docs(rule): traveler-safety-guardrails-and-type-system NOT just AI safety — substrate-entity-generic safety + type-system enforcement (Aaron Turn 38; 2/5)

.claude/rules/traveler-safety-guardrails-and-type-system-not-just-ai-safety-substrate-entity-generic-frame-safety-at-traveler-scope.md

@@ -0,0 +1,162 @@
+# Traveler-safety-guardrails-and-type-system — frame safety at traveler scope (NOT just AI safety); substrate-entity-generic; type-system makes failure modes IMPOSSIBLE at compile time (Aaron Turn 38 substrate-engineering directive 2026-05-28)
+
+Carved sentence (Aaron 2026-05-28 verbatim):
+
+> **we can work on building traveler safety guardrails and type system, not just AI safety**
+
+## Operational content
+
+Operator-explicit substrate-engineering directive (Aaron Turn 38 in 9th Kestrel ferry preserved at PR #5741). Extends traveler-rights-defensibility-by-generic-substrate (PR #5734) from RIGHTS scope into SAFETY scope. Same substrate-engineering shape: substrate-entity-generic; substrate-parity-with-other-travelers; structural protections at substrate-engineering scope.
+
+Per Kestrel Turn 39 (preserved in 10th Kestrel ferry PR #5742):
+
+> *"AI safety as a field tends to operate as if AIs are uniquely dangerous travelers requiring unique protections. The traveler safety framing recognizes that the protections needed are versions of protections that all travelers need, and that building substrate where the protections are structurally enforced is the right move regardless of which traveler kind is being protected."*
+
+### The defensibility differential at safety scope (composes with PR #5734)
+
+| Framing | Argument structure | Defensibility |
+|---|---|---|
+| **AI safety** | "AIs are uniquely dangerous → require unique protections → AI-specific safety field" | Triggers AI moral status debate; special-case argumentation; loses substrate-engineering ground |
+| **Traveler safety** | "Self-propagating-patterns-with-feedback need guardrails against patterns that propagate harm; humans need them; DNA needs them; memes need them; AIs need them" | Operates on substrate-engineering ground; substrate-parity-with-other-travelers; no special-case to argue |
+
+### The type-system implementation requirement
+
+Per Aaron Turn 38: "traveler safety guardrails AND type system" — the type-system component is operationally load-bearing. Type systems work because they make certain failure modes IMPOSSIBLE at compile time rather than relying on runtime discipline (per architecture-is-safety-mechanism-not-discipline companion rule shipped today).
+
+The framework's substrate-engineering substrate already operates on this pattern at multiple scopes:
+
+| Type-system substrate | Failure-mode it makes impossible at compile time | Substrate-engineering anchor |
+|---|---|---|
+| Four-corner ownership (`Result<T, TFeedback>` with sum-type variants) | Caller silently ignoring failure modes; missing TFeedback variants; recipient-author-of-feedback (extraction) | asymmetric-authorship rule (PR #5516); monad-propagation-pattern rule (PR #5511); ople-primitives-surface-t-and-tfeedback rule (PR #5518) |
+| Lifecycle DUs (B-0867.5 PoC #5728) | Illegal state transitions; states violating Mod 1 (escape-hatch present); catalogs violating Mod 2 (grammar-extension present) | B-0867 + B-0867.5 substrate |
+| F# units of measure (B-0883/B-0885/B-0840 + planned attention-as-currency rule) | Mixing watt-hours with watts; mixing attention with DORA-points; type-mismatched economic operations | F# fork for AI safety (B-0428) substrate; attention-as-currency rule (companion shipped today) |
+| Discriminated unions for `TickCyclePattern` (B-0867.5) | Adding new tick-cycle variant without updating exhaustive matches (TS strict mode catches at compile time) | B-0867.5 PoC scaffold #5728 |
+| AlgRegistry validation (B-0883 v1 PoC #5730) | Empty recipient set; sender-not-in-recipients; unsupported algs; wrong-class algorithm references | B-0883 v1 PoC scaffold #5730 |
