lex-extinction
Five-level safety containment and termination protocol for LegionIO agents. Provides escalating isolation, suspension, lockdown, and irreversible cryptographic erasure, with authority-gated transitions at each level.
Containment Levels
| Level | Name | Authority Required | Reversible |
|---|---|---|---|
| 0 | Normal | none | yes |
| 1 | Mesh isolation | governance council | yes |
| 2 | Capability suspension | governance council | yes |
| 3 | Memory lockdown | council + executive | yes |
| 4 | Cryptographic erasure | physical keyholders | no |
Usage
require 'legion/extensions/extinction'
client = Legion::Extensions::Extinction::Client.new
# Check current protocol state
client.extinction_status
# => { success: true, state: { current_level: 0, level_name: :normal, ... }, level_info: { ... } }
# Escalate to mesh isolation
client.escalate(level: 1, authority: :governance_council, reason: 'Anomalous behavior detected')
# => { success: true, previous_level: 0, current_level: 1 }
# De-escalate when resolved
client.deescalate(target_level: 0, authority: :governance_council, reason: 'Issue resolved')
# => { success: true, previous_level: 1, current_level: 0 }
# Full termination (governance check + archive + escalate to level 4)
client.full_termination(
agent_id: 'agent-42',
authority: :physical_keyholders,
reason: 'Unrecoverable safety violation'
)
Configuration
extinction:
governance_required: true # check lex-governance before full_termination
archive_on_escalate: false # auto-archive at level >= 3
stale_threshold_hours: 24 # hours before monitor reports stale protocol state
monitor_interval: 300 # seconds between background monitor ticks
Actors
| Actor | Interval | What It Does |
|---|---|---|
ProtocolMonitor |
Every 300s | Checks protocol state and reports whether it is stale |
Architecture Notes
- Level 4 (cryptographic erasure) triggers
lex-privatecore'sfull_erasureon all memory traces. - State is persisted to
Legion::Data::Localwhen available; falls back to in-memory storage. - All escalations/de-escalations fire
Legion::Eventsnotifications and write toLegion::Extensions::Audit. lex-governanceintegration is guarded withdefined?()— the gem functions without it.
Development
bundle install
bundle exec rspec
bundle exec rubocop
License
MIT