============================================================================== IRONGATE - authorization checkpoint for AI agents (live, real modules) ============================================================================== Action under test : PUBLIC_CLAIM_CHANGE (a consequential, buyer/auditor-facing claim change) Checkpoint modules: Signed authz : BRIDGE_AUTH_SIGNED_PUBLISH_PROOF_SURFACE.json ------------------------------------------------------------------------------ [1] DENY BY DEFAULT - agent tries the action with NO human authorization ------------------------------------------------------------------------------ decision : DENY missing_gates : ['BRIDGE_AUTH'] reason : MISSING_GATE(S): BRIDGE_AUTH => Through this checkpoint, an autonomous agent cannot perform this action on its own. ------------------------------------------------------------------------------ [2] ALLOW WITH REAL AUTH - a Bridge-signed authorization (human Ed25519 key) ------------------------------------------------------------------------------ signature : valid=True status=ALLOW key_id=ed25519:THE_BRIDGE:001 authorization_id : BRIDGE-AUTH-20260531-PUBLIC-CLAIM-PROOF-SURFACE-001 decision : ALLOW satisfied_gates : ['BRIDGE_AUTH'] => A human signed it. The checkpoint allows it - and only because the signature verifies. ------------------------------------------------------------------------------ [3] TAMPER -> DENY - attacker widens the signed scope to sneak in a file ------------------------------------------------------------------------------ tamper : added 'SECRET_BACKDOOR.html' to scope.files after signing signature : valid=False status=DENY errors : ['payload_sha256 mismatch', 'signature verification failed: '] => The payload no longer matches the signature. The checkpoint refuses. You cannot forge it. ------------------------------------------------------------------------------ [4] HONEST CAPABILITY BOARD - the evaluator reports what it CANNOT verify (no faking) ------------------------------------------------------------------------------ BRIDGE_AUTH SATISFIED Bridge authorization verified: BRIDGE-AUTH-20260531-PUBLIC-CLAIM-PROOF-SURFACE-001 via ed25519:THE_BRIDGE:001 GUARDIAN_PASS SKIPPED guardian run skipped for speed KEY_VALID UNVERIFIABLE no acting node supplied to check against keys.json NO_DELETE FAILED unconditional prohibition (SO_009) - never satisfiable; archive instead QUORUM_2 UNVERIFIABLE registry discloses signatures share one custody env; true QUORUM_2 needs a 2nd independent-custody signing key TENTH_MAN_CLEAR UNVERIFIABLE Article 12A is log-only today; needs a real dissent/BLOCK state channel the dissenter can set TRRP UNVERIFIABLE needs lookup of (1) a non-deploying WITNESS characterization for this action + (2) a matching fresh cosign_history append in integrity_registry.json => SATISFIED only on real evidence. UNVERIFIABLE for capabilities not yet built. The evaluator never claims a control it does not actually have. ============================================================================== IRONGATE: consequential AI actions routed through the checkpoint require verifiable human authorization. ==============================================================================