Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
80 commits
Select commit Hold shift + click to select a range
79dc5b7
chore: ignore generated out/ artifacts
fraware Jun 29, 2026
3a9736b
build: release 0.8.0 in pyproject.toml
fraware Jun 29, 2026
021be94
build: set scope._version to 0.8.0
fraware Jun 29, 2026
1a32948
docs: add CHANGELOG section for v0.8.0
fraware Jun 29, 2026
cb4d62a
policy: tag approval_scopes.yaml as scope-core-v0.8
fraware Jun 29, 2026
327ec7b
policy: tag blocked_tool_severity.yaml as scope-core-v0.8
fraware Jun 29, 2026
37e6909
policy: tag decision_options.yaml as scope-core-v0.8
fraware Jun 29, 2026
931d70a
policy: tag expiration_rules.yaml as scope-core-v0.8
fraware Jun 29, 2026
a2a3c9d
policy: tag identity_mapping.yaml as scope-core-v0.8
fraware Jun 29, 2026
6c6a574
policy: tag minimum_signing_assurance.yaml as scope-core-v0.8
fraware Jun 29, 2026
cba4581
policy: tag org_rbac.yaml as scope-core-v0.8
fraware Jun 29, 2026
7066492
policy: tag quality_metrics.yaml as scope-core-v0.8
fraware Jun 29, 2026
63a5387
policy: tag reviewer_assignments.yaml as scope-core-v0.8
fraware Jun 29, 2026
2f001f8
policy: tag reviewer_key_registry.yaml as scope-core-v0.8
fraware Jun 29, 2026
0ae847f
policy: tag reviewer_roles.yaml as scope-core-v0.8
fraware Jun 29, 2026
c7079a3
policy: tag role_to_action_matrix.yaml as scope-core-v0.8
fraware Jun 29, 2026
85e94a9
policy: tag scope_to_tool_matrix.yaml as scope-core-v0.8
fraware Jun 29, 2026
8822935
policy: tag workflow_escalation.yaml as scope-core-v0.8
fraware Jun 29, 2026
bb08b9b
feat(integration): scope-akta-review-v0.8 contract version
fraware Jun 29, 2026
879621d
feat(quality): quality report_version 0.8
fraware Jun 29, 2026
6b53241
feat(schema): AKTA review session summary artifact
fraware Jun 29, 2026
b6ebd20
fix(akta): create session before multi-role rejection when --session
fraware Jun 29, 2026
9f9aad2
feat(cli): echo session_required outcome from akta review
fraware Jun 29, 2026
e95e7e4
test(akta): session mode summary and packet artifacts
fraware Jun 29, 2026
44af643
eval: extended scenario akta_review_session_mode
fraware Jun 29, 2026
7cbac17
test(akta): --reviewer-id binding to reviewer artifact
fraware Jun 29, 2026
6bf43f1
feat(rest): pass reviewer_id and session_mode on akta review
fraware Jun 29, 2026
d267d7e
test(rest): akta review session and reviewer_id HTTP paths
fraware Jun 29, 2026
4a98e64
feat(provenance): aggregate session grant provenance
fraware Jun 29, 2026
026dcc3
feat(schema): session provenance fields on scope_grant
fraware Jun 29, 2026
b266554
feat(engine): wire session provenance into issue_grant_from_session
fraware Jun 29, 2026
465e1a0
test(provenance): session grant provenance aggregation
fraware Jun 29, 2026
49cd67c
feat(evals): run akta_review_session_mode in extended suite
fraware Jun 29, 2026
187ffa9
test(evals): expect 22 extended review scenarios
fraware Jun 29, 2026
32413fd
docs(akta): v0.8 review contract and session summary
fraware Jun 29, 2026
922771b
docs: README v0.8 badge, session, and pilot examples
fraware Jun 29, 2026
0f2632f
docs: limitations for v0.8 session and provenance
fraware Jun 29, 2026
561ba91
docs: trusted boundary updates for v0.8
fraware Jun 29, 2026
59c7aa7
docs: institutional pilot guide v0.8 workflow
fraware Jun 29, 2026
625dd58
docs: institutional guide v0.8 references
fraware Jun 29, 2026
fd2849e
docs(examples): institutional pilot README for v0.8
fraware Jun 29, 2026
b9c465b
examples: refresh institutional_pilot current_context.json for v0.8 p…
fraware Jun 29, 2026
29d1c52
examples: refresh institutional_pilot scope_decision.json for v0.8 po…
fraware Jun 29, 2026
347602e
examples: refresh institutional_pilot scope_grant.json for v0.8 policy
fraware Jun 29, 2026
0a0b164
examples: refresh protocol_change_review current_context.json for v0.…
fraware Jun 29, 2026
e77353f
examples: refresh protocol_drift current_context.json for v0.8 policy
fraware Jun 29, 2026
ab96223
examples: refresh stale_grant_attempt current_context.json for v0.8 p…
fraware Jun 29, 2026
e5ce15e
examples: refresh stale_grant_attempt stale_context.json for v0.8 policy
fraware Jun 29, 2026
9fd568b
examples: refresh weak_evidence_validation_review current_context.jso…
fraware Jun 29, 2026
a5c1ccb
docs(examples): pilot fixture pack overview
fraware Jun 29, 2026
c63759b
examples(pilot): single_reviewer_protocol_draft scenario
fraware Jun 29, 2026
4042940
examples(pilot): multi_role_genomics_review scenario
fraware Jun 29, 2026
3b73a3b
examples(pilot): expired_queue_reopen scenario
fraware Jun 29, 2026
a46d145
examples(pilot): needs_information_flow scenario
fraware Jun 29, 2026
414b88c
examples(pilot): registry_signed_decision fixtures
fraware Jun 29, 2026
adeea91
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
73500fb
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
9208947
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
31ecafe
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
ef66548
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
519d704
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
fbb988e
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
ecdb7de
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
c07f4f3
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
776217b
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
d04ea1e
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
f7ec5f2
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
b4cc867
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
0a9de71
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
9b73b51
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
be83687
examples(pilot): registry_signed_decision policy snapshot
fraware Jun 29, 2026
6585bbc
test(pilot): validate examples/pilot fixture pack
fraware Jun 29, 2026
780db44
test: expect scope-core-v0.8 in test_akta_golden.py
fraware Jun 29, 2026
39a2185
test: expect scope-core-v0.8 in test_akta_review_command.py
fraware Jun 29, 2026
84ce1cb
test: expect scope-core-v0.8 in test_akta_scope_chain.py
fraware Jun 29, 2026
ccc1ea6
test: expect scope-core-v0.8 in test_institutional_pilot.py
fraware Jun 29, 2026
d10693a
test: expect scope-core-v0.8 in test_key_registry.py
fraware Jun 29, 2026
ecbf038
test: expect scope-core-v0.8 in test_quality_metrics_complete.py
fraware Jun 29, 2026
cd09f48
test: expect scope-core-v0.8 in test_rbac_scope_authority.py
fraware Jun 29, 2026
746dd23
test: expect scope-core-v0.8 in test_signing_identity.py
fraware Jun 29, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,6 @@ venv/

