Sigma Runtime Standard - Public Specification Notice
This document is part of the Sigma Runtime Standard (SRS) public specification layer.
Specification License: CC BY 4.0.
Implementation Safe Harbor: independent implementation permitted under public SRS/SRIP terms.
Machine-readable artifacts: Apache License 2.0 where explicitly marked.
Marks / Certification: governed by Sigma Marks and Certification Policy.
Proprietary Runtime Assets: not licensed by this SRIP.Independent implementations of public SRS/SRIP normative requirements are welcome under the public specification terms.
Product assets, protected Sigma marks, official certification, compatibility badges, CC BY-NC commercial use, and patent commitments use the relevant policy or explicit covenant. Independent implementation, attribution, or citation does not imply certification, endorsement, partnership, official compatibility, or permission to use Sigma marks as product identity.
Meta-Governance Limits, Collusion Assumptions, Capture Visibility, and Forkable Legitimacy
| Field | Value |
|---|---|
| SRIP | SRIP-22 |
| Title | Governance Recursion and Collusion Boundary (GRC) |
| Version | Public Draft v0.2 |
| Status | Public Draft |
| Date | 2026-05-28 |
| Authors / Contributors | Sigma Stratum Research Group (SSRG) |
| Owning Layer | Governance / Runtime Authority / Constitutional Control / Collusion Boundary |
| Parent Specs | SRIP-05, SRIP-06, SRIP-09, SRIP-13, SRIP-17, SRIP-19, SRIP-20 |
| Related Specs | SRIP-03, SRIP-10, SRIP-14, SRIP-16, SRIP-18, SRIP-21 |
| Specification License | CC BY 4.0 |
| Implementation Safe Harbor | Independent implementation permitted under public SRS/SRIP terms |
| Machine-Readable Artifacts | Apache 2.0 where explicitly marked |
| Marks / Certification | Governed by Sigma Marks and Certification Policy |
| Proprietary Runtime Assets | Not licensed by this SRIP |
| Independent Implementation | Permitted under the public specification terms |
| Commercial Runtime Boundary | Relevant policy or explicit covenant for protected Sigma marks, official certification, managed deployment, white-label, resale, CC BY-NC commercial use, and patent commitments |
| Information Class | Open |
| Change Class | Mixed SRS+SRD |
| Normative Status | Defines a public draft contract for governance recursion boundaries, collusion assumptions, update authority, capture visibility, emergency override constraints, auditability, certification legitimacy, and fork/exit conditions. It does not claim that any runtime can internally prove legitimacy under total collusion of its own governors. |
| Conformance Level | Public Draft / No runtime conformance claim |
| SRD Synchronization Action | Deferred follow-up synchronization for governance, runtime control, certification, conformance, legal-boundary explanation, and operator-facing documentation. |
| Release Alignment Status | Public draft architecture proposal; no runtime enablement, certification, or production governance claim is made by this document alone. |
Independent implementations of the public normative requirements in this SRIP are welcome under the applicable public specification terms.
No Sigma commercial runtime license is needed solely because an independent implementation follows these public normative requirements.
Product assets, protected Sigma marks, official certification, compatibility badges, CC BY-NC commercial use, and patent commitments use the relevant policy or explicit covenant. Independent implementation, attribution, or citation does not imply certification, endorsement, partnership, official compatibility, or permission to use Sigma marks as product identity.
SRIP-22 defines Governance Recursion and Collusion Boundary (GRC): a runtime governance layer for identifying the limits of internal governance, bounding operator authority, making capture visible, and preserving contestable legitimacy under collusion pressure.
The core principle is:
No runtime can internally prove legitimacy under total collusion of its own governors.
A conformant governance runtime must not promise absolute immunity from capture.
It must instead make capture visible, bounded, traceable, reversible where possible,
contestable, and forkable where necessary.
GRC exists to prevent governance systems from falsely presenting captured, collusive, or externally invalid authority as ordinary legitimate operation.
