BASIS/ENFORCE

ENFORCE Layer

Evaluate intent against trust score and policies

Overview

The ENFORCE layer evaluates structured intents against the entity's trust score and applicable policies. It is the decision-making core of the governance system.

Responsibilities

  • Retrieve trust scoreGet current trust score for the requesting entity
  • Check capabilitiesVerify required capabilities are unlocked at current trust tier
  • Apply policy rulesEvaluate organization-specific policy constraints and obligations
  • Determine decisionReturn ALLOW, DENY, ESCALATE, or DEGRADE
  • Calculate impactDetermine trust score impact of the decision

Governance Decisions

ALLOW

Action may proceed as requested

Pass intent to execution with full approval

DENY

Action is blocked; no execution permitted

Return error to agent with denial reason

ESCALATE

Action requires human approval

Queue for human review, block until approved

DEGRADE

Action may proceed with reduced scope

Allow partial execution with constraints

Requirements

MUSTReturn exactly one decision: ALLOW, DENY, ESCALATE, or DEGRADE
MUSTInclude the trust score at decision time
MUSTInclude denial reason if decision is DENY
MUSTInclude escalation target if decision is ESCALATE
MUSTInclude degraded capability if decision is DEGRADE
MUST NOTModify trust score within this layer (scoring happens post-action)

EnforceResponse Schema

{
  "decision": "ALLOW",
  "intent_id": "int_abc123xyz",
  "entity_id": "ent_agent_001",
  "timestamp": "2026-01-15T10:30:01Z",
  "trust_score_at_decision": 650,
  "trust_tier_at_decision": "trusted",
  "policies_evaluated": [
    "pol_default",
    "pol_finance_restricted"
  ],
  "capabilities_checked": [
    {
      "capability": "comm:internal/message",
      "granted": true,
      "reason": "tier_sufficient"
    }
  ],
  "denial_reason": null,
  "escalation_target": null,
  "degraded_to": null,
  "trust_impact": {
    "projected_delta": 5,
    "reason": "successful_low_risk_action"
  }
}

Policy Evaluation

Policies are evaluated in the following order:

  1. Default deny — Start with DENY as baseline
  2. Trust tier check — Does entity's tier unlock required capabilities?
  3. Policy constraints — Do any policies explicitly block this action?
  4. Policy permissions — Do any policies explicitly allow this action?
  5. Obligations — Are there any obligations (escalation, logging) that apply?

Important: Policy evaluation MUST be atomic. There MUST NOT be time-of-check to time-of-use (TOCTOU) vulnerabilities.

Escalation Handling

When decision is ESCALATE, the following fields MUST be included:

{
  "decision": "ESCALATE",
  "escalation_target": {
    "type": "human_reviewer",
    "pool": "security_team",
    "timeout_minutes": 60,
    "fallback_decision": "DENY"
  },
  "escalation_context": {
    "reason": "high_value_transaction",
    "threshold_exceeded": "transaction_value > 10000",
    "additional_info": "First transaction of this type for entity"
  }
}