Meaning Firewall Phase 2 Audit

Status: Sprint 22 remediations complete — all remaining HIGH/MEDIUM violations now config-driven Audited: Sprint 20 (2026-03-21) · Sprint 21 remediation: 2026-03-21 · Sprint 22 remediation: 2026-03-22 Issue: #1370 Prior work: Phase 1 CI enforcement (#916, #871 — closed/complete)

Executive Summary

The kernel enforces constraints WITHOUT understanding their semantic origin.

The Phase 1 CI gate prevents new import violations. This audit identifies semantic violations — places where kernel crates make domain-specific decisions (encode business rules, governance policies, trust thresholds) rather than consuming generic constraints from PolicyOracle app crates.

Original result: 8 significant violations across 4 crates. 7 crates clean. Post-Sprint 21: 5 violations remediated. 3 violations remaining. Post-Sprint 22: All remaining violations remediated. 0 outstanding HIGH/MEDIUM violations.

Crate-by-Crate Findings

1. icn-compute — HIGH · ✅ Fully remediated (Sprint 21 + Sprint 22)

Domain-specific policy logic embedded directly in compute kernel code.

Pattern: icn-compute implements admission, scheduling, and cost decisions using trust scores and charter priorities directly — domain knowledge that belongs in a ComputePolicyOracle app.

Sprint 21 remediation (PR #1384): Extracted min_standing, min_trust_score, and fuel_cost_divisor into ComputePolicyConfig in icn-core/src/config/compute.rs. Wired from lifecycle.rs into CommonsPoolPolicy and SybilPolicy on startup.

Sprint 22 remediation (PR #1391): Extracted CharterPriority preemption routing into CommonsPoolPolicy.preemptable_priorities: Vec<CharterPriority> (config-driven, default [UbsFirst, EmergencyFirst]). Added credit_ceiling: Option<i64> to ComputePolicyConfig, wired from init_compute.rs. CharterPriority::allows_preemption() (hardcoded policy decision in an enum method) replaced by preemptable_priorities.contains() lookup.

Remaining: No outstanding violations. Full ComputePolicyOracle extraction (moving CommonsPoolPolicy entirely out of the kernel crate) is a future sprint concern.

2. icn-security — HIGH · ✅ Fully remediated (Sprint 21 + Sprint 22)

Reputation management encoded as hardcoded algorithms.

Pattern: Severity scores, decay rates, quarantine thresholds, and retention policies are governance decisions hardcoded as kernel constants.

Sprint 21 remediation (PR #1385): Extracted severity weights into SeverityWeights struct; added severity_with_weights() to Violation and StorageFailureReason; made penalty_rate a field on MisbehaviorThresholds; added ReputationPolicyConfig and SecurityConfig in icn-core/src/config/security.rs; wired from lifecycle.rs on startup. Defaults match previously-hardcoded values.

Sprint 22 remediation (PR #1389): Added max_violations_per_hour: usize (default 10) and violation_retention_secs: u64 (default 604_800 = 7 days) to ReputationPolicyConfig. Added set_max_violations_per_hour() and set_violation_retention_secs() setters on MisbehaviorDetector. Wired from lifecycle.rs alongside existing penalty_rate wiring.

Remaining: No outstanding violations. Full ReputationPolicyOracle extraction (moving threshold logic entirely out of kernel) is a future sprint concern.

3. icn-ledger — MEDIUM · ✅ Fully remediated (Sprint 22)

Credit policy calculations use trust score inputs directly.

Pattern: CreditPolicy implements cooperative financial governance (who gets how much credit, on what basis) inside the ledger kernel crate. The trust_multiplier, ramp schedule, and baseline limits are all governance decisions.

Sprint 22 remediation (PR #1392): Added CreditPolicyConfig (baseline=10_000, trust_multiplier=0.3, history_bonus_rate=0.05, currency="hours") and NewMemberPolicyConfig (initial_limit=1_000, ramp_period_days=90, cleared_volume_threshold=5_000) to icn-core/src/config/ledger.rs. Added build_credit_policy_manager() in apps/ledger/src/config.rs (takes primitives → CreditPolicyManager; maintains 4-layer indirection: icn-core config → apps/ledger/config.rs → init.rs → icnd). Updated init_ledger_services() to accept CreditPolicyManager instead of hardcoding CreditPolicy::conservative(). Wired from icnd/src/main.rs.

Remaining: CreditPolicy::conservative() / permissive() factory methods still exist in icn-ledger for test use. Full LedgerPolicyOracle extraction (moving credit policy struct entirely out of kernel) is a future sprint concern.

4. icn-core — MEDIUM · Minor cleanup

Effect dispatcher encodes knowledge of domain effect semantics.

Pattern: The dispatcher knows what makes a "treasury" effect vs. a "governance" effect. This is semantic knowledge; a pure kernel would route to a registered handler by opaque type ID.

Remediation: This is lower priority. Effect routing is an intentional design decision documented in KERNEL_APP_SEPARATION.md. The label function could be removed or moved to an app-layer metric emitter. Open question: whether execute_effects() routing constitutes a real violation or acceptable kernel infrastructure.

5. icn-obs — LOW · ✅ Fully remediated (Sprint 22)

Observability layer exposes domain thresholds as constants.

Pattern: Governance-specific thresholds are in the observability substrate. These should come from config or app layer.

