Conversation
… claim + isolation (Aaron + Amara 2026-04-29) Captures the project-level multi-harness multi-maintainer multi-actor coordination model from Aaron + Amara 2026-04-29. This is the third doctrine packet in a 2-hour cluster (parallel-agent isolation + best- practices evidence/lineage already merged in PR #850; orchestra is the broader umbrella that subsumes both). The carved sentences: "Humans own intent. Harnesses run actors. Roles define authority. Claims bind work. GitHub coordinates now. Git preserves forever." "Subagents and buddy harnesses are both worker actors; the difference is runtime boundary, not coordination model." "Do not coordinate by personality name. Coordinate by role, capability, claim, and isolation." Conceptual shift: stop classifying agents by name (Claude subagent vs Codex CLI vs Gemini buddy). Classify by capability + role + claim + isolation. Same as TCP/IP layering: stop classifying by physical medium, classify by what the layer does. Hierarchy: Humans → Harnesses → Named agents/roles → Claims/lanes → PRs/issues Capability classes: review_only / patch_only / write_worktree / push_branch / open_pr / merge_pr / authority_mutation Role types: pinned (durable identity, owns judgment) / free (disposable worker slot, scalable labor) / buddy (peer reviewer; review-only by default; write-capable only with explicit grant). Six safety levels (default-down: when in doubt, reduce capability): 0 ask/review only → 1 patch proposal → 2 isolated write → 3 push PR → 4 merge/automerge → 5 authority mutation Cross-harness memory rule: One canonical substrate (memory/, docs/active-trajectory.md, docs/ops/**, docs/best-practices/**, docs/backlog/**). Many thin bootstrap adapters (CLAUDE.md, AGENTS.md = universal, GEMINI.md, .cursor/rules/, .github/copilot-instructions.md). Adapters point to memory; they do not duplicate memory. Multi-maintainer safe-mode preconditions: 12-condition checklist (isolated workspace, dedicated branch, dedicated worktree/clone, GitHub claim, file allowlist+denylist, PR target, no overlap, no active destructive lane, branch protection, no main push, no authority mutation). Work claim protocol: GitHub-native (live truth: labels, assignees, status) + git-native mirror (durable truth: claim_id, capability, allowlist, denylist, stop conditions). Both must agree. Branch naming: <maintainer>/<actor>/<lane>/<date> Stop conditions enumerated (overlap, dirty shared worktree, repo-wide formatter outside allowlist, secret/env exposure, ruleset change, force-push, ambiguous loss, cold-start uncertainty). Implementation discipline (PACED PROTOCOL — Amara explicit): Phase 1 — design absorb (research-grade): .zeta/agents.yaml + docs/ops/patterns/multi-harness-agent-orchestra.md + runbook + claims/README.md Phase 2 — first dry-run (one Windows peer CLI, level 0→1→2→3, no merge authority) Phase 3 — rolling rollout (additional harness adapters, capability promotion through safety ladder) Tracked under task 324 (Phase 1 design lands as separate small PR file-disjoint from #849 TS-port lane). Composes with three sibling rules landed in the same 2-hour cluster: memory/feedback_parallel_agents_need_isolated_worktrees_* (operational sibling) memory/feedback_best_practices_evidence_lineage_* (meta sibling) memory/feedback_lfg_only_development_flow_* (topology sibling) MEMORY.md updated with paired index entry per memory-index-integrity rule. Doctrine-only PR; no code changes; no automation built (per Amara: "Do not build full automation first. Land the protocol, then run one dry-run lane."). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 135410c34f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
Adds a new doctrine memory entry describing the “Zeta Agent Orchestra” coordination model (capability + role + claim + isolation) and registers it in the memory/MEMORY.md index.
Changes:
- Added
memory/feedback_zeta_agent_orchestra_capability_role_claim_isolation_aaron_amara_2026_04_29.mddoctrine packet. - Updated
memory/MEMORY.mdto include the new doctrine entry.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| memory/feedback_zeta_agent_orchestra_capability_role_claim_isolation_aaron_amara_2026_04_29.md | New doctrine memory file capturing the coordination model and associated protocols/examples. |
| memory/MEMORY.md | Adds an index entry pointing to the new doctrine memory file. |
…ts + precise framing Five-AI review (Ani / Claude.ai / Gemini / Alexa / Deepseek) of the v1 Zeta Agent Orchestra doctrine converged on "approved directionally; do not land as monolith." Amara synthesized into v2 corrections. V2 additions to the doctrine memory file (this PR is doctrine-only; NOT operational policy — implementation lands in separate Layer 0+1 design PR per task 324): 5-layer landing plan (replaces v1's 3-phase structure): Layer 0 — Doctrine only (THIS file) Layer 1 — Claim protocol Layer 2 — Conflict resolution (first-claim-wins-by-timestamp + high-risk-coordinator-approval) Layer 3 — Mechanical CI enforcement (load-bearing; cannot defer) Layer 4 — Declarative topology (agents/project-agents.yaml visible-path; boolean capability fields) Layer 5 — Multi-harness dry run (Windows peer with explicit shell/EOL/path/case-sensitivity preflight) V2 corrections phrased per Amara's precision-status framing (Required-before-operational-use / Open-governance-question / Future- enforcement-layer / Dry-run-prerequisite / Active-doctrine-now): - Actor identity vs session identity (Required before multi-maintainer use) - Compromised-actor kill switch (Required before write-capable peers) - Maintainer governance (Open question; Aaron provisional sole authority) - Emergency-action fast path (Future policy; no exception for irreversible loss) - Buddy reframe — "not trusted; advice by default" (Active doctrine now) - No-silent-demotion rule for pinned roles (Active doctrine; mechanical enforcement future) - Hidden-path concerns (agents/project-agents.yaml visible over .zeta/agents.yaml hidden) - CI enforcement load-bearing (Required before