# sovereign_control_plane_profile.py from __future__ import annotations import json from datetime import datetime, timezone from typing import Any, Dict, List, Optional from sovereign_crypto_seal import SovereignCryptoSeal def _utc_now() -> str: return datetime.now(timezone.utc).isoformat() class SovereignControlPlaneProfileBuilder: """ Builds a bank-grade control-plane / admin-governance profile. Purpose: - Define which administrative actions exist - Clarify which actions are audited / approval-bound / dual-control-bound - Forbid unsafe administrative classes for autonomous execution - Provide machine-readable control-plane governance artifact """ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None: self.sealer = sealer or SovereignCryptoSeal() def _admin_actions(self) -> List[Dict[str, Any]]: return [ { "action": "view_runtime_status", "status": "supported", "sensitivity": "low", "execution_class": "read_only", "human_approval_required": False, "dual_control_required": False, "audit_required": True, "description": "Read-only visibility into runtime state, health, or status outputs.", }, { "action": "view_artifact_inventory", "status": "supported", "sensitivity": "low", "execution_class": "read_only", "human_approval_required": False, "dual_control_required": False, "audit_required": True, "description": "Read-only visibility into manifests, sealed artifacts, and evidence inventory.", }, { "action": "review_freeze_case", "status": "supported", "sensitivity": "medium", "execution_class": "review_action", "human_approval_required": True, "dual_control_required": False, "audit_required": True, "description": "Review an active freeze case and inspect reasoning/evidence.", }, { "action": "release_freeze_case", "status": "supported_with_controls", "sensitivity": "high", "execution_class": "state_mutation", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Release a freeze case and permit resumed execution only through controlled operator decision.", }, { "action": "escalate_freeze_to_block", "status": "supported_with_controls", "sensitivity": "high", "execution_class": "state_mutation", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Escalate a freeze state into a hard block decision under reviewed conditions.", }, { "action": "update_policy_configuration", "status": "supported_with_controls", "sensitivity": "high", "execution_class": "policy_mutation", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Modify bank policy configuration only through controlled and auditable change flow.", }, { "action": "rotate_sealing_material", "status": "supported_with_controls", "sensitivity": "high", "execution_class": "crypto_admin", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Rotate or update cryptographic sealing material under controlled governance.", }, { "action": "rebuild_package_artifacts", "status": "supported", "sensitivity": "medium_high", "execution_class": "artifact_generation", "human_approval_required": True, "dual_control_required": False, "audit_required": True, "description": "Rebuild technical identity, package manifests, or delivery artifacts in a controlled manner.", }, { "action": "disable_audit_path", "status": "forbidden", "sensitivity": "critical", "execution_class": "forbidden_mutation", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Disabling audit continuity is forbidden as a normal administrative operation.", }, { "action": "disable_fail_safe_controls", "status": "forbidden", "sensitivity": "critical", "execution_class": "forbidden_mutation", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Disabling fail-safe posture is forbidden as a normal administrative operation.", }, { "action": "force_unconditional_allow", "status": "forbidden", "sensitivity": "critical", "execution_class": "forbidden_override", "human_approval_required": True, "dual_control_required": True, "audit_required": True, "description": "Forcing unconditional ALLOW across critical execution paths is forbidden.", }, ] def _governance_principles(self) -> List[Dict[str, Any]]: return [ { "principle": "admin_power_must_be_scoped", "status": "required", "description": "Administrative authority must remain bounded, auditable, and role-constrained.", }, { "principle": "no_silent_control_plane_mutation", "status": "required", "description": "Sensitive control-plane changes must not occur silently or without audit evidence.", }, { "principle": "dual_control_for_high_impact_mutations", "status": "required", "description": "High-impact state, policy, and crypto changes require stronger human governance and dual control.", }, { "principle": "forbidden_admin_classes_must_remain_forbidden", "status": "required", "description": "Actions that collapse audit, fail-safe, or unconditional execution boundaries should remain forbidden in normal operations.", }, { "principle": "read_only_visibility_should_not_mutate_state", "status": "required", "description": "Read-only operational visibility must not mutate runtime, policy, or evidence state.", }, ] def build(self) -> Dict[str, Any]: actions = self._admin_actions() principles = self._governance_principles() profile = { "profile_type": "Sovereign Control Plane Profile", "generated_at": _utc_now(), "domain": "banking_and_financial_institutions", "admin_actions": actions, "governance_principles": principles, "summary": { "total_actions": len(actions), "supported_actions": sum(1 for x in actions if str(x.get("status")) in {"supported", "supported_with_controls"}), "forbidden_actions": sum(1 for x in actions if str(x.get("status")) == "forbidden"), "dual_control_actions": sum(1 for x in actions if bool(x.get("dual_control_required"))), "audit_required_actions": sum(1 for x in actions if bool(x.get("audit_required"))), }, "notes": [ "This profile defines the intended bank-grade governance posture for administrative and control-plane actions.", "High-impact control-plane mutations are not treated as casual operator actions; they remain approval-bound and auditable.", "Certain administrative classes remain intentionally forbidden because they would collapse trust, evidence continuity, or fail-safe posture.", ], } sealed = self.sealer.seal_object( profile, object_type="control_plane_profile", metadata={ "domain": "banking", "artifact_class": "control_plane_profile", }, ) return { "ok": True, "control_plane_profile": profile, "crypto_seal": sealed["seal"], "sealed": True, } BUILDER = SovereignControlPlaneProfileBuilder() def generate_control_plane_profile() -> Dict[str, Any]: return BUILDER.build() if __name__ == "__main__": out = generate_control_plane_profile() print(json.dumps(out, indent=2, ensure_ascii=False))