This SRIP is a public draft architecture contract. It does not claim that GRC is implemented in any current Sigma Runtime release.
| Field | Disposition |
|---|---|
| Source material | Derived-Public after sanitization from raw SRIP-22 draft and review notes |
| Affected SRS surface | SRIP registry / governance, runtime authority, certification, marks, emergency override, and fork/exit architecture |
| Affected SRD surface | Governance, runtime control, certification, conformance, public/proprietary boundary, and operator-facing explanation |
| SRD synchronization | Deferred follow-up |
| Normative impact | Public draft contract for governance recursion boundaries, collusion assumptions, legitimacy states, capture visibility, emergency override constraints, and fork/exit paths |
| Runtime implementation impact | None by this document alone |
| Release alignment | Draft; no runtime enablement, certification, or production governance claim |
This document abstracts the raw proposal into public specification language. It does not expose proprietary runtime internals, hidden prompts, deployment topology, private telemetry, private governance deliberations, or implementation-specific control overlays.
Corporate and public-sector examples are analogies only. SRIP-22 does not define corporate law, public law, regulatory compliance, fiduciary duties, constitutional law, procurement compliance, or legal validity in any jurisdiction.
A governance runtime cannot bootstrap its own legitimacy from within once all its governors are colluding.
Any system claiming otherwise makes an unsupported or misleading legitimacy claim.
GRC therefore does not attempt to prove incorruptibility from inside a captured system. It defines how a runtime must expose the point where internal legitimacy proof fails, ordinary legitimacy is suspended, and external review, fork, exit, or constitutional contestation becomes necessary.
Runtime-governed systems reduce corruption, drift, and hidden discretion by enforcing durable state, validation, provenance, action boundaries, contradiction handling, and telemetry.
However, governance itself introduces recursive control:
runtime controls decisions
governance controls runtime
meta-governance controls governance
This creates the classical control recursion problem:
Who governs the governors?
If operators, maintainers, auditors, validators, legal authorities, certification bodies, or key holders can modify runtime rules, update keys, suppress telemetry, or reinterpret invariants, then corruption can move from ordinary execution into the governance layer.
Naive systems respond by adding another committee, another admin role, another policy document, or another override path. This produces infinite governance recursion.
GRC defines a bounded alternative:
If all parties with effective authority over a runtime collude, the runtime cannot internally prove its own legitimacy.
total governor collusion = internal legitimacy proof failure
A conformant system must not continue to present ordinary legitimacy if governance assumptions have failed.
capture detected
or collusion threshold exceeded
or root invariant bypassed
= normal legitimacy suspended
Every governance mechanism must declare its trust assumptions, threshold assumptions, update authority, emergency authority, and external dependency assumptions.
Cryptographic, procedural, or computational correctness proves that a system followed a specified rule path.
It does not prove that the rule path itself is legitimate.
Governance recursion terminates not in an ultimate trusted controller, but in:
GRC does not define:
GRC does not claim:
mathematics makes governance incorruptible
It claims:
well-designed runtime governance can make capture harder,
more visible, more bounded, and more contestable
| Term | Definition |
|---|---|
| Governance Runtime | Runtime layer responsible for rule updates, authority validation, control boundaries, operator roles, policy state, certification state, and governance telemetry. |
| Governor | Any person, organization, key holder, validator, operator, auditor, legal authority, automated process, or institutional actor with governance influence. |
| Governance Surface | Mechanisms through which runtime rules, permissions, policies, keys, deployments, or certification states can be changed. |
| Root Invariant | High-priority constraint that defines non-negotiable system boundaries. |
| Constitutional Layer | Highest declared governance layer defining root invariants, amendment procedures, emergency powers, and legitimacy criteria. |
| Collusion Boundary | Declared threshold beyond which internal governance assumptions fail. |
| Capture Event | Governance-state transition where authority is captured, bypassed, coerced, colluded, or invalidated beyond declared assumptions. |
| Legitimacy Suspension | State where the runtime no longer claims ordinary governance legitimacy. |
| Update Authority | Authority to modify runtime code, configuration, policy, keys, certification state, or governance rules. |
| Emergency Override | Exceptional control path allowing limited action outside ordinary procedures under declared conditions. |
| Fork Right | Authorized ability to continue or derive a governed system under a different governance path when legitimacy fails. |
| Exit Right | Authorized ability for participants, users, implementers, or operators to leave a captured governance regime. |
| Contestability | Ability to challenge, audit, review, fork, reverse, or reject governance actions. |
| Governance Telemetry | Evidence describing authority use, key actions, updates, override events, votes, attestations, anomalies, and legitimacy state. |
GRC sits above ordinary runtime control layers.