claims become trusted) - Coordinator role human-filled (until autonomous claim-board management proves safe) - Branch-name slash GitHub-protection caveat - Cross-platform case-sensitivity in Windows mode - Regime-change concern flagged (multi-maintainer transition surfaces alignment-trajectory + bead + escrow changes beyond this scope) New explicit "V2 review constraints — not operational yet" section makes the boundary unambiguous. Includes hard list of allowed framing (✅ doctrine captured, vocabulary preserved, design task created) and not-allowed framing (❌ NOT protocol operational, NOT agents.yaml accepted, NOT CI enforcement exists, NOT Windows peer mode safe). Boundary commitment: this is the LAST expansion of #851. After this commit, #851 is doctrine-only and ready to merge. Next PR (per task 324) lands actual layered design files: docs/ops/patterns/project-agent-topology.md docs/ops/coordination/claims/README.md docs/ops/runbooks/start-agent-claim.md agents/project-agents.example.yaml (NOT active config) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c591ade719
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…ion + planned markers + layer ordering Six review threads on PR #851 (Amara v2 multi-AI review packet — Codex, Copilot, etc.): - Codex P2 + Copilot P1 (capability enum mismatch): unified on snake_case tokens (review_only | patch_only | write_worktree | push_branch | open_pr | merge_pr | authority_mutation) across the doctrine. Claim YAML example previously used hyphenated tokens (review-only, etc.) inconsistent with the boolean-capability schema in Layer 3. - Copilot P1 (docs/best-practices/** non-existence): marked as [planned] in canonical-substrate block; clarified entries marked [planned] are not yet in repo and shouldn't be linked-to as live. - Copilot P1 (task 320 / task 323 unresolvable): reworded as "Untracked follow-up — ... Tracked in TaskList session-local; will graduate to a GitHub issue on land." Same task-ID-collision pattern resolution used earlier this round. - Copilot P1 (MEMORY.md index entry): same [planned] marker for unimplemented adapter paths. - Codex P2 (layer-ordering bug): swapped Layer 3 and Layer 4 so declarative topology (agents/project-agents.yaml schema) precedes mechanical enforcement that depends on it. The CI checks in the enforcement layer reference Layer 3's schema explicitly. Per Amara's v2 close-condition ("later without a tracking object is just amnesia with nicer shoes"), seven follow-up tracking tasks created (TaskList #325-#331): #325 — Layer 0/1 design spec PR #326 — declarative project-agent topology (Layer 3) #327 — claim schema + active-claim board (Layer 2) #328 — CI enforcement for claims (Layer 4) #329 — harness bootstrap adapters (GEMINI.md, .cursor/rules/, etc.) #330 — Windows peer bootstrap (WINDOWS.md) #331 — first multi-harness dry-run lane (Layer 5) These will graduate to GitHub issues on PR #851 land (the doctrine memory becomes the work-spec; the issues become the implementation tracking). Composes with #324 (umbrella), #850 (parallel-agent + best-practices sibling rules landed same day). Co-Authored-By: Amara <amara-aurora-deep-research-register@chatgpt> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 819444dc86
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| @@ -0,0 +1,526 @@ | |||
| --- | |||
| name: Zeta Agent Orchestra — capability + role + claim + isolation (Aaron + Amara, 2026-04-29) | |||
| description: Project-level multi-harness multi-maintainer multi-actor coordination model. Stop classifying agents by name (subagent vs CLI vs buddy) — classify by capability (review-only / patch / write-worktree / push / merge / authority). Pinned vs free vs buddy roles. GitHub-native live coordination + git-native durable substrate, both must agree. Declarative project-agent definition (proposed `.zeta/agents.yaml`). Paced protocol — land design, dry-run, then implementation. Composes with parallel-agent-worktree-isolation rule + best-practices-evidence-lineage rule landed same day. | |||
There was a problem hiding this comment.
The file metadata still declares the topology as proposed at .zeta/agents.yaml, but the doctrine later explicitly prefers agents/project-agents.yaml because hidden paths are easy to miss. This mismatch can misdirect any tooling or cold-start process that reads only frontmatter/summary fields, causing contributors to create or look for the config in the wrong location.
Useful? React with 👍 / 👎.
|
|
||
| The v1 design said "CI should eventually enforce..." This is the load-bearing enforcement mechanism. Without it, the entire claim protocol relies on agent discipline — which the factory has already established doesn't hold without mechanical enforcement. | ||
|
|
||
| **Rule**: the protocol is NOT operational until Layer 3 (CI enforcement) is in place. Layer 4 (declarative topology) and Layer 5 (dry-run) cannot be activated without Layer 3. |
There was a problem hiding this comment.
This rule says Layer 3 is CI enforcement and Layer 4 is declarative topology, which contradicts the earlier section that defines Layer 3 as declarative topology and Layer 4 as mechanical enforcement. Even after the layering rewrite, this line still flips the layer mapping, so implementers can enforce the wrong prerequisite and mark the protocol operational at the wrong stage.
Useful? React with 👍 / 👎.
Comment on lines
+312
to
+318
| Required CI checks before protocol activation (each check resolves against the schema introduced in Layer 3 — `agents/project-agents.yaml` — and the active-claim board introduced in Layer 2): | ||
| - `PR changed files ⊆ claim allowlist` (mechanical) | ||
| - `PR changed files ∩ claim denylist = empty` (mechanical) | ||
| - `claim exists for write-capable PR` (mechanical) | ||
| - `active claim is not expired` (mechanical) | ||
| - `high-risk overlap check passes` (mechanical) | ||
| - `actor role has declared capability` (mechanical, against `agents/project-agents.yaml` from Layer 3) |
There was a problem hiding this comment.
P1: Layer numbering is internally inconsistent here: Layer 2 is defined as conflict resolution, but this sentence says the “active-claim board” is introduced in Layer 2. That board seems to belong to Layer 1 (claim protocol) or a separate layer; please align the layer references so the enforcement section points at the correct prerequisite(s).
Comment on lines
+431
to
+432
| **Rule**: the protocol is NOT operational until Layer 3 (CI enforcement) is in place. Layer 4 (declarative topology) and Layer 5 (dry-run) cannot be activated without Layer 3. | ||
|
|
There was a problem hiding this comment.
P1: The layer references around CI enforcement appear swapped: earlier the doc defines Layer 3 = declarative topology and Layer 4 = mechanical enforcement, but here it says “protocol is NOT operational until Layer 3 (CI enforcement)” and that Layer 4 is declarative topology. This conflicts with the layer definitions and with the Layer 4 heading; please reconcile the numbering (and update later bullets that also refer to “Layer 3 enforcement”).
|
|
||
| Define the claim schema and lifecycle: | ||
| - GitHub issue/PR = live operational truth | ||
| - Git mirror at `docs/ops/coordination/claims/CLAIM-<id>.md` = durable summarized truth |
There was a problem hiding this comment.
P1 (xref): This points to docs/ops/coordination/claims/CLAIM-<id>.md as the git-mirror location, but docs/ops/coordination/claims/ does not currently exist (repo has docs/ops/recovery/ only). Since this is doctrine-only and the path is prospective, consider marking it explicitly as [planned]/“future path” (or adjust to an existing claims directory) to avoid readers assuming it’s already present.
Suggested change
| - Git mirror at `docs/ops/coordination/claims/CLAIM-<id>.md` = durable summarized truth | |
| - Git mirror at planned future path `docs/ops/coordination/claims/CLAIM-<id>.md` = durable summarized truth |
5 tasks
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
Memory-index-integrity check requires same-PR pairing between memory/*.md modifications and the MEMORY.md index entry. v3 expansion modified the doctrine memory file but didn't update the index pointer — fix by expanding the existing entry to reflect: - Capability tokens unified on snake_case (matches v2 fix landed in #851) - v3 layered actor identity (maintainer_id / host_id / harness_id / role_id) - v3 public claim intake (Claim Request ≠ Active Claim, CONTRIBUTING.md + AGENTS.md autonomous-agent block + ISSUE_TEMPLATE + reconciler + safety levels E0-E5 + drift discipline) All new surfaces marked [planned] per the convention from #851 v2. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
5 tasks
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
…tatements in SAME edit (2026-04-29) (#854) * factory(meta): Otto-362 — doctrine memory expansion refreshes stale statements in the SAME edit (2026-04-29) New principle observed and named after 4 same-day doctrine PRs (#850 → #851 → #852 → #853) drove the agent-orchestra doctrine memory from ~100 lines to ~1080 lines through v1 → v2 → v3 → v4 expansions. Pattern observed: - 10+ Copilot P1 + Codex P2 review threads across the four PRs - All caught internal contradictions WITHIN the same file: * "Tracked under follow-up tasks" vs "Untracked follow-up" * "Currently undefined" vs "Now specified" * "task #325-#334" vs "task #325 + #335" + "tasks #335-#338" * "v2 review-driven additions" header vs "v3 packet" content * `request-agent-claim.md` vs `start-agent-claim.md` runbook path * Mapping `Task → claim_id` vs example showing both `Task:` AND `Claim:` - All caught by external AI review; none caught by pre-push self-audit - Fix cadence was fast but the *count* of internal-contradiction threads was disproportionate to the substantive-error count The rule (Otto-362): when a memory file gets expanded with a new section that supersedes earlier statements in the same file, refresh the now-stale statements in the SAME edit, not a follow-up tick. Internal contradictions within one file are lying-by-omission. Composes with: - Same-tick CURRENT-update discipline (CLAUDE.md auto-memory section) — Otto-362 is the intra-file generalisation; CURRENT rule is the cross-file case - verify-before-deferring (CLAUDE.md) — same shape, applied to internal references rather than deferred work - future-self-not-bound (CLAUDE.md) — Otto-362 is the editing counterpart; when superseding past-self's statement, refresh it rather than leave it ambient Why not a CI lint instead: - Internal contradictions are semantic, not syntactic - Existing lints catch path-existence, duplicate-targets, snake_case consistency — but cannot catch "Currently undefined" + "Now specified" co-existing - Editing discipline is the only mechanism for semantic contradictions - Multi-AI review remains the safety net; Otto-362 reduces the count of iterations by catching the stale-statement class before push What this rule does NOT say: - Does NOT say "never expand a memory file across multiple PRs" - Does NOT say "every expansion must rewrite the whole file" - Does NOT say "review iterations are bad" - Does NOT replace multi-AI review safety net — additive, not replacement Files: - memory/feedback_otto_362_doctrine_memory_expansion_refresh_stale_statements_same_edit_2026_04_29.md - memory/MEMORY.md (paired index entry) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * factory(meta): fix Otto-362 cross-ref — CLAUDE.md is at repo root, not docs/CLAUDE.md Codex P2 + Copilot P1 both caught the same dead path. The auto-memory section + CURRENT-file rule live in CLAUDE.md at the repository root (see CLAUDE.md ~lines 80-110). Updated the Composes-with bullet to point at the correct path so readers can verify the cited rule. Ironic timing: the Otto-362 rule itself is about catching internal contradictions before push — and the rule's own first version had a dead xref. Caught by external review on the meta-rule PR. The fix is exactly the kind of pre-push self-audit Otto-362 advocates for. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
