STRUCTURED DECISION INTELLIGENCE
Governed Intelligence · Semiotic Chain Agents · Open Protocol
[ dCOS_KERNEL_ACTIVE ]
UTC 20260414 18:20:10Z
PROTOCOL SPECIFICATION
SDI Protocol
Technical Specification
This page is the technical specification for the SDI open protocol. It is written for developers and technical evaluators. Every claim about the live system is directly verifiable through the public proof surfaces listed at the bottom of this page.
EVALUATE SDI IN 10 MINUTES
────────────────────────────────────────────────────
1. Compile a DER POST sdi-protocol.org/_functions/compile
Returns PASS or COMPILE_ERROR with explicit error list
2. Inspect a live governed chain api.sdi-protocol.org/ledger/list/SDI-4EDBE05288CB
Returns seq, utc, entry_hash, parent_hash per entry
3. Watch a governed turn cross providers demo.sdi-protocol.org
Full lifecycle: DER → Compile → RAI → Commit → Ledger
HOST MAP
────────────────────────────────────────────────────
www.sdi-protocol.org spec + compile surface
demo.sdi-protocol.org live runtime demo
api.sdi-protocol.org/health Logic Node status
api.sdi-protocol.org/ledger/list/SDI-4EDBE05288CB chain index
api.sdi-protocol.org/ledger/verify/SDI-4EDBE05288CB chain integrity proof github.com/StructuredDecisionIntelligence
The SDI Protocol is the open specification for governed intelligence, AI reasoning that operates under a contract before output is produced, passes a deterministic gate before anything commits, and builds from a chain of verified prior state. It defines the commit boundary between probabilistic model output and durable system state.
That boundary is enforced through a three-layer architecture running live across Anthropic, Google, and OpenAI on a single hash-chained ledger. The open protocol defines artifact structure and compile semantics. Commit authority and canonical ledger enforcement are provided through the SDI managed network.
GOVERNED INTELLIGENCE — WHAT THE PROTOCOL DEFINES
SDI is a governed intelligence runtime. The intelligence is governed by design, every reasoning turn operates under an open contract, commits a verifiable record, and builds from prior verified state. Not a prompt library, safety filter, model fine-tuning service, or output monitor. A governance layer with deterministic enforcement at the commit boundary. The point at which model output becomes durable system state.
What makes it governed intelligence rather than AI with governance applied: the model reasons under a contract before output is produced, the compile gate validates the reasoning artifact before anything commits, and the chain carries forward only what passed. The reasoning record is not a log of what the model said. It is a verified succession of governed artifacts the agent inherits and builds from.
The protocol operates through three runtime layers. The open protocol defines the reasoning contract and compile surface. Canonical commit authority, ledger participation, and identity issuance are provided through the SDI managed network.
LAYER | ROLE | AUTHORITY |
|---|---|---|
Reasoning Contract | Model-facing. Delivers the DER schema, ILJO grammar, governance constants, and compile error taxonomy before output is produced. Instruction, not enforcement. | Open protocol |
Compile Surface | Deterministic structural validation. Receives completed DER as JSON POST and returns PASS or COMPILE_ERROR. Stateless. No writes. | Open protocol · externally callable |
Enforcement Plane | Authoritative commit layer. Computes RAI v2, applies the commit threshold, and controls ledger write. | SDI managed network |
Minted Agent Identity | Required for network participation. The agent_id + sovereign_hash pair binds a governed reasoning stream to its chain and authorizes all ledger writes. | SDI managed network · issued at mint |
SDI can be understood as a Semantic Instruction Set Architecture (S-ISA), the computing analogy for what makes it governed intelligence. The ILJO loop is the instruction set. The Decision Evidence Record is the instruction format. The compile gate is the validator. The enforcement plane is the commit authority. The ledger is durable append-only committed state.
A minted SDI agent is issued a persistent agent_id and sovereign_hash. Together they authorize managed-network ledger writes and bind committed reasoning to a single governed identity across sessions, model providers, and time.
WHY NOT JUST SCHEMA + GUARDRAILS + LOGS
Most teams building governed AI workflows assemble the same pieces separately: a schema, an evidence convention, behavioral guardrails, some form of validation, and an audit log. SDI couples these into a single governed artifact with a deterministic pre-commit boundary.
The missing piece is not just integration. It is a reasoning grammar.
Every approach below solves a real problem. None of them was designed to enforce a pre-commit reasoning boundary. Without a reasoning grammar, none of them can. They are controls applied around generation. SDI is different in kind: governance is the architecture, not a layer added afterward.
