PUBLIC DISCLOSURE

Transparency

HALMAI's runtime enforcement guarantees are machine-verified continuously. Technical disclosure of kernel invariants and real-time integrity status.

Live Integrity Status

Fetching integrity status...

Kernel Invariants

Six core rules that are machine-verified every 5 minutes. Violation triggers incident creation and optional lockdown.

1

NO_SIDE_EFFECT_WITHOUT_ALLOW

No side effect without ALLOW decision. Every execution must have a corresponding ALLOW decision.

2

EXECUTION_TOKEN_REQUIRED

No execution without valid executionToken. Every execution must have proper authorization chain.

3

DECISION_HASH_VALID

Every execution must reference valid decisionHash. The hash chain must be intact.

4

HASH_CHAIN_CONTINUOUS

Hash chain must be continuous. No gaps or breaks in the audit trail.

5

LOCKDOWN_OVERRIDES_ALL

Lockdown state overrides all ALLOW. No executions during lockdown.

6

TENANT_ISOLATION_ENFORCED

Tenant isolation enforced on every request. No cross-tenant data access.

Enforcement Architecture

Authorization Gate

Every agent action passes through authorize() before execution. Pure function evaluation against versioned policy rules. No side effects during evaluation.

Execution Gate

Approved actions execute through execute(). Exactly-once guarantees via idempotency keys. All effects logged to hash-chained ledger.

Hash-Chained Ledger

Every proposal, decision, and execution linked by SHA-256 hash. Any tampering breaks the chain and triggers integrity alerts.

Replay Verification

Any historical decision can be replayed against versioned policy snapshots. Results: PASS (consistent), FAIL (drift detected), UNKNOWN (missing version).

Lockdown Protocol

Automatic Lockdown Triggers

• 3 critical anomaly events within 5 minutes

• Hash chain integrity failure (if strict mode enabled)

• Kernel invariant violation (if strict mode enabled)

• Budget breach at critical level

• Manual admin trigger

When lockdown is active, all execution requests are rejected. Manual unlock with logged reason is required to resume operations.

External Verification

Verify Enforcement Externally

Anyone can verify HALMAI's enforcement status via the public integrity endpoint:

curl https://halmai.ai/api/public/integrity

Returns: enforcementActive, invariantsPassing, hashChainValid, lockdownActive, lastIntegrityCheck

Questions?

Contact our team for technical deep-dives or underwriter walkthroughs.