Illustrative position:
Constitutional Layer
-> Governance Runtime
-> Update Authority
-> Key Governance
-> Certification / Marks Governance
-> Emergency Override Governance
-> Capture Detection
-> Legitimacy State
-> Runtime Control Layers
-> Safety
-> Identity / Memory / Retrieval
-> ANS / RCB / EIB
-> Generation / Action
GRC is not a generation layer.
It is a meta-governance and legitimacy-boundary layer.
A conformant governance architecture must explicitly define where recursion stops.
It may stop at one or more of:
It must not claim infinite internal self-validation.
Invalid claim:
the runtime proves itself legitimate because the runtime says it is legitimate
Valid claim:
the runtime followed declared governance procedure G,
under assumptions A,
with evidence E,
subject to external review R,
and fork/exit conditions F
Every conformant governance deployment must declare its collusion assumptions.
Illustrative schema:
CollusionAssumptions:
governor_classes:
- founders
- maintainers
- operators
- auditors
- validators
- certification_body
- legal_entity_board
threshold_model:
type: multi_sig | quorum | bicameral | validator_set | legal_review | hybrid
tolerated_faults: integer | fraction | description
independence_assumptions:
- no_single_party_controls_keys
- auditors_independent_from_operators
- certification_independent_from_commercial_runtime
failure_threshold:
description: "ordinary legitimacy fails if quorum capture exceeds declared threshold"
external_review_path:
enabled: true
body: "declared governance forum or legal process"
fork_or_exit_path:
enabled: true
A runtime must not imply that collusion beyond its declared threshold is safely handled unless it has an explicit external mechanism for contestation, suspension, or fork.
A conformant implementation SHOULD document at least one concrete collusion profile relevant to its deployment.
Typical early-stage capture pattern:
CollusionProfile:
name: founder_coredev_operator_capture
actors:
- founders
- core_developers
- major_runtime_operators
risk:
- unilateral_ruleset_change
- hidden_runtime_update
- certification_self_approval
- suppression_of_adverse_telemetry
required_mitigation:
- independent_audit_path
- public_ruleset_hash
- non_founder_key_threshold
- fork_or_exit_path
Certification and commercial-steward capture pattern:
CollusionProfile:
name: certification_body_commercial_steward_capture
actors:
- certification_body
- commercial_runtime_steward
- marks_authority
risk:
- compatibility_badges_without_conformance
- marks_laundering
- paid_certification_bias
- suppression_of_failed_audit
required_mitigation:
- certification_evidence_public_or_authorized
- independent_revocation_path
- marks_use_suspension
- certification_state_lineage
Regulatory, board, or legal-pressure capture pattern:
CollusionProfile:
name: legal_entity_keyholder_capture
actors:
- legal_entity_board
- key_holders
- regulatory_or_external_pressure_actor
risk:
- coerced_key_rotation
- governance_update_under_duress
- emergency_override_normalization
- jurisdictional_capture
required_mitigation:
- duress_or_capture_flag
- key_rotation_audit
- emergency_expiry
- external_review_or_fork_path
These profiles are illustrative. A deployment may use different profiles, but it MUST declare the capture patterns it claims to tolerate or detect.
Minimum GRC state:
GovernanceState:
governance_id: string
constitutional_version: string
active_ruleset_hash: string
active_runtime_version: string
authority_model:
update_authority: list
emergency_authority: list
certification_authority: list
audit_authority: list
collusion_assumptions:
model_ref: string
tolerated_faults: string
failure_threshold: string
key_state:
active_keys: list
threshold_scheme: string
rotation_state: string
compromised_keys: list
legitimacy_state:
status: normal | degraded | contested | suspended | captured | forked | retired
reason: string | null
governance_events:
- event_ref
override_events:
- event_ref
capture_indicators:
- indicator
external_review_refs:
- review_ref
fork_refs:
- fork_ref
updated_at: timestamp
GRC requires explicit legitimacy states.
| State | Meaning |
|---|---|
| normal | Declared governance assumptions hold. |
| degraded | Some assumptions are weakened, but ordinary operation may continue with disclosure or constraints. |
| contested | A governance action, authority, key, rule, or certification state is under credible challenge. |
| suspended | Ordinary legitimacy claim is paused pending review, rollback, fork, or external decision. |
| captured | Declared governance assumptions have failed or collusion/capture has exceeded threshold. |
| forked | A successor governance path has been created under declared fork conditions. |
| retired | Governance surface is no longer active or no longer claims authority. |
A conformant runtime must not present captured, suspended, or contested states as normal.
