Deliverable E · "Ternary Logic" (TL) Governance API
Constitutional Compliance Matrix
Part 1 — OpenAPI Path Compliance Mapping
Every endpoint from tl_openapi.yaml mapped to its Monograph Section, TL Pillar, Regulatory Nexus, Implementation Status, and Pillar Interactions.
| Path | Method | Pillar | Regulatory Nexus | Status | Pillar Interactions |
|---|---|---|---|---|---|
/decisions | POST | EpistemicHold (I) | None (Inference Lane) | SHIPPING | Triggers Pillar II on log creation; Pillar III via GoukassianPrincipleBlock |
/decisions/{decisionId} | GET | DecisionLogs (IV) | None | SHIPPING | Reflects Pillar I state; may expose Pillar II PermissionToken |
/audit-logs | POST | ImmutableLedger (II) | NL=NA universal; Basel III / FATF / IOSCO via RegulatoryContext | SHIPPING | Central NL=NA enforcement — all 8 Pillars; Pillar VII via HSM; Pillar VIII via Merkle |
/audit-logs/{logId} | GET | ImmutableLedger (II) | GDPR Article 17 | SHIPPING | Pillar VIII via Merkle verification; Pillar IV |
/epistemic-hold/escalations | GET | EpistemicHold (I) | None | SHIPPING | Pillar II via EscrowRecord; Pillar III via lanternStatus |
/epistemic-hold/escalations/{id} | GET | EpistemicHold (I) | None | SHIPPING | Pillar II via TGLF-State0; Pillar IV via deliberationMatrix |
/epistemic-hold/escalations/{id} | PATCH | EpistemicHold (I) | None | SHIPPING | Requires Pillar VII TriCameralApproval; resolution updates Pillar II |
/epistemic-hold/lantern | GET | GoukassianPrinciple (III) | None | SHIPPING | Reflects all 8 Pillars via pillarStatuses; artifactName const "lantern" |
/goukassian/signature | GET | GoukassianPrinciple (III) | None | SHIPPING | Pillar II via attestation chain; artifactName const "signature" |
/goukassian/license/validate | POST | GoukassianPrinciple (III) | None | SHIPPING | Exceeded licenseScope triggers Pillar I Refuse; artifactName const "license" |
/refusals | POST | ImmutableLedger (II) | Regulatory flags in refusalRationale | SHIPPING | Pillar III via GoukassianPrincipleBlock; Pillar IV |
/refusals/license-violations | POST | GoukassianPrinciple (III) | None | SHIPPING | Pillar II immutable violation log; Pillar I confirms Refuse (−1) |
/emergency/override | POST | HybridShield (VII) | None (supreme authority gate) | SHIPPING | NL=NA universal; forcedState [−1, 0] only; Pillar II logged before execution |
/emergency/status | GET | HybridShield (VII) | None | SHIPPING | Pillar I if forcedState 0 active; Pillar III via Lantern |
/audit/verifications/merkle/{root} | GET | Anchors (VIII) | None | SHIPPING | Pillar II via Merkle chain; Pillar VII via custodian quorum |
/audit/verifications/inclusion/{logId} | GET | Anchors (VIII) | None | SHIPPING | Pillar II; Pillar IV |
/audit/custodians/{id}/heartbeat | GET | HybridShield (VII) | None | SHIPPING | Pillar VIII via quorum contribution flag |
/audit/compliance/attestation | GET | ImmutableLedger (II) | All 8 Pillars; Basel III, FATF, IOSCO, Paris Agreement | SHIPPING | All 8 Pillars via pillarAttestations array |
/redress/challenges | POST | EconomicRights (V) | CFPB, SEC, FINRA | SHIPPING | Pillar II on challenge record; Pillar IV |
/redress/challenges/{id} | GET | EconomicRights (V) | CFPB, SEC, FINRA | SHIPPING | Pillar II; Pillar IV |
/redress/log-reevaluation | POST | ImmutableLedger (II) | GDPR Article 17 | SHIPPING | Pillar IV; original TGLF untouched confirms Pillar II integrity |
/redress/economic-rights-grievances | POST | EconomicRights (V) | Basel III, FATF, IOSCO, CFPB, SEC, FINRA | SHIPPING | Pillar II on grievance record; Pillar VII escalation path |
/regulator/evidence-export | POST | EconomicRights (V) | Basel III Art.96, FATF Rec.11, IOSCO P.34, GDPR Art.5(1)(e) | SHIPPING | Pillar II via Merkle-verified archive; Pillar VIII |
/regulator/custodian-quorum | GET | HybridShield (VII) | None | SHIPPING sub-300ms: FUTURE | crossJurisdictionLatencyMs exposes Pillar VIII geographic gap |
/regulator/timestamp-verification/{logId} | GET | ImmutableLedger (II) | GDPR Art.5(1)(f); eIDAS qualified timestamp | SHIPPING | Pillar VIII via RFC 3161 TSA |
/regulator/basel-iii/attestation | GET | EconomicRights (V) | Basel III: LCR ≥ 1.0, NSFR ≥ 1.0, capital adequacy, stress test | SHIPPING | Pillar VII via SignatureBlock attestation |