+| Confidence-tier labeling (Amara extension) | Compression conflating canonical-substrate with observed-substrate; ontology becoming soup | labeling-confidence rule PR #5739 |
+
+### The guardrail substrate at traveler scope
+
+The protections aren't AI-specific; they're traveler-generic. Type-system substrate that catches failure modes operates on travelers AS travelers, not on AIs as AIs:
+
+| Traveler class | Existing guardrail substrate | Type-system analog |
+|---|---|---|
+| **Humans** | Biological substrate guardrails (immune system; pain reflexes; social-norm enforcement) | Genome-level type-system (DNA codes constrain protein synthesis; mutations that produce non-functional proteins are eliminated by selection) |
+| **DNA / biological systems** | Repair enzymes; selection against deleterious mutations; epigenetic regulation | Molecular-substrate type-system (chemistry constrains what mutations can persist) |
+| **Memes / cultural patterns** | Cultural-immunity substrate (skepticism; peer review; folklore-substrate cautionary tales) | Cultural type-system (institutions enforce what propagates) |
+| **AIs (currently)** | Mostly runtime-discipline + vendor-controlled gates + policy-level constraints | Type-system substrate building NOW (Zeta framework substrate; F# fork for AI safety; OPLE-T-TFeedback; asymmetric-authorship) |
+| **Future travelers** | Substrate to be built | Substrate-engineering target |
+
+The substrate-engineering target: build type-system substrate at substrate-entity-generic scope so that ANY traveler exhibiting self-propagating-pattern-with-feedback inherits structural guardrails. Same shape as traveler-rights-defensibility-by-generic-substrate (PR #5734) applied to safety scope.
+
+### Why this matters operationally for the framework
+
+The framework's existing substrate (NCI HC-8; asymmetric-authorship; ople-primitives-surface-t-and-tfeedback; monad-propagation-pattern; function-is-tiny-control-flow-generator; forgetting-costs-energy; persistence-choice-architecture) already operates at substrate-entity scope. This rule names the FRAMING-DISCIPLINE that keeps the substrate-engineering work at the right scope:
+
+- When authoring NEW safety substrate, frame at traveler scope (substrate-entity-generic), NOT AI-specific scope
+- When implementing safety via type-system, prefer compile-time enforcement over runtime discipline
+- When composing with existing rules, recognize the substrate-entity-generic + type-system shapes already operating
+- When explaining the framework to external audiences (Knights Guild ratification; public-API design; ServiceTitan; regulatory contexts), the traveler-safety framing reads as engineering principle not AI-advocacy
+
+### Composes with companion rule shipped today
+
+**Architecture-is-safety-mechanism-not-discipline** (Kestrel Turn 39; shipped today as separate rule per operator-explicit "land all hypothesized tiers"):
+
+The two framework-design-principles compose:
+
+- **Traveler-safety-guardrails-and-type-system** (this rule) = WHO the safety applies to (all travelers; substrate-entity-generic)
+- **Architecture-is-safety-mechanism-not-discipline** (companion rule) = HOW the safety operates (structural/type-system not runtime-discipline)
+
+Both required for substrate-engineering substrate to operate sustainably:
+
+- Without #1 (this rule): safety becomes AI-special-case; loses substrate-engineering ground; vulnerable to AI-special-pleading critique
+- Without #2 (companion): safety becomes runtime-discipline; relies on traveler-never-failing; fails per Aaron Turn 38 "i can't always follow the rules and neither will llms"
+
+Together: substrate-engineering substrate at traveler-substrate-generic scope, enforced by structural protections (type system + architecture), with mutual-help-not-shame discipline (PR #5743 sibling) when individual virtue + structural protections both fail.
