{"ok":true,"service":"actor-role-classification-readiness","mode":"role-classification-readiness-layer","timestamp":"2026-06-26T14:56:10.644Z","identityDependency":{"identityReady":false,"persistenceCanUseIdentity":false,"identityReadyRules":1,"identityReviewRequired":9,"identityCriticalMissing":["Authenticated Actor Required","Actor Role Classification","Founder Authority Confirmation","Session Integrity","Explicit Consent Capture","Actor/Action Binding","MFA For Critical Actions","Delegation Boundary","Identity Provider Selection"]},"summary":{"totalRules":10,"ready":4,"reviewRequired":6,"blocked":0,"totalRoles":5,"roleReady":2,"roleReviewRequired":3,"roleClassificationReady":false,"identityCanUseRoles":false,"persistenceCanUseRoles":false,"reason":"Actor role classification is intentionally not ready until founder authority, operator delegation, least privilege, role-change auditing, and critical-action authority rules are finalized."},"roles":[{"role":"founder","status":"review-required","authorityLevel":"highest","purpose":"Can authorize founder-level actions after explicit confirmation and elevated verification.","allowedFutureActions":["approve persistence activation","confirm safe mode activation","pause or restore autonomy","delegate operator scope","approve critical audit policy changes"],"forbiddenActions":["bypass audit logging","store secrets in audit records","erase append-only history"],"safeguard":"Founder role must still pass consent, MFA, and audit boundaries."},{"role":"operator","status":"review-required","authorityLevel":"limited","purpose":"Can operate assigned cockpit workflows within delegated scope.","allowedFutureActions":["run simulations","review provider health","prepare recommendations","request founder confirmation"],"forbiddenActions":["activate real safe mode without founder authority","enable persistence","change role boundaries","confirm critical actions alone"],"safeguard":"Operator authority must be explicitly delegated and revocable."},{"role":"reviewer","status":"review-required","authorityLevel":"review-only","purpose":"Can inspect records, flag issues, and verify governance requirements.","allowedFutureActions":["review audit trail","flag policy gaps","review receipts","recommend corrections"],"forbiddenActions":["execute control actions","approve persistence","change autonomy state"],"safeguard":"Reviewer can advise, not command."},{"role":"system","status":"ready","authorityLevel":"automated-structural","purpose":"Can generate structural status, readiness reports, receipts, and non-destructive simulations.","allowedFutureActions":["render readiness states","summarize provider health","produce simulated receipts","surface missing requirements"],"forbiddenActions":["self-authorize founder actions","treat simulations as real actions","persist actor identity without approval"],"safeguard":"System role must never silently escalate into human authority."},{"role":"observer","status":"ready","authorityLevel":"read-only","purpose":"Can view public-safe or permissioned summaries without control authority.","allowedFutureActions":["view safe summaries","view non-sensitive status","learn system state"],"forbiddenActions":["confirm actions","mutate state","access secrets","approve persistence"],"safeguard":"Observer role is read-only by default."}],"rules":[{"rule":"Role Required For Every Actor","status":"review-required","purpose":"Every authenticated actor must be assigned an explicit role.","safeguard":"No authenticated actor should float around as undefined authority."},{"rule":"Founder Role Is Not Inherited","status":"review-required","purpose":"Founder authority must be explicitly granted, never inferred from login alone.","safeguard":"No accidental founder power from generic auth."},{"rule":"Operator Scope Must Be Delegated","status":"review-required","purpose":"Operators must have a defined scope, expiration, and revocation path.","safeguard":"Operators can help steer the ship, not claim the throne."},{"rule":"Reviewer Cannot Execute","status":"ready","purpose":"Reviewer authority must remain separate from execution authority.","safeguard":"Review and command should not collapse into one button."},{"rule":"System Cannot Self-Promote","status":"ready","purpose":"System-generated recommendations must never become self-approved actions.","safeguard":"No machine should crown itself founder."},{"rule":"Observer Is Read-Only","status":"ready","purpose":"Observers can see safe summaries but cannot confirm or mutate actions.","safeguard":"Viewing is not authority."},{"rule":"Critical Actions Require Founder Authority","status":"review-required","purpose":"Persistence activation, safe mode activation, and autonomy pause require founder-level authority.","safeguard":"Critical controls stay behind founder confirmation."},{"rule":"Role Changes Must Be Audited","status":"review-required","purpose":"Future role assignment, delegation, promotion, or revocation must produce an audit record.","safeguard":"No invisible permission changes."},{"rule":"Least Privilege Default","status":"review-required","purpose":"New actors should start with observer or no-control authority until elevated.","safeguard":"Default small. Expand carefully."},{"rule":"Role Redaction","status":"ready","purpose":"Role records should expose safe labels and avoid sensitive auth payloads.","safeguard":"Role metadata should not leak raw identity data."}],"criticalMissing":["Role Required For Every Actor","Founder Role Is Not Inherited","Operator Scope Must Be Delegated","Critical Actions Require Founder Authority","Role Changes Must Be Audited","Least Privilege Default"],"allowedNow":["Render role classification readiness.","Define role boundaries.","Display future authority levels.","Keep identity and persistence blocked from real control.","Continue simulations without treating roles as live permissions."],"notAllowedYet":["Grant real founder authority.","Delegate real operator scope.","Persist role assignments.","Use roles to authorize real safe mode or autonomy actions.","Treat system recommendations as self-approved commands.","Allow observer or reviewer roles to mutate control state."],"futureRoleAssignmentShape":{"actorId":"authenticated actor id","actorRole":"founder/operator/reviewer/system/observer","authorityLevel":"highest/limited/review-only/automated-structural/read-only","delegatedBy":"optional founder actor id","scope":"allowed route/action scope","expiresAt":"optional ISO timestamp","revocationStatus":"active/revoked/expired","createdAt":"ISO timestamp","redactionStatus":"redacted-safe"},"futureRoleAuditShape":{"roleAuditId":"stable role audit event id","actorId":"target actor id","previousRole":"previous safe role label","newRole":"new safe role label","changedBy":"authenticated founder/operator id with authority","reason":"safe text reason","createdAt":"ISO timestamp","productionMutation":"true/false"},"safeguard":"Actor Role Classification Readiness Layer is non-destructive. It does not assign roles, grant authority, persist permissions, mutate production, expose secrets, or confirm real-world actions."}