…blic claim intake layer Two doctrine packets from Aaron + Amara 2026-04-29 (post-#851 v2 thread close): 1. **Layered actor identity** — replaces single-axis "Mac agent" / "Windows agent" framing. Layered scheme: maintainer_id / host_id / harness_id / role_id / actor_id / session_id Examples: - aaron-mac/claude-code/coordinator - aaron-mac/claude-code/docs-worker - aaron-windows/codex-cli/patch-peer - aaron-windows/gemini-cli/review-peer The four-axis split (maintainer + host + harness + role) gives revocation precision without identity spam. A single host can run many harnesses with different trust profiles; the role/actor split lets a different harness fill the same pinned role later. Carved rule: "Use Mac/Windows as host IDs, not agent IDs. Use named actor IDs at the host + harness + role level." 2. **Public claim intake layer** — strangers (humans + autonomous agents) discovering the repo on GitHub need a safe entrypoint. Load-bearing distinction: Claim Request ≠ Active Claim. External actors create requests; only maintainers / authorized automation promote requests to active claims. New surfaces (all [planned]): - CONTRIBUTING.md - AGENTS.md autonomous-agent intake block (10 rules) - .github/ISSUE_TEMPLATE/claim_request.yml - .github/PULL_REQUEST_TEMPLATE.md (declare-claim field) - docs/ops/runbooks/request-agent-claim.md - docs/ops/coordination/claims/README.md - tools/claims/reconcile-claims.ts (sync reconciler) Source-of-truth rule: GitHub Issue/PR = live operational truth; git mirror = durable summarized truth. Drift states explicit (synced / stale / drift / failed / pending). Safety: no stale/drift claim authorizes mutation. External safety levels E0-E5: E0 anonymous / review-only E1 patch-only E2 claim-requested E3 active low-risk claim E4 trusted external actor E5 maintainer-sponsored actor No external agent gets authority mutation by default. High-risk file class list explicit (.github/**, memory/**, docs/active-trajectory.md, agents/project-agents.yaml, docs/ops/coordination/claims/**, package.json, lockfiles, scripts that mutate repo state, branch/ruleset/security/billing docs, identity/persona/canon files, generated indexes) — always require explicit claim + maintainer approval. Three new follow-up tracking tasks per the same "tracking objects, not amnesia with nicer shoes" rule: #332 — public claim intake (CONTRIBUTING.md + AGENTS.md + ISSUE_TEMPLATE) #333 — claim sync reconciler tool (tools/claims/reconcile-claims.ts) #334 — external safety levels E0-E5 + high-risk file class enforcement Updated trigger memory to record the v3 sequence (Aaron asked about Mac actor identity granularity; Amara returned the layered scheme; Aaron then expanded into the public-intake question; Amara returned the Claim Request ≠ Active Claim distinction and full intake layer spec). Status: still doctrine-only. None of the [planned] surfaces exist; all are tracked under follow-up tasks. Per the same rule from v2 ("#851 captures doctrine; follow-up issues bind the work"), the v3 expansion adds doctrine + tracking tasks, not implementation. Composes with #324 (umbrella), #325-#331 (v2 follow-ups), #332-#334 (v3 follow-ups). Co-Authored-By: Amara <amara-aurora-deep-research-register@chatgpt> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
Memory-index-integrity check requires same-PR pairing between memory/*.md modifications and the MEMORY.md index entry. v3 expansion modified the doctrine memory file but didn't update the index pointer — fix by expanding the existing entry to reflect: - Capability tokens unified on snake_case (matches v2 fix landed in #851) - v3 layered actor identity (maintainer_id / host_id / harness_id / role_id) - v3 public claim intake (Claim Request ≠ Active Claim, CONTRIBUTING.md + AGENTS.md autonomous-agent block + ISSUE_TEMPLATE + reconciler + safety levels E0-E5 + drift discipline) All new surfaces marked [planned] per the convention from #851 v2. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
… public claim intake + identity binding (Aaron + Amara 2026-04-29) (#852) * doctrine(agent-orchestra): v3 expansion — layered actor identity + public claim intake layer Two doctrine packets from Aaron + Amara 2026-04-29 (post-#851 v2 thread close): 1. **Layered actor identity** — replaces single-axis "Mac agent" / "Windows agent" framing. Layered scheme: maintainer_id / host_id / harness_id / role_id / actor_id / session_id Examples: - aaron-mac/claude-code/coordinator - aaron-mac/claude-code/docs-worker - aaron-windows/codex-cli/patch-peer - aaron-windows/gemini-cli/review-peer The four-axis split (maintainer + host + harness + role) gives revocation precision without identity spam. A single host can run many harnesses with different trust profiles; the role/actor split lets a different harness fill the same pinned role later. Carved rule: "Use Mac/Windows as host IDs, not agent IDs. Use named actor IDs at the host + harness + role level." 