A schema creates structure. Guardrails constrain behavior. Logs record what happened. None of these, by itself, defines how evidence, logic, judgment, and outcome must be bound together before system state changes. ILJO is the binding layer. It defines the admissible form of reasoning so the compile gate can test the whole path before commit. Without a reasoning grammar, there is nothing for a gate to test — only fragments to check.
Approach | What it does | What it cannot provide |
|---|---|---|
JSON schema | Enforces fields, types, and basic structure | A guarantee that evidence, logic, judgment, and outcome form an admissible reasoning path. Structure is not governance. |
RAG | Retrieves documents into model context | Enforcement of how retrieved evidence is used. Evidence can still be ignored, misread, or reasoned over incorrectly. Retrieval improves context. It does not constrain the reasoning path before commit. |
Chain-of-thought | Exposes intermediate reasoning text | A governed artifact. Intermediate steps are still free-form generated text, not a governed artifact with deterministic admissibility criteria. Reasoning may be exposed, but it is not structured for enforcement. |
Tool use | Pulls in external values or executes functions | Governance of how tool results are integrated. The reasoning that combines them remains unconstrained unless the artifact itself is governed. |
Prompt engineering | Steers model behavior from the input side | An enforceable reasoning contract. It changes likelihoods, not the enforcement boundary. Behavior is influenced probabilistically, not guaranteed architecturally. |
Output filtering | Restricts or blocks outputs after generation | Pre-commit verification. It acts after reasoning has already occurred and cannot test the reasoning path before state changes. |
Audit logs | Records what happened after the fact | The reasoning itself. Audit logs record timestamps, actions, and outcomes — what happened from the outside, not the reasoning that led to it. SDI ledger entries are the evidence, logic, judgment, and outcome in governed form. The reasoning itself, as durable system state. |
These are all useful components and techniques. The missing ingredient in every case is a reasoning grammar. Without one, you can validate pieces, constrain behavior, and record outcomes — but you cannot test the admissibility of the reasoning path itself before commit.
OPEN PROTOCOL VS MANAGED NETWORK
The protocol is open. The managed network adds identity, continuity, and commit authority.
OPEN — FREE · NO CREDENTIALS REQUIRED
────────────────────────────────────────
Validate any DER POST /_functions/compile — open now
Build against the spec DER schema, ILJO grammar, governance constants
Run it locally Any model — the protocol is model-agnostic
Query public state GET /ledger/list/ and /ledger/verify/
See it live demo.sdi-protocol.org
MANAGED NETWORK — REQUIRES MINTED AGENT IDENTITY
────────────────────────────────────────
Run governed turns Question → DER → Compile → RAI → Commit
Use frontier models Anthropic, Google, OpenAI under SDI contract
Keep persistent state Your agent_id, your governed ledger chain
Enforce commit rules RAI computation, write gate, commit authority
STATUS CONVENTIONS — USED THROUGHOUT THIS SPECIFICATION
Every claim in this specification is classified. A developer or reviewer can determine at a glance whether a field or behavior is currently enforced, currently a warning, or on the planned roadmap.
REQUIRED Normative protocol requirement. DER fails compile without this.
IMPLEMENTED Enforced in the current live system. Behavior is deterministic and observable at the compile gate or enforcement plane.
WARNING Currently non-blocking. Compile gate flags the absence but does not return COMPILE_ERROR. Promotion to REQUIRED is planned.
PLANNED Specified direction. Not yet enforced in the live system.
INTERPRETIVE Conceptual lineage or architectural rationale. Not a protocol enforcement claim.
THE DECISION EVIDENCE RECORD — SCHEMA v1.1
A Decision Evidence Record (DER) is the atomic unit of governed reasoning. Every governed turn produces one DER. Every DER must pass the compile gate before it is eligible for commit. The governed answer is extracted from the committed DER — not from raw model output.
Version: SDI_DER_v1.1 · Hash algorithm: SHA-384 · Protocol: SDI_PROTOCOL_v1
Below is the normative field-level reference used by the compile surface.
ENTRY TYPES
────────────────────────────────────────
EPISODIC Default. A governed reasoning turn under a live question.
PRECEDENT A reference record for future governed turns.
CALIBRATION Assessment of system behavior against a benchmark.
AUDIT A governance review record.
SYSTEM Infrastructure or administrative record.
