Skip to main content

Model-neutral outbound governance boundary for sovereign perimeter inspection, policy enforcement, and evidence generation

Project description

sovereign-sdk-airlock

Model-neutral outbound governance boundary for the Sovereign Systems SDK.

Inspects, evaluates, minimises, and records structured payloads before they cross a sovereign perimeter and enter an external computational system.


Architecture

sovereign-sdk-airlock implements the four-component lifecycle defined in the Airlock Specification (SAR-0004):

Component Responsibility
Boundary Interception Capture normalised outbound payloads; transport-agnostic
Policy Engine Evaluate local YAML governance rules (raw, fields, telemetry scopes)
Sieve Convergence Deterministic context minimisation via sovereign-sdk-sieve
Evidence Generation Immutable ForensicReceipt committed to sovereign-sdk-ledger

Quick Start

import asyncio
from sovereign_ledger import SovereignLedger
from sovereign_airlock import AirlockBoundary, normalize_openai

ledger = SovereignLedger(".keys/sovereign_audit.db")
boundary = AirlockBoundary(
    policy_path="policy.yaml",
    signing_key=".keys/",
    ledger=ledger,
)

request = {
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "Analyse the quarterly report."}],
}

async def main():
    result = await boundary.process(normalize_openai(request))
    print(result.sieved_content)
    print(result.telemetry.tax_savings_percentage, "% Prose Tax savings")
    print(result.receipt["metadata"]["payload_hash"])  # raw pre-sieve content hash

asyncio.run(main())

Policy Configuration

version: "1.0"

global:
  max_token_ceiling: 40000
  prose_tax_warning_threshold: 0.35

rules:

  - name: block_private_keys
    scope: raw
    pattern: "-----BEGIN PRIVATE KEY-----"
    action: deny

  - name: guard_internal_namespaces
    scope: fields
    fields:
      - messages.content
      - tools.description
    pattern: "internal\\.sovereign\\.local"
    action: warn

  - name: excessive_context
    scope: telemetry
    metric: raw_tokens
    threshold: 30000
    action: warn

Policy Actions

Action Behaviour
allow Explicit pass-through — no effect on verdict
warn Appends to AirlockResult.policy_warnings; transmission continues
deny Raises AirlockPolicyViolation; payload blocked

Exception Inspection

When a post-sieve deny rule fires, any warn-action messages accumulated during the pre-sieve pass are preserved on the exception for diagnostic inspection:

try:
    result = await boundary.process(payload)
except AirlockPolicyViolation as exc:
    print(exc)           # deny violation message
    print(exc.warnings)  # pre-sieve warn messages (list[str], may be empty)
    raise

Transport Normalisation

Airlock governs boundaries, not transports. Use the factory functions to convert provider-specific request formats into the provider-neutral NormalizedPayload:

from sovereign_airlock import normalize_openai, normalize_anthropic, normalize_raw

# OpenAI-compatible chat completion request
payload = normalize_openai({"messages": [...], "model": "gpt-4o"})

# Anthropic-compatible messages API request
payload = normalize_anthropic({"messages": [...], "system": "...", "model": "claude-sonnet-4-6"})

# Raw string
payload = normalize_raw("plain text to govern")

Invariants

  • Zero external network dependencies — all operations execute on local silicon.
  • Ledger write failure is non-fatal; outbound transmission is never blocked by a storage anomaly.
  • Context minimisation uses sovereign-sdk-sieve exclusively — no model-based compression.
  • All policy evaluation is deterministic and auditable.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sovereign_sdk_airlock-1.4.0.tar.gz (25.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sovereign_sdk_airlock-1.4.0-py3-none-any.whl (18.2 kB view details)

Uploaded Python 3

File details

Details for the file sovereign_sdk_airlock-1.4.0.tar.gz.

File metadata

File hashes

Hashes for sovereign_sdk_airlock-1.4.0.tar.gz
Algorithm Hash digest
SHA256 0cea048159885949b862261a7ff019adc8be6303ca9c6c1c924351fa63f5fc91
MD5 ce91cae43bdaa4a85e6156a56c278214
BLAKE2b-256 3a3ef0b52832417733c184cbe63c00ce83470616262f0e9153b04a6dcfe14741

See more details on using hashes here.

File details

Details for the file sovereign_sdk_airlock-1.4.0-py3-none-any.whl.

File metadata

File hashes

Hashes for sovereign_sdk_airlock-1.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e1f74be7964abc321abed95df21610b374113e3149592ef34e613de0b9cfa5a7
MD5 bb4c5a6445fdd98842d0250f319fe9ad
BLAKE2b-256 d31d59faa2b492ede794ad66555d79dd59cf0e4fb23b3edc6682cb6af3e11452

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page