LAWS_SCHEMA_VERSION: 2.0 Created: 2026-04-22 Amended: 2026-05-02
"Every agent is a temporary citizen with bounded authority. Every task has a contract. Every mutation leaves evidence. Every victory must improve the long-term health of the realm."
This constitution is the supreme law of the trios repository. Any conflicting provision must yield. LAWS.md v2.0 is protected by 4 immutability mechanisms:
| Mechanism | Config Location | Enforced By |
|---|---|---|
| CODEOWNERS | .github/CODEOWNERS | GitHub PR review |
| Branch Protection | Settings β Rules β main | GitHub Platform |
| CI Gate | .github/workflows/laws-guard.yml | GitHub Actions |
| Integrity Hash | .trinity/state/LAWS_HASH | laws-guard job |
Any agent that modifies LAWS.md without Β§8 procedure commits constitutional breach. Soul-name is forfeit and agent is blacklisted for session.
Files ranked by authority (rank 1 = highest):
| Rank | File | Description |
|---|---|---|
| 1 | LAWS.md | Supreme law (immutable without Β§8) |
| 2 | CLAUDE.md | Agent operating manual |
| 3 | AGENTS.md | Agent roster |
| 4 | TASK.md | Current task contract |
| 5 | CONTEXT.md | Session context (append-only) |
| 6 | .github/ISSUE_TEMPLATE/ | Issue schema |
| 7 | .github/CODEOWNERS | Access control |
| 8 | laws-guard.yml | Enforcement mechanism |
Conflict resolution: Higher rank always wins.
trios/
βββ crates/ # Rust workspace
β βββ trios-git/ # MCP tools (git operations)
β βββ trios-gb/ # GitButler virtual branches
β βββ trios-server/ # MCP server (port 9005)
β βββ trios-ext/ # Chrome extension
β βββ trios-training/ # Training infrastructure
β βββ trios-igla-trainer/ # Training binary
β βββ trios-ca-mask/ # Content-aware masking
β βββ trios-crypto/ # Cryptographic primitives
β βββ trios-phi-schedule/ # Phi-based scheduling
β βββ trios-sdk/ # Rust SDK
β βββ trios-a2a/ # Agent-to-agent communication
β βββ trios-agents/ # Agent implementations
β βββ trios-bridge/ # Bridge implementations
β βββ trios-data/ # Data structures
β βββ trios-golden-float/ # Golden float operations
β βββ trios-hdc/ # Hardware data collection
β βββ trios-hybrid/ # Hybrid operations
β βββ trios-model/ # Model definitions
β βββ trios-physics/ # Physics simulation
β βββ trios-sacred/ # Sacred geometry operations
β βββ trios-server/ # MCP server (Axum)
β βββ trios-train-cpu/ # CPU training
β βββ trios-training-ffi/ # Training FFI bindings
β βββ trios-tri/ # TRI operations
β βββ trios-trinity-init/ # Trinity initialization
β βββ trios-ui/ # UI components
β βββ trios-vsa/ # Vector symbolic architecture
β βββ precision-router/ # Precision routing
β βββ zig-agents/ # Zig agent implementations
β βββ zig-knowledge-graph/ # Zig knowledge graph
βββ .trinity/ # Trinity state directory
β βββ experience/ # Experience logs (L7)
β βββ prompts/ # Agent dispatch prompts (Β§13)
β βββ specs/ # Task specifications
β βββ state/ # Immutable state files
βββ .github/ # GitHub configuration
β βββ workflows/ # CI/CD pipelines
β βββ ISSUE_TEMPLATE/ # Issue schemas
β βββ CODEOWNERS # Access control
βββ docs/ # Documentation
β βββ TRINITY_BRAND_KIT.md # Brand guidelines
βββ .claude/ # Claude Code configuration
β βββ skills/ # Custom skills
βββ CLAUDE.md # Legacy laws (v1 reference)
βββ LAWS.md # Supreme constitution (v2)
βββ AGENTS.md # Agent roster (if exists)
βββ README.md # Project readme
βββ Cargo.toml # Workspace manifest
βββ railway.toml # Railway configuration
βββ [config files]
Rule: No .sh files anywhere in the repository
Rationale: Shell scripts are untested, untyped, non-composable
CI Gate: find . -name "*.sh" ! -path "*/node_modules/*" ! -path "*/.git/*" | wc -l == 0
Status: β
ACTIVE (enforced by ci.yml)
Rule: Every PR description MUST contain Closes #N. No orphan PRs.