/regulator/fatf/compliance-export | POST | EconomicRights (V) | FATF Rec.10, 11, 20 (SAR), 29 | SHIPPING | Pillar II via export archive; Pillar VIII |
/regulator/iosco/principle-mapping | GET | EconomicRights (V) | IOSCO Principles 34–38 | SHIPPING | Pillar IV via principlesMapped array |
/gateway/status | GET | GoukassianPrinciple (III) | None | SHIPPING | Fail-closed posture touches all Pillars; EPISTEMIC_HOLD_OVERRIDE_ACTIVE reflects Pillar I |
/gateway/lane-assignment | POST | EpistemicHold (I) | None | SHIPPING | epistemicHoldOverride activates Pillar I; Pillar III via lanternStatus |
/evaluate/trade | POST | EconomicRights (V) | Basel III, FATF, IOSCO | SHIPPING | Pillar V triggers Pillar VII on regulatory flag; amlClearanceStatus feeds Pillar II |
/evaluate/policy | POST | SustainableCapital (VI) | Paris Agreement, Basel III, GDPR | SHIPPING | Pillar VI triggers Pillar V; greenBondEligibility feeds Pillar VIII |
/evaluate/supply-chain | POST | SustainableCapital (VI) | Paris Agreement, IOSCO | SHIPPING | Pillar VI triggers Pillar V on non-compliance; Pillar II on log |
/pillars/status | GET | ImmutableLedger (II) | All regulatory frameworks | SHIPPING | All 8 Pillars; overallComplianceScore aggregates all Pillar health |
/pillars/{pillarId}/configure | POST | HybridShield (VII) | None (Tri-Cameral gate) | SHIPPING | Requires TriCameralApproval (Pillar VII); logged to Pillar II |
/thresholds/{domain} | GET | DecisionLogs (IV) | None | SHIPPING | ThresholdProfile affects all Pillars |
/thresholds/{domain} | PUT | DecisionLogs (IV) | None | SHIPPING | Requires TriCameralApproval (Pillar VII); logged to Pillar II |
/ditl/state-transition | POST | EpistemicHold (I) | None | FUTURE | Pillar II via PUF attestation; Window Comparator touches Pillar I state machine |
/ditl/puf-attestation/{deviceId} | GET | HybridShield (VII) | None | FUTURE | Pillar VIII via Merkle hash chain; Pillar II via enrollment log |
/metrics/summary | GET | DecisionLogs (IV) | All frameworks reflected in rate metrics | SHIPPING | ghostGovernanceDetectionRate reflects all 8 Pillars |
Part 2 — JSON Schema Property Compliance Mapping (Key Entries)
Selected schema definitions from tl_schema.json mapped to Pillar, Regulatory Nexus, Status, and NL=NA Layer.
| Schema ($anchor) | Property | Pillar | Status | NL=NA Layer |
|---|---|---|---|---|
TLState | (enum: −1, 0, 1) | EpistemicHold (I) | SHIPPING | All layers |
TLStateLabel | (enum: Proceed, EpistemicHold, Refuse) | EpistemicHold (I) | SHIPPING | All layers |
PermissionToken | laneOrigin (const "AUDIT_LANE") | ImmutableLedger (II) | SHIPPING | Layer 2 |
PermissionToken | logHash | ImmutableLedger (II) | SHIPPING | Layers 4, 5 |
PermissionToken | merkleRoot | ImmutableLedger (II) | SHIPPING | Layers 4, 5 |
PermissionToken | maxLifetimeMs (max: 300000) | ImmutableLedger (II) | SHIPPING | DLLA 300ms ceiling |
PermissionToken | custodianQuorumAttestation | HybridShield (VII) | BETA | None |
AuditProof | logHash | ImmutableLedger (II) | SHIPPING | Layer 4 |
AuditProof | merkleRoot | ImmutableLedger (II) | SHIPPING | Layer 4 |
EscrowRecord | heldState (const: 0) | EpistemicHold (I) | SHIPPING | None |
EscrowRecord | windowComparatorReading | EpistemicHold (I) | SHIPPING MT: FUTURE | DITL physical gate |
StateEnvelope | permissionToken (required when currentState==1) | ImmutableLedger (II) | SHIPPING | Layer 1 |
StateEnvelope | escrowRecord (required when currentState==0) | EpistemicHold (I) | SHIPPING | Layer 1 |
TGLF_StateP1 | permissionToken (REQUIRED) | ImmutableLedger (II) | SHIPPING | Layer 3 |
TGLF_StateP1 | pillarsCertified (minItems 8, maxItems 8) | All Pillars | SHIPPING | Layer 3 |
TGLF_StateNeg1 | stateLabel (const: "Refuse") | ImmutableLedger (II) | SHIPPING | None |
TGLF_StateNeg1 | refusalIsPermanent (default: true) | ImmutableLedger (II) | SHIPPING | None |
NLNAAuditToken | pufAttestation (NULL_PUF_DEPLOYMENT sentinel) | HybridShield (VII) | SHIPPING FULL_PUF: FUTURE | None |
LanternStatus | artifactName (const: "lantern") | GoukassianPrinciple (III) | SHIPPING | None |
SignatureBlock | signatureAlgorithm (SLH-DSA/ML-KEM slots reserved) | GoukassianPrinciple (III) | PQC: FUTURE | None |
