Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 19 additions & 3 deletions artifacts/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,21 @@ This folder contains machine-readable assets for enterprise and regulator-facing
- `requirements-artifacts.txt`: pinned runtime/test dependencies for artifact checks.
- `Makefile`: convenience targets for local artifact validation workflows.


### 2026–2035 AGI/ASI governance reference architecture

Additional implementation artifacts for Sentinel AI Governance Stack v2.4 and long-horizon AGI/ASI governance:

- `enterprise-agi-asi-governance-reference-architecture-2026-2035.md`: deeply technical roadmap and reference architecture using `<title>`, `<abstract>`, and `<content>` tags.
- `roadmap-2026-2035.yaml`: machine-readable 2026–2035 implementation roadmap.
- `data/multi_jurisdiction_regulatory_mapping_2026_2035.csv`: multi-framework control mapping for AI, financial, privacy, cyber, conduct, and civilizational governance regimes.
- `oscal/sentinel-ai-control-catalog-oscal.json`: OSCAL-style control catalog for Sentinel/G-Stack/Omni-Sentinel controls.
- `policies/sentinel_ai_release_gate_v24.rego`: OPA/Rego regulated release gate for high-risk and high-agency AI systems.
- `tla/OmniSentinelContainment.tla`: TLA+ reference specification for containment invariants.
- `circuits/g_sri_systemic_risk.circom`: Circom/Groth16 reference circuit for G-SRI risk-band proofs.
- `templates/gc-ir-bridge-event.json`: Global Compliance–Incident Reporting bridge event template for zk proof submission.
- `templates/regulator-technical-report-2035.xml`: regulator-ready technical report template for AGI/ASI governance packs.

## Validation

Human-readable mode:
Expand Down Expand Up @@ -50,9 +65,10 @@ The validator performs:
3. Annex IV sample semantic checks (types, required fields, enum values, date format).
4. Control mapping cross-reference checks (no unknown control IDs).
5. Regulator XML required section checks.
6. Roadmap milestone date-range checks (2026–2030).
7. Manifest checksum checks for all tracked artifacts.
8. Manifest coverage checks (no missing or unexpected files).
6. Roadmap milestone date-range checks (2026–2030 and 2026–2035).
7. Extended AGI/ASI artifact checks for tagged reports, OSCAL controls, regulatory mappings, Rego gates, TLA+ specs, Circom circuits, and templates.
8. Manifest checksum checks for all tracked artifacts.
9. Manifest coverage checks (no missing or unexpected files).

## Regenerate checksum manifest

Expand Down
13 changes: 11 additions & 2 deletions artifacts/artifact-manifest-v1.json
Original file line number Diff line number Diff line change
@@ -1,12 +1,21 @@
{
"files": {
"annex-iv-dossier-schema-v1.json": "191c3442f4b372e8fb400640648841fb4d63aecdfb791d0b1b230a65a384ffe1",
"circuits/g_sri_systemic_risk.circom": "2a9f849ade2f90073de293dc35ac1de912d40479ca953897744329c2f05175db",
"control-catalog-v1.json": "56328ecaed2af4d832e993accb3b85d63d69f93eece4f10de08f0c82f71729d8",
"data/multi_jurisdiction_regulatory_mapping_2026_2035.csv": "6c5f49c4bda99ff2d4c4c71a7e3af5079327960b1893a18b322971c4fd414f48",
"enterprise-agi-asi-governance-reference-architecture-2026-2035.md": "87315bff7ce716caa569044bc5b8d7a6fdb81b235429208b2ed283265556a2df",
"enterprise-civilizational-agi-asi-blueprint-2026-2030.md": "12684e460b4f33a49d74e66eaa1400aab85e4dd6879e262e06ac932be7c3f3e3",
"examples/annex-iv-dossier-example.json": "fd914a07bf2691d9de262907953890ba353b23fe159d07a8b53eee1e6d16b1e2",
"oscal/sentinel-ai-control-catalog-oscal.json": "599a5b2d03fe1d315920eb79ca216792f591f8a9c888b7abe62d9ff8d4edd1c3",
"policies/sentinel_ai_release_gate_v24.rego": "08207f20eef89b4a790ef319b4ae194d31bf6950108d3dcf9e6c8a7cf7ac70e7",
"regulator-report-template.xml": "62c55a96b60bbc4592f0ad273ee1cca6e25eac6a437fb047dfb08bdf5baeab2d",
"roadmap-2026-2030.yaml": "2297c95faefe22ff03cb9aa7d104be232fa0269b831cb231f5b7f0ab0ed86369"
"roadmap-2026-2030.yaml": "2297c95faefe22ff03cb9aa7d104be232fa0269b831cb231f5b7f0ab0ed86369",
"roadmap-2026-2035.yaml": "b47b90e172ecdbc787e02f683275c2ea11296b0ff61d1ef948a2636e0d561108",
"templates/gc-ir-bridge-event.json": "bcfcf7fd1ad4f93302f019d35ecbe1ab3f045732f3dd16e390b50bb6a0de55bf",
"templates/regulator-technical-report-2035.xml": "24f69f03b01d7e96c2cd45ed5cd76de24bce43e162277760d88a78fd07cbd4d0",
"tla/OmniSentinelContainment.tla": "c4d70dc56804055aebda35c634eab3002be47c1ce314160deb63150f02ea80d7"
},
"generated_at": "2026-04-26T03:26:37+00:00",
"generated_at": "2026-06-01T09:18:30+00:00",
"version": "1.1"
}
64 changes: 64 additions & 0 deletions artifacts/circuits/g_sri_systemic_risk.circom
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
pragma circom 2.1.6;

include "circomlib/circuits/comparators.circom";

