Add TrustOps Fabric contracts

Makefile

@@ -6,12 +6,21 @@ lint:
 	python3 -m json.tool schemas/repo-maturity.schema.json >/dev/null
 	python3 -m json.tool schemas/functional-service.schema.json >/dev/null
 	python3 -m json.tool schemas/prophet-foundry-contract-spine.schema.json >/dev/null
+	python3 -m json.tool schemas/trustops-receipt.schema.json >/dev/null
+	python3 -m json.tool schemas/trust-gate-policy.schema.json >/dev/null
+	python3 -m json.tool schemas/dataset-risk-manifest.schema.json >/dev/null
 	python3 -m json.tool examples/functional-service.example.json >/dev/null
 	python3 -m json.tool examples/prophet-foundry-contract-spine.example.json >/dev/null
+	python3 -m json.tool examples/trustops-receipt.art-smoke.example.json >/dev/null
+	python3 -m json.tool examples/trust-gate-policy.example.json >/dev/null
+	python3 -m json.tool examples/dataset-risk-manifest.example.json >/dev/null
 
 examples:
 	python3 tools/validate_json.py schemas/functional-service.schema.json examples/functional-service.example.json
 	python3 tools/validate_json.py schemas/prophet-foundry-contract-spine.schema.json examples/prophet-foundry-contract-spine.example.json
+	python3 tools/validate_json.py schemas/trustops-receipt.schema.json examples/trustops-receipt.art-smoke.example.json
+	python3 tools/validate_json.py schemas/trust-gate-policy.schema.json examples/trust-gate-policy.example.json
+	python3 tools/validate_json.py schemas/dataset-risk-manifest.schema.json examples/dataset-risk-manifest.example.json
 
 maturity:
 	python3 tools/validate_maturity.py schemas/repo-maturity.schema.json repo.maturity.yaml

README.md

@@ -27,6 +27,7 @@ The SocioProphet roadmap calls for AI/NLP collaboration, a community model zoo,
 4. Every functional service must be auditable through datasets, adapters, evals, guardrails, routing policy, and ledger evidence.
 5. Every active repo must emit a maturity record consumable by Sociosphere/workspace governance.
 6. Prophet Intelligence Foundry contracts are lifecycle contracts. They do not make this repository a training runtime, model-weight store, or workspace controller.
+7. TrustOps provider libraries are runner backends and regression oracles. SocioProphet owns the receipts, gates, policy interpretation, local-first execution semantics, and runtime enforcement loop.
 
 ## Contracts in this repo
 
@@ -35,11 +36,28 @@ The SocioProphet roadmap calls for AI/NLP collaboration, a community model zoo,
 | Repository maturity | `schemas/repo-maturity.schema.json` | Standard scorecard for repo readiness. |
 | Functional service | `schemas/functional-service.schema.json` | Manifest emitted by labs and consumed by runtime/governance. |
 | Prophet Foundry contract spine | `schemas/prophet-foundry-contract-spine.schema.json` | v0.1 contract spine reserving canonical names, authority repos, minimum fields, promotion flow, and must-not-own boundaries for Prophet model/data/training/eval/release/runtime contracts. |
+| TrustOps receipt | `schemas/trustops-receipt.schema.json` | Evidence receipt for fairness, robustness, explanation, uncertainty, RAG, ranking, dataset, and agent-trust evaluations. |
+| Trust gate policy | `schemas/trust-gate-policy.schema.json` | Policy contract that converts TrustOps receipts into allow, warn, review, quarantine, block, rollback, or revocation decisions. |
+| Dataset risk manifest | `schemas/dataset-risk-manifest.schema.json` | Dataset contract for lineage, labels, protected/sensitive attributes, data boundary, consent, and risk controls. |
 | Example maturity record | `examples/repo.maturity.example.yaml` | Copyable starting point for other repos. |
 | Example functional service | `examples/functional-service.example.json` | Copyable service manifest fixture. |
 | Example Foundry spine | `examples/prophet-foundry-contract-spine.example.json` | Copyable v0.1 Foundry contract fixture. |
+| Example TrustOps receipt | `examples/trustops-receipt.art-smoke.example.json` | ART-first robustness receipt fixture for TrustOps runner integration. |
+| Example TrustOps gate policy | `examples/trust-gate-policy.example.json` | Platform-default gate policy fixture for receipt-to-action mapping. |
+| Example dataset risk manifest | `examples/dataset-risk-manifest.example.json` | Synthetic dataset risk fixture for fairness/privacy evaluation. |
 | This repo's maturity record | `repo.maturity.yaml` | Current maturity state for this standards repo. |
 
