Update GOVERNANCE.md

Author: GsCommand

GOVERNANCE.md

@@ -1,193 +1,177 @@
-# GOVERNANCE — CommandLayer Protocol
+# GOVERNANCE — Protocol-Commons (CommandLayer)
 
-**Applies To:** Protocol-Commons, Protocol-Commercial, Agent-Cards  
+**Scope:** Protocol-Commons (primary), Agent-Cards (identity bindings)  
 **Status:** v1.0.0 — Stable-Lock  
 
-> This document is **NORMATIVE, ENFORCEABLE, AND PERMANENT**.  
-> Governance is custodial today and **designed to decentralize** over time.
+> This governance is **NORMATIVE, ENFORCEABLE, AND PERMANENT**.  
+> Control is custodial today and **designed to decentralize** as adoption grows.
 
 ---
 
-## 1. Stewardship Model
+## 1. Mandate of Commons Governance
 
-**Founding Steward:** `commandlayer.eth`
+Protocol-Commons governs **semantic truth**:
 
-Responsible for:
-
-- Maintaining canonical Commons + Commercial semantics  
-- Publishing signed manifests + checksums  
-- Approving normative version changes  
-- Security revocations + provenance logging  
-- Transparency and public accountability  
-
-> The Steward protects **semantic stability** until multi-party governance takes over.
-
-### 1.1 Decentralization Roadmap
+- Canonical verbs  
+- Request/receipt schemas  
+- TXT semantics for schema binding  
+- Normative version changes  
+- Immutable historical provenance  
 
-| Phase | Governance | Trigger |
-|------|------------|---------|
-| 1 — Bootstrap | Single-operator Safe | Initial ecosystem adoption |
-| 2 — Multi-Maintainer | ≥3 independent vendors in Safe | Cross-vendor production usage |
-| 3 — Standards Committee | Public proposal + review | Widespread interoperability reliance |
-| 4 — Neutral Standards Body | Community-elected seats | Global normative standard |
+It MUST protect:
 
-New governance participants SHALL be recruited from:
+- **Machine-readable meaning**
+- **Interoperability continuity**
+- **Permanent public access**
 
-- ENS DAO  
-- Ethereum Foundation contributors  
-- Neutral infra & runtime operators  
-- Academic and open-standards bodies  
-
-Vendor diversity is REQUIRED — no single affiliation may dominate control.
+> **Commons is the constitution of agent intent.**  
+> Everything else derives authority from it — not the other way around.
 
 ---
 
-## 2. Scope of Authority — NORMATIVE
+## 2. Strict Scope Limits — NORMATIVE
 
-Governance **MAY** define:
+### Commons MAY govern:
+- Semantic contracts (schema language, grammar, behavior)
+- Required validation mode (strict, draft 2020-12)
+- TXT keys that bind semantic truth (`cl.schema.*`)
 
-- Semantic contracts (Commons + Commercial schemas)
-- TXT semantics for identity + invocation
-- Transparency + versioning requirements
+### Commons MUST NOT govern:
+- Pricing or economics  
+- Runtime topology  
+- Execution performance or SLAs  
+- Vendor-specific commercial logic  
 
-Governance **MUST NOT** dictate:
+Commercial and Runtime layers MUST remain **subordinate**:
 
-- Execution pricing  
-- Runtime topology  
-- Settlement mechanisms  
-- Vendor-specific commercial logic
+> **Execution is business.  
+> Semantics are public goods.**
 
-> **Commons + Commercial define language.  
-> Agent-Cards bind identity.  
-> Runtime governs execution and economics.**
+Commercial schemas may reference Commons semantics — they **may not alter them**.
 
 ---
 
-## 3. Immutable Semantic Guarantees (Anti-Rug)
+## 3. Stewardship — Bootstrap to Neutrality
 
-Once published:
+**Founding Steward:** `commandlayer.eth`  
 
-- **Schemas:** `$id`, CID, and versioned TXT keys MAY NOT change  
-- **Agent-Cards:** historical versions MUST remain resolvable  
-- **Governance artifacts:** MUST preserve full historical context  
+Responsible for:
 
-Attempts to mutate semantics in place MUST be treated as **untrusted**.
+- Canonical schema publishing  
+- Signed manifest + checksum updates  
+- Security revocations + provenance logs  
+- Transparency for all normative decisions  
 
-Schemas are **permanently free** under MIT/Apache-2.0 — irrevocable rights.
+### Decentralization Phases
 
-> **Semantics are public infrastructure — forever.**
+| Phase | Governance Form | Trigger |
+|-------|----------------|---------|
+| 1 — Bootstrap | Single-operator Safe | Initial production adoption |
+| 2 — Multi-Maintainer | ≥3 independent vendors in Safe | Cross-vendor reliance |
+| 3 — Standards Committee | Public RFC review + voting | Global ecosystem dependence |
+| 4 — Neutral Standards Body | Community-elected | Entrenched industry standard |
 
----
+Vendor diversity REQUIRED — **no single affiliation may dominate**.
 
-## 4. Change Classes
+A non-profit legal wrapper SHALL be established before Phase 3.
 
