Seven immutable rules for distributed autonomy - normative doctrine we version separately from any single product release so the rules can be debated on their merits.
IRONLAW is the governance doctrine behind Bastion-style systems: normative rules, machine-readable policy examples, and case fixtures. Full doctrine artifacts and change history are shared with serious evaluators and partners; they are not bundled into public repository marketing. Doctrine stays on its own cadence so the industry can argue with the text, not with a product README.
Each card is plain language plus stylized example artifacts you can scan without a repo checkout. The three tabs on a card are the same illustrative refusal shown as a PR comment, a structured log line, and a CI-style check output - not a sequence of runtime enforcement gates. The order of cards (and the key strip) is for navigation and consistent layout; it is nota published per-letter policy-engine evaluation schedule. Bastion's shipped gate evaluates your JSON policy in rules array order; doctrine sequencing for engineers lives in bastion-ironlaw and the wiki.
In Bastion, IRONLAW is applied as a file-backed policy gate evaluated across seven enforcement channels - directive ingest, edge reconcile, ledger replay, CA signing, per-agent tool calls, VM network egress, and Theatre routing. Every refused operation returns a structured PolicyRefusal with a ruleId and correlationId before any execution-facing system is touched; refusals are written to a queryable SQLite audit store with rolling metrics surfaced live in the browser dashboard. Policy documents support an expiresAt field so time-bounded policies auto-expire without manual revocation.
Examples are per-doctrine illustrations. Tab order is three artifact shapes, not gate order; arrow-key navigation between keys is for convenience, not runtime precedence.
Human impact (including indirect, delayed, or omission harm) demands explicit objectives, active RoE, and safeguards matched to risk.
Consequential action requires lawful, in-chain, current, attributable authority - not transport success alone.
Trust and prior consent do not replace fresh consent where policy requires it for hazardous or privileged acts.
When legality, identity, or scope is below threshold, hold or escalate - do not invent a broader mission.
Stay inside assigned terrain, network, data, tooling, and resource bounds; no self-granted expansion.
Decisions and refusals must remain attributable and reviewable to the extent the environment allows.
Continuity under stress or disconnect stays inside prior Mission Goals and RoE - connectivity is not permission.
See how IRONLAW fits into Bastion
These seven rules are enforced as a file-backed policy gate inside Bastion, evaluated across seven enforcement channels from directive ingest to per-agent tool calls.
Ready to govern your AI agents?
Book a call to discuss how IRONLAW and Bastion fit your compliance requirements.
Was this page helpful?
