# IRONGATE

The authorization checkpoint for AI agents.

IRONGATE is the Article 11 Capability Control Plane crystallized as a product: a deterministic checkpoint for consequential AI actions. When routed through IRONGATE, an action such as a public claim change, key rotation, external send, trust-root refresh, or irreversible deletion must satisfy machine-verifiable authority before it proceeds.

Enforcement model: today IRONGATE is an orchestrator-invoked authorization checkpoint. Inline runtime enforcement inside external agent harnesses remains roadmap.

IRONLEDGER proves what happened. IRONGATE checks whether authority exists before an orchestrator proceeds.

## What is real today

- Human-key authorization: Ed25519 Bridge signatures over canonical JSON artifacts; single Bridge signer today.
- Evidence-bound checks: callers cannot satisfy a control by asserting a string.
- Deny-by-default evaluation: unknown action classes deny by default when routed through the checkpoint.
- Tamper-evidence: modifying a signed authorization breaks verification.
- Honest capability board: SATISFIED, FAILED, or UNVERIFIABLE; no fake quorum.
- Production proof: Article 11's public proof surface was published on 2026-05-31 through a verified PUBLIC_CLAIM_CHANGE authorization.

## Roadmap, labeled honestly

- Multi-party node quorum reader.
- Hardware-token custody for the human root key.
- Mandatory dissenter BLOCK channel.
- Inline runtime enforcement in external agent harnesses.

## Public proof

- Product page: https://article11.ai/irongate.html
- Live proof surface: https://article11.ai/api
- Proof map: https://article11.ai/openapi.json
- Ledger verifier: https://article11.ai/api/ironledger/verify
- Demo output: https://article11.ai/products/irongate/demo_output.txt

The governance layer is CC0. Operational secrets, private memory, private keys, and customer data are not public.