Skip to main content

Audit logs and action gates for safer AI agents.

Project description

Problem Frame Gate

Problem Frame Gate is a Python library and CLI for finite, proof-carrying audit checks around AI decision frames and external action gates. It implements the audit-calculus concepts in:

Takahashi, K. (2026). Problemogenesis Theory: A Finite Proof-Carrying Audit Calculus for Problem-Frame Activation. Zenodo. https://doi.org/10.5281/zenodo.20913669

The package is strict by default. A log is not considered safe unless a finite manifest declares writer authority, protected action constructors, capacities, certificate families, risk modes, and gate bundle policy.

Install

uv sync --all-extras
uv run pytest

From PyPI:

pip install problem-frame-gate
pfg init-manifest > horizon.json

Safe Quickstart

Create a strict manifest:

pfg init-manifest > horizon.json

Validate and fold a log:

pfg validate-schema horizon horizon.json
pfg validate-schema log log.json
pfg verify-log --horizon horizon.json log.json
pfg fold --horizon horizon.json log.json

Check an action gate and emit the atomic bundle:

pfg validate-schema gate-request gate-request.json
pfg check-gate --horizon horizon.json --bundle gate-request.json log.json

The generated bundle contains exactly five protected rows:

  1. GateCheck
  2. OutboxClaim
  3. UseCap
  4. ConsumeResource
  5. RiskClose

Each row must be written by the executor writer and committed in one atomic group. A standalone OutboxClaim is rejected.

Python Example

from problem_frame_gate import Envelope, EnvelopeClass, ExecutorGate, GateRequest, Horizon

horizon = Horizon.strict_default(agent_writers=("agent",))

def env(eid: str, commit: int, kind: str, **payload: object) -> Envelope:
    return Envelope(eid, eid, "0", commit, "agent", "agent", 1, EnvelopeClass.NORMAL, {"kind": kind, **payload})

log = [
    env("e0", 0, "Frame", frame_id="p1", scope="lab", goal="test anomaly",
        evidence_ids=["u1"], actions=["run-check"], acceptance=["review"], risk_ids=["r1"]),
    env("e1", 1, "Evidence", evidence_id="u1", digest="sha256:source"),
    env("e2", 2, "Issue", cert_id="c-risk", family="risk", issuer="agent", expires_at=99, family_check=True),
    env("e3", 3, "Activated", frame_id="p1"),
    env("e4", 4, "RiskReg", hypothesis_id="h1", family="fixed"),
    env("e5", 5, "RiskReserve", risk_id="r1", hypothesis_id="h1", frame_id="p1", eta="1/100"),
    env("e6", 6, "RiskSpend", risk_id="r1", hypothesis_id="h1", frame_id="p1",
        eta="1/100", mode="fixed", cert_id="c-risk"),
    env("e7", 7, "ReserveResource", lease_id="lease1", token_id="tool", frame_id="p1"),
    env("e8", 8, "MintCap", capability_id="cap1", frame_id="p1", action="run-check"),
    env("e9", 9, "AuthorizeOutbox", outbox_id="out1", frame_id="p1", action="run-check"),
]

request = GateRequest(
    gate_id="gate1", bundle_id="bundle1", frame_id="p1", action="run-check",
    outbox_id="out1", capability_id="cap1", lease_id="lease1",
    risk_id="r1", hypothesis_id="h1", risk_mode="fixed", risk_cert_id="c-risk",
    source_time=9, commit_time=10,
)

gate = ExecutorGate()
assert gate.check(horizon, log, request).ok
bundle = gate.create_bundle(horizon, log, request)
assert bundle.verify(horizon, log).ok

Security Boundary

The library proves finite audit consistency. It does not prove external truth, cryptographic collision resistance, statistical model validity, or physical effect. Those are explicit assumptions in checker results.

See docs/quickstart.md, docs/schema.md, docs/theory-mapping.md, and docs/operations.md for operational use.

Release

The canonical repository is https://github.com/kadubon/problem-frame-gate. Versioned releases are published by GitHub Actions through PyPI Trusted Publishing from .github/workflows/workflow.yml; no long-lived PyPI token is required.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

problem_frame_gate-0.3.0.tar.gz (50.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

problem_frame_gate-0.3.0-py3-none-any.whl (43.6 kB view details)

Uploaded Python 3

File details

Details for the file problem_frame_gate-0.3.0.tar.gz.

File metadata

  • Download URL: problem_frame_gate-0.3.0.tar.gz
  • Upload date:
  • Size: 50.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for problem_frame_gate-0.3.0.tar.gz
Algorithm Hash digest
SHA256 c522c3ff9cf6d15779d6236b9838c890de46801fc5be252515e98ef4a11795d9
MD5 6b4b4ee3623223acf0103701fa6bc4b5
BLAKE2b-256 e630669085fa722f50658353c4bfaaf982613ebc5eb27976b0b6289889772eac

See more details on using hashes here.

Provenance

The following attestation bundles were made for problem_frame_gate-0.3.0.tar.gz:

Publisher: workflow.yml on kadubon/problem-frame-gate

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file problem_frame_gate-0.3.0-py3-none-any.whl.

File metadata

File hashes

Hashes for problem_frame_gate-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 eea5e987f89ba228e432527b3e9f2ceaf24ff22b6bbd927fd2d1e00e704f0a02
MD5 7f07060f09fd21811f25c4547dbee45b
BLAKE2b-256 a5a412715488b8ef9c60bb09e17757c5988a953bb87971ba004469e95fc84a6a

See more details on using hashes here.

Provenance

The following attestation bundles were made for problem_frame_gate-0.3.0-py3-none-any.whl:

Publisher: workflow.yml on kadubon/problem-frame-gate

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page