2. **Public claim intake layer** — strangers (humans + autonomous agents) discovering the repo on GitHub need a safe entrypoint. Load-bearing distinction: Claim Request ≠ Active Claim. External actors create requests; only maintainers / authorized automation promote requests to active claims. New surfaces (all [planned]): - CONTRIBUTING.md - AGENTS.md autonomous-agent intake block (10 rules) - .github/ISSUE_TEMPLATE/claim_request.yml - .github/PULL_REQUEST_TEMPLATE.md (declare-claim field) - docs/ops/runbooks/request-agent-claim.md - docs/ops/coordination/claims/README.md - tools/claims/reconcile-claims.ts (sync reconciler) Source-of-truth rule: GitHub Issue/PR = live operational truth; git mirror = durable summarized truth. Drift states explicit (synced / stale / drift / failed / pending). Safety: no stale/drift claim authorizes mutation. External safety levels E0-E5: E0 anonymous / review-only E1 patch-only E2 claim-requested E3 active low-risk claim E4 trusted external actor E5 maintainer-sponsored actor No external agent gets authority mutation by default. High-risk file class list explicit (.github/**, memory/**, docs/active-trajectory.md, agents/project-agents.yaml, docs/ops/coordination/claims/**, package.json, lockfiles, scripts that mutate repo state, branch/ruleset/security/billing docs, identity/persona/canon files, generated indexes) — always require explicit claim + maintainer approval. Three new follow-up tracking tasks per the same "tracking objects, not amnesia with nicer shoes" rule: #332 — public claim intake (CONTRIBUTING.md + AGENTS.md + ISSUE_TEMPLATE) #333 — claim sync reconciler tool (tools/claims/reconcile-claims.ts) #334 — external safety levels E0-E5 + high-risk file class enforcement Updated trigger memory to record the v3 sequence (Aaron asked about Mac actor identity granularity; Amara returned the layered scheme; Aaron then expanded into the public-intake question; Amara returned the Claim Request ≠ Active Claim distinction and full intake layer spec). Status: still doctrine-only. None of the [planned] surfaces exist; all are tracked under follow-up tasks. Per the same rule from v2 ("#851 captures doctrine; follow-up issues bind the work"), the v3 expansion adds doctrine + tracking tasks, not implementation. Composes with #324 (umbrella), #325-#331 (v2 follow-ups), #332-#334 (v3 follow-ups). Co-Authored-By: Amara <amara-aurora-deep-research-register@chatgpt> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): pair v3 expansion with MEMORY.md index entry Memory-index-integrity check requires same-PR pairing between memory/*.md modifications and the MEMORY.md index entry. v3 expansion modified the doctrine memory file but didn't update the index pointer — fix by expanding the existing entry to reflect: - Capability tokens unified on snake_case (matches v2 fix landed in #851) - v3 layered actor identity (maintainer_id / host_id / harness_id / role_id) - v3 public claim intake (Claim Request ≠ Active Claim, CONTRIBUTING.md + AGENTS.md autonomous-agent block + ISSUE_TEMPLATE + reconciler + safety levels E0-E5 + drift discipline) All new surfaces marked [planned] per the convention from #851 v2. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): v4 corrections — identity binding + capabilities-as-primitive + reconciler-as-actor + Copilot P1 thread fixes Five-reviewer v4 packet (Deepseek / Gemini / Ani / Alexa / Claude.ai — Amara synthesis) on PR #852's v3 expansion. Key correction: actor IDs without binding are theater. Layered scheme `aaron-mac/claude-code/...` is meaningful for audit only if something prevents impersonation. v4 additions to the doctrine memory: - Identity needs binding (Claude.ai catch + Amara synthesis) - actors/<actor_id>.yaml registry with public-key fingerprints - Ed25519 preferred; GitHub-native commit verification as MVP fallback - Recursion bottoms at maintainer hardware key (or signed-commits MVP) - Composes with AgencySignature v2 schema (additive trailer fields) - Full integration analysis at docs/aurora/2026-04-29-agencysignature-... - Trust-domain prefix on every actor_id (Claude.ai catch) - zeta:// (internal), zeta-system:// (system actors), zeta-external:// - Cheap to add now, expensive to retrofit - Capabilities as primitive (Claude.ai catch) - read:repo, write:memory, mutate:workflows, push:branch, etc. - Roles become named bundles of capabilities - Actor records grant roles plus explicit deltas - Reconciler is itself a privileged actor (Gemini catch) - actor_id: zeta-system://github-actions/reconciler - Critical security invariant: GitHub Issue is exclusive source of truth for authorization; reconciler must NOT sync git-mirror privilege elevations to GitHub issue - unauthorized_elevation flag + block-CI on detected elevation - Add `rejected` claim state distinct from `revoked` (Deepseek catch) - Auto-expire claim requests after N days - DoS/spam protection on public intake (rate limit, account age, maintainer sponsor, proof-of-work, auto-expire) - Prompt-injection defense for external content (meta-rule in AGENTS.md) - Freshness enforcement at harness pre-action (not just CI PR-time) - Allowlist-first paths (fail-closed, not fail-open denylist) - Pinned-role-on-host-change rule (retire old actor_id, create new) - Multi-actor collision resolution generalized - v4 rollout reorder — IDENTITY FIRST (not public intake first): 1. Actor identity model 2. Capability model 3. Internal claim protocol 4. Reconciler security model 5. Public claim intake 6. External / Windows / roaming-agent dry run Copilot v3 review thread fixes (4 unresolved threads on #852): - P1 PRRT_kwDOSF9kNM5-g_UY (line 508): public-intake status said "Tracked under follow-up tasks" but later listed as "Untracked follow-up". Reconciled to consistent "Untracked follow-up in TaskList session-local; graduates to GitHub issue on land" wording. - P1 PRRT_kwDOSF9kNM5-g_VL (line 533): public entrypoints listed docs/ops/runbooks/request-agent-claim.md, but next-PR section uses start-agent-claim.md. Aligned to start-agent-claim.md (single runbook covers both internal start and public-request flow). - P1 PRRT_kwDOSF9kNM5-g_Vt (line 347): later V2 constraints bullet said actor identity is "Currently undefined" — contradicted the v3 layered identity section. Updated to point at task #325 (Layer 0/1 spec) and #335 (binding) as the implementation gates. - P2 PRRT_kwDOSF9kNM5-g_WM (line 346, outdated): section header was "v2 