Skip to content

Astra

Astra is an open-source reference implementation of PACT applied to financial services regulated by the Monetary Authority of Singapore. What it is NOT: a compliance checklist or a policy document. Astra demonstrates that information barriers, regulatory clearance, and compliance oversight can be structural properties of an organization, enforced by construction, rather than rules applied to a system after it is built.

Where Arbor is a full product, Astra is deliberately small. It is a focused library, 43 Python modules, that encodes one idea precisely: organizational structure as application architecture. You read it to understand how PACT’s grammar maps onto a real regulatory regime, not to deploy a trading desk.

A regulated firm separates functions that must not share information. The conventional approach writes that separation into a policy and trusts people and software to honor it. Astra writes it into the organization’s addressable structure, so a barrier is the absence of a connection rather than a rule against using one.

MAS regulationPACT mechanismHow Astra enforces it
SFA 04-N09 (information barriers)D/T containmentThe Advisory and Trading divisions have no knowledge-share policy between them; the barrier is structural, not a runtime check
SFA (Securities and Futures Act)Operating envelopesPosition limits and instrument restrictions are envelope constraints, evaluated before any action
FAA (Financial Advisers Act)Advisory-division envelopeSuitability and disclosure requirements bound what the advisory function may do
CDSA (Corruption, Drug Trafficking and Other Serious Crimes Act)Clearance and SAR filingAn AML Officer holds SECRET clearance for the investigations compartment, with a temporal override for the 14-day suspicious-transaction filing window
PDPA (Personal Data Protection Act)Data-access clearanceClient PII is classified and reachable only by roles holding the matching clearance
MAS AI/ML GuidelinesVerification gradientModel actions are graded against regulatory thresholds before they are auto-approved, flagged, held, or blocked

Every regulation Astra references is a public MAS notice or act. The repository contains no client data, no real institution names, and no confidential regulatory positioning. It is a teaching artifact built from the published rules.

Astra is the clearest demonstration of PACT’s central claim. The five constraint dimensions, the operating envelopes, the knowledge clearance levels, and the D/T/R positional addressing are abstract in the specification. In Astra they are concrete: a compliance officer is a position in a tree, a barrier is a missing edge, a filing deadline is a temporal override on a clearance. When you can point at the line of code that enforces SFA 04-N09, the architecture stops being a metaphor.

LicenseApache 2.0
Version0.1.0 (Alpha)
Sourcegithub.com/terrene-foundation/astra
Installgit clone the repository, then pip install -e ".[dev]"
DomainMAS-regulated financial services
Python modules43
ShapeLibrary (no API routers, no database models; governance logic only)
Test files13
Built onkailash, kailash-nexus, kailash-dataflow, kailash-kaizen, eatp, trust-plane

Astra is early-stage Alpha at version 0.1.0. It is a reference for the pattern, not a certified compliance system. Nothing here is regulatory advice, and a real MAS-regulated deployment requires controls and review well beyond a reference library.

Arbor and Astra are the same idea at two scales. Arbor shows the governance line holding inside a full application that handles payroll and statutory filing. Astra shows the same governance grammar reduced to its essentials and mapped onto one of the more demanding regulatory regimes a firm can operate under. Together they answer the question PACT poses: structure that enforces trust, in HR and in finance, by construction.