Model-neutral outbound governance boundary for sovereign perimeter inspection, policy enforcement, and evidence generation
Project description
sovereign-sdk-airlock
Model-neutral outbound governance boundary for the Sovereign Systems SDK.
Inspects, evaluates, minimises, and records structured payloads before they cross a sovereign perimeter and enter an external computational system.
Architecture
sovereign-sdk-airlock implements the four-component lifecycle defined in the
Airlock Specification (SAR-0004):
| Component | Responsibility |
|---|---|
| Boundary Interception | Capture normalised outbound payloads; transport-agnostic |
| Policy Engine | Evaluate local YAML governance rules (raw, fields, telemetry scopes) |
| Sieve Convergence | Deterministic context minimisation via sovereign-sdk-sieve |
| Evidence Generation | Immutable ForensicReceipt committed to sovereign-sdk-ledger |
Quick Start
import asyncio
from sovereign_ledger import SovereignLedger
from sovereign_airlock import AirlockBoundary, normalize_openai
ledger = SovereignLedger(".keys/sovereign_audit.db")
boundary = AirlockBoundary(
policy_path="policy.yaml",
signing_key=".keys/",
ledger=ledger,
)
request = {
"model": "gpt-4o",
"messages": [{"role": "user", "content": "Analyse the quarterly report."}],
}
async def main():
result = await boundary.process(normalize_openai(request))
print(result.sieved_content)
print(result.telemetry.tax_savings_percentage, "% Prose Tax savings")
print(result.receipt["metadata"]["payload_hash"]) # raw pre-sieve content hash
asyncio.run(main())
Policy Configuration
version: "1.0"
global:
max_token_ceiling: 40000
prose_tax_warning_threshold: 0.35
rules:
- name: block_private_keys
scope: raw
pattern: "-----BEGIN PRIVATE KEY-----"
action: deny
- name: guard_internal_namespaces
scope: fields
fields:
- messages.content
- tools.description
pattern: "internal\\.sovereign\\.local"
action: warn
- name: excessive_context
scope: telemetry
metric: raw_tokens
threshold: 30000
action: warn
Policy Actions
| Action | Behaviour |
|---|---|
allow |
Explicit pass-through — no effect on verdict |
warn |
Appends to AirlockResult.policy_warnings; transmission continues |
deny |
Raises AirlockPolicyViolation; payload blocked |
Exception Inspection
When a post-sieve deny rule fires, any warn-action messages accumulated during the
pre-sieve pass are preserved on the exception for diagnostic inspection:
try:
result = await boundary.process(payload)
except AirlockPolicyViolation as exc:
print(exc) # deny violation message
print(exc.warnings) # pre-sieve warn messages (list[str], may be empty)
raise
Transport Normalisation
Airlock governs boundaries, not transports. Use the factory functions to convert
provider-specific request formats into the provider-neutral NormalizedPayload:
from sovereign_airlock import normalize_openai, normalize_anthropic, normalize_raw
# OpenAI-compatible chat completion request
payload = normalize_openai({"messages": [...], "model": "gpt-4o"})
# Anthropic-compatible messages API request
payload = normalize_anthropic({"messages": [...], "system": "...", "model": "claude-sonnet-4-6"})
# Raw string
payload = normalize_raw("plain text to govern")
Invariants
- Zero external network dependencies — all operations execute on local silicon.
- Ledger write failure is non-fatal; outbound transmission is never blocked by a storage anomaly.
- Context minimisation uses
sovereign-sdk-sieveexclusively — no model-based compression. - All policy evaluation is deterministic and auditable.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sovereign_sdk_airlock-1.4.0.tar.gz.
File metadata
- Download URL: sovereign_sdk_airlock-1.4.0.tar.gz
- Upload date:
- Size: 25.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0cea048159885949b862261a7ff019adc8be6303ca9c6c1c924351fa63f5fc91
|
|
| MD5 |
ce91cae43bdaa4a85e6156a56c278214
|
|
| BLAKE2b-256 |
3a3ef0b52832417733c184cbe63c00ce83470616262f0e9153b04a6dcfe14741
|
File details
Details for the file sovereign_sdk_airlock-1.4.0-py3-none-any.whl.
File metadata
- Download URL: sovereign_sdk_airlock-1.4.0-py3-none-any.whl
- Upload date:
- Size: 18.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e1f74be7964abc321abed95df21610b374113e3149592ef34e613de0b9cfa5a7
|
|
| MD5 |
bb4c5a6445fdd98842d0250f319fe9ad
|
|
| BLAKE2b-256 |
d31d59faa2b492ede794ad66555d79dd59cf0e4fb23b3edc6682cb6af3e11452
|