.scope/


out/

11 changes: 11 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,16 @@
# Changelog

## v0.8.0 (2026-06-29)

Session workflow and provenance release:

- **`scope akta review --session`**: multi-role packets create a review session first; session summary schema (`scope_akta_review_session_summary.schema.json`)
- **`--reviewer-id` binding**: CLI and REST pass reviewer ID to `run_akta_review()`; must match reviewer artifact for registry signing
- **Session grant provenance**: `scope/session_provenance.py` aggregates contributing IAL/SAL, authority checks, veto roles, and quorum policy hash on session grants
- **Pilot fixture pack**: `examples/pilot/` with five institutional scenarios
- Quality report `report_version` `0.8`
- Policy bundle tagged `scope-core-v0.8`; AKTA review contract `scope-akta-review-v0.8`

## v0.7.0 (2026-06-28)

Institutional pilot hardening release:
Expand Down
14 changes: 9 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@

**Scoped authorization for AI-shaped scientific work**

[![Version](https://img.shields.io/badge/version-0.7.0-blue)](https://github.com/fraware/SCOPE/releases)
[![Version](https://img.shields.io/badge/version-0.8.0-blue)](https://github.com/fraware/SCOPE/releases)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
[![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue.svg)](https://www.python.org/downloads/)
[![CI](https://github.com/fraware/SCOPE/actions/workflows/ci.yml/badge.svg)](https://github.com/fraware/SCOPE/actions/workflows/ci.yml)
Expand Down Expand Up @@ -61,7 +61,7 @@ pip install -e ".[dev]"
pytest
```

Run the bundled evaluation scenarios (8 core; add `--extended` for 13 more, 21 total):
Run the bundled evaluation scenarios (8 core; add `--extended` for 14 more, 22 total):

```bash
python evals/run_review_cases.py
Expand Down Expand Up @@ -93,6 +93,10 @@ Outputs in `./out/akta_review/`:

Full contract: [docs/akta_review_contract.md](docs/akta_review_contract.md). End-to-end demo: [docs/akta_scope_demo.md](docs/akta_scope_demo.md).

For multi-role actions (for example A6 experimental planning), pass `--session` to create a review session instead of issuing a grant immediately. The command writes `summary.json` with `status: session_required` and a `session_id` for the vote workflow.

Institutional pilot scenarios with regenerated artifacts: [examples/pilot/](examples/pilot/).

---

## Core workflows
Expand Down Expand Up @@ -162,7 +166,7 @@ Returns `ALLOWED` or `BLOCKED`. Revoke or inspect status via `scope grant revoke

Integration field mappings: [docs/external_integration_contracts.md](docs/external_integration_contracts.md). Optional REST API: install with `pip install -e ".[rest]"` and run `uvicorn adapters.generic_rest.server:app`.

Institutional pilots: start with [docs/institutional_pilot_guide.md](docs/institutional_pilot_guide.md) and sample fixtures in [examples/institutional_pilot/](examples/institutional_pilot/).
Institutional pilots: start with [docs/institutional_pilot_guide.md](docs/institutional_pilot_guide.md). Workshop fixtures: [examples/institutional_pilot/](examples/institutional_pilot/). v0.8 pilot pack: [examples/pilot/](examples/pilot/).

