|
||||
@@ -40,7 +40,7 @@ Enforces the "High-Integrity Memory" mandate by ensuring the Org-mode AST remain
|
||||
3. Multi-function edits per block.
|
||||
** Correction
|
||||
1. Performed a retrospective commit.
|
||||
2. Synchronized `neurosymbolic.org` and `core.org` with source code.
|
||||
2. Synchronized `probabilistic-deterministic.org` and `core.org` with source code.
|
||||
3. Refactored the Markdown flight plan into an Org-mode flight plan.
|
||||
|
||||
* 5. Permanent Learnings
|
||||
|
||||
Reference in New Issue
Block a user