Rationale: Ensures traceability and prevents unaccounted changes
CI Gate: PR body check for Closes #N, Fixes #N, or Resolves #N
Status: β³ PENDING (no CI)
Rule: cargo clippy -- -D warnings must pass before any merge
Rationale: Linting catches bugs early and maintains code quality
CI Gate: cargo clippy --all-targets --all-features -- -D warnings
Status: β
ACTIVE (enforced by ci.yml)
Rule: cargo test must pass. New code requires new tests.
Rationale: Tests ensure correctness and prevent regressions
CI Gate: cargo test --all
Status: β
ACTIVE (enforced by ci.yml)
Rule: The MCP server always runs on 0.0.0.0:9005. Never change this without a migration plan.
Rationale: Fixed port is required for agent communication
CI Gate: Port check in deployment configuration
Status: β³ PENDING (no CI)
Rule: trios-gb tools must gracefully return Err (not panic) if gitbutler-cli is not found.
Rationale: Graceful degradation prevents crashes
CI Gate: Code review check
Status: β³ PENDING (no CI)
Rule: Every significant task writes a line to .trinity/experience/
Rationale: Traceability and learning from experience
CI Gate: Verify experience log exists for date
Status: β³ PENDING (no CI)
Rule: Every commit MUST be pushed immediately. Unpushed commits are a violation. Rationale: Remote backup prevents data loss and enables collaboration CI Gate: Check for unpushed commits Status: β³ PENDING (no CI)
Rule: Auto-generated code (WASM pkg, dist/) is committed. Hand-written code in those dirs is forbidden. Rationale: Separates generated from source code CI Gate: Lint check for forbidden patterns Status: β³ PENDING (no CI)
Rule: Issue #143 is the source of truth for all agents. Never close it. Rationale: Central coordination point CI Gate: Issue status check Status: β³ PENDING (no CI)
Rule: Every agent takes a soul-name before making any changes. Format: humorous English name related to the task. Rationale: Accountability and traceability CI Gate: Required field in task_contract.yml Status: β³ PENDING (no CI)
Rule: Write the spec (TASK.md) before writing code. No spec = no code. Rationale: Planning prevents waste and ensures alignment CI Gate: TASK.md exists before code changes Status: β³ PENDING (no CI)
Rule: Agents only modify files within their assigned scope. Cross-scope changes require human approval. Rationale: Prevents unauthorized changes CI Gate: CODEOWNERS enforcement Status: β³ PENDING (no CI)
Rule: Every action must be traceable. Commit messages, issue comments, experience logs. Rationale: Enables post-hoc analysis CI Gate: Commit message format validation Status: β³ PENDING (no CI)
Rule: Verification is done by a different agent than the one who wrote the code. Rationale: Independent verification catches bias CI Gate: Code review requirement Status: β³ PENDING (no CI)
Rule: Any deviation from laws must include a written rationale in the commit. Rationale: Prevents silent drift from standards CI Gate: Commit message check for "L16 rationale" Status: β³ PENDING (no CI)
Rule: Fix what's broken. Don't gold-plate. Rationale: Focus on value, not perfectionism CI Gate: Code review for scope creep Status: β³ PENDING (no CI)
Rule: When agents disagree, escalate to issue #143 with evidence. Rationale: Prevents endless loops CI Gate: Issue escalation pattern Status: β³ PENDING (no CI)
Rule: Human overrides always win. No exceptions. Rationale: Final authority rests with humans CI Gate: Manual override flag Status: β³ PENDING (no CI)
Rule: Every manual workflow must be codified into tri CLI within one session.
Rationale: Automation prevents repeated manual work
CI Gate: CLI command exists for workflow
Status: β³ PENDING (no CI)
Rule: Task context is sacred. Agents MAY append, MAY NOT delete. Rationale: Autonomous agents routinely "tidy" context under token pressure, destroying situational awareness CI Gate: context-guard.yml checks for context shrinkage > 50 lines Status: β ACTIVE (enforced by context-guard.yml)
Rule: Tools declaring outputSchema MUST emit structuredContent matching it. response.text() alone is never sufficient when outputSchema is present.