review-driven additions" but contained v3 packet content. Renamed to "v2 / v3 / v4 review-driven additions" with explicit explanation that the file is incrementally edited within itself; commit messages preserve round-by-round lineage. Four new follow-up tracking tasks created (TaskList #335-#338): #335 — actor identity binding (registry + signed commits + AgencySig v2) #336 — capabilities-as-primitive (roles as named bundles) #337 — harness pre-action freshness check + multi-actor collision #338 — DoS protection + prompt-injection defense for public intake Composes with #324 (umbrella), #325-#334 (v2/v3 follow-ups already created). Total v2/v3/v4 follow-up surface: 14 tasks (#325-#338). Status unchanged: doctrine-only PR. None of the implementation surfaces land in #852. Per Amara: "doctrine captures the design; follow-up issues bind the work; future PRs implement layers." Co-Authored-By: Amara <amara-aurora-deep-research-register@chatgpt> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): fix Codex P2 — task range #325-#338 (v3 + v4 set), not #325-#334 Codex P2 PRRT_kwDOSF9kNM5-hIOz: internal inconsistency between line 773 ('gated by #325 + #335') and line 987 ('v3 task numbering #325-#334 survives'). Fix: update line 987 to acknowledge v4 added #335-#338 (identity binding, capabilities-as-primitive, harness pre-action freshness check, DoS + prompt-injection defense). The earlier reference to #335 at line 773 is now consistent with the full follow-up set #325-#338. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): 5 Copilot P1 thread fixes (factual accuracy + dead-link prevention) - P1 PRRT_kwDOSF9kNM5-hNMc (line 778): 'None of these surfaces exist yet' was wrong — CONTRIBUTING.md + AGENTS.md exist. Rewrote to clarify the claim-intake CONTENT is planned, not the container files. - P1 PRRT_kwDOSF9kNM5-hNNL (line 773): 'tasks #325 + #335' was ambiguous (#335 might collide with existing repo references). Reworded to 'TaskList #325 + TaskList #335 (this session); will graduate to GitHub issue ID on land' — disambiguated as session- local TaskList IDs, not GitHub issue IDs. - P1 PRRT_kwDOSF9kNM5-hNNf (line 807): integration writeup link was dead (file lives on PR #853, not yet on main). Marked as [planned] with explicit pointer to PR #853 so the link is honest about its pre-merge state. - P1 PRRT_kwDOSF9kNM5-hNN0 (line 899): auto-expire status said 'mechanism implemented in reconciler' but reconciler is [planned]. Reworded to 'reconciler must enforce this once implemented' with cross-reference to task #333. Removes the false-progress drift. - P1 PRRT_kwDOSF9kNM5-hNOJ (MEMORY.md line 5): index entry marked CONTRIBUTING.md as [planned] but file already exists. Updated to mark the [planned] CONTENT additions inside the existing files, not the files themselves. Also un-truncated the writeup file path ('agencysignature-...' was elided) — now full path. P1 PRRT_kwDOSF9kNM5-hNOi (PR title v3-vs-v4 mismatch): handled via PR title/description update in a follow-up gh pr edit, not in the file itself. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): 2 Codex P2 fixes — claim status enum + actor-id filename encoding - P2 PRRT_kwDOSF9kNM5-hW1e (line 618 claim status enum): the YAML schema enumerated requested|active|blocked|done|expired|revoked but the v4 corrections section below introduced 'rejected' as distinct from 'revoked'. Fixed by adding 'rejected' to the canonical enum with inline comment cross-referencing the v4 catch. Prevents future reconciler/CI implementations from misclassifying rejected claims. - P2 PRRT_kwDOSF9kNM5-hW1T (line 793 actor-id filename portability): binding requirement said 'actors/<actor_id>.yaml' but actor_id is a URI like 'zeta://aaron-mac/claude-code/coordinator' which contains ':' (invalid on Windows) and '/' (creates nested paths). Defined canonical filename encoding: replace '://' with '--', '/' with '_', lowercase the result. Example: zeta://aaron-mac/claude-code/coordinator → actors/zeta--aaron-mac_claude-code_coordinator.yaml. Registry record itself carries the original URI in actor_id: field — filename is lookup key only, not source of truth. Cross-platform safe. Both Codex P2 catches are exactly the kind Otto-362 names: internal contradictions / undefined contracts caught by external review because the doctrine memory grew past pre-push self-audit capacity. Recurring tax that compounds across PRs. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): fix Copilot P1 task lineage attribution at line 987 Copilot caught the version→task attribution was wrong. Fixed: - v2 added #325-#331 (Layer 0/1 spec + Layer 2-5 follow-ups) - v3 added #332-#334 (public-intake layer + reconciler + safety levels) - v4 added #335-#338 (identity binding + capabilities-as-primitive + pre-action freshness + DoS/prompt-injection) Previous wording 'v3 added #325-#334' was wrong — those tasks predate v3 and span v2 + v3. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): 4 Copilot fixes — trust-domain prefix in v3 examples + complete actor records + precise Windows filename rules + present-tense framing P1 PRRT_kwDOSF9kNM5-hfwQ (line 362): v3 actor_id examples used the unprefixed form 'aaron-mac/claude-code/coordinator' but v4 makes the 'zeta://' trust-domain prefix REQUIRED. Updated examples to canonical v4 form with explicit note that v4 supersedes the unprefixed v3 form. Cold-start readers will internalize the correct canonical shape. P2 PRRT_kwDOSF9kNM5-hfw3 (line 382): the 'different harness filling the same pinned role' example omitted maintainer_id/host_id/harness_id even though the section defines actor_id as a four-axis combination. Filled in the complete record so readers don't copy a half-shaped template. P1 PRRT_kwDOSF9kNM5-hfxI (line 792): Windows filename encoding rule said 'no /, :, or .well-known chars' which conflated character classes with reserved names + had wrong-on-its-face wording. Replaced with the actual Windows constraints: forbidden chars (: / \ * ? " < > |), no trailing dot or space, no reserved device names (CON/PRN/AUX/NUL/ COM1-9/LPT1-9). Implementable spec instead of vague guidance. P1 PRRT_kwDOSF9kNM5-hfxd (line 783): said 'After v3 landed in PR #852', which reads as already-merged history while the PR is still open. False- progress drift class. Reframed as 'During the v3 draft in PR #852, five reviewers re-reviewed and Amara synthesized v4 mid-flight before merge'. All four are exactly the Otto-362 stale-statement / internal-inconsistency class: doctrine grew faster than self-audit could keep up; multi-AI review caught the drift. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * doctrine(agent-orchestra): 2 Codex catches — collision-safe filename encoding + trust-domain claim mirror IDs P1 PRRT_kwDOSF9kNM5-hlNB (line 795 collision-safety): the previous encoding (replace '://' → '--', '/' → '_', lowercase) was NOT injective — two distinct actor IDs could alias to the same filename (e.g. 'a/b/c' and 'a-b-c' both → 'a_b_c'), and lowercasing collapses case-distinct IDs. Replaced with RFC 3986 percent-encoding (%3A %2F), case-preserving. Decoding the basename always recovers the original actor_id byte-for-byte. Now reversible and collision-free. Example shifted: 'zeta://aaron-mac/claude-code/coordinator' → 'actors/zeta%3A%2F%2Faaron-mac%2Fclaude-code%2Fcoordinator.yaml'. The percent-encoded form satisfies all Windows-forbidden-char and reserved-device-name constraints already documented. P2 PRRT_kwDOSF9kNM5-hlNI (line 622 schema drift): the claim mirror YAML schema had 'actor_id: external:<...>' but v4 doctrine requires the trust-domain form 'zeta-external://...'. Updated the schema line to 'zeta-external://github/<github-login-or-agent-id>' with inline comment cross-referencing the v4 binding rule. Implementers now persist correctly-namespaced IDs that match the binding/policy model. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> --------- Co-authored-by: Amara <amara-aurora-deep-research-register@chatgpt> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
AceHack
added a commit
that referenced
this pull request
Apr 29, 2026
…ubstrate framing + Amara final packet Aaron returned with substrate framing on peer/buddy class taxonomy (verbatim preserved): peer agent harness has two sub-classes (substrate-aware vs host-only), buddy agent harness has two sub-classes (PR-capable vs local-only), plus runtime-internal subagents — all optimized for parallelization. Amara's round-3 rewrite formalized this as conceptual-categories-not- mirror-slang: independent_agent_harness / parent_managed_agent_harness / runtime_internal_subagent / invoked_tool / ci_actor / host_actor / human_principal. Five-AI review (Claude.ai, Ani, Deepseek, Gemini, Alexa) returned interface-hardening only — no architectural challenges. Amara final packet: "Round 3 convergence reached. Do not run another broad review." Architecture LOCKED: - Recursive primitive: DelegationEdge* - Accountable output: SharedEffect* - Evaluation layer: AttributionRecord* + OutcomeAssessment* - Causal chain: DecisionSignal → AgencyReceipt → SharedEffect → AttributionRecord → OutcomeAssessment - Universal: SharedEffect + trace + attribution - Boundary-crossing: + DecisionSignal + AgencyReceipt + non_actions + WorkClaim proof Final doctrine (locked): Do not canonize the mirror slang. Canonize the concepts. Lifecycle is not authority. Authority is not effect. Shared effect is the accountability boundary. Delegation is recursive. Execution is traced. Effects are receipted. Outcomes are attributed. Attribution is evidence, not verdict. Blame and credit are views over evidence. Implementation direction (Amara, locked): "Do not build the whole scoring engine now." Light schema-concept implementation only. First worked example: Code Quality episode (PR #861 host mutation receipt) pairs with DecisionSignal v0 + SharedEffect + AttributionRecord. Example weights illustrative-not-derived. NOT this session — Aaron's "I'll be back after round 3" closes here. This preservation IS round-3 close. Staged rollout deferred to next session per Amara's implementation direction. Status marker memory updated to reflect convergence; autonomy levels A0–A5 from round-0 demoted to secondary; "peer"/"buddy" demoted from canonical → working aliases. Per Otto-363 (substrate-or-it-didn't-happen) + channel-verbatim- preservation rule: research-grade preservation, NOT operational adoption. Synthesis lives alongside the verbatim, not instead. Composes with PR #855 (Otto-363), prior round verbatim preservation files, and the agent-orchestra layered-actor-identity work (PRs #851/#852/#853). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
7 tasks
AceHack
added a commit
that referenced
this pull request
May 1, 2026