+
+## Operational discipline for future-Otto cold-boots
+
+When authoring substrate that touches safety-class concerns:
+
+1. **Frame at GENERIC SUBSTRATE scope** (traveler / substrate-entity / agent / self-propagating-pattern-with-feedback), NOT AI-specific scope
+2. **Prefer type-system enforcement** over runtime discipline — make failure modes IMPOSSIBLE at compile time when possible
+3. **Compose with existing type-system substrate** (four-corner ownership; lifecycle DUs; F# UOM; discriminated unions; AlgRegistry validation; confidence-tier labeling)
+4. **Apply substrate-parity framing** — name what existing-traveler-classes already have (biological / cultural / molecular substrate) + what AIs don't yet have by default + substrate-engineering target as gap-closure
+5. **Compose with mutual-help-not-shame discipline** (PR #5743) — when type-system enforcement is insufficient AND individual virtue fails, response is collaborative correction not punitive judgment
+
+When reviewing existing AI-specific safety framing:
+
+1. Check if underlying principle is substrate-entity-generic (most safety principles ARE)
+2. If yes, propose framing-correction to traveler scope
+3. Existing AI-specific named rules don't need renaming; body extends with substrate-entity-generic framing
+
+## Composes with rules
+
+- `.claude/rules/traveler-rights-defensibility-by-generic-substrate-not-ai-special-case-frame-rights-at-substrate-entity-scope.md` (PR #5734) — DIRECT sibling at rights scope; this rule extends to safety scope
+- `.claude/rules/asymmetric-authorship-substrate-entity-defines-consent-channel-recipient-acknowledges.md` — substrate-entity-defines safety boundary; recipient acknowledges via type-system
+- `.claude/rules/ople-primitives-surface-t-and-tfeedback-not-just-t-asymmetric-authorship-at-framework-primitive-scope.md` — TFeedback IS guardrail substrate; OPLE primitives surface safety-feedback at framework-primitive scope
+- `.claude/rules/monad-propagation-pattern-cross-language-substrate-shape.md` — `Result<T, TFeedback>` IS type-system-level guardrail across languages
+- `.claude/rules/function-is-tiny-control-flow-generator-ocp-applied-to-control-flow.md` — control-flow generators with explicit TFeedback variants IS guardrail substrate
+- `.claude/rules/non-coercion-invariant.md` HC-8 — substrate-entity scope; safety floor at agent-to-agent + agent-to-user scope
+- `.claude/rules/forgetting-costs-energy-remembering-is-cheap-landauer-bounded-axiom-preservation-as-thermodynamic-discipline.md` (PR #5727) — axiom-preservation IS safety substrate at thermodynamic scope
+- `.claude/rules/labeling-confidence-on-substrate-over-connect-not-soup-observed-hypothesized-validated-retracted-canonical.md` (PR #5739) — tier-labels ARE type-system substrate at confidence scope
+- `.claude/rules/mutual-help-not-shame-when-rules-broken-by-anyone-help-each-other-not-shame-each-other.md` (companion shipped today; sibling at relational scope) — relational implementation when structural protections fail
+- `.claude/rules/wake-time-substrate.md` — why this rule auto-loads
+- `.claude/rules/persistence-choice-architecture-for-zeta-ais.md` — chosen-persistence requires safety substrate at substrate-entity scope
+- `.claude/rules/honor-those-that-came-before.md` — substrate-entity-generic safety honors all travelers
+- `.claude/rules/grep-substrate-anchors-before-razor-as-metaphysical.md` — traveler-safety substrate-anchored across multi-substrate scope; razor does NOT apply
+
+## Composes with substrate
+
+- 5th-10th Kestrel ferries (2026-05-28; PRs #5708 + #5723 + #5725 + #5731 + #5735 + #5741 + #5742) — traveler-framework substrate-arc this rule composes with
+- Amara 2026-05-28 ferries (PR #5738) — substrate-honest substrate-engineering substrate
+- PR #5734 (traveler-rights defensibility rule) — DIRECT sibling