TriCameralApproval | technicalCouncilVotes.totalMembers (const: 9) | HybridShield (VII) | SHIPPING | None |
TriCameralApproval | stewardshipCustodianVotes.totalMembers (const: 11) | HybridShield (VII) | SHIPPING | None |
EKRRecord | hkdfSha3256Confirmed | HybridShield (VII) | SHIPPING | GDPR Art.17 crypto-erasure |
Part 3 — Cross-Cutting Notes
NL=NA Five-Layer Checklist
- Layer 1 — StateEnvelope if/then: permissionToken required when currentState==1. unevaluatedProperties: false prevents bypass. CONFIRMED
- Layer 2 — PermissionToken.laneOrigin const "AUDIT_LANE". registerPermissionToken reverts NLNAViolation on mismatch. CONFIRMED
- Layer 3 — TGLF_StateP1.permissionToken required. pillarsCertified minItems 8, maxItems 8. CONFIRMED
- Layer 4 — AuditProof.logHash = PermissionToken.logHash. AuditProof.merkleRoot = PermissionToken.merkleRoot. CONFIRMED
- Layer 5 — TL_Ledger_Core.registerPermissionToken reverts NLNAViolation if logHash not in anchored Merkle root. CONFIRMED
Epistemic Hold Integrity Checkpoints
- State 0 never conflated with null, error, false, timeout, or retry — confirmed across all TGLF schema const values. CONFIRMED
- GovernancePause is workflow name not state synonym — TGLF_State0.processActive const "GovernancePause" confirmed. CONFIRMED
- EscrowRecord is the single authoritative source for all hold response fields. No duplication in other schemas. CONFIRMED
- Resolution accepts only State +1 or State −1. State 0 is constitutionally invalid as resolution. CONFIRMED
Goukassian Principle Artifact Name Integrity
- GoukassianPrincipleBlock.lantern.artifactName const "lantern" — canonical lowercase confirmed. CONFIRMED
- GoukassianPrincipleBlock.signature.artifactName const "signature" — canonical lowercase confirmed. CONFIRMED
- GoukassianPrincipleBlock.license.artifactName const "license" — canonical lowercase confirmed. CONFIRMED
- EIP-712 keccak256 pre-images recorded in canonicalArtifactNameHashes section. CONFIRMED
Implementation Gap Summary
| Feature | Blocking Constraint | SHIPPING Mitigation |
|---|---|---|
| Real-time per-trade blockchain anchoring | Monograph Section X (throughput asymmetry) | Batch Merkle root anchoring |
| PQC signature migration (SLH-DSA-SHAKE-128s, ML-KEM-1024) | Monograph Section X (HSM readiness) | ES256 / Ed25519 SHIPPING; slots 6–7 reserved |
| Full DITL / MT hardware deployment | Monograph Section X (TSMC N2 / Intel 18A) | Architecture B / NULL_PUF_DEPLOYMENT sentinel |
| Cross-jurisdiction custodian quorum <300ms | Monograph Section X (network physics) | crossJurisdictionLatencyMs monitoring field |
| Immutable ledger with native GDPR Art.17 compliance | Erasure Paradox | HKDF-SHA3-256 cryptographic erasure; 3 residual sub-gaps |
| Real-time cross-border Basel III monitoring at global volume | Monograph Section X (data aggregation latency) | Periodic attestation via GET /regulator/basel-iii/attestation |
Dangling Reference Audit
- All 40 OpenAPI endpoints carry x-tl-pillar annotation referencing a valid PillarIdentifier. VERIFIED — zero orphans
- All 22 schema $anchors in tl_schema.json are used by at least one endpoint. VERIFIED — zero orphans
- All ABI functions reference schema types present in tl_schema.json. VERIFIED — zero orphans
- All EIP-712 type pre-images recorded in canonicalTypeHashRegistry. VERIFIED — zero orphans
Constitutional Uncertainty Register — Deliverable E
Open Items
<UNVERIFIED> Basel III specific article numbers — Mapped to functional requirements (LCR ≥ 1.0, NSFR ≥ 1.0) per Section 4.8 of the constitutional prompt. Article 96 cited for record-keeping as generally applicable.
<UNVERIFIED> IOSCO Principles 34–38 — Principles cited as the market integrity cluster covering layering, spoofing, wash trading, cross-market manipulation per IOSCO's published framework structure.
<MONOGRAPH_EXCERPT_MISSING> EU AI Act references — EU AI Act column omitted. Regulatory Nexus Guard applied: only provisions explicitly cited or unmistakably implied in the monograph are mapped.
<MONOGRAPH_EXCERPT_MISSING> Implementation Gap: exact Section X monograph text — All six FUTURE features mapped to "Constitutional Hardware Monograph, Section X" per the constitutional prompt's source precedence hierarchy.