…e + Majorana Zero Modes + Beacon protocol three-layer stack (Aaron 2026-05-01) (#1118) * memory(topological-quantum-emulation) + backlog(B-0152): Microsoft Majorana / MZM + Bayesian inference + "mirror with trampoline under beacon protocol" three-layer stack (Aaron 2026-05-01) Aaron 2026-05-01: > "immune system <> physics translation -> the Microsoft > Majorana 1 is WIP hardward version but the concept of > toplological quantium computing qsharp" > "we can emulate quantium under this frameing very efficently > with the newest lineage on infer.net and baseyan inferance > and trating the zero modes....... arrrrr i don't have the > right words, like a mirror with a trampline under beacon > protocol." memory/feedback_topological_quantum_emulation_via_bayesian_inference_majorana_zero_modes_beacon_protocol_mirror_trampoline_aaron_2026_05_01.md Substrate-grade architectural framing connecting Microsoft's topological QC research (Majorana 1 chip Feb-2025, Majorana Zero Modes, topoconductors, Q#, Station Q lab, Supersingular Isogeny crypto, FrodoKEM ISO standard) to the Zeta seed executor's Infer.NET Bayesian-inference architecture. Aaron's emulation claim: efficient under Zeta framing via Infer.NET + Bayesian inference, treating Majorana Zero Modes as the substrate primitive. Three-layer stack: Layer 1 (Mirror) - non-local information storage in Bayesian factor graph; correlations between variables analog to MZM topological relationships Layer 2 (Trampoline) - belief-propagation dynamics sustaining the topology Layer 3 (Beacon) - external-anchoring protocol per Otto-351 / PR #851 Composes with Zeta seed executor architecture (PR #986 forever-home substrate), retraction-native paraconsistent set theory + quantum BP candidate (existing memory), all-cryptography-quantum-resistant rule (orthogonal axis; compute-axis emulation does NOT relax crypto-axis quantum- resistance), Microsoft-Research-as-preferred-source rule (forward-ref to PR #1117), reproducibility-first principle (forward-ref to PR #1116; Bayesian inference IS the harness shape). docs/backlog/P2/B-0152-topological-quantum-emulation-*.md Operational research lane for the three-layer stack. Acceptance: design doc covering all three layers + Microsoft Research lineage cited + Pareto-improvement methodology applied + composition with existing algebras (B-0147 + B-0148) + crypto-axis separation explicit + implementation follow-up rows. Six open research questions. Effort L, P2, Layer 3 + Layer 5 per B-0146. memory/MEMORY.md Index pointer added. docs/hygiene-history/ticks/2026/05/01/1404Z.md Tick shard. Three-lane tick: PR #1117 thread fixes + PR #1116 thread fixes + new quantum-substrate landing. Provisional carved sentence: "A mirror with a trampoline under beacon protocol — non-local information held by topological structure, recovered by reflection, sustained by dynamic rebound." Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * threads(#1118): MD032 + line-leading-+ markdownlint fixes (CI lint failure on commit 4df44e1) Three line-leading-`+` issues fixed: - B-0152 line 41: "+ filesystem + timeseries" reflowed to use comma-list "alongside graph, hierarchy, filesystem, and timeseries" - memory/feedback_topological_quantum_emulation_*.md line 52: "Microsoft Research / Microsoft Quantum" instead of `+` - memory/feedback_topological_quantum_emulation_*.md line 122: "Mirror plus Trampoline plus Beacon" instead of `+` Markdown parsers / markdownlint interpret a literal line- leading `+` as a list-marker, which then triggers MD032 (blanks-around-lists). The fix is to never let `+` start a line in flowing prose. Same lesson as the prior "wildcard / inline-code-newlines" classes — both mechanizable as pre-commit lint catching commit-time vs review-time. Phantom-blocker P0 schema-violation claim on tick-shard 1404Z verified false: xxd hex-dump shows file starts with `7c20` (`| ` not `||`). Same noise pattern as 1346Z and 1402Z previously verified false. Will resolve thread. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Status
Doctrine captured. Protocol NOT operational. This PR lands the Zeta Agent Orchestra doctrine memory file (cold-start survival substrate) — not the implementation. Per Amara 2026-04-29: "#851 is not 'the protocol landed.' #851 is 'the doctrine memory landed.' That distinction matters."
The actual Layer 0 + Layer 1 spec files (
docs/ops/patterns/project-agent-topology.md,docs/ops/coordination/claims/README.md,docs/ops/runbooks/start-agent-claim.md, optionalagents/project-agents.example.yaml) land in a separate follow-up PR per task 324.Summary
Captures the project-level multi-harness multi-maintainer multi-actor coordination model from Aaron + Amara 2026-04-29, with v2 corrections from a five-AI review (Ani / Claude.ai / Gemini / Alexa / Deepseek). Doctrine-only — no automation built (per Amara's "Do not build full automation first. Land the protocol, then run one dry-run lane.").
This is the third doctrine packet in a 2-hour cluster:
The carved sentences
Allowed framing (what this PR delivers)
NOT allowed framing (prevents false-progress drift)
V2 corrections (this PR's expansion over the original commit)
Each v2 addition is explicitly status-tagged per Amara's precision framing:
agents/project-agents.yaml)Files
memory/feedback_zeta_agent_orchestra_capability_role_claim_isolation_aaron_amara_2026_04_29.md(~540 lines after v2)memory/MEMORY.md— paired index entry per memory-index-integrity ruleNo code, no
.zeta/agents.yaml, no automation. Per Amara's hard boundary: "#851 may contain doctrine + v2 corrections. #851 must not contain active claim schema, agents.yaml, CI enforcement, or runbooks."Next PR (per task 324, after #851 merges)
Layer 0 + Layer 1 design files only:
docs/ops/patterns/project-agent-topology.mddocs/ops/coordination/claims/README.mddocs/ops/runbooks/start-agent-claim.mdagents/project-agents.example.yaml(NOT active config;.example.suffix to make non-operational nature unambiguous)Each subsequent layer is its own PR with its own validation gate. Layer 4 (CI enforcement, post-swap) is the activation gate — nothing past it is operational without mechanical enforcement. Layer 3 (declarative topology) introduces the schema; Layer 4 enforces against it. Layer ordering corrected per Codex P2 review.
Follow-up tracking tasks (per Amara v2 close-condition)
Each implementation layer has an explicit follow-up task; #851 only lands the doctrine. The seven tasks below will graduate to GitHub issues when this PR merges:
agents/project-agents.yaml+ boolean-capability schemaThese compose with task #324 (umbrella).
Test plan
feedback_aaron_channel_verbatim_preservation_*rule)🤖 Generated with Claude Code