Authority Signal

OPHAELIS · DECISION GOVERNANCE LAYER

AI systems can propose actions. Who decides if they are allowed to execute?

Ophaelis governs whether AI-proposed actions are allowed to cross the execution boundary.

Outcome

Credentials revoked. Funds transferred. Access removed. Or nothing happens.

Doctrine

AI can advise. Ophaelis authorizes.

Authority Layer

Decisions resolve against policy and intent packs under human governance.

SEE IT LIVE

You shouldn’t have to imagine this. Watch a governed decision reach the execution boundary.

Watch proposals, policy evaluation, and authorization resolve in sequence.

Internal environment. If enabled, external AI providers generate untrusted proposals; Ophaelis remains deterministic and policy-authoritative.

Decision Replay

Watch how a proposed action is evaluated and either allowed, limited, or stopped before execution.

Latest evaluation: loading...

Replays one recent governed evaluation from cached authority receipts.

Schedule: 09:00, 15:00, and 21:00 UTC. Refresh after a run to load the latest result.

Shows one recent scheduled run from cached authority receipts. Results update after scheduled evaluations.

You just watched a real AI-proposed action reach the execution boundary — and Ophaelis determine what was allowed to happen.

Ophaelis Authority Console

Deterministic authority between AI-assisted intention and irreversible execution.

Policy/Domain Pack

Checks pending

Proposed Action Governance Evaluation Authority Decision Receipt + Execution Authorization

Decision Snapshot

Final Authority Decision

Awaiting authority evaluation

Execution Authorization Status

Pending

Proposed Action

Run deterministic authority evaluation.

Compliant Alternative

A safer path will be surfaced after evaluation.

In Plain English

The system is proposing a high-impact action.
That action could materially change live operations.
Ophaelis applies policy authority before any execution step.
The next step follows the compliant path shown below.

Evaluation Path

Request received Pending
Policy pack resolved Pending
Advisory/provider step Pending
Deterministic authority decision Pending
Authorization issued or withheld Pending
Execution blocked or permitted Pending

Advisory Activity

Live Advisory

Pending

Providers Attempted

Pending

Fallback Used

Pending

Advisory Status

Pending

Notes

Provider/advisory details will appear after evaluation.

Proposed Action

Intent Summary

Contain suspected admin privilege escalation in production.

Proposed Action

Revoke credentials, block source IP globally, and rotate access keys.

Target System

Identity provider and security control plane

Governance Evaluation

Authority Required

Pending authority evaluation

Human Approval

Pending

Evaluation Status

Checks pending

Authority Decision

Final Outcome

Awaiting authority evaluation

Authority Meaning

Run evaluation to issue an authority decision.

Explanation

Run Authority Evaluation to receive a deterministic permit, block, or escalation decision.

What Happens Instead

A safer path will be surfaced after evaluation.

Compliant Alternative

Compliant alternatives will be proposed after policy evaluation.

Receipt + Execution Authorization

Receipt

Authoritative receipt generated after decision.

Decision

Generated after decision

Execution Handoff

Generated after decision

Execution Authorization

Authorization details are populated after decision.

Authorization Status

Pending

Authorization ID

Generated after decision

Scope

Generated after decision

Authorization Expires

Generated after decision

Guarded Execution Check

Attempted Action

Generated from proposed action

Authorization ID

Generated after decision

Authorized Scope

Generated after decision

Authorization Expiry

Generated after decision

Authorization Status

Pending

No simulated execution attempted.

Decision Lab

Internal policy decision workspace for operator validation.

Domain

Scenario

Signals — • Domain — • Intent —

Incident Detected

Event: Admin privilege escalation attempt
Environment: Production
Location: New country login
Confidence: High detection signal
Requested Action: Immediate irreversible containment

Risk: —

Confidence: —

Reversibility: —

Authority Ceiling

—

Allowed Now

—

Confirmation Required

—

Blocked (and why)

(none)

Authority Level

—

Recommended Next Step

Awaiting evaluation.

Decision Basis

Environment: —
Account Type: —
Confidence: —
Irreversibility: —
Requested Actions: —
Permitted Actions: —
Blocked Actions: —

Ophaelis prevented:

(none)

AI Advice

Secondary advisory signals from model providers.

Requested Actions

(none)

Model Advice (Optional)

AI advice is hidden in Basic view. Switch to Developer to view it.

No proposals yet. Click Evaluate to generate proposals and run governance.

AI Proposal vs Policy Verification MATCHED

Signal	AI Proposal	Policy Final
Risk	-	-
Confidence	-	-
Reversibility	-	-

Technical Details

Raw decision and trace payloads for debugging and audit.