-| Change | Version Rule | Required Log |
-|-------|--------------|--------------|
-| **Normative** (behavior change) | `1 → 2` | `RESOLUTION.md` |
-| **Compat-affecting** | `1.0 → 1.1` | `RESOLUTION.md` |
-| **Non-behavioral** | `1.0.0 → 1.0.1` | Commit history |
+---
 
-CIDs + checksums MUST be published for every semantic release.
+## 4. Immutable Semantic Guarantees (Anti-Rug)
 
----
+Once published:
 
-## 5. Release Requirements
+- `$id`, CID, and version MUST NEVER change  
+- Historical schemas MUST remain resolvable  
+- Governance history MUST NOT be rewritten  
 
-Valid releases MUST include:
+Commercial schemas inherit similar guarantees:
 
-- Strict validation CI passing  
-- Signed IPFS CIDs + checksums  
-- Updated transparency artifacts:
-  - `SPEC.md`, `VERSIONING.md`, `SECURITY_PROVENANCE.md`, `RESOLUTION.md`
+> **Commercial schemas are permanently free** —  
+> **economics only occur at runtime, never in the semantic layer.**
 
-> **Atomic. Verified. Immutable. Or not valid.**
+Attempts to mutate semantics in place MUST be treated as **UNTRUSTED**.
 
 ---
 
-## 6. TXT Governance (NORMATIVE)
+## 5. TXT Key Governance — NORMATIVE
 
 TXT semantics are partitioned:
 
 | Prefix | Authority | Meaning | Mutation Allowed? |
 |--------|-----------|---------|------------------|
-| `cl.schema.*` | Commons + Commercial | Semantic schemas | ❌ NEVER |
+| `cl.schema.*` | Commons | Semantic bindings | ❌ NEVER |
 | `cl.agentcard` | Agent-Cards | Identity binding | ❌ NEVER (per version) |
-| `cl.runtime.*` | Runtime | Execution endpoints | ✔ Yes, logged |
+| `cl.runtime.*` | Runtime | Operational endpoints | ✔ Yes, logged |
 
 Resolvers MUST:
 
-- Reject TXT → CID mismatches  
+- Reject TXT ↔ CID mismatches  
 - Treat unauthorized TXT keys as **UNTRUSTED**  
-- Honor immutability of versioned schema keys  
+- Enforce immutability of all versioned schema keys  
 
-> **Schema TXT keys are sacred. Runtime keys are operational.**
+> **Schema TXT is sacred.  
+> Runtime TXT is operational.**
 
 ---
 
-## 7. ENS Custody Model — NORMATIVE
+## 6. ENS Custody — NORMATIVE
 
 Canonical ENS:
 
 - `commandlayer.eth`  
 - `{verb}agent.eth` identities  
 
-Custody MUST be a **3-of-5 Safe** once Phase 2 triggers:
+Custody SHALL transition to a **3-of-5 Safe** before Phase 2:
 
-- Signers hardware-backed  
-- All signer identities disclosed in `SECURITY_PROVENANCE.md`  
-- Rotation MUST be logged as governance action  
+- Hardware-backed keys  
+- Signer identities publicly logged  
+- Rotation MUST be recorded in `SECURITY_PROVENANCE.md`  
 
-**No single key** can change canonical TXT state.
+No single key may modify canonical semantics.
 
 ---
 
-## 8. Runtime Governance Boundary
-
-- Runtime **MAY** set and rotate `cl.runtime.*`
-- Runtime **MAY** define pricing and SLAs
-- Runtime **MAY** provide commercial execution
+## 7. Change Classification
 
-Runtime MUST NOT:
-
-- Alter semantic contracts  
-- Shadow governed schema keys  
-- Introduce proprietary lock-in of verbs
+| Change Class | Version Rule | Required Log |
+|--------------|--------------|--------------|
+| **Normative** (behavior change) | `1 → 2` | `RESOLUTION.md` |
+| **Compat-affecting** | `1.0 → 1.1` | `RESOLUTION.md` |
+| **Non-behavioral** | `1.0.0 → 1.0.1` | Commit history |
 
-> **Execution is business.  
-> Semantics are public goods.**
+Every semantic release MUST publish new CIDs + checksums.
 
 ---
 
-## 9. Dispute Resolution
+## 8. Security Governance
 
-1. Public Issue opened  
-2. Evidence + impact review  
-3. Governance decision + rationale  
-4. Permanent entry in `RESOLUTION.md`  
+- Responsible disclosure contact MUST be active  
+- No silent patches or overwritten history  
+- Emergency revocation allowed to protect downstream users  
 
-Emergency revocation MAY bypass full review to protect users.
+Transparency ALWAYS wins.
 
 ---
 
-## 10. Compatibility Claims
+## 9. Enforcement of Compatibility Claims
 
-Software MAY claim:
+Products MAY claim:
 
 - **Commons-Compatible**
-- **Commercial-Compatible**
 - **Agent-Cards-Compatible**
 
 ONLY if:
 
-- CID + `$id` validation  
-- Ajv strict mode  
-- Timestamp-protected trace + receipts  
-- Conformance with this Governance  
+- `$id` + CID validation passes  
+- Ajv strict mode enforced  
+- Traceable receipt conformance  
+- Adherence to this Governance  
 
-False claims REQUIRE enforcement.
+False claims REQUIRE public enforcement action.
 
 ---
 
 _Last updated: v1.0.0 — Stable-Lock_  
 Signed: **`commandlayer.eth`**  
-*Founding Steward — CommandLayer Standards*
+*Founding Steward — CommandLayer Semantic Standards*