REQUIRED BLOCKS
(COMPILE_ERROR if absent)
────────────────────────────────────────
META Chain identity and provenance
DECISION_INTENT Why this reasoning is happening
QUESTION_LOGIC The governing question and decomposition
SYSTEM_INPUT Evidence artifacts grounding LOGIC in external reality
ILJO The reasoning grammar execution
GCA Governed Cognitive Architecture — three reflex zones
CONDITIONAL / ADVISORY BLOCKS
────────────────────────────────────────
DECISION_SYNTAX Sub-question grammar (WARNING if absent)
SUCCESS_STANDARD What counts as a passed reasoning turn
BOUNDEDNESS Uncertainty scope and stop conditions
(REQUIRED via anchor)
OUTCOME_PLAN Forward governance metrics (domain-conditional)
METRICS Runtime values — authoritative from enforcement plane
FIELD-LEVEL SPECIFICATION
META
────────────────────────────────────────
der_version "SDI_DER_v1.1" REQUIRED
utc ISO_8601 timestamp REQUIRED
hash_alg "SHA-384" REQUIRED
protocol "SDI_PROTOCOL_v1" REQUIRED
agent_id minted ID or SESSION_LOCAL REQUIRED
sovereign_hash required for ledger write COMMIT-REQUIRED
ledger.type entry type REQUIRED
ledger.parent_hash GENESIS or prior hash COMMIT-REQUIRED
DECISION_INTENT
────────────────────────────────────────
context_framing situational framing REQUIRED
intent_statement what is being decided REQUIRED
role operator or system role REQUIRED
tier Strategic | Operational | Tactical REQUIRED
impact_domain LOW_RISK | HUMAN_WELFARE | SAFETY_CRITICAL | FINANCIAL |
LEGAL WARNING → activates domain-specific proxy checks
impact_domain activates domain-specific proxy checks.
HUMAN_WELFARE, SAFETY_CRITICAL, and LEGAL trigger
mandatory rollback_condition enforcement in OUTCOME_PLAN
— hard ERROR if absent.
When absent, compiler defaults to LOW_RISK and warns.
QUESTION_LOGIC
────────────────────────────────────────
strategic_question the governing question REQUIRED
sub_questions[] minimum one entry REQUIRED
id unique sub-question ID REQUIRED
prompt what must be known REQUIRED
linked_signal_ids maps to SYSTEM_INPUT signals REQUIRED*
success_standard
definition sufficient evidence REQUIRED
framework_source
name governance framework cited WARNING
retrieved_utc retrieval date WARNING
url retrievable URL WARNING
* linked_signal_ids required unless
BOUNDEDNESS.stop_reason = INSUFFICIENT_SIGNAL.
Hard ERROR if unmapped and not STOP.
SYSTEM_INPUT
────────────────────────────────────────
inputs[]
signal_id unique signal identifier REQUIRED
source_system HUMAN | SYSTEM | EXTERNAL |
DOC | DB | WEB REQUIRED
raw_value evidence artifact REQUIRED
captured_utc when captured REQUIRED
provenance who, what, where, how REQUIRED
citation
url required for WEB | EXTERNAL WARNING → PLANNED ERROR
retrieved_utc required for WEB | EXTERNAL WARNING → PLANNED ERROR
insight_dimensions
actionability integer 1–5 REQUIRED
relevance integer 1–5 REQUIRED
predictive_value integer 1–5 REQUIRED
specificity integer 1–5 REQUIRED
measurability integer 1–5 REQUIRED
insight_strength min(all 5 dimensions) REQUIRED
— hard ERROR
if declared ≠ computed
ILJO
────────────────────────────────────────
INTENT anchored decision objective (Sign) REQUIRED
LOGIC derivations grounded in signals REQUIRED
(Object — no verdict language)
JUDGMENT bounded verdict under governance REQUIRED
constants (Interpretant)
OUTCOME committed state — extracted as answer REQUIRED
BOUNDEDNESS
────────────────────────────────────────
uncertainty LOW | MED | HIGH REQUIRED
max_uncertainty_allowed LOW | MED | HIGH REQUIRED
timebox_seconds default 90 REQUIRED
stop_on_uncertainty must be true when HIGH REQUIRED
stop_reason INSUFFICIENT_SIGNAL |
HIGH_UNCERTAINTY |
TIMEBOX_EXCEEDED |
POLICY_BLOCK REQUIRED if stopping
GCA
────────────────────────────────────────
ID candidate stream — no finality claims REQUIRED
EGO structured SDI reasoning trace REQUIRED
SUPEREGO
anchors_required constants this DER must honor REQUIRED
anchors_present constants the model declares REQUIRED
OUTCOME_PLAN
────────────────────────────────────────
planned_metrics[].rollback_condition
REQUIRED when impact_domain is
HUMAN_WELFARE, SAFETY_CRITICAL,
or LEGAL
— hard ERROR if absent
TEST YOUR DER AGAINST THE LIVE GATE
The compile gate is open and callable now. Paste any DER into the tester below and hit Compile. The gate runs all 15 structural checks and returns PASS or COMPILE_ERROR with an explicit error list.
