CARE defines why governance matters. EATP makes trust verifiable. CO structures the collaboration. None of them addresses a prior question: who in the organization is accountable for what, and how do those accountability boundaries interact with AI delegation?
In practice, most organizations using autonomous systems have no formal grammar for describing accountability. Roles are implicit. Delegation is verbal. Constraint boundaries exist in people’s heads. When an AI agent acts on behalf of a department, the connection between institutional authority and agent capability is undocumented and unverifiable.
PACT provides the organizational grammar that makes CARE, EATP, and CO operational at institutional scale.
The D/T/R model. Three levels of positional addressing: Department (D), Team (T), and Role (R). Every human and every AI agent has an address in this structure. A core invariant enforces accountability: every containment node (D or T) must be immediately followed by a Role before any further structure can attach. Containers do not make decisions; only people do.
Accountability is positional (attached to the role, not the person filling it), which means governance survives personnel changes. The model scales from a 5-person startup to a 500+ person enterprise without structural modification. Addresses are computed deterministically from the tree structure, enabling efficient prefix queries across organizational subtrees.
Constraint envelopes. Each position carries a three-layer constraint envelope:
Each layer constrains across CARE’s five dimensions (Financial, Operational, Temporal, Data Access, Communication). Envelopes propagate through delegation and can only tighten. They cannot loosen. This monotonic tightening invariant is enforced mechanically, not by policy.
Verification gradient. Four zones replacing binary approve/reject:
| Zone | Agent behavior | Human involvement |
|---|---|---|
| Auto-approved | Proceeds immediately | None (observable post-hoc) |
| Flagged | Proceeds, notification sent | Notified, can intervene retroactively |
| Held | Pauses for decision | Yes, bounded, specific decision context |
| Blocked | Cannot proceed | Denied automatically |
The gradient prevents governance from becoming a bottleneck on routine operations while maintaining full attestation on high-risk ones. When a human is required (Held zone), they receive bounded decision context: proposed action, why held, alternatives, and a timeout.
Knowledge clearance. Five-level clearance model (C0 through C4) independent of organizational rank. A junior analyst with domain expertise may have higher knowledge clearance than a senior executive without it. Clearance determines what information an agent can access and what decisions it can inform, decoupling information access from hierarchical authority. Posture caps clearance: an agent’s effective clearance is the minimum of its role’s maximum clearance and the ceiling imposed by its current trust posture.
Emergency bypass. Tiered bypass system for genuine emergencies. Four tiers with escalating approval requirements and hard auto-expiry (4 hours to 72 hours). A bypass cannot widen authority beyond the approving authority’s own envelope. Post-incident review is mandatory within 7 days. Rate limiting prevents abuse.
PACT for MCP. Governance middleware for the Model Context Protocol. Any MCP-compatible agent (Claude Code, Codex, Gemini, or any custom implementation) can be governed by PACT constraint envelopes. The governance layer sits between the agent and the tools it invokes: GitHub, Slack, databases, APIs. Constraints are enforced at invocation time, not audited afterward.
PACT defines organizational structure and accountability grammar. It does not define:
The reference implementation is kailash-pact, available as part of the Kailash Python SDK.
pip install kailash-pactThe reference implementation includes:
Source: github.com/terrene-foundation/kailash-py (packages/kailash-pact)
| Specification | Role | PACT’s relationship |
|---|---|---|
| CARE | Philosophy | PACT implements CARE’s constraint dimensions at organizational scale |
| EATP | Trust | PACT uses EATP for high-verification operations; provides organizational context for attestations |
| CO | Methodology | PACT provides the accountability structure within which CO workflows execute |
PACT is a Working Architecture with a defined promotion path to full specification status. The reference implementation (kailash-pact v0.5.0) is production-tested. Promotion criteria include: independent implementation, external review, and demonstrated deployment in at least two organizational contexts.
The complete PACT thesis: D/T/R grammar with formal invariants, recursive envelope delegation, verification gradient, knowledge clearance framework, emergency bypass, cross-domain universality analysis, and promotion criteria.
Read the full specification →