Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/architecture/03-c4-context.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ Canonical source: [`diagrams/c4-context.mmd`](diagrams/c4-context.mmd). Conventi

## 4. External actors

The boundary-crossing actors are defined canonically in [`02-trust-boundaries.md`](02-trust-boundaries.md) §3. This view groups them by role and marks per-actor optionality so the one-click solo install path is visible at a glance.
The boundary-crossing actors are defined canonically in [`02-trust-boundaries.md`](02-trust-boundaries.md) §3. This view groups them by role and marks per-actor optionality; exact required/optional status is in the §4 table below.

| Actor | Role | Required-or-optional | NFR anchor |
|---|---|---|---|
Expand Down
6 changes: 2 additions & 4 deletions docs/architecture/PROCESS.md
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,6 @@ Every file under `docs/architecture/` must match an entry in the whitelist at `s

When a PR legitimately needs a new file kind (e.g. introducing the `contracts/` directory or a new compliance template), update `ALLOWED` in `architecture-tree-whitelist.sh` in the same PR. Reviewers check that the added pattern is as tight as possible: `compliance/*-mapping.md`, not `compliance/*`.

## What this file is not
## Scope boundary

- Not a roadmap. Roadmaps live elsewhere.
- Not a checklist of which artifacts exist. That's `README.md`.
- Not the rules for writing the content itself. Those are in `CLAUDE.md` under `## Documentation discipline` and `## Architecture content routing`.
This file is the how-to for adding artifacts. Adjacent concerns live elsewhere: roadmaps are out of scope; the inventory of which artifacts exist is `README.md`; the rules for writing the content are in `CLAUDE.md` under `## Documentation discipline` and `## Architecture content routing`.
6 changes: 3 additions & 3 deletions docs/architecture/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ applies-to: next/v1

This directory will hold the canonical enterprise solution architecture for `next/v1`. Read [`MANIFESTO.md`](./MANIFESTO.md) before anything else.

## What's here
## Files in this directory

| File | Status | Purpose |
|---|---|---|
Expand All @@ -23,9 +23,9 @@ This directory will hold the canonical enterprise solution architecture for `nex
| `diagrams/` | empty | Mermaid / D2 source files. |
| `compliance/` | empty | Per-framework mappings (SOC 2, ISO 27001, DORA, EU AI Act, GDPR, SR 11-7, HIPAA, PCI-DSS). |

## What's NOT here yet
## Not yet present

Everything else. The tree grows one artifact per PR, after discussion. See [`PROCESS.md`](./PROCESS.md).
The tree grows one artifact per PR, after discussion. See [`PROCESS.md`](./PROCESS.md).

The in-progress materials at [`docs/future-architecture/`](../future-architecture/) remain a working buffer until coverage here reaches 100%; at that point a `SUPERSEDED.md` marker points back here and that directory becomes legacy.

Expand Down
2 changes: 1 addition & 1 deletion docs/architecture/adr/0000-template.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ What changes as a result? Positive and negative. Cite the components affected by

- Positive: …
- Negative: …
- Neutral but worth noting: …
- Neutral: …

## Alternatives considered

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ The Layer 0 SAST gate runs against every path in the repository except those lis

## Alternatives considered

- **Baseline cleanup PR.** Fix the 37 findings in legacy code before continuing. Rejected: the code is scheduled for full rewrite; fixing it now spends review time on artifacts we throw away. The legacy code is not patched on `next/v1`; it is replaced from scratch in Layer 6+ per the architecture plan.
- **Baseline cleanup PR.** Fix the 37 findings in legacy code before continuing. Rejected: the code is scheduled for full rewrite in Layer 6+ per the architecture plan; fixing it now spends review time on artifacts we throw away.
- **Per-rule exception file** (`.semgrep-exceptions.yaml` with finding hashes). Rejected: gives the illusion of per-finding scrutiny while in practice rubber-stamping every legacy hit. The directory-level exclusion is more honest about what we are doing.
- **Lower the gate to `WARN`.** Rejected: removes the gate for new code too. The whole point of Layer 0 is that new components must pass on creation.
- **Delete the legacy code from `next/v1` now.** Rejected: the branch must stay runnable for early-stage demos and contract-shape experiments until Layer 6+ components land.
Expand Down
2 changes: 1 addition & 1 deletion docs/architecture/adr/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ Architecture Decision Records. One file per decision. ADRs appear on demand foll

`deprecated` is for decisions that no longer apply but were not superseded by a specific replacement.

## When to write an ADR (vs. inline note)
## ADR threshold

An ADR is for decisions that are:

Expand Down
2 changes: 1 addition & 1 deletion docs/architecture/manifesto/01-audience-and-buyer.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Names who Wide-Moat is built for, who can stop a deployment from happening, and

## Audience

Wide-Moat is built for any organisation that needs in-perimeter agentic AI. The capability ceiling targets the requirements of a tier-1 US or EU bank — the most demanding envelope of security, compliance, and operational scale we know — so smaller and less-regulated organisations fit beneath it on the same artifact. Primary commercial focus and trust anchor are tier-1 banks; the product is one product, not a tiered SKU. The 2026 use-cases that close at this tier are KYC/AML investigator assistance, internal IT-helpdesk automation, sandboxed developer productivity, and compliance-evidence collection.
Wide-Moat is built for any organisation that needs in-perimeter agentic AI. The capability ceiling targets the requirements of a tier-1 US or EU bank — the most demanding regulatory and operational-scale envelope we design against — so smaller and less-regulated organisations fit beneath it on the same artifact. Primary commercial focus and trust anchor are tier-1 banks; the product is one product, not a tiered SKU. The 2026 use-cases that close at this tier are KYC/AML investigator assistance, internal IT-helpdesk automation, sandboxed developer productivity, and compliance-evidence collection.

Wide-Moat is sold as an in-perimeter ecosystem subscription — a single integrated platform with enablement and certification, not as separable components.

Expand Down
2 changes: 1 addition & 1 deletion docs/architecture/manifesto/02-nfrs.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ Three short-lived token classes carry three different lifetimes by design:
| Generic internal token | inter-component RPC | ≤60 min | NFR-SEC-23 |
| Broker scoped-JWT | per-resource (one filesystem / one upstream API key class) | ≤15 min | NFR-SEC-29 |

Tighter scope = shorter TTL. The three numbers are independent commitments, not contradictions.
Tighter scope = shorter TTL; the three numbers are independent commitments.

## Scope ownership

Expand Down
Loading