Parent: SocioProphet/sociosphere#443
Depends on: #45
Depends on: SocioProphet/policy-fabric#93
Purpose
Implement the Agent Registry runtime surface for WallGuard active wall context lookup.
Policy Fabric owns final WallGuard decisions. Agent Registry owns authoritative subject/session context required by that decision layer: wall memberships, acknowledgments, recusal/revocation state, session scope, and allowed memory/tool classes.
Runtime objective
Provide a deterministic runtime lookup path that can answer:
- which wall(s) an agent or human subject is currently authorized for
- whether membership is active, revoked, expired, or missing
- whether the subject is recused
- whether the session is clean, wall-scoped, contaminated, or unknown
- which memory compartments and tool classes are allowed to be considered by downstream evaluators
Required behavior
- Resolve
agentRef / subjectRef to an active WallGuard context record.
- Return fail-closed context for missing, revoked, expired, recused, contaminated, or unknown session state.
- Preserve the landed
AgentWallContext contract as the external shape or compatibility layer.
- Produce receipt/evidence refs suitable for Policy Fabric and Core Ledger.
- Do not perform final policy authorization locally; provide context to Policy Fabric.
Suggested files
tools/wallguard_context_lookup.py
contracts/wallguard/runtime/*.json
tools/validate_wallguard_context_lookup.py
Makefile target validate-wallguard-context-lookup
Acceptance criteria
Non-goals
- Do not implement Policy Fabric decisions in Agent Registry.
- Do not implement AgentPlane collaboration checks here.
- Do not implement Memory Mesh read/write behavior here.
Parent: SocioProphet/sociosphere#443
Depends on: #45
Depends on: SocioProphet/policy-fabric#93
Purpose
Implement the Agent Registry runtime surface for WallGuard active wall context lookup.
Policy Fabric owns final WallGuard decisions. Agent Registry owns authoritative subject/session context required by that decision layer: wall memberships, acknowledgments, recusal/revocation state, session scope, and allowed memory/tool classes.
Runtime objective
Provide a deterministic runtime lookup path that can answer:
Required behavior
agentRef/subjectRefto an active WallGuard context record.AgentWallContextcontract as the external shape or compatibility layer.Suggested files
tools/wallguard_context_lookup.pycontracts/wallguard/runtime/*.jsontools/validate_wallguard_context_lookup.pyMakefiletargetvalidate-wallguard-context-lookupAcceptance criteria
cascade,presidio,OrchestraOS, or noncanonical/unlicensed code.Non-goals