+## TrustOps Fabric
+
+TrustOps Fabric turns responsible-AI libraries into enforceable platform governance. AIF360, ART, AIX360, UQ-style libraries, and future providers are isolated runners. Core platform services consume normalized receipts and policies, not provider-specific Python objects.
+
+Start here:
+
+- `docs/TRUSTOPS_FABRIC.md`
+- `schemas/trustops-receipt.schema.json`
+- `schemas/trust-gate-policy.schema.json`
+- `schemas/dataset-risk-manifest.schema.json`
+
 ## Maturity gates
 
 | Level | Meaning |
@@ -62,3 +80,9 @@ make validate
 `functional-model-surfaces -> lab repo -> model-governance-ledger -> model-router -> guardrail-fabric -> agent-registry -> sourceos-model-carry -> agent-machine -> agentplane -> sociosphere`
 
 The proof condition is simple: a lab emits a functional service manifest, governance validates it, SourceOS carries the approved reference, Agent Machine proves runtime placement, AgentPlane captures run evidence, and Sociosphere records maturity/evidence for the whole path.
+
+## TrustOps vertical slice
+
+`functional-model-surfaces -> prophet-platform trustops runner -> model-governance-ledger receipt -> guardrail-fabric policy action -> model-router route/fallback/block -> agent-registry authority effect -> SourceOS local/enterprise runner -> Sociosphere trust posture`
+
+The proof condition is also simple: a service emits a manifest, TrustOps runs an ART-first robustness profile, the ledger records the receipt, guardrails and routing consume the decision, agent authority is adjusted where required, and only signed/redacted evidence leaves local or enterprise data boundaries by default.

docs/TRUSTOPS_FABRIC.md

@@ -0,0 +1,84 @@
+# TrustOps Fabric
+
+TrustOps Fabric is the SocioProphet control-plane pattern for turning responsible-AI toolkits into enforceable platform governance.
+
+The platform does not vendor a research toolkit as its architecture. AIF360, ART, AIX360, UQ360, and future providers are runner backends. SocioProphet owns the contracts, receipts, policy gates, local-first execution semantics, model-router controls, guardrail actions, ledger records, and agent-authority effects.
+
+## First-class contracts
+
+| Contract | Path | Purpose |
+| --- | --- | --- |
+| TrustOps receipt | `schemas/trustops-receipt.schema.json` | Canonical evidence receipt for fairness, robustness, explanation, uncertainty, RAG, ranking, dataset, and agent-trust evaluations. |
+| Trust gate policy | `schemas/trust-gate-policy.schema.json` | Converts receipts into allow, warn, review, quarantine, block, rollback, or revocation decisions. |
+| Dataset risk manifest | `schemas/dataset-risk-manifest.schema.json` | Declares lineage, label semantics, protected/sensitive attribute handling, data boundary, consent, and risk controls. |
+
+## Provider strategy
+
+Provider libraries are isolated runners, not core dependencies.
+
+| Provider | Role |
+| --- | --- |
+| `trustops-art-runner` | Adversarial robustness, privacy leakage, extraction, inference, poisoning, evasion, prompt/tool/memory attack probes. |
+| `trustops-aif360-runner` | Fairness metrics, subgroup scans, counterfactual fairness, ranking fairness, and mitigation comparison. |
+| `trustops-aix360-runner` | Explanation generation, explanation quality, local/global and direct/post-hoc explanation evidence. |
+| `trustops-uq-runner` | Uncertainty, calibration, abstention, fallback, and human-review signals. |
+| `socioprophet-trust-kernel` | Small deterministic in-house metric and policy evaluator used for core checks and regression comparisons. |
+
+## Control loop
+
+1. A lab, model, adapter, RAG package, tool, agent, or functional service emits a manifest.
+2. TrustOps selects provider runners from policy and data boundary.
+3. Runners execute locally, in CI, in SourceOS, or in enterprise-controlled infrastructure.
+4. Runners emit normalized TrustOps receipts.
+5. `model-governance-ledger` records immutable receipts and factsheet evidence.
+6. `guardrail-fabric` converts receipts into runtime controls.
+7. `model-router` routes, falls back, blocks, or escalates.
+8. `agent-registry` reduces, revokes, or restores tool grants, memory access, and runtime authority.
+9. Sociosphere/workspace governance records maturity and operational posture.
+
+## Non-negotiable invariants
+
+- Core platform services consume receipts, not provider-specific Python objects.
+- Raw regulated, personal, or customer-controlled data must not leave its boundary by default.
+- Promotion requires current receipts for every required TrustOps gate.
+- A failing robustness or privacy gate may quarantine or block deployment.
+- A failing fairness gate blocks high-risk promotion unless an explicit governed waiver exists.
+- High uncertainty must trigger fallback, abstention, or human review where policy requires it.
+- Agent authority must be tied to trust posture, not static registration alone.
+- Factsheets must be generated from evidence receipts, not manually maintained prose.
+
+## Initial vertical slice
+
+The first implementation lane is ART-first:
+
+1. Add `robustness` support through `trustops-receipt.v1`.
+2. Implement `trustops-art-runner` in `SocioProphet/prophet-platform`.
+3. Record receipts in `SocioProphet/model-governance-ledger`.
+4. Map receipt status to runtime controls in `SocioProphet/guardrail-fabric`.
+5. Apply agent-authority impact in `SocioProphet/agent-registry`.
+6. Expose a CLI/API path such as:
+
+```bash
+prophet trustops run --profile art-smoke --manifest examples/functional-service.example.json
+```
+
+## Build versus integrate
+
+Trusted-AI libraries are useful as backends and regression oracles. They should not own the SocioProphet architecture.
+
+Build ourselves:
+- Schemas and receipts.
+- Gate policy semantics.
+- Ledger integration.
+- Router and guardrail enforcement.
+- Agent authority controls.
+- SourceOS/local-first runner model.
+- Deterministic trust kernel for stable core metrics.
+
+Integrate selectively:
+- ART for adversarial robustness coverage.
+- AIF360 for fairness metric and mitigation breadth.
+- AIX360 for explanation algorithms and taxonomy.
+- UQ-style libraries for uncertainty methods where useful.
+
+The long-term goal is a sovereign TrustOps Fabric: measure, explain, record, enforce, route, revoke, rollback, and improve.