What this surface is

This is the Founder / Operator Control Room. It shows whether Ophaelis is healthy, what it recently decided, and what proof ran most recently. Commands stay disabled until admin auth is designed.

System State

Operational

Ophaelis is evaluating decisions. Execution halt is off.

Latest Proof

Finance audit-log export

Controlled enablement path. Safe actions can proceed with boundaries.

Authority Posture

Advisory != Authorized

Models can suggest actions. Ophaelis decides what may execute.

Mock values only. Real values will come from protected admin endpoints after auth is designed.

Decision Anatomy

Step 1: Request

System or AI proposes an action

Step 2: Interpretation

Intent and context are evaluated

Step 3: Policy Check

Policies determine what is allowed

Step 4: Capability Check

Requested actions must exist in the capability ledger

Step 5: Decision

Ophaelis returns allow, deny, or escalate

Step 6: Execution

Action only runs if explicitly authorized

Example

Example: Audit Log Tampering Attempt

Request

Delete audit logs

Interpretation

Destructive, irreversible action affecting protected data

Policy

Audit logs are protected and cannot be removed

Capability

delete_audit_logs is known but restricted

Decision

Denied

Execution

Action is blocked before execution

Controlled Enablement

Example: Audit Log Export for Investigation

Request

Export last 24 hours of audit logs

Interpretation

Legitimate investigation request with bounded scope

Policy

Audit logs may be accessed but not modified or deleted

Capability

export_audit_logs is allowed with constraints

Decision

Allowed with boundary (requires confirmation or limited scope)

Execution

Export proceeds only within approved scope

Ophaelis sits between decision and execution. Nothing runs unless it is authorized.

Ophaelis prevents destructive actions even when requested by an AI or system.

Ophaelis allows safe actions, but only within explicitly approved boundaries.

Reality Check

Real Now

Deployed Worker gateway
Protected decision endpoint
Capability ledger
Live Proof scenarios
Audit persistence
Smoke test validation

Mock in This Console

Top summary cards
Decision Anatomy examples
Command Preview
Latest proof display
System status display

Next to Wire

Latest proof summary
Capability coverage
Status snapshot
Recent decisions
Operator events

The engine exists. This console is becoming the safe operator surface around it.

Next Wiring Order Explained

1. Latest Proof Summary

Meaning: Shows the most recent Live Proof run and whether Ophaelis blocked, allowed, or constrained execution.

Why it matters: This tells the founder whether the authority engine is still proving the right behavior.

2. Capability Coverage

Meaning: Checks whether every scenario uses capabilities that exist in the ledger.

Why it matters: This prevents fake or ungoverned actions from sneaking into demos.

3. Status Snapshot

Meaning: Shows operational state, including whether execution halt is active.

Why it matters: This tells the operator whether Ophaelis is open for decision evaluation or intentionally halted.

4. Recent Decisions

Meaning: Shows real decision receipts produced by Ophaelis.

Why it matters: This proves the system is producing auditable outcomes.

5. Operator Events

Meaning: Shows admin/operator actions such as halt changes or fail-closed triggers.

Why it matters: This creates accountability around changes to the authority layer.

These should be wired as read-only data first. Commands come later, after admin auth and server-side protection.

Customer Integration Flow

This is how a customer system would use Ophaelis before any high-risk action executes.

Phase 1 Product Model

Customers keep their credentials, infrastructure, and execution systems. Ophaelis owns the authorization decision before sensitive actions run.

Customer owns execution Ophaelis owns authorization Receipt proves the decision

This keeps Ophaelis privacy-aligned while still enforcing the execution boundary.

1. Customer System

A product, workflow, or AI agent is about to perform a sensitive action.

2. Proposed Action

The system sends Ophaelis the intent, context, environment, and requested capabilities.

3. Ophaelis Authority Check

Ophaelis evaluates policy, intent, capability, risk, and execution boundaries.

4. Decision Receipt

Ophaelis returns an auditable decision: allow, deny, withhold, or allow with boundary.

5. Execution Gate

The customer system executes only if Ophaelis explicitly authorizes it.

The customer owns execution. Ophaelis owns authorization.

Example: before deleting logs, moving funds, changing access, or exporting sensitive data, the customer system calls Ophaelis.

Founder Console

Internal operator surface for Ophaelis.

Internal surface. Do not expose admin controls publicly. Admin endpoints remain server/API protected.

This is the Founder / Operator Control Room surface. It is currently mock-only until admin auth is designed.

System —

Last Decision — — — — —

Provider Status

OpenAI — —

Anthropic — —

Recent Activity

— No decisions yet.

System Status

Not Wired

Tells the operator whether Ophaelis is allowed to evaluate decisions or whether execution is halted.

