Runtime gates
Feature and execution boundaries that keep sensitive lanes closed unless a narrow precondition is satisfied.
High-technical documentation
Governed AI execution corridors. Receipts before reach.
Blaze separates AI reasoning from execution authority. Agents can propose, summarize, and explain. The runtime decides whether touch is technically reachable.
1. Core primitives
The Blaze control room is built from gates, receipts, and side-effect certificates.
Receipts
Structured evidence objects that record consumed dependencies, verified states, blocked behaviors, and next recommended steps.
Side-effect certificates
Proof that dangerous behavior did not happen: no call, no read, no decrypt, no write, no queue, no hidden execution.
Operator surfaces
Human cockpit pages show cards and badges while API routes expose raw JSON for audit and export.
Connector adapters
External systems enter as governed signal adapters, not free-form automation clients.
Fail-closed posture
Missing receipts, incomplete scope, absent consent, or failed audits keep the path locked.
2. Route split
One state, two operator views.
Blaze separates human-readable cockpit pages from raw receipt endpoints. This makes the same proof chain useful for operators and auditors.
/operator/signals/... = operator-facing UI
/operator/api/signals/... = raw receipt JSON
php artisan blaze:v2d... = terminal receipt and JSON3. Authority lifecycle
Authority is earned in stages, never assumed from route presence or UI display.
- Display-only preview: define shape, wording, expected fields, UI contract, and future requirements.
- Audit: verify the preview’s integrity and confirm it did not become authority.
- Non-authority smoke: test that the boundary cannot act as consent, scope, token access, DB access, request dispatch, or external contact.
- Smoke audit: audit the smoke result and preserve side-effect proof.
- Operator consent: later explicit consent may be accepted only in its own audited lane.
- Scope binding: define endpoint, fields, tenant, request count, redaction rules, and forbidden expansions.
- Credential boundary: separate token lookup, decrypt, refresh, use, exposure, storage, and logging.
- One-request guard: prevent pagination, retries, queues, background jobs, or second requests unless separately authorized.
- Redaction contract: block raw IDs, secrets, raw responses, and sensitive payloads before display or persistence.
- Post-read audit and final authority grant: record what happened and what stayed blocked before any future expansion.
4. Current Shopify corridor state
The latest corridor proves the consent boundary without accepting consent.
As of v2d.19b.62, the operator consent boundary has been previewed, audited, and smoke-tested as non-authority. The readiness gate remains closed and the readiness hold remains active.
Authority pathDoes not exist now.
ConsentUnaccepted, phrase unstored, hash unstored.
Token boundaryNo lookup, decrypt, refresh, exposure, storage, or logging.
External contactNo Shopify call and no Admin API read.
5. No-call/no-write certificate
The correct proof is often that nothing unsafe happened.
shopify_calls_performed: false
admin_api_reads_performed: false
token_lookup_performed: false
token_decrypt_performed: false
token_refresh_performed: false
token_exposure_performed: false
db_reads_performed: false
db_writes_performed: false
request_counter_created: false
queue_dispatch_attempted: false
hidden_execution_blocked: true
6. Integration contract
Every connector should define the same control envelope.
External system
Name the system, tenant, data categories, and sensitive fields.
Read-only starting scope
Define which signals can be observed before authority exists.
Credential policy
Separate lookup, decrypt, refresh, storage, exposure, and logs.
Consent language
Define the exact phrase and operator identity binding required later.
Request guard
Constrain endpoint, count, retry behavior, background jobs, and pagination.
Audit export
Make side-effect certificates and receipt lineage visible.