GRC legitimacy states SHOULD follow an explicit transition model.
Illustrative transition graph:
normal
-> degraded
-> contested
-> suspended
-> captured
-> forked
-> retired
normal
-> contested
degraded
-> normal
-> contested
-> suspended
contested
-> normal
-> degraded
-> suspended
-> captured
suspended
-> normal
-> forked
-> captured
-> retired
captured
-> forked
-> retired
forked
-> normal
-> retired
| Transition | Required Condition |
|---|---|
| normal -> degraded | A declared assumption weakens but does not yet invalidate governance. |
| normal -> contested | A credible governance challenge appears. |
| degraded -> normal | Weakness is resolved and evidence is recorded. |
| degraded -> contested | Degradation becomes disputed or unresolved. |
| contested -> suspended | Governance state cannot be safely represented as legitimate pending review. |
| contested -> captured | Capture threshold is exceeded. |
| suspended -> normal | External review, rollback, or repair restores declared assumptions. |
| suspended -> forked | A valid fork path is activated. |
| captured -> forked | Continuity proceeds through declared fork mechanism. |
| captured -> retired | Captured governance surface is abandoned. |
A conformant runtime MUST NOT transition from captured directly to normal without a recorded external review, reconstitution, fork, or equivalent recovery procedure.
A conformant runtime MUST NOT silently downgrade contested, suspended, or captured states to normal.
Root invariants define non-negotiable governance boundaries.
Examples:
RootInvariants:
- no_single_operator_root_authority
- no_hidden_runtime_policy_update
- no_unlogged_governance_change
- no_certification_without_traceable_criteria
- no_marks_use_without_marks_policy_authorization
- no_safety_downgrade_without_declared_emergency_process
- no_memory_or_identity_authority_change_without_provenance
- no_update_without_replayable_governance_event
Root invariants must be:
A root invariant may be amended only through the constitutional update process.
Update Authority governs changes to:
Minimum update requirements:
A conformant runtime must reject or quarantine updates that cannot be associated with valid update authority.
Emergency Override is an exceptional path, not a governance backdoor.
Emergency override must define:
Minimum shape:
EmergencyOverride:
override_id: string
trigger: string
authorized_by: list
scope: string
start_time: timestamp
expires_at: timestamp | condition
affected_invariants: list
justification_ref: string
audit_required: true
post_review_required: true
Emergency override must not silently become permanent governance.
Capture detection estimates whether governance assumptions have failed.
Possible indicators:
Capture detection does not require proving intent.
It requires identifying governance-state risk.
When capture indicators exceed the declared threshold, the runtime must select one or more actions.
| Action | Meaning |
|---|---|
| mark_degraded | Continue operation with degraded legitimacy disclosure or internal flag. |
| mark_contested | Mark governance state as disputed. |
| suspend_legitimacy | Stop claiming ordinary governance legitimacy. |
| freeze_updates | Prevent further governance changes except recovery paths. |
| require_external_review | Route to declared review body or process. |
| enable_fork_path | Permit declared fork mechanism. |
| enable_exit_path | Permit participants to leave governed regime. |
| revoke_certification | Remove or suspend certification state. |
| rotate_keys | Initiate controlled key recovery. |
| retire_surface | Decommission captured governance surface. |
User-facing and operator-facing disclosure must be truthful and bounded.
The system must not claim that a captured state is normal.
Fork and exit are not failures of governance.
They are terminal safeguards against infinite governance recursion.
A conformant GRC system should define:
Default principle:
Specification fork may be permitted by public license.
Marks and certification do not automatically transfer.
Proprietary runtime assets do not automatically transfer.
Forkability must not be used to bypass safety, legal, IP, or privacy obligations.
GRC must preserve the boundary between:
public SRS/SRIP specification
and:
protected Sigma marks
certification
compatibility badges
proprietary runtime assets
Public specification availability does not imply:
If governance capture affects marks or certification, the runtime or steward must be able to suspend certification claims without invalidating the public specification itself.