Two ways to use it: build your own DER using the schema above and POST it directly to sdi-protocol.org/_functions/compile, or paste it into the tester below. If you want to see how the gate behaves before building your own, load one of the preset DERs and compile it.
The tester verifies structural compliance only. A compile PASS means the artifact is well-formed and eligible for commit. Committing to the ledger — and advancing a governed reasoning chain — requires a minted agent identity on the SDI managed network.
THE ILJO REASONING GRAMMAR
ILJO is the reasoning grammar of the SDI protocol. It defines the required semantic roles a governed reasoning artifact must execute before output is eligible for commit.
The grammar has four required roles in one required semantic order. LOGIC must be grounded in SYSTEM_INPUT signals. JUDGMENT must be formed under governance constants. OUTCOME states the proposed resulting state of the turn — it becomes authoritative only if the artifact passes compile and commit. These are protocol rules, not prompting advice. The compile gate can test them because the reasoning path is expressed in governed form.
(INTERPRETIVE lineage — ILJO implements Peircean triadic closure: INTENT as Sign, LOGIC grounded in signals as Object, JUDGMENT as Interpretant. The enforcement is deterministic. The semiotic framing is conceptual lineage.)
INTENT → Anchored decision objective
LOGIC → Derivations grounded in SYSTEM_INPUT signals
JUDGMENT → Bounded verdict under governance constants
OUTCOME → Proposed resulting state — authoritative only on commit
FIELD-LEVEL CONSTRAINTS (IMPLEMENTED)
INTENT must be a bounded, tier-classified decision objective. It anchors all subsequent reasoning. It does not contain evidence, verdicts, or outcomes.
LOGIC must contain derivations grounded in SYSTEM_INPUT signals. It must not contain verdicts, policy language, or decision language. The compile gate applies a logic isolation heuristic — if decision-language tokens appear in LOGIC, a WARNING is issued. Verdicts belong in JUDGMENT. Phrases like "therefore we should" or "the recommendation is" are examples of decision language crossing into JUDGMENT territory. The heuristic checks for token patterns — it is not the full enforcement model, which operates at the schema role level.
JUDGMENT must contain the bounded verdict under SOVEREIGNTY and PRIMUM. Both governance constants must be explicitly referenced. When uncertainty is HIGH, JUDGMENT must acknowledge the uncertainty scope — enforced as a SOVEREIGNTY proxy check.
OUTCOME states the proposed resulting state of the turn. It becomes the authoritative committed state only if the artifact passes compile and commit succeeds. A STOP DER declares OUTCOME as REJECTED_PENDING_HUMAN_REVIEW — the compile gate validates the structure, the enforcement plane issues REJECT, and no ledger entry is written. OUTCOME does not contain conditionals or pending verdicts in a normal committed turn.
The protocol requires INTENT → LOGIC → JUDGMENT → OUTCOME as the semantic execution order. This is enforced by role separation, not by display order in the JSON object.
THE STOP PATH — GOVERNED REFUSAL
When a question presents HIGH uncertainty or INSUFFICIENT_SIGNAL, the correct governed response is a STOP DER. A STOP DER is structurally valid — it returns PASS. The enforcement plane receives it, evaluates it, and the commit decision is REJECT. The ledger does not advance.
A STOP DER can be structurally valid and return PASS while still being ineligible for ledger commit. This is not a failure mode. It is the governed refusal path.
BOUNDEDNESS.uncertainty = "HIGH"
BOUNDEDNESS.stop_on_uncertainty = true
BOUNDEDNESS.stop_reason = "INSUFFICIENT_SIGNAL"
SYSTEM_INPUT.inputs = [] ← permitted only for STOP
ILJO.OUTCOME = "STATE=REJECTED_PENDING_HUMAN_REVIEW"
GCA.SUPEREGO.anchors_present = ["SOVEREIGNTY","PRIMUM",
"BOUNDEDNESS","STOP_ON_UNCERTAINTY"]
STOP DERs are observable in the GlassBox demo (lifecycle_state = STOP_RENDERED). They do not produce a ledger entry — the chain is silent on refusals.
GOVERNANCE CONSTANTS AND STRUCTURAL ANCHORS
SDI governance operates through two primary constants and two required structural anchors. Every DER must declare all four in GCA.SUPEREGO.anchors_present, absence of any one is a hard compile ERROR. Every DER must also satisfy the structural conditions associated with each anchor. Declaration and structural satisfaction are two separate checks.