Sprint 22 remediation (PR #1390): Added AttestationThresholds struct to icn-obs/src/attestation.rs (parallel to SeverityWeights pattern in icn-security). All 5 constants (MIN_TRUST_TO_ATTEST=0.3, MIN_MEMBERSHIP_AGE_SECS=7_776_000, MAX_ATTESTATIONS_PER_PERIOD=10, ORG_ATTESTATION_THRESHOLD=500, CONTRIBUTION_THRESHOLD=1.0) retained as backward-compat aliases; runtime now uses AttestationThresholds fields. Added ContributionAttestationConfig and ObsConfig in icn-core/src/config/obs.rs with to_attestation_thresholds() converter. ContributionValidator gains thresholds: AttestationThresholds field; wiring happens at init time from config.

Remaining: No outstanding violations. Old pub const values are kept as backward-compat aliases; they can be deprecated in a future cleanup sprint.

6–11. Clean Crates ✅

Summary

Sprint 21 result: 5 of 8 original HIGH/MEDIUM violations resolved. All HIGH violations in icn-compute and icn-security are now config-driven.

Sprint 22 result: All 3 remaining violations resolved via updates to 10 config fields across 4 crates. All hardcoded governance values in icn-compute, icn-security, icn-ledger, and icn-obs are now externalized as serde-default config fields. Zero-impact upgrades — all defaults match previously-hardcoded values. Only icn-core's effect routing labels (LOW, deferred) remain.

Remediation Priority Order

1. icn-compute → ComputePolicyOracle (Sprint 21 + Sprint 22 — ✅ config extraction complete)

   • ✅ min_standing, min_trust_score, fuel_cost_divisor in ComputePolicyConfig (PR #1384, Sprint 21)
   • ✅ CharterPriority preemption routing → preemptable_priorities (PR #1391, Sprint 22)
   • ✅ credit ceiling → ComputePolicyConfig.credit_ceiling (PR #1391, Sprint 22)
   • ⏳ Full ComputePolicyOracle extraction (move struct out of kernel): future sprint

2. icn-security → ReputationPolicyOracle (Sprint 21 + Sprint 22 — ✅ config extraction complete)

   • ✅ SeverityWeights, penalty_rate in ReputationPolicyConfig (PR #1385, Sprint 21)
   • ✅ max_violations_per_hour, violation_retention_secs in ReputationPolicyConfig (PR #1389, Sprint 22)
   • ⏳ Full ReputationPolicyOracle extraction: future sprint

3. icn-ledger → LedgerPolicyOracle (Sprint 22 — ✅ config extraction complete)

   • ✅ CreditPolicyConfig (baseline, trust_multiplier, history_bonus_rate, currency) (PR #1392, Sprint 22)
   • ✅ NewMemberPolicyConfig (initial_limit, ramp_period_days, cleared_volume_threshold) (PR #1392, Sprint 22)
   • ⏳ Full LedgerPolicyOracle extraction (move CreditPolicy struct to apps/ledger): future sprint

4. icn-obs attestation thresholds (Sprint 22 — ✅ complete)

   • ✅ ContributionAttestationConfig with 5 fields replacing compiled constants (PR #1390, Sprint 22)

5. icn-core effect labels (Low priority, Sprint 23+)

   • effect_type_label() maps domain effect variants to label strings — LOW severity
   • Move to app-layer metrics emitter, or document as acceptable kernel infrastructure

CI Ratchet Proposal

Add a Phase 2 semantic ratchet test alongside the existing strict_*_reference_ratchet() tests in icn-core/src/meaning_firewall.rs:

// PROPOSED — not yet implemented
#[test]
fn phase_2_semantic_violation_ratchet() {
    // Pin counts of domain-semantic strings in kernel crates.
    // Can only decrease (ratchet down), never increase.
    let ratchets: &[(&str, &str, usize)] = &[
        // (crate_path, grep_pattern, max_allowed_occurrences)
        ("crates/icn-compute/src", "min_standing|min_trust_score", 2),
        ("crates/icn-security/src", r"severity\(\)|penalty|quarantine_threshold", 5),
        ("crates/icn-ledger/src", "trust_multiplier|conservative\(\)|permissive\(\)", 5),
    ];
    // Assert actual count <= max. Fail if count increases.
}

This ratchet prevents regression while remediation proceeds incrementally.

Related Documents

• KERNEL_APP_SEPARATION.md — architecture principles and PolicyOracle pattern
• docs/spec/federation-settlement-finality.md — finality spec (Sprint 20)
• Issue #1370 — tracking issue for this remediation
• Issues #916, #871 — Phase 1 CI enforcement (complete)
• PR #1384 — Sprint 21 s21-t1: ComputePolicyConfig extraction (merged)
• PR #1385 — Sprint 21 s21-t2: ReputationPolicyConfig / SeverityWeights extraction (merged)
• PR #1389 — Sprint 22 s22-t1: ReputationPolicyConfig threshold fields (max_violations_per_hour, violation_retention_secs)
• PR #1390 — Sprint 22 s22-t4: ContributionAttestationConfig (5 attestation threshold constants)
• PR #1391 — Sprint 22 s22-t2: ComputePolicyConfig preemption + credit ceiling
• PR #1392 — Sprint 22 s22-t3+t5: CreditPolicyConfig + NewMemberPolicyConfig + audit doc