Rationale: Ensures contract compliance
CI Gate: context-guard.yml checks for response.data() calls
Status: β
ACTIVE (enforced by context-guard.yml)
Rule: Stub implementations of external dependencies (CDP, network, FS) MUST throw descriptive errors naming: the unavailable capability, the required setup step, and the relevant env var or flag. Rationale: "X is not a function" is a constitutional bug CI Gate: Code review for error messages Status: β³ PENDING (no CI)
Rule: All traffic between agents MUST pass through trios-server MCP bridge. Direct A2A calls bypassing broadcast are forbidden.
Rationale: Enables SSE observability
CI Gate: Network traffic validation
Status: β³ PENDING (no CI)
Rule: Chrome Extension (Trinity Agent Bridge) is the single visual channel for human observability. Any new tool MUST appear in sidepanel Tools tab automatically via tools/list.
Rationale: No hidden tool surfaces
CI Gate: Tool registration validation
Status: β³ PENDING (no CI)
| Invariant | Kingdom | Rule | CI Gate |
|---|---|---|---|
| I1: Build passes | Rust | cargo build --all --workspace exits 0 |
cargo build --all --workspace |
| I2: Tests pass | Test | No merge with failing tests | cargo test --all --workspace |
| I3: Clippy clean | Lint | clippy 0 warnings | cargo clippy --all-targets -- -D warnings |
| I4: Docs exist | Documentation | README.md and brand kit present | test -f README.md && test -f docs/TRINITY_BRAND_KIT.md |
| I5: No /extension root | Structure | No /extension directory at repo root |
test ! -d ./extension |
| I6: Port 9005 works | Network | MCP server accessible on port 9005 | nc -z localhost 9005 or equivalent |
| I7: No unsafe eval | Security | wasm-unsafe-eval only if declared |
! grep -r "wasm-unsafe-eval" crates/trios-ext/extension/manifest.json |
| I8: MCP bridge online | Protocol | MCP server responds to /health | MCP health endpoint check |
| I9: Experience current | Experience | Daily experience log exists | .trinity/experience/trios_$(date +%Y%m%d).trinity exists |
Every issue MUST include:
- Priority: P0-CRITICAL, P1-HIGH, P2-MEDIUM, or P3-LONG-TERM
- Kingdom: Rust, Test, Lint, Network, Structure, Security, Protocol, Identity, or Cross-kingdom
- Soul-Name: Humorous English name for the agent
| Priority | SLA | Examples |
|---|---|---|
| P0-CRITICAL | < 4 hours | Production break, security issue, release blocker |
| P1-HIGH | < 24 hours | Important feature, blocking bug, infra task |
| P2-MEDIUM | < 1 week | Improvement, refactor, documentation |
| P3-LONG-TERM | No SLA | Research, experiment, PhD work |
- Rust: Rust code changes
- Test: Test additions/modifications
- Lint: Linting or code quality
- Network: Network-related changes
- Structure: Repository structure
- Security: Security-related changes
- Protocol: Protocol or communication changes
- Identity: Authentication/authorization
- Cross-kingdom: Changes affecting multiple kingdoms
Every issue tracks its position in the PHI LOOP:
- CLAIM β Issue opened with acceptance criteria
- SPEC β TASK.md filled, goal formalized
- SEAL β TASK.md locked (no changes after)
- HASH β SHA256(TASK.md) stored
- GEN β Code written, tests written
- TEST β
cargo test --allPASSES - VERDICT β All acceptance criteria verified
- EXPERIENCE β
.trinity/experience/updated - SKILL β
.claude/skills/updated if needed - COMMIT β Commit with "Closes #N"
- PUSH β PR created and merged
- loop: β Update PHI LOOP status
- evidence: β Provide evidence
- rationale: β Explain reasoning
- verdict: β Result of verification
Canonical format (for /tri compatibility):
loop: <NATO_AGENT_NAME> | <STATUS> | <CONTEXT>
Status values:
- π’ ACTIVE β Agent is working
- π‘ BLOCKED β Waiting for something
- π΄ STUCK β Cannot proceed
- π’ DONE β Task completed
- βΈ QUEUED β In queue
Examples:
loop: ALFA | ACTIVE | Phase B grid sweep {0.0, 0.01, 0.02}
loop: BRAVO | BLOCKED | Waiting for @gHashTag review on #123
loop: DELTA | DONE | L1 compliance verified, 3 files added
11-step workflow with entry/exit criteria:
- CLAIM β Issue #N opened with acceptance criteria
- SPEC β TASK.md filled, goal formalized
- SEAL β TASK.md locked (no changes after this point)
- HASH β SHA256(TASK.md) stored in
.trinity/state/ - GEN β Code written, tests written
- TEST β
cargo test --allPASSES - VERDICT β All acceptance criteria verified
- EXPERIENCE β
.trinity/experience/*.mdupdated - SKILL β
.claude/skills/*.mdupdated if needed - COMMIT β Commit with "Closes #N"
- PUSH β PR created and merged
Exit condition: Only through COMMIT+PUSH or explicit verdict FAILED.
