Trust Debt and Runtime Posture¶
In v1.0 alpha, Trust Debt is the normative runtime trust mechanism. Broader “trust system” wording is explanatory only unless a page is explicitly discussing non-normative surrounding concepts.
Overview¶
The default deterministic provider is acgp.core.default@1, which tracks governance outcomes over a rolling window. Other provider behavior may exist through extension boundaries, but it must preserve the observable semantics and public boundary defined in ACGP-3.
Trust Debt (Normative — ACGP-3 §9)¶
Trust Debt is updated after the final primary intervention is determined and any orthogonal flag is attached. The default deterministic provider accumulates debt using the resulting decision plus any flag contribution:
Accumulation (per clarity.baseline@1.0 defaults):
| Intervention | Debt Weight |
|---|---|
ok |
0.0 |
flag |
0.1 |
nudge |
0.5 |
escalate |
1.0 |
block |
2.0 |
halt |
5.0 |
halt remains part of trust-debt history even though it is terminal for the current governed action. That preserves monotonic incident history for review and any subsequent handling that reuses the same provider state.
Decay: Debt decays by a configurable fraction removed per period (default: 5% per hour).
Thresholds: When trust debt exceeds configurable thresholds, graduated responses are triggered:
| Threshold | Default | Action |
|---|---|---|
elevated_monitoring |
3.0 | Increased observation |
restricted_mode |
6.0 | Reduced autonomy |
re_tiering_review |
10.0 | Governance Tier review and possible ARS reassessment |
See ACGP-3 §9 and Advanced Trust Debt for extension details.
What Trust Debt Does Not Do¶
- It does not replace deployment-time identity proof.
- It does not replace ARS assignment.
- It does not guarantee safe local fast-path execution without deployment controls.
- It does not itself define federation or trust bootstrap.
See Protocol Boundaries for the deployment-boundary map.
Governance Tier Review¶
Trust debt does not silently change the canonical Governance Tier. Instead, it affects runtime handling in two stages:
- Immediate runtime tightening: more logging, more review, or restricted mode.
- Formal review: crossing
re_tiering_reviewtriggers Governance Tier review and may queue ARS reassessment.
graph LR
A["Current Governance Tier (GT-3)"] --> B["Trust debt rises"]
B --> C["Restricted handling / elevated monitoring"]
C --> D["Governance Tier review"]
D --> E["Queue ARS reassessment if needed"]Best Practices¶
Start Conservative
New agents should start with an appropriate Governance Tier and treat lower oversight as a reviewed decision, not an automatic consequence of debt decay.
Monitor Trust Debt Trends
Rising debt indicates agent issues — investigate and address root causes before thresholds trigger Governance Tier review.
Debt Recovery
Debt decays naturally over time. After incidents, stricter oversight continues until debt falls below the configured runtime thresholds and review requirements are cleared; decay alone does not silently relax the current decision path.