From 55b9039a2864df064d1535934c0ee7c90d4faa38 Mon Sep 17 00:00:00 2001 From: mdheller <21163552+mdheller@users.noreply.github.com> Date: Tue, 14 Apr 2026 21:32:33 -0400 Subject: [PATCH 1/4] schemas(control-plane): add incident events schema (freeze/fork/kill) --- .../control-plane/incident-events.schema.json | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 schemas/control-plane/incident-events.schema.json diff --git a/schemas/control-plane/incident-events.schema.json b/schemas/control-plane/incident-events.schema.json new file mode 100644 index 0000000..0ea8d3d --- /dev/null +++ b/schemas/control-plane/incident-events.schema.json @@ -0,0 +1,44 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://socioprophet.org/schemas/events/incident-events.schema.json", + "title": "IncidentEvent", + "description": "Control-plane incident lifecycle events (Freeze/Fork/Kill). Uses the same actor/run/refs/payload conventions as other control-plane lifecycle events.", + "type": "object", + "additionalProperties": false, + "required": ["event_id", "event_name", "occurred_at", "actor", "status"], + "properties": { + "event_id": { "type": "string", "minLength": 1 }, + "event_name": { + "type": "string", + "enum": ["incident.freeze", "incident.fork", "incident.kill"] + }, + "occurred_at": { "type": "string", "format": "date-time" }, + "actor": { + "type": "object", + "additionalProperties": true, + "required": ["kind", "id"], + "properties": { + "kind": { "type": "string", "enum": ["human", "agent", "service", "scheduler"] }, + "id": { "type": "string", "minLength": 1 } + } + }, + "run": { + "type": "object", + "additionalProperties": true, + "properties": { + "run_id": { "type": "string", "minLength": 1 }, + "trace_id": { "type": "string" }, + "span_id": { "type": "string" }, + "attempt": { "type": "integer", "minimum": 1 } + } + }, + "coordinates": { "type": "object", "additionalProperties": true }, + "status": { + "type": "string", + "enum": ["requested", "running", "succeeded", "failed", "denied", "archived"], + "description": "Status progression for the incident action." + }, + "refs": { "type": "object", "additionalProperties": true }, + "payload": { "type": "object", "additionalProperties": true } + } +} From e80843b48e0422f19570e4968f35a94bc261eafb Mon Sep 17 00:00:00 2001 From: mdheller <21163552+mdheller@users.noreply.github.com> Date: Tue, 14 Apr 2026 21:33:00 -0400 Subject: [PATCH 2/4] examples: add TruthSurface sample payload --- examples/truth-surface.sample.json | 45 ++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 examples/truth-surface.sample.json diff --git a/examples/truth-surface.sample.json b/examples/truth-surface.sample.json new file mode 100644 index 0000000..5b54098 --- /dev/null +++ b/examples/truth-surface.sample.json @@ -0,0 +1,45 @@ +{ + "id": "urn:srcos:truth-surface:ts_0001", + "type": "TruthSurface", + "specVersion": "2.0.0", + "plane": "system.sealed", + "createdAt": "2026-04-14T21:35:00Z", + "merkleRoot": "sha256:REPLACE_ME", + "signer": "sourceos-truth-surface", + "signature": "sig:REPLACE_ME", + "refs": { + "policyDecisionRefs": ["urn:srcos:decision:aa11bb22"], + "capabilityTokenIds": ["tok_123"], + "runRecordRefs": ["urn:srcos:run:77cc88dd"], + "provenanceRefs": ["urn:srcos:prov:001"], + "telemetryRefs": ["urn:srcos:telemetry:t001"], + "evidenceBundleRefs": ["artifact://evidence/run_77cc88dd"], + "cairnBeforeRef": "cairn://system/sealed/before/ts_0000", + "cairnAfterRef": "cairn://system/sealed/after/ts_0001" + }, + "evidence": { + "required": ["logs", "traces", "metrics", "policy_decision"], + "present": ["logs", "policy_decision"], + "missing": ["traces", "metrics"] + }, + "semantics": { + "anchors": ["B1", "B4"], + "glossary": ["urn:srcos:glossary:dob"], + "topics": ["boot.integrity", "policy.posture"] + }, + "runtime": { + "integrity": { + "measuredBoot": "ok", + "ima": "enabled" + }, + "processSummary": { + "processCount": 