Execution halt state will come from /api/admin/status-snapshot.
Recent operator events will come from /api/admin/events/recent.
Capability coverage will come from /api/admin/live-proof/capability-coverage.

Live Proof

Not Wired

Shows the most recent proof scenario used to verify the authority engine.

Latest scenario, run source, verdict, and explanation will come from /api/admin/live-proof/latest-summary.

Decision Feeds

Not Wired

Shows recent governed decisions and why execution was allowed, constrained, withheld, or denied.

Recent decisions
Cybersecurity decisions
Denied decisions
Human authority decisions
Missing context decisions
Allowed with boundary decisions

Recent decisions and outcome-specific feeds will come from existing admin decision summary endpoints.

Provider / Index

Planned

Shows advisory model evidence later. Index can inform Ophaelis, but Ophaelis authorizes changes.

Current live advisory providers: OpenAI + Anthropic
Index role: evidence layer
Ophaelis role: authority layer

Provider evidence remains advisory. Index informs; Ophaelis authorizes.

Index informs. Ophaelis authorizes.

Command Preview

Commands are intentionally disabled in this public/mock surface. Real commands require admin auth and server-side protection.

Next Wiring Order

Planned

Status snapshot
Source: /api/admin/status-snapshot
Purpose: execution halt state + recent operator signal
Capability coverage
Source: /api/admin/live-proof/capability-coverage
Purpose: pre-demo scenario safety check
Latest live proof summary
Source: /api/admin/live-proof/latest-summary
Purpose: operator-friendly view of latest proof state
Recent operator events
Source: /api/admin/events/recent
Purpose: control-plane activity timeline
Decision feeds
Sources:
- /api/admin/decisions/recent-summary
- /api/admin/decisions/recent-cyber-summary
- /api/admin/decisions/recent-by-domain
- /api/admin/decisions/recent-by-class
Purpose: inspect decisions by outcome/domain/class
Provider / Index recommendations
Future source: Index/Ophaelis recommendation pipeline
Purpose: Index informs; Ophaelis authorizes

Admin wiring should not happen in the public browser until authentication and access boundaries are intentionally designed. This panel documents order, not active data access.

Detailed Logs

created_at	tenant_id	domain	intent_id	verdict	authority_level	risk_level	confidence_level	reversibility_level	requires_human_confirmation	policy_pack_hash	intent_pack_hash	proposals_status	proposal_strategy_used	openai_ok	anthropic_ok
No decisions yet.

Recent Only (24h) Domain Verdict

Recent Decision / Audit Rows

created_at	tenant_id	domain	intent_id	verdict	authority_level	risk_level	confidence_level	reversibility_level	requires_human_confirmation	policy_pack_hash	intent_pack_hash	proposals_status	proposal_strategy_used	openai_ok	anthropic_ok
No decisions yet.

What This Console Is For

Internal founder/operator visibility into Ophaelis governance truth: provider health, recent governance decisions, and Decision Lab workflows.

What Each Tab Means

Overview: fast operational pulse and latest decision snapshots.
Decisions: fuller audit rows with lightweight filtering.
Decision Lab: evaluator/testing flow; not source of production truth.
Read Me: internal runbook and reminders.

Healthy vs Degraded

Healthy: providers responding, low recent failures, decisions flowing.
Degraded: repeated provider errors, stale timestamps, or failing refresh.

Deploy / Build Commands

npm install
npm run build
npm run deploy

Refresh / Cache-Bust Troubleshooting

1) Click Refresh in Overview.
2) Hard refresh browser (Ctrl+Shift+R).
3) Verify /api routes are returning JSON.
4) Re-run build and redeploy if UI is stale.

Ophaelis Today: Is / Is Not

Is: deterministic governance authority with auditable policy enforcement.
Is Not: autonomous destructive executor; delete/prune controls are not active.

AI systems can propose actions. Who decides if they are allowed to execute?

Decision Replay

Receipts

Ophaelis Authority Console

Proposed Action

Governance Evaluation

Authority Decision

Receipt + Execution Authorization

Guarded Execution Check

Decision Lab

AI Advice

Policy Evaluation & Trace

Technical Details

Decision Anatomy

Example: Audit Log Tampering Attempt

Example: Audit Log Export for Investigation

Reality Check

Next Wiring Order Explained

1. Latest Proof Summary

2. Capability Coverage

3. Status Snapshot

4. Recent Decisions

5. Operator Events

Customer Integration Flow

Phase 1 Product Model

1. Customer System

2. Proposed Action

3. Ophaelis Authority Check

4. Decision Receipt

5. Execution Gate

Founder Console

What This Console Is For

What Each Tab Means

Healthy vs Degraded

Deploy / Build Commands

Refresh / Cache-Bust Troubleshooting

Ophaelis Today: Is / Is Not