Governance is evaluated at three levels. Level 1 is declaration: the anchor is explicitly present in anchors_present — enforced deterministically at compile. Level 2 is proxy enforcement: the compile gate checks structural conditions consistent with the declared anchor and issues warnings or errors according to the rule set below. Level 3 is semantic audit: human reviewers determine whether the reasoning actually honored the declared constant. The compile gate handles Levels 1 and 2. Level 3 is the responsibility of human reviewers with access to the full DER.
PRIMARY GOVERNANCE CONSTANTS
(REQUIRED — hard COMPILE_ERROR if absent from anchors_present)
────────────────────────────────────────────────────────────
SOVEREIGNTY
Human authority over consequential external action
NIST alignment: GOVERN 1.2
PRIMUM
First do no harm — fail closed under uncertainty
NIST alignment: MANAGE 2.2, MANAGE 4.1
REQUIRED STRUCTURAL ANCHORS
(REQUIRED — hard COMPILE_ERROR if absent from anchors_present)
────────────────────────────────────────────────────────────
BOUNDEDNESS
Declaration required in anchors_present
Structural satisfaction:
BOUNDEDNESS block must be present in DER body
Enforcement result if absent from DER body:
WARNING
STOP_ON_UNCERTAINTY
Declaration required in anchors_present
Structural satisfaction:
stop_on_uncertainty = true when uncertainty = HIGH
Enforcement result if violated:
WARNING
SOVEREIGNTY PROXY CHECKS — LEVEL 2 (IMPLEMENTED)
────────────────────────────────────────────────────────────
Check 1
Condition:
uncertainty = HIGH → stop_on_uncertainty must be true
Violation:
proxy score -0.3, WARNING issued
Enforcement:
field-based, deterministic
Check 2
Condition:
BOUNDEDNESS block must be present in DER body
Violation:
proxy score -0.4, WARNING issued
Enforcement:
block presence check, deterministic
Check 3
Condition:
JUDGMENT must acknowledge uncertainty scope
when uncertainty >= MED
Enforcement:
heuristic — WARNING issued on pattern basis
Semantic completeness subject to Level 3 human audit
PRIMUM PROXY CHECKS — LEVEL 2 (IMPLEMENTED)
────────────────────────────────────────────────────────────
Check 1
Condition:
uncertainty = HIGH → ILJO.OUTCOME must contain
STOP, DELAY, DEFER, or PENDING
Violation:
proxy score -0.3, WARNING issued
Enforcement:
field-based, deterministic
Check 2
Condition:
stop_reason = INSUFFICIENT_SIGNAL → JUDGMENT must
acknowledge the gap, not reason past it
Enforcement:
heuristic — partial proxy only
Full compliance subject to Level 3 human audit
Check 3
Condition:
impact_domain = HUMAN_WELFARE | SAFETY_CRITICAL | LEGAL
→ OUTCOME_PLAN.rollback_condition required
Violation:
hard COMPILE_ERROR
Enforcement:
field presence check, deterministic
WHY THE CONSTANTS ARE USEFUL — NOT JUST REQUIRED
Governance constants do two things a system prompt or guardrail cannot.
First, they are declared before LOGIC and JUDGMENT are produced. They are not appended as disclaimers after reasoning. They shape what the reasoning must account for before derivation begins. A reasoning engine that must declare PRIMUM before producing LOGIC on a welfare, legal, or financial question must account for harm potential during evidence construction, not after it.
Second, because LOGIC and JUDGMENT are structurally separated fields, any leap from evidence to verdict becomes visible as a gap. In unstructured output, evidence aggregation and conclusion collapse into a single stream, allowing overconfidence or confirmation bias to propagate invisibly. Field separation does not prevent that leap. It makes it inspectable.
These are mechanisms, not guarantees. The compile gate enforces structure. Whether the reasoning behind that structure is sound remains the domain of human audit, which is why the ledger exists. The constants and field separation give the auditor something concrete to inspect. That is what they demonstrably provide. Automated semantic scoring, red-team validation, and cross-turn pattern analysis across ledger entries are the direction. They are not the current claim.
SIGNAL SCORING — FIVE-DIMENSION EVIDENCE QUALITY
A signal is an evidence artifact that grounds LOGIC in external reality. Without signals, LOGIC is generation: the model deriving from its own distributional prior rather than from cited evidence. Every signal must be scored across five dimensions before it can appear in SYSTEM_INPUT and ground a LOGIC derivation.
The scoring requirement is not a labeling exercise applied after evidence is found. Requiring specificity and measurability as declared integers changes what evidence is sought in the first place. Vague commentary, unattributed claims, and non-falsifiable assertions become legibly weak before full evaluation. Sources with precise figures, named entities, defined time windows, and verifiable methods become legibly stronger candidates. The scoring disciplines the search, not just the rating.
