Skip to content

Use SourceOS State Integrity for agent write safety and object transactions #86

Description

@mdheller

Purpose

Make AgentPlane consume SourceOS State Integrity for safe agent writes, reviewable object transactions, and policy-governed local-first execution.

Canonical spec: SourceOS-Linux/sourceos-spec/docs/architecture/sourceos-state-integrity-layer.md
Program tracker: SourceOS-Linux/sourceos-spec#83

Requirements

  • Register every agent as a State Integrity actor through Agent Registry.
  • Treat agent writes as reviewable object transactions where possible.
  • Support draft object changes, proposed patches, merge queue semantics, rollback, and attribution.
  • Enforce workspace/profile scope before reads and writes.
  • Call Policy Fabric before durable writes, replication, export, delete, repair, or schema migration.
  • Emit structured events for Sherlock/Holmes/Lampstand.

Initial object transaction fields

transaction_id: string
actor_id: string
workspace_id: string
profile_id: string
object_ids: []
operation: create | update | delete | merge | repair | migrate
status: draft | proposed | approved | applied | rejected | reverted
policy_decision_ref: string
created_at: timestamp
updated_at: timestamp

Acceptance criteria

  • AgentPlane has a documented State Integrity adapter boundary.
  • Agent writes can be attributed to actor/profile/workspace.
  • Agent changes can be represented as draft/proposed/applied rather than anonymous mutations.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions