Receipts. Not promises.
Vendor‑neutral governance substrate: Policy Packs, deterministic PASS/FAIL/HOLD, and replay‑verifiable receipts packaged as portable Conformance Packs.
Conformance becomes replay
Audits become replay exercises over Conformance Packs — not interviews and screenshots. Missing/stale evidence → HOLD (fail‑closed).
Start small, scale assurance
- L0: record signed receipts
- L1: independent replay verification
- L2: enforce gates at compute admission + transfer/egress
- L3: high assurance + privacy‑preserving verification + sampling audits
Core concepts (buildable)
A minimal set of contracts that preserve determinism and fail‑closed behavior across vendors.
Machine‑readable admissibility rules
Versioned, signed rulesets that replace governance PDFs with deterministic evaluation.
Deterministic decision semantics
Stable reason codes; ambiguity returns HOLD (fail‑closed for sensitive side effects).
Portable verification artifacts
Signed records that auditors can independently replay under pinned versions and freshness bounds.
Procurement‑ready by design
Kingdom is written for builders, operators, and buyers. It includes paste‑ready procurement language, acceptance tests, and an adoption plan that avoids badge inflation.