Fail-closed · the posture
When in doubt, deny.
When the policy is unclear, the runtime fails closed. When LIM confidence drops below the operator-set threshold, the decision escalates. When a token is presented past its TTL, the connector refuses it. When the audit chain head is unreachable, no new decisions are issued. Each failure is observable and named.
02 · Named failure modes
Refused, not guessed
If no policy clause definitively allows the action, it is refused. There is no default-allow path.
Escalated
When LIM’s confidence drops below the operator-set threshold, the action is escalated for human review instead of executed.
Refused at the gate
The connector — not Intended — checks TTL. Past expiry, the action is refused there, in the target system itself.
No new decisions
If the audit chain head cannot be written, no new Authority Tokens are minted. Failure is loud, not silent.
No silent allow paths. No defaults open.
The contract is: no token, no action. Every failure mode is documented. Every failure mode is enforceable.