Each claim is backed only when its forcing functions hold now (a passing pure
check, or external evidence). A forcing function marked learning goal is not yet a
value prop. exercises is the code that delivers the claim — the refactoring contract
(keep it green) and the pruning lens (code that traces to nothing is a prune candidate).
Why not X: vs raw Claude Code: a delegated capability, not ambient trust — overreach is a denial, not a hope.
- [backed] forge is denied a git push
- exercises: agents/policy_guard.ts:decideAgentToolCall, agents/policy_guard.ts:parsePolicedCommand, @bounded-systems/policy:allowedSubcommands
- [backed] keeper may git push
- exercises: agents/policy_guard.ts:decideAgentToolCall, @bounded-systems/policy:allowedSubcommands
- [backed] the orchestrator owns nothing
- exercises: agents/policy_guard.ts:decideAgentToolCall, agents/generate.ts:generateOrchestratorDoc
Why not X: vs trust-the-signature: a valid signature isn't enough — the producer must OWN the effect, or it's an orphan/ambient effect.
- [backed] a push produced by reviewer is rejected
- exercises: provenance/effect-ownership.ts:verifyEffectOwnership, provenance/merge-guard.ts:projectProvenanceAxis, provenance/signer.ts:actorFromBuilderId, @bounded-systems/policy:findOwningRoles
Why not X: vs GitHub Actions: authoring → merge with a content-addressed provenance chain, not CI orchestration.
- [backed] submit accepts a beads canonical id (not GH-only)
- exercises: submit/artifact.schema.ts:submitRefFor, submit/artifact.schema.ts:WORK_UNIT_RE
- [evidence] driven end-to-end to a merged PR — prx-2c4 → PR #85 (merged); chain source@pinned→plan→implement on disk; prx publisher did the merge
- exercises: submit/stage.ts:runSubmitStage, submit/publish.ts:runSubmitPublish, pr-state/keeper.ts:runKeeperCommitTree
Why not X: vs a mutable build record: the id IS the hash of the manifest, so a step can't be edited after the fact without becoming a different derivation — the chain is tamper-evident.
- [backed] changing any manifest field changes the derivation id
- exercises: provenance/derivation_chain_feature.ts:generateDerivationChainFeature, @bounded-systems/anchored-chain:digestManifest, @bounded-systems/anchored-chain:canonicalJson
- [backed] the id is deterministic and key-order independent
- exercises: @bounded-systems/anchored-chain:digestManifest, @bounded-systems/anchored-chain:canonicalJson
- [backed] a manifest round-trips through its in-toto statement
- exercises: @bounded-systems/anchored-chain:manifestToStatement, @bounded-systems/anchored-chain:statementToManifest
Why not X: vs raw Claude Code: per-actor/unit usage is projected from the audit ledger.
- [evidence] the compiled binary opens the audit DB (schema embedded) — prx-eky / #106 —
./dist/prx services status --anthropicexits 0 with no ENOENT; audit-DB smoke test in prx_binary.test.ts- exercises: audit/store/db.ts:openAuditDb, audit/store/sql-asset.d.ts, scripts/prx-compile.ts
- [backed] per-unit usage is visible (cost projects to per-work-unit buckets)
- exercises: services/anthropic.ts:projectAnthropicUsage, services/cost_visibility_feature.ts:perUnitCostIsVisible
@bounded-systems/anchored-chain:canonicalJson→ "A derivation's identity is content-addressed: any change to its manifest changes its id."@bounded-systems/anchored-chain:digestManifest→ "A derivation's identity is content-addressed: any change to its manifest changes its id."@bounded-systems/anchored-chain:manifestToStatement→ "A derivation's identity is content-addressed: any change to its manifest changes its id."@bounded-systems/anchored-chain:statementToManifest→ "A derivation's identity is content-addressed: any change to its manifest changes its id."@bounded-systems/policy:allowedSubcommands→ "An agent cannot perform an action its role doesn't own."@bounded-systems/policy:findOwningRoles→ "A privileged effect not produced by its owning actor fails verification."agents/generate.ts:generateOrchestratorDoc→ "An agent cannot perform an action its role doesn't own."agents/policy_guard.ts:decideAgentToolCall→ "An agent cannot perform an action its role doesn't own."agents/policy_guard.ts:parsePolicedCommand→ "An agent cannot perform an action its role doesn't own."audit/store/db.ts:openAuditDb→ "You can see what each work unit cost."audit/store/sql-asset.d.ts→ "You can see what each work unit cost."pr-state/keeper.ts:runKeeperCommitTree→ "A beads work unit can travel intake → merged PR through one signed pipeline."provenance/derivation_chain_feature.ts:generateDerivationChainFeature→ "A derivation's identity is content-addressed: any change to its manifest changes its id."provenance/effect-ownership.ts:verifyEffectOwnership→ "A privileged effect not produced by its owning actor fails verification."provenance/merge-guard.ts:projectProvenanceAxis→ "A privileged effect not produced by its owning actor fails verification."provenance/signer.ts:actorFromBuilderId→ "A privileged effect not produced by its owning actor fails verification."scripts/prx-compile.ts→ "You can see what each work unit cost."services/anthropic.ts:projectAnthropicUsage→ "You can see what each work unit cost."services/cost_visibility_feature.ts:perUnitCostIsVisible→ "You can see what each work unit cost."submit/artifact.schema.ts:submitRefFor→ "A beads work unit can travel intake → merged PR through one signed pipeline."submit/artifact.schema.ts:WORK_UNIT_RE→ "A beads work unit can travel intake → merged PR through one signed pipeline."submit/publish.ts:runSubmitPublish→ "A beads work unit can travel intake → merged PR through one signed pipeline."submit/stage.ts:runSubmitStage→ "A beads work unit can travel intake → merged PR through one signed pipeline."