Skip to main content

The Core Difference

Most AI orchestration tools treat governance as optional middleware — a monitoring layer you can skip when it’s inconvenient. r5e’s governance is the runtime. You can’t remove it any more than you can remove the kernel from an OS.

How Governance Works

Policy-Based Admission

Every resource creation goes through an admission pipeline:
  1. Schema validation — is the resource well-formed?
  2. Ref preflight — do all referenced resources exist?
  3. Policy evaluation — does policy allow this action?
  4. Identity gate — is the actor authorized?
No work starts without passing admission. There are no side-channel creation paths.

Monotonic Narrowing

Authority only narrows through delegation. A child session cannot have more authority than its parent. A parent cannot grant more than it has. This is structural, not advisory.

Mandatory Independent Review

No artifact advances without independent review. The model that produced the work cannot certify it — enforced by structural provenance separation (distinct model identity, distinct provider, distinct session lineage).

Hash-Chained Audit

Every event is hash-chained to the previous event. If any event is modified or deleted, the chain breaks. An external auditor can verify the entire history without re-running anything.