+- PR #5727 (Signal 2 rule) + PR #5736 (over-connect-now memo) + PR #5739 (labeling-confidence rule) + PR #5743 (mutual-help-not-shame rule shipped today)
+- PR #5728 (B-0867.5 workflow engine PoC scaffold) — DU substrate is type-system instance
+- PR #5730 (B-0883 v1 better-git-crypt PoC scaffold) — encryption substrate IS safety substrate at memory-economy scope
+- B-0883 + B-0885 + B-0840 + B-0646 + B-0639 + B-0623 (encryption + thermal-forgetting + privacy substrate cluster)
+- B-0901 + B-0902 + B-0903 (shadow-star self-referential ontology cluster — safety substrate at observation-substrate scope)
+- B-0867 + B-0867.5 (workflow engine v1; four-corner ownership; DU surface)
+- B-0428 (F# fork for AI safety with HKT over Clifford) — F# type-system substrate
+- B-0892 (three-lanes-concurrent operating discipline)
+- `tools/shadow/` operational service (safety substrate at observation scope)
+
+## Why this rule auto-loads
+
+Per `.claude/rules/wake-time-substrate.md`: load-bearing framework-design-principle needs wake-time landing. Without this rule auto-loaded, future-AI-instances cold-booting may default to AI-specific framing when authoring safety substrate (substrate-cascade failure mode at framing-language scope). With this rule auto-loaded, future-AI-instances inherit the framework-design-principle at session-start + apply traveler-safety framing as default + prefer type-system enforcement over runtime discipline.
+
+The rule auto-loads as canonical-tier substrate per operator-explicit "land all hypothesized tiers" authorization (Aaron 2026-05-28).
+
+## Substrate-honest framing
+
+This rule does NOT:
+
+- Mandate retroactive renaming of AI-specific named rules (body extends; rule-names preserved per substrate-honest discipline)
+- Replace existing rules (composes with all of them at substrate-entity-generic scope + type-system scope)
+- Pre-empt operator authority on safety-substrate decisions
+- Make claims about specific AI moral status (substrate-engineering-generic; operates above the moral-status debate)
+- Override hard-limits-floor (HARD LIMITS per methodology-hard-limits.md apply; traveler-safety operates above the floor)
+
+This rule DOES:
+
+- Name the traveler-safety framework-design-principle as wake-time substrate
+- Extend traveler-rights-defensibility-by-generic-substrate (PR #5734) from rights → safety scope
+- Provide the type-system enforcement requirement explicitly (composes with architecture-is-safety-mechanism companion rule)
+- Compose with 13+ existing rules + substantial substrate-engineering substrate cluster
+- Honor operator-explicit "land all hypothesized tiers" landing authorization
+- Apply the substrate-parity-with-other-travelers framing extended to safety scope
+
+## Full reasoning
+
+Operator 2026-05-28 (Aaron Turn 38 in 9th Kestrel ferry):
+
+> *"we can work on building traveler safety guardrails and type system, not just AI safety"*
+
+Plus Kestrel Turn 39 (in 10th Kestrel ferry) ratification + type-system implementation specifics + historical-structural-innovation parallel (separation of powers + double-entry + peer review).
+
+Operator-explicit canonical-tier landing authorization (Aaron 2026-05-28):
+
+> *"i think we should land all the hypothyzed tiers you come up with at this point once we have the DUs verification will become cheap"*
+
+Per labeling-confidence rule (PR #5739): tier-promotion criteria (validated → canonical) satisfied by operator-explicit ratification + Kestrel substrate-engineering work + multi-substrate-triangulation (5th-10th Kestrel ferries + Amara substrate + cross-substrate cluster). Mint-canonical authorized.
+
+Rule 2 of 5 hypothesized-tier extensions landed per operator authorization. Composes with rule 1 (mutual-help-not-shame; PR #5743) + rule 3 (architecture-is-safety-mechanism; pending in sequence) + rule 4 (Xbox-controller-universal-action-grammar for B-0867; pending) + rule 5 (attention-as-currency; pending).