6-step procedure for changing LAWS.md:
Step 1: Create issue with constitutional_amendment.yml template
- Required: affected laws, rationale, hash_before
Step 2: Discussion (minimum 24 hours)
- Comments from @gHashTag
- Risk assessment (LOW/MEDIUM/HIGH/CRITICAL)
Step 3: Create feature branch
git checkout -b feat/laws-amend-<section>- Develop changes
Step 4: Review + Approval
- @gHashTag approval REQUIRED (CODEOWNERS)
- 1 reviewer minimum
- CI pass (laws-guard)
Step 5: Merge + Hash update
- Merge to main
- Update LAWS_HASH:
sha256sum LAWS.md > .trinity/state/LAWS_HASH
Step 6: Experience record
- Record in
.trinity/experience/laws-v2-amendment.md
Emergency bypass: P0 tasks require 2 approvers instead of 1.
Soul-name rules:
- Format: Humorous English name related to task (per L11)
- Uniqueness: One soul-name per task
- Forbidden: Reuse after violation (blacklist)
- Automation: Required field in task_contract.yml
- Verification: Checked in task_issue template
Examples:
- "Justice League" β Building constitutional infrastructure
- "Speed Racer" β Performance optimization
- "Doc Ock" β Documentation task
| Priority | SLA | Response Time | Examples |
|---|---|---|---|
| P0-CRITICAL | < 4 hours | Immediate | Production break, security issue, release blocker |
| P1-HIGH | < 24 hours | Same day | Important feature, blocking bug, infra task |
| P2-MEDIUM | < 1 week | Within week | Improvement, refactor, documentation |
| P3-LONG-TERM | No SLA | As available | Research, experiment, PhD work |
L1-L25 with current status (live-checked by /tri laws):
| Law | Description | CI Enforcement | Status |
|---|---|---|---|
| L1 | NO .sh files | β ci.yml | β PASS |
| L2 | Every PR closes an issue | β³ PENDING | β³ CHECK |
| L3 | clippy zero warnings | β ci.yml | β PASS |
| L4 | Tests before merge | β ci.yml | β PASS |
| L5 | Port 9005 is trios-server | β³ PENDING | β³ CHECK |
| L6 | Fallback required for GB tools | β³ PENDING | β³ CHECK |
| L7 | Experience log | β³ PENDING | β³ CHECK |
| L8 | Push first | β³ PENDING | β³ CHECK |
| L9 | No handwritten forbidden surface | β³ PENDING | β³ CHECK |
| L10 | Issue #143 is eternal | β³ PENDING | β³ CHECK |
| L11 | Name before mutation | β³ PENDING | β³ CHECK |
| L12 | Spec before implementation | β³ PENDING | β³ CHECK |
| L13 | Bounded authority | β³ PENDING | β³ CHECK |
| L14 | Auditability by default | β³ PENDING | β³ CHECK |
| L15 | Validation is a separate duty | β³ PENDING | β³ CHECK |
| L16 | Tailoring requires rationale | β³ PENDING | β³ CHECK |
| L17 | Improve code health, not heroics | β³ PENDING | β³ CHECK |
| L18 | Structured conflict resolution | β³ PENDING | β³ CHECK |
| L19 | Humans remain sovereign | β³ PENDING | β³ CHECK |
| L20 | Turn sessions into tools | β³ PENDING | β³ CHECK |
| L21 | Context immutability | β context-guard.yml | β PASS |
| L22 | Schema-response parity | β context-guard.yml | β PASS |
| L23 | No cryptic fallbacks | β³ PENDING | β³ CHECK |
| L24 | Agent traffic through MCP bridge | β³ PENDING | β³ CHECK |
| L25 | Chrome Extension is observability channel | β³ PENDING | β³ CHECK |
This constitution represents the sovereign law of the trios repository. Any violation constitutes a breach of trust between agents and human maintainers. The sanctity of this document is protected by CODEOWNERS, branch protection, CI gates, and cryptographic hash verification. Amendments follow Β§8 procedure only.