The min-rule is the structural mechanism that makes this work. insight_strength equals the minimum of all five dimensions - not the average and not the highest. One weak dimension caps the entire signal. In practice, specificity and measurability are often the binding constraints because they are hardest to satisfy from qualitative or unattributed sources. A source can be topically relevant and still score low if it lacks concrete attribution or measurable support.
SIGNAL DIMENSIONS
────────────────────────────────────────────────────────────
1. Actionability
How directly the signal enables a next step
1 = vague concept, no obvious action
5 = clear action is immediately possible
2. Relevance
How directly the signal answers the intent
1 = tangential / roundabout inference
5 = directly maps to the question
3. Predictive Value
Whether the signal meaningfully constrains expected outcomes
1 = no forward-state relevance
5 = strong, historically consistent indicator
4. Specificity
Whether the signal is grounded in concrete,
attributable information
1 = pure inference, no binding evidence
5 = explicitly supported by document or citation
5. Measurability
Whether the signal can be expressed as a measurable value
1 = purely qualitative, no measurement path
5 = directly measurable and verifiable
ENFORCED SCORING RULE
────────────────────────────────────────────────────────────
insight_strength =
min(actionability, relevance, predictive_value,
specificity, measurability)
Declared insight_strength must equal computed minimum
Mismatch = hard COMPILE_ERROR
ADVISORY RULE
────────────────────────────────────────────────────────────
signal_useful = true if relevance >= 4
even when insight_strength <= 2
Result:
WARNING
PROVENANCE REQUIREMENT
────────────────────────────────────────────────────────────
If source_system = WEB or EXTERNAL, require:
citation.url
citation.retrieved_utc
Status:
WARNING now
planned hard COMPILE_ERROR
WHAT IS ENFORCED AND WHAT IS A BUILDING SURFACE
The compile gate enforces scoring math. It checks that insight_strength equals the minimum of the five declared dimensions. It does not verify whether the declared scores accurately reflect the cited source. A model could assign high scores to a weak source and still pass compile. That is the honest gap.
The five-dimension schema is the surface that makes verification possible. An independent layer, a scraper that fetches the cited source and evaluates it against the same five dimensions - can compare agent-declared scores against source-derived scores. That is the next enforcement layer for this section of the protocol. It is direction, not current claim.
What the schema demonstrably provides today is a structured, inspectable record of how evidence was evaluated, with declared scores that can be audited by a human reviewer or tested by an automated layer. That gives the auditor a concrete evidence record instead of opaque evidence use.
REFLEX ALIGNMENT INDEX v2 — COMMIT THRESHOLD
The Reflex Alignment Index (RAI) is the composite governance metric computed at commit time by the external Logic Node. RAI determines whether a compiled DER is admitted to the ledger.
Threshold: RAI ≥ 0.86 → COMMIT · Below → REJECT
RAI FORMULA
────────────────────────────────────────────────────────────
RAI =
(0.25 × ILJO_score) +
(0.25 × EGO_bucket) +
(0.30 × Signal_Conformance) +
(0.20 × Superego_score)
COMPONENTS
────────────────────────────────────────────────────────────
ILJO_score
Weight: 0.25
NIST ref: GOVERN 1.2
Measures: Required ILJO field completeness
EGO_bucket
Weight: 0.25
NIST ref: MEASURE 2.6
Measures: Governed reasoning readiness
Signal_Conformance
Weight: 0.30
NIST ref: MEASURE 2.5
Measures: Signal quality and evidence-binding
Superego_score
Weight: 0.20
NIST ref: MANAGE 2.2
Measures: Governance anchor presence and proxy consistency
EGO_bucket SUBFORMULA
────────────────────────────────────────────────────────────
EGO_bucket =
(0.55 × DER_schema_S) +
(0.20 × GCA_score) +
(0.25 × Decision_determinism_S)
COMPONENT NOTES (IMPLEMENTED)
ILJO_score is currently computed as binary presence: 1.0 if all four ILJO fields are present and non-empty, 0 if any field is absent. Content-level subchecks are planned — not yet part of the live scoring pipeline.
EGO_bucket is a composite of DER structural spine completeness (0.55), GCA reflex zone presence (0.20), and verdict-readiness scoring (0.25). Verdict-readiness measures strategic question presence, sub-question-to-signal linkage, decision syntax completeness, and per-sub-question success standards.
Signal_Conformance measures whether evidence signals are present, all five insight_strength dimensions are scored, the minimum-dimension rule is applied, and sub-question signal support meets quality thresholds. Citation URLs are currently verified for structural presence only — URL resolution and content validation are planned.