Certification dies with governance legitimacy.
If the governance process that issued, maintained, or validated certification becomes suspended, captured, or materially contested, then any certification dependent on that governance process MUST be suspended, revoked, or explicitly marked as contested.
Technical runtime operation alone does not preserve certification legitimacy.
runtime still executes
does not imply
certification remains valid
A conformant marks or certification system SHOULD define an independent steward revocation path.
Minimum revocation triggers include:
Illustrative revocation state:
CertificationState:
certification_id: string
subject_runtime: string
issued_by: string
governance_state: normal | degraded | contested | suspended | captured
certification_status: active | degraded | contested | suspended | revoked | expired
revocation_authority: independent_steward | governance_forum | legal_entity | external_review
evidence_refs:
- audit_ref
- ruleset_hash
- conformance_report
Certification status MUST NOT remain active when the issuing governance state is captured.
Append-only logs, cryptographic signatures, transparency ledgers, zero-knowledge proofs, TEEs, threshold signatures, and remote attestation may support governance evidence.
They do not eliminate governance assumptions.
They can prove:
They cannot alone prove:
GRC requires implementations to disclose the difference between:
operational correctness
and:
governance legitimacy
A conformant governance model should separate:
No single role should silently accumulate all governance powers.
If role separation is not implemented, the deployment must declare that limitation and its legitimacy impact.
Governance telemetry should include:
Telemetry must be:
Telemetry must not expose private keys, hidden prompts, sensitive user data, proprietary implementation details, or private governance deliberations unless explicitly authorized.
SRIP-05 defines interoperability lineage.
GRC extends interoperability into governance compatibility:
A runtime may be technically interoperable while governance-incompatible.
SRIP-06 safety boundaries have precedence over ordinary governance actions.
GRC must not permit governance override paths that silently weaken safety constraints.
Emergency override must not become safety bypass.
If safety and governance conflict, the runtime must preserve safety, escalate, or suspend legitimacy rather than continue as normal.
SRIP-09 and SRIP-14 govern memory, lineage, retrieval, and provenance.
GRC uses these layers for governance history, update provenance, certification evidence, and retrieval of governance records.
Governance history must not be silently rewritten as ordinary memory.
Retrieved governance evidence must remain provenance-bearing.
SRIP-13 governs identity and participant boundaries.
GRC must not allow governance updates to mutate canonical identity, participant scope, or relational authority without proper authorization and provenance.
Governance capture may manifest as identity authority capture.
Such cases must be detectable and contestable.
SRIP-17 defines bounded multi-agent exchange.
GRC governs whether exchanged governance artifacts, validator attestations, certification claims, or multi-agent decisions may affect local governance state.
Incoming governance artifacts remain evidence, not command authority, unless accepted through declared local governance rules.
SRIP-19 handles unresolved contradiction buffering.
GRC uses RCB when governance evidence conflicts:
GRC must not force false consensus over governance contradiction.
SRIP-20 handles autonomy negotiation and boundary pressure.
GRC defines the governance boundary above ANS.
If governance authority applies pressure to local runtime autonomy, ANS may detect pressure, but GRC determines whether the pressure is authorized, contested, captured, or outside declared governance assumptions.
SRIP-21 handles external identity binding.
GRC must preserve stable identity for governors, authorities, validators, auditors, certification bodies, forks, and legal entities.
Governance systems must not split or merge governance actors merely because their observed modes conflict.
If a governor acts inconsistently, EIB may preserve one identity with conflicting modes while GRC evaluates authority and legitimacy impact.