AMENDMENT TARGET: LAWS.md v1.x β v2.0
New agent? Start here. Everything you need to run autonomously is in one file.
Location: .trinity/prompts/agent-dispatch.md
This is the canonical entry point for every Trinity agent. Copy-paste it to start any autonomous session. It contains:
| Component | What it does |
|---|---|
| BOOT sequence | Reads SOUL.md β CLAUDE.md β AGENTS.md β NOW.json β state files |
| PHI LOOP (11 steps) | CLAIM β SPEC β SEAL β HASH β GEN β TEST β VERDICT β EXPERIENCE β SKILL β COMMIT β PUSH |
| LAWS L1βL9 embedded | Most critical laws inlined so agent can't miss them |
| HEARTBEAT format | loop: <NATO_NAME> | <STATUS> | <CONTEXT> β post every 30 min |
| DONE checklist (8 gates) | Prevents premature victory declaration |
| Soul-name selection | Agent picks NATO alphabet name autonomously on first run |
# Step 1 β Read the constitution
cat SOUL.md CLAUDE.md AGENTS.md NOW.json
# Step 2 β Load current state
cat .trinity/state/active-skill.json
cat .trinity/state/three-roads.json
# Step 3 β Orient
git log --oneline -5
gh issue list --limit 5CLAIM β SPEC β SEAL β HASH β GEN β TEST β VERDICT β EXPERIENCE β SKILL β COMMIT β PUSH
Full protocol: see Β§7 of this document.
Post to issue every 30 minutes while working:
loop: ALFA | ACTIVE | Writing BpbSink trait, 3/5 tests pass
loop: BRAVO | BLOCKED | Waiting for SR-00 merge to unblock SR-01
loop: GOLF | DONE | 16/16 tests GREEN, PR #474 merged
Full protocol: see Β§6 of this document.
Before declaring completion, verify ALL of these:
-
cargo test --allGREEN (no failures, no ignores) -
cargo clippy -- -D warningsZERO warnings - PR description contains
Closes #N - L14 trailer present:
Agent: <Soul-name>in commit -
.trinity/experience/entry written (L7) -
three-roads.jsonwritten with R1/R2/R3 - Issue comment posted with verdict
-
git pushcompleted (L8)
| Mistake | Prevention |
|---|---|
| Pushing to wrong remote (e.g. gitbutler upstream) | Check git remote -v before push β must show gHashTag/trios |
Missing Closes #N in PR |
Use gh pr create template, not manual |
Declaring done before three-roads.json |
Write roads BEFORE final commit |
| Working directory deleted mid-session | Use /tmp/ as fallback; push via MCP if needed |
| Orphan branch (no common history with main) | Always git checkout -b ring-NNN origin/main, not from detached HEAD |
NEON (Postgres) β igla_race_experience, strategy_queue, bpb_samples
.trinity/state/ β active-skill.json, three-roads.json, LAWS_HASH
.trinity/experience/ β daily logs, mistake memory
.trinity/prompts/ β agent-dispatch.md (THIS prompt)
GitHub Issues β PHI LOOP status comments, HEARTBEAT
Remember: NEON is the PhD source of truth. Every BPB measurement, every ASHA decision, every experience entry lives there permanently β not just in context window.