Astra
Astra is an open-source reference implementation of PACT applied to financial services regulated by the Monetary Authority of Singapore. What it is NOT: a compliance checklist or a policy document. Astra demonstrates that information barriers, regulatory clearance, and compliance oversight can be structural properties of an organization, enforced by construction, rather than rules applied to a system after it is built.
Where Arbor is a full product, Astra is deliberately small. It is a focused library, 43 Python modules, that encodes one idea precisely: organizational structure as application architecture. You read it to understand how PACT’s grammar maps onto a real regulatory regime, not to deploy a trading desk.
Compliance as structure, not policy
Section titled “Compliance as structure, not policy”A regulated firm separates functions that must not share information. The conventional approach writes that separation into a policy and trusts people and software to honor it. Astra writes it into the organization’s addressable structure, so a barrier is the absence of a connection rather than a rule against using one.
| MAS regulation | PACT mechanism | How Astra enforces it |
|---|---|---|
| SFA 04-N09 (information barriers) | D/T containment | The Advisory and Trading divisions have no knowledge-share policy between them; the barrier is structural, not a runtime check |
| SFA (Securities and Futures Act) | Operating envelopes | Position limits and instrument restrictions are envelope constraints, evaluated before any action |
| FAA (Financial Advisers Act) | Advisory-division envelope | Suitability and disclosure requirements bound what the advisory function may do |
| CDSA (Corruption, Drug Trafficking and Other Serious Crimes Act) | Clearance and SAR filing | An AML Officer holds SECRET clearance for the investigations compartment, with a temporal override for the 14-day suspicious-transaction filing window |
| PDPA (Personal Data Protection Act) | Data-access clearance | Client PII is classified and reachable only by roles holding the matching clearance |
| MAS AI/ML Guidelines | Verification gradient | Model actions are graded against regulatory thresholds before they are auto-approved, flagged, held, or blocked |
Every regulation Astra references is a public MAS notice or act. The repository contains no client data, no real institution names, and no confidential regulatory positioning. It is a teaching artifact built from the published rules.
What you learn from reading it
Section titled “What you learn from reading it”Astra is the clearest demonstration of PACT’s central claim. The five constraint dimensions, the operating envelopes, the knowledge clearance levels, and the D/T/R positional addressing are abstract in the specification. In Astra they are concrete: a compliance officer is a position in a tree, a barrier is a missing edge, a filing deadline is a temporal override on a clearance. When you can point at the line of code that enforces SFA 04-N09, the architecture stops being a metaphor.
Project details
Section titled “Project details”| License | Apache 2.0 |
| Version | 0.1.0 (Alpha) |
| Source | github.com/terrene-foundation/astra |
| Install | git clone the repository, then pip install -e ".[dev]" |
| Domain | MAS-regulated financial services |
| Python modules | 43 |
| Shape | Library (no API routers, no database models; governance logic only) |
| Test files | 13 |
| Built on | kailash, kailash-nexus, kailash-dataflow, kailash-kaizen, eatp, trust-plane |
Astra is early-stage Alpha at version 0.1.0. It is a reference for the pattern, not a certified compliance system. Nothing here is regulatory advice, and a real MAS-regulated deployment requires controls and review well beyond a reference library.
Why it matters for the architecture
Section titled “Why it matters for the architecture”Arbor and Astra are the same idea at two scales. Arbor shows the governance line holding inside a full application that handles payroll and statutory filing. Astra shows the same governance grammar reduced to its essentials and mapped onto one of the more demanding regulatory regimes a firm can operate under. Together they answer the question PACT poses: structure that enforces trust, in HR and in finance, by construction.