feat(mos): add logical identity connector fencing #757

Open
jason.woltje wants to merge 2 commits from feat/mos-logical-identity-fencing into main
Owner

Summary

  • add normalized runtime-neutral logical-agent, binding, connector, scope, and decimal fencing-epoch contracts
  • add PostgreSQL-durable exclusive connector leases with CAS takeover, monotonic epochs, TTL, heartbeat, release, restart recovery, and credential-safe lifecycle audit
  • add server-minted execution grants validated against durable current authority immediately before adapter side effects
  • add a gateway-owned deny-by-default policy boundary and normalized fenced adapter context
  • document M1 architecture, operations, migration, rollback, and residual exactly-once limitations

Security properties

  • tenant authority is derived from authenticated gateway context
  • stale, expired, released, forged, malformed, scope-mismatched, cross-tenant, cross-binding, and cross-connector authority fails closed before effects
  • lease TTL is capped at 5 minutes; grant TTL is capped at 30 seconds and cannot outlive the durable current lease
  • audit records exclude scopes, grants, payloads, credentials, tokens, and approval references
  • production policy remains deny-all until a later concrete connector cutover

Verification

  • TDD RED/GREEN evidence recorded in docs/scratchpads/755-mos-logical-identity-fencing.md
  • types connector contract: 6/6 passed
  • agent fencing/grant suite: 10/10 passed
  • gateway PGlite repository + policy integration: 8/8 passed
  • real PostgreSQL close/reopen/CAS integration: 1/1 passed with configured DATABASE_URL
  • pnpm typecheck: 42/42 Turbo tasks passed
  • pnpm lint: 23/23 Turbo tasks passed
  • pnpm format:check: passed
  • pnpm test: 42/42 Turbo tasks passed; gateway 617 passed / 12 environment-gated skipped
  • independent Codex code review: APPROVE, no findings
  • independent Codex security review: no critical/high/medium/low findings
  • final credential-pattern and diff checks: clean

Deferred by scope

Checkpoint/handoff payloads, exactly-once journal/receipts, concrete Claude/Pi/Codex adapters, channel cutover, and full cross-harness failover E2E remain later #754 work.

Refs #755

## Summary - add normalized runtime-neutral logical-agent, binding, connector, scope, and decimal fencing-epoch contracts - add PostgreSQL-durable exclusive connector leases with CAS takeover, monotonic epochs, TTL, heartbeat, release, restart recovery, and credential-safe lifecycle audit - add server-minted execution grants validated against durable current authority immediately before adapter side effects - add a gateway-owned deny-by-default policy boundary and normalized fenced adapter context - document M1 architecture, operations, migration, rollback, and residual exactly-once limitations ## Security properties - tenant authority is derived from authenticated gateway context - stale, expired, released, forged, malformed, scope-mismatched, cross-tenant, cross-binding, and cross-connector authority fails closed before effects - lease TTL is capped at 5 minutes; grant TTL is capped at 30 seconds and cannot outlive the durable current lease - audit records exclude scopes, grants, payloads, credentials, tokens, and approval references - production policy remains deny-all until a later concrete connector cutover ## Verification - TDD RED/GREEN evidence recorded in `docs/scratchpads/755-mos-logical-identity-fencing.md` - types connector contract: 6/6 passed - agent fencing/grant suite: 10/10 passed - gateway PGlite repository + policy integration: 8/8 passed - real PostgreSQL close/reopen/CAS integration: 1/1 passed with configured `DATABASE_URL` - `pnpm typecheck`: 42/42 Turbo tasks passed - `pnpm lint`: 23/23 Turbo tasks passed - `pnpm format:check`: passed - `pnpm test`: 42/42 Turbo tasks passed; gateway 617 passed / 12 environment-gated skipped - independent Codex code review: APPROVE, no findings - independent Codex security review: no critical/high/medium/low findings - final credential-pattern and diff checks: clean ## Deferred by scope Checkpoint/handoff payloads, exactly-once journal/receipts, concrete Claude/Pi/Codex adapters, channel cutover, and full cross-harness failover E2E remain later #754 work. Refs #755
jason.woltje added 2 commits 2026-07-14 18:18:57 +00:00
feat(#755): add logical agent connector fencing
All checks were successful
ci/woodpecker/pr/ci Pipeline was successful
dff8ce4f79
Add normalized runtime-neutral identity, durable PostgreSQL CAS leases, monotonic epochs, short-lived server grants, fail-closed adapter validation, credential-safe audit, and concurrency/restart/abuse coverage.\n\nRefs #755
All checks were successful
ci/woodpecker/pr/ci Pipeline was successful
This pull request has changes conflicting with the target branch.
  • docs/SITEMAP.md
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin feat/mos-logical-identity-fencing:feat/mos-logical-identity-fencing
git checkout feat/mos-logical-identity-fencing
Sign in to join this conversation.
No Reviewers
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#757