243, + "suspicious": 0 + } + }, + "governance": { + "policyPackDigest": "sha256:REPLACE_ME", + "riskScore": 12, + "humanApprovalRequired": false + } +} From cdd314ee0a51e013af2c5ca0196da773f542fd4c Mon Sep 17 00:00:00 2001 From: mdheller <21163552+mdheller@users.noreply.github.com> Date: Tue, 14 Apr 2026 21:37:06 -0400 Subject: [PATCH 3/4] examples: add DeltaSurface sample payload --- examples/delta-surface.sample.json | 41 ++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 examples/delta-surface.sample.json diff --git a/examples/delta-surface.sample.json b/examples/delta-surface.sample.json new file mode 100644 index 0000000..8736e54 --- /dev/null +++ b/examples/delta-surface.sample.json @@ -0,0 +1,41 @@ +{ + "id": "urn:srcos:delta-surface:ds_0001", + "type": "DeltaSurface", + "specVersion": "2.0.0", + "fromRef": "urn:srcos:truth-surface:ts_0000", + "toRef": "urn:srcos:truth-surface:ts_0001", + "createdAt": "2026-04-14T21:36:00Z", + "merkleRoot": "sha256:REPLACE_ME", + "signer": "sourceos-delta-surface", + "signature": "sig:REPLACE_ME", + "metrics": { + "semantic": { + "topic_alignment_cosine": 0.91, + "feature_jaccard": 0.84 + }, + "runtime": { + "new_processes": 2, + "namespace_transitions": 0 + }, + "governance": { + "new_policy_decisions": 1 + } + }, + "gate": { + "status": "needs_more_evidence", + "riskScore": 12, + "riskThreshold": 30, + "humanApprovalRequired": false, + "humanApproved": false, + "evidenceRequired": ["logs", "traces", "metrics", "policy_decision"], + "evidencePresent": ["logs", "policy_decision"], + "evidenceMissing": ["traces", "metrics"], + "reasons": ["missing required evidence: traces", "missing required evidence: metrics"] + }, + "refs": { + "policyDecisionRefs": ["urn:srcos:decision:aa11bb22"], + "evidenceBundleRef": "artifact://evidence/run_77cc88dd", + "cairnBeforeRef": "cairn://system/sealed/before/ts_0000", + "cairnAfterRef": "cairn://system/sealed/after/ts_0001" + } +} From a6db42da30b511cfedfcd094cfbc2ebdeb5711ac Mon Sep 17 00:00:00 2001 From: mdheller <21163552+mdheller@users.noreply.github.com> Date: Tue, 14 Apr 2026 21:38:01 -0400 Subject: [PATCH 4/4] examples(control-plane): add incident.freeze sample payload --- .../control-plane/incident.freeze.sample.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 examples/control-plane/incident.freeze.sample.json diff --git a/examples/control-plane/incident.freeze.sample.json b/examples/control-plane/incident.freeze.sample.json new file mode 100644 index 0000000..ed03778 --- /dev/null +++ b/examples/control-plane/incident.freeze.sample.json @@ -0,0 +1,34 @@ +{ + "event_id": "evt_01JQ3INCIDENTFREEZE0001", + "event_name": "incident.freeze", + "occurred_at": "2026-04-14T21:37:00Z", + "actor": { + "kind": "service", + "id": "sourceos-incident" + }, + "run": { + "run_id": "run_01JQ3INCIDENT0001", + "trace_id": "trace_freeze_0001", + "span_id": "span_freeze_0001", + "attempt": 1 + }, + "coordinates": { + "env": "local", + "topology_scope": "host", + "trust_class": "sealed", + "tenant_scope": "default", + "data_sensitivity": "redacted" + }, + "status": "succeeded", + "refs": { + "truth_surface_ref": "urn:srcos:truth-surface:ts_0001", + "delta_surface_ref": "urn:srcos:delta-surface:ds_0001", + "evidence_bundle_ref": "artifact://evidence/incident/run_01JQ3INCIDENT0001", + "cairn_before_ref": "cairn://incident/freeze/before/0001", + "cairn_after_ref": "cairn://incident/freeze/after/0001" + }, + "payload": { + "actions": ["block_frontier_egress", "snapshot_runtime_truth", "pause_high_risk_units"], + "notes": "Freeze phase succeeded; mutation halted; snapshots captured." + } +}