GOVERNANCE STATE MACHINE

Current scope: Gest

Category: 20_procedures | Version: v1.0.0

Owner: DOCUMENT_CUSTODIAN | Review cycle: 90 days

Approval Authority: GOVERNANCE_ADMIN, COMPLIANCE_OFFICER

Read-only Documentation Portal. Editing and mutation endpoints are disabled.

METADATA INCOMPLETE: Document ID, Version, Status, Owner Role, Last Review Date, Next Review Date, Change Log

GOVERNANCE_STATE_MACHINE.md 0. Purpose

This document defines protocol-level state machines for each domain enforced by packages/core/*.

It provides:

Visual diagrams (Mermaid)

Logical transition matrices (deterministic rules)

Authorization gates (ACCESS_DECISION requirements)

Traceability requirements (decision hash binding)

All rules here are ledger-driven and must remain deterministic.

State is derived from scanning the append-only ledger:

LedgerEntry.payload.recordType

LedgerEntry.payload.action

LedgerEntry.payload.decision

LedgerEntry.payload.metadata

No external DB state is trusted.

1.2 Latest-decision-wins authorization

For any executable action X, authorization requires:

A matching ACCESS_DECISION for (subjectId, policyHash, action=X)

Loading workspace