166 lines
5.2 KiB
Markdown
166 lines
5.2 KiB
Markdown
# ASL/FEDERATION/1 -- Core Federation Semantics
|
|
|
|
Status: Draft
|
|
Owner: Architecture
|
|
Version: 0.1.0
|
|
SoT: No
|
|
Last Updated: 2025-01-17
|
|
Tags: [federation, domains, visibility, determinism]
|
|
|
|
**Document ID:** `ASL/FEDERATION/1`
|
|
**Layer:** L2 -- Federation semantics (no transport, no encodings)
|
|
|
|
**Depends on (normative):**
|
|
|
|
* `ASL/1-CORE`
|
|
* `ASL/1-CORE-INDEX`
|
|
* `ASL/LOG/1`
|
|
* `ASL-STORE-INDEX`
|
|
|
|
**Informative references:**
|
|
|
|
* `ENC-ASL-CORE-INDEX` -- domain/visibility fields (`tier1/enc-asl-core-index.md`)
|
|
* `ASL/SYSTEM/1` -- unified system view
|
|
* `ASL/FEDERATION-REPLAY/1` -- cross-node deterministic replay
|
|
* `ASL/DAM/1` -- Domain Authority Manifest
|
|
* `ASL/POLICY-HASH/1` -- policy hash
|
|
|
|
---
|
|
|
|
## 0. Conventions
|
|
|
|
The key words **MUST**, **MUST NOT**, **REQUIRED**, **SHOULD**, and **MAY** are to be interpreted as in RFC 2119.
|
|
|
|
ASL/FEDERATION/1 defines **semantic rules** for multi-domain visibility and cross-domain references. It does not define transport, replication, or encodings.
|
|
|
|
---
|
|
|
|
## 1. Purpose
|
|
|
|
ASL/FEDERATION/1 defines the **multi-domain model** for ASL-based systems:
|
|
|
|
* Domain isolation and visibility rules
|
|
* Published vs internal state
|
|
* Cross-domain reference constraints
|
|
* Snapshot identity and deterministic reconstruction
|
|
|
|
---
|
|
|
|
## 2. Core Concepts
|
|
|
|
| Term | Definition |
|
|
| -------------------- | ---------- |
|
|
| Domain | Logical namespace with its own ASL store, log, and snapshot lineage. |
|
|
| Internal state | Artifacts/snapshots visible only within the domain. |
|
|
| Published state | Artifacts/snapshots visible to other domains. |
|
|
| Federated snapshot | Snapshot with visibility state that may be imported by other domains. |
|
|
| Cross-domain reference | Reference to a published artifact from another domain. |
|
|
|
|
---
|
|
|
|
## 3. Domain Semantics
|
|
|
|
1. **Domain isolation**
|
|
|
|
* Each domain has its own store, index, and log.
|
|
* Internal state is invisible outside the domain.
|
|
|
|
2. **Published state**
|
|
|
|
* Published artifacts and snapshots are visible to other domains.
|
|
* Published artifacts MUST satisfy ASL immutability and snapshot safety rules.
|
|
|
|
3. **Cross-domain references**
|
|
|
|
* Only published artifacts MAY be referenced by other domains.
|
|
* Cross-domain references are read-only and immutable.
|
|
* The consuming domain indexes imported artifacts using normal ASL index semantics.
|
|
|
|
---
|
|
|
|
## 4. Snapshot Identity
|
|
|
|
* Snapshot IDs are unique per domain.
|
|
* Federated snapshot identity is `(DomainID, SnapshotID)`.
|
|
* A federated snapshot MAY include cross-domain references only to published artifacts.
|
|
|
|
---
|
|
|
|
## 5. Visibility Rules
|
|
|
|
| Object | Internal Domain | Other Domains |
|
|
| ----------------------------------- | --------------- | ------------------- |
|
|
| Internal artifact | visible | hidden |
|
|
| Published artifact | visible | visible (read-only) |
|
|
| Internal snapshot | visible | hidden |
|
|
| Published snapshot | visible | visible |
|
|
| Block supporting published artifact | visible | visible |
|
|
| Block supporting internal artifact | visible | hidden |
|
|
|
|
* Index entries follow the same visibility rules.
|
|
* Determinism is defined per-domain and per-snapshot view.
|
|
|
|
---
|
|
|
|
## 6. Cross-Domain Operations
|
|
|
|
1. **Import published artifacts**
|
|
|
|
* A domain MAY import a published artifact from another domain.
|
|
* Imported artifacts MUST be treated as immutable.
|
|
|
|
2. **Export published artifacts**
|
|
|
|
* Internal artifacts MAY be promoted to published state.
|
|
* Promotion MUST be snapshot-bound and log-ordered.
|
|
|
|
3. **Federation log propagation**
|
|
|
|
* Each domain maintains its own append-only log.
|
|
* Federation MAY replicate published log-visible state.
|
|
|
|
---
|
|
|
|
## 7. Provenance and Traceability
|
|
|
|
* Execution receipts MAY include cross-domain inputs.
|
|
* Provenance MUST preserve origin domain and snapshot identity.
|
|
* Deterministic replay MUST be possible given `{Snapshot, LogPrefix}` for each domain.
|
|
|
|
---
|
|
|
|
## 8. Normative Invariants
|
|
|
|
1. **Determinism:** Reconstructing CURRENT in a domain yields the same visible state given the same snapshot and log prefix.
|
|
2. **Immutability:** Published artifacts and snapshots are immutable.
|
|
3. **Domain isolation:** Internal artifacts and snapshots are never visible to other domains.
|
|
4. **Federation safety:** Cross-domain references are read-only.
|
|
5. **Snapshot integrity:** Federated snapshots reference only published artifacts.
|
|
|
|
---
|
|
|
|
## 9. Integration with Other Layers
|
|
|
|
| Layer | Role in Federation |
|
|
| ------------------ | ------------------ |
|
|
| ASL/1-CORE | Artifact immutability and identity |
|
|
| ASL/1-CORE-INDEX | Semantic mapping and shadowing |
|
|
| ASL-STORE-INDEX | Sealing, retention, snapshot pinning |
|
|
| ASL/LOG/1 | Log-ordered visibility |
|
|
| ENC-ASL-CORE-INDEX | Domain/visibility metadata in records |
|
|
|
|
---
|
|
|
|
## 10. Non-Goals
|
|
|
|
* Transport protocols
|
|
* Network replication
|
|
* Witness signatures
|
|
* Domain admission and trust policy
|
|
|
|
---
|
|
|
|
## 11. Summary
|
|
|
|
ASL/FEDERATION/1 defines the semantic rules for multi-domain visibility and cross-domain reference. It keeps federation deterministic, snapshot-safe, and read-only across domain boundaries.
|