// Reference Groth16/Circom circuit for a G-SRI systemic-risk band proof.
// Private witness: component scores and weights.
// Public signals: threshold band, policy version, and evidence commitment.
// Production circuits should add fixed-point normalization, Poseidon commitments,
// version pinning, and audited trusted-setup governance.

template Range100() {
signal input value;
signal output ok;

component lower = LessEqThan(16);
lower.in[0] <== 0;
lower.in[1] <== value;

component upper = LessEqThan(16);
upper.in[0] <== value;
upper.in[1] <== 100;

ok <== lower.out * upper.out;
}

template GSRIWeightedSum(n) {
signal input scores[n];
signal input weights[n];
signal input thresholdLow;
signal input thresholdHigh;
signal input policyVersion;
signal input evidenceCommitment;

signal output inBand;
signal output publicPolicyVersion;
signal output publicEvidenceCommitment;

signal products[n];
signal accum[n + 1];
accum[0] <== 0;

component ranges[n];
for (var i = 0; i < n; i++) {
ranges[i] = Range100();
ranges[i].value <== scores[i];
ranges[i].ok === 1;
products[i] <== scores[i] * weights[i];
accum[i + 1] <== accum[i] + products[i];
}
Comment thread
OneFineStarstuff marked this conversation as resolved.

component aboveLow = LessEqThan(32);
aboveLow.in[0] <== thresholdLow;
aboveLow.in[1] <== accum[n];

component belowHigh = LessEqThan(32);
belowHigh.in[0] <== accum[n];
belowHigh.in[1] <== thresholdHigh;

inBand <== aboveLow.out * belowHigh.out;
publicPolicyVersion <== policyVersion;
publicEvidenceCommitment <== evidenceCommitment;
}

component main {public [thresholdLow, thresholdHigh, policyVersion, evidenceCommitment]} = GSRIWeightedSum(10);
17 changes: 17 additions & 0 deletions artifacts/data/multi_jurisdiction_regulatory_mapping_2026_2035.csv
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
framework,control_objective,technical_artifact,evidence_source,primary_owner,cadence
EU AI Act Annex IV,technical documentation completeness,annex_iv_completeness_v1_zk_proof,annex_iv_dossier_hash,ai_governance,per_release
EU AI Act GPAI systemic risk,systemic model risk evaluation,G-SRI and Red Dawn report,g_sri_public_signal,frontier_safety,quarterly
NIST AI RMF 1.0,govern-map-measure-manage traceability,OSCAL catalog and risk register,control_test_bundle,enterprise_risk,quarterly
NIST AI 600-1,generative AI misuse and information integrity controls,GAI-SOC telemetry,red_team_findings,security_operations,continuous
ISO/IEC 42001,AIMS governance and continual improvement,management_system_records,internal_audit_report,compliance,semiannual
Basel III IV,prudential and operational risk integration,systemic stress pack,stress_scenario_results,treasury_risk,quarterly
SR 11-7,independent model validation,validation_workbench_record,validation_attestation,model_risk_management,annual_or_material_change
SR 26-2 readiness,supervisory AI control change management,regulatory_change_profile,policy_diff_record,regulatory_affairs,monthly
DORA,ICT operational resilience and third-party risk,AI dependency map and incident clock,incident_timeline,operational_resilience,continuous
NIS2,cybersecurity governance and incident reporting,GAI-SOC cyber control map,siem_soar_case,cybersecurity,continuous
GDPR,privacy lawful basis and minimization,DPIA and selective disclosure policy,privacy_assessment,privacy_office,per_release
FCRA ECOA,fair lending and adverse action,fair_lending_v1_zk_proof,reason_code_test,fair_lending_compliance,per_release
MAS HKMA FEAT,fairness ethics accountability transparency,FEAT scorecard,control_owner_attestation,apac_compliance,quarterly
FCA SMCR Consumer Duty,senior accountability and good outcomes,SMCR responsibility map,consumer_outcomes_test,uk_compliance,quarterly
HKMA Fintech 2030,responsible fintech and regtech enablement,regulator API profile,supervisory_submission,apac_regulatory_affairs,semiannual
ICGC GASO,compute governance and emergency pause,compute registry and pause proof,compute_commitment,board_risk_committee,continuous
Loading
Loading