KYE Formal Rules Profile™ · v1.0

Formal rules for runtime authority.

A rule should not only be written. It should be enforceable, discoverable, revocable, provable and replayable. KYE Formal Rules Profile™ models permissions, obligations, prohibitions, powers, exceptions and governance meta-rules as machine-readable authority objects.

KYE Gateway™ enforces them at runtime, the Obligation Ledger™ tracks them, the Rule Prover™ checks consistency, and the Rule Compiler™ compiles them into runtime policy bindings, authority gates, commit boundaries, signal events and evidence requirements.

category 6 rule families arrow_forward Rule → runtime function Operators schema Schemas apps Apps balance Open / paid

Why a new layer

Authority is incomplete unless rights, obligations and powers are explicit.

KYE™ already records who acted, on whose behalf, under what authority, in what state, with what evidence. Formal Rules Profile™ adds the normative dimension: what may they do, what must they do, what must they not do, who may override, what evidence is required, and how conflicts are resolved.

Formal rules define the normative structure. KYE™ operationalises it at runtime.

1 · Six rule families

Every rule declares exactly one family.

check_circlepermission · PSubject MAY perform the action under stated authority + scope + state.

priority_highobligation · OSubject MUST perform the required action when the trigger condition applies.

blockprohibition · FSubject MUST NOT perform the prohibited action under stated conditions.

keypower · PowSubject HAS authority to create, modify, revoke, waive or override a normative state.

shieldimmunity · ImmSubject / state CANNOT be altered by the referenced actor or rule.

flakyexception · ExRule is displaced or modified under enumerated exceptional conditions.

A seventh family meta_governance is recorded under KYEGovernanceRule and describes who may change rules, which rules dominate, and how conflicts resolve.

2 · From rule to runtime

Rule → gate → decision → obligation lifecycle.

Each formal rule compiles into one or more coordinated runtime artefacts. The Rule Compiler™ emits the bindings; the Gateway™ enforces them; the Obligation Ledger™ tracks every obligation through its lifecycle.

Formal RuleFamily + applies-to + condition + normative effect + violation effect + evidence requirements.

Permission / Obligation / ProhibitionStanding rule resolved at decision time.

Authority Gate™Compiled as a runtime gate before high-impact action.

Runtime DecisionAllow / deny / prohibited / require_approval / quarantine / obligation_created.

Obligation Ledger™Pending → satisfied / breached / waived / expired / disputed.

Decision Map™Signed inputs → rules → outcome record.

Evidence Pack™Hash-chained into the F2 audit chain.

Replay / Audit / ReviewOffline-verifiable by any third party against the published JWKS.

Rule: An agent may prepare a payment but must obtain approval before execution. Runtime: agent prepares payment → obligation created → agent requests execution → KYE™ checks approval → no approval → deny + evidence pack. With approval → allow + obligation satisfied.

3 · Normative operators

Compact notation. Plain meaning.

Operator	Family	Meaning
`P`	permission	"may"
`O`	obligation	"must"
`F`	prohibition	"must not"
`Pow`	power	"has authority to"
`Imm`	immunity	"cannot be altered by"
`Ex`	exception	"displaced by, in conditions"

KYE™ does not commit to a specific deontic-logic syntax in the public surface. The operators above are the canonical product-friendly abbreviations recognised by the runtime engine.

4 · Schemas (Apache 2.0, public mirror)

Eleven normative objects. Validated in CI.

formal-rules-profile.json — profile manifest
formal-rule.json — one canonical rule (any family)
permission.json — standing "may"
obligation.json — lifecycle "must"
prohibition.json — standing "must not"
power.json — create / modify / revoke / waive / override
exception.json — rule that displaces another rule
governance-rule.json — meta-rule on overrides
rule-conflict.json — conflict + resolution
rule-proof.json — consistency proof from KYE Rule Prover™
obligation-state.json — one state-transition record

5 · Apps that compose this profile

Five planned apps. Contracts open; engines paid.

policyKYE Rights & Obligations Engine™Runtime engine evaluating permissions, obligations, prohibitions, powers, exceptions and governance rules.

receipt_longKYE Obligation Ledger™Append-only ledger of every obligation lifecycle, hash-chained into the audit ledger.

fact_checkKYE Rule Prover™Pre-runtime consistency check — conflicts, unbounded obligations, missing satisfaction paths, circular delegation.

memoryKYE Rule Compiler™Compiles formal rules into runtime PDP/PEP policies, authority gates, commit boundaries, signal events, conformance fixtures and evidence requirements.

contract_editKYE Contract-to-Authority Mapper™Phase-2 — extracts permissions, obligations, prohibitions and powers from contracts, policies and mandates.

6 · Open / paid boundary

The contracts are open. The reasoning engine is paid.

Open under Apache 2.0

Open

Formal Rules Profile™ schema
11 object schemas (rule, permission, obligation, prohibition, power, exception, governance, conflict, proof, state)
Normative operator dictionary (P, O, F, Pow, Imm, Ex)
Reason-code dictionary (33 codes)
Signal Bus™ event names
Sample rules · sample proofs · sample obligation ledger
Basic conformance fixtures · basic validator SDK
JSON-LD mappings to KYE Ontology Profile™

Commercial / patent track

Paid

KYE Rights & Obligations Engine™
KYE Obligation Ledger™ Pro
KYE Rule Prover™
KYE Rule Compiler™
KYE Contract-to-Authority Mapper™
Cross-profile rule reconciliation
Sector rule packs (defence, public-sector, payments, health)
BYOC / on-prem rule runtime

Where to go next

Adjacent reading.

route Operating Model™ badge Assurance Card™ trending_up Continuity™ hub Ontology™ menu_book Glossary — rules entries article Whitepaper §7.9