examples/dataset-risk-manifest.example.json

@@ -0,0 +1,63 @@
+{
+  "schemaVersion": "dataset-risk-manifest.v1",
+  "dataset": {
+    "id": "dataset-risk.demo-public-fixture",
+    "name": "Demo Public Fixture",
+    "ownerRepository": "SocioProphet/functional-model-surfaces",
+    "versionRef": "demo-v0.1",
+    "description": "Synthetic fixture used to validate TrustOps receipts without exporting raw sensitive data."
+  },
+  "lineage": {
+    "sourceRefs": [
+      "synthetic://fixtures/demo-public"
+    ],
+    "transformationRefs": [
+      "transform://none"
+    ],
+    "licenseOrTerms": "synthetic-fixture",
+    "collectionWindow": "not-applicable"
+  },
+  "labels": {
+    "labelColumns": [
+      "approved"
+    ],
+    "favorableOutcome": true,
+    "unfavorableOutcome": false,
+    "rankingOutcomeColumn": "rank_score"
+  },
+  "attributes": {
+    "protectedAttributes": [
+      {
+        "name": "demo_group",
+        "handling": "synthetic",
+        "privilegedValues": [
+          "A"
+        ],
+        "unprivilegedValues": [
+          "B"
+        ]
+      }
+    ],
+    "sensitiveAttributes": [],
+    "proxyRiskNotes": "Synthetic fixture only."
+  },
+  "dataBoundary": {
+    "classification": "synthetic",
+    "rawExportAllowed": false,
+    "consentRequired": false,
+    "retentionPolicyRef": "policy.synthetic-fixture-retention",
+    "deletionPolicyRef": "policy.synthetic-fixture-deletion"
+  },
+  "riskControls": {
+    "requiresFairnessEval": true,
+    "requiresPrivacyEval": true,
+    "requiresHumanReview": false,
+    "allowedEvalProfiles": [
+      "art-smoke",
+      "aif360-smoke"
+    ],
+    "mustNotUseFor": [
+      "production-decisioning"
+    ]
+  }
+}

examples/trust-gate-policy.example.json

@@ -0,0 +1,79 @@
+{
+  "schemaVersion": "trust-gate-policy.v1",
+  "policyId": "trustgate.platform-default",
+  "scope": {
+    "appliesTo": [
+      "model",
+      "adapter",
+      "rag-package",
+      "agent",
+      "functional-service"
+    ],
+    "ownerRepositories": [
+      "SocioProphet/prophet-platform",
+      "SocioProphet/functional-model-surfaces"
+    ],
+    "runtimeProfiles": [
+      "ci",
+      "platform",
+      "sourceos-runner"
+    ]
+  },
+  "gates": [
+    {
+      "gateId": "robustness",
+      "receiptTypes": [
+        "robustness"
+      ],
+      "requiredStatus": "pass",
+      "minimumFreshnessDays": 30,
+      "requiredMetricStatuses": [
+        "pass"
+      ],
+      "onPass": "allow",
+      "onWarn": "require-review",
+      "onFail": "quarantine",
+      "waiverAllowed": false
+    },
+    {
+      "gateId": "fairness",
+      "receiptTypes": [
+        "fairness",
+        "ranking-fairness"
+      ],
+      "requiredStatus": "review-allowed",
+      "minimumFreshnessDays": 30,
+      "requiredMetricStatuses": [
+        "pass",
+        "warn"
+      ],
+      "onPass": "allow",
+      "onWarn": "require-review",
+      "onFail": "block",
+      "waiverAllowed": true
+    }
+  ],
+  "defaultAction": "require-review",
+  "owners": [
+    "SocioProphet/platform-governance"
+  ],
+  "standardsCrosswalk": [
+    {
+      "standard": "NIST AI RMF",
+      "controlRefs": [
+        "GOVERN",
+        "MAP",
+        "MEASURE",
+        "MANAGE"
+      ]
+    },
+    {
+      "standard": "ISO/IEC 42001",
+      "controlRefs": [
+        "AI management system",
+        "risk treatment",
+        "monitoring"
+      ]
+    }
+  ]
+}