giles
4c8e732803
Merge loops/acl into architecture: acl-on-sx Datalog ACL
Fine-grained, explainable, federation-aware access control as a thin layer
over lib/datalog/. Four phases + hardening, 145/145 conformance:
- Phase 1 direct grants, deny-overrides via stratified negation
- Phase 2 inheritance (group/role member_of, resource child_of, role_grant)
- Phase 3 explanation (proof-tree reconstruction) + append-only audit log
- Phase 4 federation (trust-gated non-transitive delegation, revocation)
- hardening: diamonds, cycles, multi-peer, validation, audit save/restore
Surfaces the lib/guest/rules/ extraction seam (build-db/decide/explain/
revoke) for the second consumer (mod-on-sx). Records two substrate findings:
append! no-ops on map-derived lists; JIT loops on deep proof reconstruction
in warm processes (acl-explain only; acl-permit? unaffected).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-06 23:07:43 +00:00
..
2026-06-06 22:44:28 +00:00
2026-06-06 19:17:28 +00:00
2026-05-12 21:09:07 +00:00
2026-05-18 14:48:00 +00:00
2026-06-06 08:05:57 +00:00
2026-06-06 17:00:10 +00:00
2026-06-06 19:33:04 +00:00
2026-05-05 21:31:03 +00:00
2026-05-28 02:45:36 +00:00
2026-05-14 20:18:03 +00:00
2026-05-10 19:11:36 +00:00
2026-05-13 21:16:09 +00:00
2026-05-13 08:38:47 +00:00
2026-05-14 20:18:03 +00:00
2026-05-14 20:21:18 +00:00
2026-05-09 14:12:36 +00:00
2026-05-11 05:54:39 +00:00
2026-06-06 20:43:15 +00:00
2026-05-07 17:35:49 +00:00
2026-05-01 23:18:04 +00:00
2026-05-14 07:54:15 +00:00
2026-05-12 21:09:07 +00:00
2026-05-12 07:02:56 +00:00
2026-05-07 02:38:47 +00:00
2026-05-06 16:58:18 +00:00
2026-05-11 22:26:45 +00:00
2026-05-08 14:23:45 +00:00
2026-05-01 21:00:22 +00:00