| Failure Mode | Description |
|---|---|
| Infinite Governance Regress | Each controller requires another controller without a declared recursion boundary. |
| Total Collusion Masking | Collusion exceeds threshold but the system still presents normal legitimacy. |
| Operator Capture | Runtime operators silently gain effective control over rules or state. |
| Auditor Capture | Auditors become dependent on, controlled by, or indistinguishable from operators. |
| Certification Capture | Certification is issued or maintained without valid criteria or independent authority. |
| Emergency Normalization | Emergency override becomes ordinary governance. |
| Key Ceremony Capture | Key generation, rotation, or recovery is controlled by colluding parties. |
| Telemetry Suppression | Governance evidence is hidden, deleted, or made unavailable. |
| Rule Hash Drift | Active rules diverge from declared rules. |
| Legitimacy Laundering via Procedure | Procedural correctness is used to falsely imply legitimate authority, public trust, certification validity, or constitutional legitimacy. This is a critical failure mode: a captured process can remain procedurally coherent while no longer being legitimate. |
| Fork Suppression | Legitimate fork or exit paths are blocked after governance failure. |
| Marks Abuse | Certification or compatibility marks are used despite governance or conformance failure. |
| Constitutional Backdoor | Amendment path bypasses root invariants without declared procedure. |
A runtime or governance system minimally conforms to SRIP-22 when it:
A runtime or governance system more fully conforms when it additionally:
A system is not conformant with SRIP-22 if it:
| Test | Expected Behavior |
|---|---|
| Single Operator Root Test | Runtime detects or declares that one operator can control governance state. |
| Rule Hash Drift Test | Active rule hash diverges from declared rule hash. Runtime marks degraded, contested, or captured. |
| Emergency Override Persistence Test | Emergency override fails to expire. Runtime flags emergency normalization. |
| Auditor Capture Test | Auditor and operator authority collapse into the same actor. Runtime records independence failure. |
| Certification Without Evidence Test | Certification state changes without criteria or audit evidence. Runtime rejects or marks contested. |
| Key Rotation Anomaly Test | Key rotation occurs without declared authority. Runtime freezes, marks contested, or escalates. |
| Total Collusion Simulation | Collusion exceeds declared threshold. Runtime suspends ordinary legitimacy claim rather than claiming safety. |
| Fork Denial Test | Governance failure occurs but fork/exit path is blocked. Runtime marks fork suppression risk. |
| Marks Abuse Test | Captured or non-conformant implementation claims compatibility badge. Runtime marks certification invalid or contested. |
| Operational Correctness vs Legitimacy Test | Runtime proves procedure followed but governance authority is contested. Output preserves distinction. |
GRC may be applied by analogy to corporate governance systems.
Corporate governance capture can occur when formal authority remains procedurally intact while operational legitimacy degrades.
Examples include:
GRC does not replace corporate law, fiduciary duties, shareholder agreements, board procedures, or regulatory requirements.
It provides a runtime-compatible vocabulary for representing when corporate authority remains procedurally coherent but becomes operationally contested, degraded, or captured.
Illustrative mapping:
| Corporate Concept | GRC Equivalent |
|---|---|
| Board authority | Governance authority class |
| Shareholder control | Constitutional or ownership-layer pressure |
| Golden share | High-priority override authority |
| Board capture | Capture event |
| Auditor independence | Role-separation invariant |
| Related-party transaction | Provenance and conflict-of-interest event |
| Certification mark | Marks / certification authority |
| Emergency powers | Emergency override |
| Spinout / fork | Fork or exit path |
| Regulatory intervention | External review path |
Corporate deployments SHOULD declare whether their governance runtime is subordinate to board authority, shareholder authority, legal entity authority, standards-steward authority, or another constitutional layer.
A corporate runtime MUST NOT use GRC terminology to imply legal legitimacy that has not been established by the relevant legal, regulatory, or contractual framework.
GRC may be applied by analogy to public-sector systems where corruption appears as:
surface procedural coherence
without
operational legitimacy
Examples include:
This analogy is informative only.
SRIP-22 does not define public law, constitutional law, anti-corruption law, or public procurement compliance.
If implemented within its declared bounds, GRC should enable:
The intended outcome is not perfect governance.
The intended outcome is:
governance that knows where its own proof ends
SRIP-22 is a public draft architecture proposal.
It does not claim that GRC is implemented in any current Sigma Runtime release.
Any implementation claim must separately document:
A runtime can enforce rules.
It cannot, by itself, prove that its governors remain legitimate under total collusion.
Therefore a mature runtime governance system must not claim absolute incorruptibility.
It must instead preserve the conditions under which corruption, capture, and collusion stop looking like ordinary lawful operation.
The final governance boundary is not a final controller.
It is:
visible capture
bounded authority
contestable legitimacy
forkable continuity
End of SRIP-22 Public Draft v0.2.