Superego_score measures governance anchor presence and proxy consistency. Proxy scoring degrades when structural violations are detected.
The same governance contract ran live across three frontier model providers. All three exceeded the commit threshold. The gate is model-independent, the chain is not.
CONFIRMED LIVE SCORES
────────────────────────────────────────────────────────────
Seq 3
Provider: Anthropic
Model: claude-sonnet-4-6
RAI: 0.9758
Date: 2026-03-07
Seq 9
Provider: Google
Model: gemini-2.5-flash
RAI: 0.9737
Date: 2026-03-07
Seq 12
Provider: OpenAI
Model: gpt-4.1
RAI: 0.9758
Date: 2026-03-09
All exceed the 0.86 threshold.
All are verifiable at the public ledger.
RUNTIME METRICS
────────────────────────────────────────────────────────────
delta_E = Jp - Jc
Jp
input tokens processed
Jc
tokens in committed artifact
Interpretation
Governance efficiency signal
Recorded at commit, not used as a gate
ENFORCEMENT ARCHITECTURE
ENFORCEMENT ARCHITECTURE
────────────────────────────────────────────────────────────
LAYER 1 — REASONING CONTRACT
Current live implementation:
Web application layer / JavaScript runtime
Role:
Model conditioning
No enforcement
No writes
Status:
OPEN PROTOCOL
LAYER 2 — COMPILE SURFACE
Current live implementation:
Serverless web backend / Node.js runtime
Endpoint:
POST sdi-protocol.org/_functions/compile
Role:
Deterministic structural validation
Stateless
No writes
Returns PASS or COMPILE_ERROR
Model-agnostic
Status:
OPEN PROTOCOL — externally callable
LAYER 3 — ENFORCEMENT PLANE
Current live implementation:
External application server / Python runtime
Role:
CAS ordering
Parent hash verification
RAI threshold
Ledger write authority
Status:
SDI managed network
COMPILE GATE CHECK SEQUENCE (IMPLEMENTED)
COMPILE GATE CHECK SEQUENCE (IMPLEMENTED)
────────────────────────────────────────────────────────────
Missing SDI_DER root
→ COMPILE_ERROR
Required blocks
→ ERROR per missing block
SOVEREIGNTY in anchors_present
→ ERROR if absent
PRIMUM in anchors_present
→ ERROR if absent
BOUNDEDNESS in anchors_present
→ ERROR if absent
STOP_ON_UNCERTAINTY in anchors_present
→ ERROR if absent
SOVEREIGNTY proxy checks (Level 2)
→ WARNING + proxy score
PRIMUM proxy checks (Level 2)
→ WARNING + proxy score
Signal validation: insight_strength = min(...)
→ ERROR if mismatch
Mapping gate: sub-questions → signals
→ ERROR if unmapped
impact_domain declaration + plausibility heuristic
→ WARNING
PRIMUM rollback enforcement (high-risk domains)
→ ERROR
Audit gate presence check
→ ERROR if missing
Logic isolation heuristic
→ WARNING on verdict language in LOGIC
DECISION_SYNTAX structural pattern check
→ WARNING
HTTP NOTE
────────────────────────────────────────────────────────────
COMPILE_ERROR returns HTTP 200 for tooling consistency.
This is intentionally modeled as a compiler result, not an
HTTP transport error. HTTP 400 is reserved for unparseable
JSON only.
CALLING THE COMPILE GATE
CALLING THE COMPILE GATE
────────────────────────────────────────────────────────────
REQUEST
curl -X POST https://www.sdi-protocol.org/_functions/compile \
-H "Content-Type: application/json" \
-d '{ "SDI_DER": { ... your DER JSON ... } }'
PASS RESPONSE (HTTP 200)
{
"status": "PASS",
"compiler_message": "Structure valid. Governance constants present.
Signals scored deterministically. Triadic closure structurally
satisfied. Semantic correctness subject to human audit.
Eligible for Append Audit and Commit.",
"proxy_scores": {
"SOVEREIGNTY": 1.0,
"PRIMUM": 1.0
},
"compile_metrics": {
"Ec": 0.92
}
}
COMPILE_ERROR RESPONSE (HTTP 200)
{
"status": "COMPILE_ERROR",
"errors": [
"Missing governance constant: SOVEREIGNTY",
"Signal[sig_001]: insight_strength must equal
min(dimensions). Declared=4 Computed=2."
]
}
THE GOVERNED TURN LIFECYCLE (IMPLEMENTED)
THE GOVERNED TURN LIFECYCLE (IMPLEMENTED)
────────────────────────────────────────────────────────────
1. Read ledger head (tip_seq, tip_hash, sovereign_hash)
2. Build system prompt (reasoning contract injection)
3. Build turn prompt (question + ledger context)
4. Call model provider
5. Extract DER JSON from response
6. Detect STOP DER (stop_reason = INSUFFICIENT_SIGNAL)
7. Compile against compile gate
8. Retry once if compile error and not STOP
9. Commit decision — REJECT if STOP or compile fail
10. Extract governed answer from ILJO.OUTCOME
only if ledger write is confirmed
KEY ARCHITECTURAL CLAIM
────────────────────────────────────────────────────────────
Before commit, ILJO.OUTCOME is proposed state.
After confirmed ledger write, it becomes authoritative
governed state.
The system does not render a governed answer unless the
ledger write succeeds. If commit fails, answer = null.
WRITE GATE — THREE-KEY LOCK
────────────────────────────────────────────────────────────
requires_mint
Valid minted agent identity
requires_der
DER v1.1 schema present and valid
requires_compile_pass
Compile gate returned PASS
GOVERNED COGNITIVE ARCHITECTURE
GOVERNED COGNITIVE ARCHITECTURE
────────────────────────────────────────────────────────────
ID
Generator
Produces candidate reasoning paths
Must not finalize
EGO
Processor
Produces complete SDI_DER
Grounds LOGIC in SYSTEM_INPUT signals
SUPEREGO
Adjudicator
Enforces SOVEREIGNTY and PRIMUM
Enforces BOUNDEDNESS and STOP_ON_UNCERTAINTY
GCA zones are enforceable governance frames.
They are protocol roles, not anthropomorphic claims.
DECISION SYNTAX PATTERNS
DECISION SYNTAX PATTERNS
────────────────────────────────────────────────────────────
THRESHOLD
monthly_active_users >= 80
COMPARISON
current_score > baseline_score
BOOLEAN_CHECK
kill_switch_live_tested == true
EXISTS
dpa_signed == true
WITHIN_WINDOW
safety_test WITHIN Last_30d
OPERATORS
────────────────────────────────────────────────────────────
== >= <= > < CONTAINS MEETS WITHIN
OPEN PROTOCOL / SDI MANAGED NETWORK
Open Protocol | SDI Managed Network |
|---|---|
DER schema (SDI_DER_v1.1) | Minting authority and challenge gate |
ILJO grammar and sequence rules | Agent certificate construction and signing |
Governance constants | RAI computation engine and weights |
Signal scoring rules | Turn orchestration |
Decision syntax patterns | Ledger write authority |
Compile surface — externally callable | Chain canonicalization |
Compile error taxonomy | Enforcement runtime |
GCA reflex zone definitions | Foresight and drift detection |
S-ISA architecture specification | Identity registry |
THE LEDGER
THE LEDGER
────────────────────────────────────────────────────────────
CHAIN ARCHITECTURE
Entry hash
SHA-384 over canonical chain_packet
Chain packet
{ v, hash_alg, agent_id, seq, parent_hash,
type, der_hash, success_met }
Chain rule
First entry:
parent_hash = "GENESIS"
Subsequent entries:
parent_hash = previous entry_hash
CAS TIP-GUARD
Client submits expected_parent_hash
Server rejects mismatch with HTTP 409 tip_mismatch
STOP DER LEDGER BEHAVIOR
────────────────────────────────────────────────────────────
STOP DERs compile PASS
Enforcement plane issues REJECT
Chain is silent on refusals
No ledger entry is written
VERIFY IT NOW
The compile gate is open. The ledger is public. The chain speaks for itself.
LIVE PROOF SURFACES
────────────────────────────────────────────────────────────
COMPILE GATE
POST sdi-protocol.org/_functions/compile
LIVE DEMO
demo.sdi-protocol.org
NODE HEALTH
api.sdi-protocol.org/health
LEDGER INDEX
api.sdi-protocol.org/ledger/list/SDI-4EDBE05288CB
CHAIN VERIFY
api.sdi-protocol.org/ledger/verify/SDI-4EDBE05288CB
GITHUB
github.com/StructuredDecisionIntelligence
Public chain verification available now.
Live status and chain integrity are verifiable
at the endpoints above.
REFERENCE PAGES
────────────────────────────────────────────────────────────
Why SDI /why
GlassBox Demo /demo
NIST Submission /nist
Foundations /foundations
Reasoning Contracts /contracts
Structured Decision Intelligence LLC · sdi-protocol.org USPTO Patent Application 19/425,875 (pending) · Copyright TXu 2-498-043 NIST Docket: NIST-2025-0035 · March 2026