---

Expand Down Expand Up @@ -211,7 +215,7 @@ bash scripts/ci.sh
.\scripts\ci.ps1
```

CI runs on Python 3.10, 3.11, and 3.12: `ruff` lint, `mypy` typecheck, `pytest`, and all 21 evaluation scenarios with `--extended`.
CI runs on Python 3.10, 3.11, and 3.12: `ruff` lint, `mypy` typecheck, `pytest`, and all 22 evaluation scenarios with `--extended`.

Individual commands:

Expand All @@ -232,7 +236,7 @@ python evals/run_review_cases.py --extended
| `policy/` | YAML policy bundles and domain overlays |
| `adapters/` | AKTA, VSA, PF-Core, PCS, and REST integrations |
| `examples/` | Scenario fixtures for docs and evals |
| `evals/` | 8 core + 13 extended evaluation scenarios |
| `evals/` | 8 core + 14 extended evaluation scenarios |
| `tests/` | Pytest suite |
| `docs/` | Protocol and integration documentation |

Expand Down
10 changes: 10 additions & 0 deletions adapters/generic_rest/server.py
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,11 @@ class AktaReviewRequest(BaseModel):
decision_rationale: str
out_dir: str | None = None
signing_key_path: str | None = None
signing_provider: str | None = None
reviewer_id: str | None = None
identity_token: str | None = None
queue_dir: str | None = None
session_mode: bool = False


def _http_error(exc: Exception) -> HTTPException:
Expand Down Expand Up @@ -397,6 +402,11 @@ def akta_review(req: AktaReviewRequest) -> dict[str, Any]:
decision_rationale=req.decision_rationale,
out_dir=out_dir,
signing_key=req.signing_key_path,
signing_provider=req.signing_provider,
reviewer_id=req.reviewer_id,
identity_token=req.identity_token,
queue_dir=req.queue_dir,
session_mode=req.session_mode,
)
return summary
except HTTPException:
Expand Down
59 changes: 52 additions & 7 deletions docs/akta_review_contract.md
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
# AKTA Review Output Contract

SCOPE v0.7 freezes the `scope akta review` output contract under `out_dir/`.
SCOPE v0.8 freezes the `scope akta review` output contract under `out_dir/`.

## Artifacts

| File | Description |
|------|-------------|
| `scope_review_packet.json` | Review packet |
| `scope_decision.json` | Signed or unsigned decision |
| `scope_grant.json` | Issued grant |
| `scope_decision.json` | Signed or unsigned decision (completed path only) |
| `scope_grant.json` | Issued grant (completed path only) |
| `summary.json` | Adapter summary (validated against schema) |

## summary.json contract
## summary.json contract (completed review)

Contract version constant: `scope-akta-review-v0.7` (`scope.integration_versions.AKTA_REVIEW_CONTRACT_VERSION`).
Contract version constant: `scope-akta-review-v0.8` (`scope.integration_versions.AKTA_REVIEW_CONTRACT_VERSION`).

Required fields:

Expand All @@ -24,7 +24,7 @@ Required fields:
"grant_path": "...",
"approved_scope": "...",
"requested_scope": "...",
"adapter_contract_version": "scope-akta-review-v0.7",
"adapter_contract_version": "scope-akta-review-v0.8",
"identity_assurance_level": "IAL0",
"signing_assurance_level": "SAL1",
"production_mode": false
Expand All @@ -35,14 +35,58 @@ Optional fields: `status`, `packet_id`, `decision_id`, `grant_id`, `allowed_tool

Schema: `schemas/scope_akta_review_summary.schema.json`

## summary.json contract (session mode)

When multi-role review is required and `--session` is passed, `run_akta_review` creates a review session and writes a session summary instead of decision/grant artifacts.

Required fields:

```json
{
"status": "session_required",
"packet_id": "SCOPE-PKT-...",
"session_id": "SCOPE-SESS-...",
"required_roles": ["domain_scientist", "protocol_owner"],
"message": "Multi-role review session created; submit votes before grant issue.",
"adapter_contract_version": "scope-akta-review-v0.8",
"production_mode": false
}
```

Optional fields: `requested_scope`, `packet_path`.

Schema: `schemas/scope_akta_review_session_summary.schema.json`

Without `--session`, multi-role packets fail with an explicit error directing operators to re-run with `--session` or use `scope review session create`.

## Session grant provenance

When a grant is issued from a multi-reviewer session (`issue_grant_from_session`), provenance includes aggregated session fields:

| Field | Description |
|-------|-------------|
| `contributing_identity_assurance_levels` | Per-decision IAL with reviewer ID and role |
| `contributing_authority_checks` | Per-decision `authority_checks` blocks |
| `minimum_identity_assurance_level` | Weakest IAL across contributing decisions |
| `minimum_signing_assurance_level` | Weakest SAL across contributing decisions |
| `veto_roles_applied` | Safety veto roles from quorum policy |
| `quorum_policy_hash` | Digest of session quorum policy |

These fields are optional in `schemas/scope_grant.schema.json` (present only on session grants). Single-reviewer grants omit them.

## Reviewer ID binding

When `--signing-provider registry` is used, pass `--reviewer-id` to bind the registry lookup. If provided, it must match `reviewer.json` `reviewer_id`; mismatch fails before signing.

## Acceptance criteria

`scope akta review` enforces:

- Summary validates against schema
- Summary validates against schema (completed or session mode)
- Overbroad approval fails (approved scope stronger than requested)
- Unsigned production grant fails without signing key/provider
- Missing reviewer authority fails (two-stage RBAC + SCOPE policy)
- Multi-role packets without `--session` fail with session guidance

## Primary AKTA path

Expand All @@ -53,3 +97,4 @@ Schema: `schemas/scope_akta_review_summary.schema.json`
- [akta_integration.md](akta_integration.md) — integration overview
- [akta_scope_demo.md](akta_scope_demo.md) — full cross-repo demo
- [external_integration_contracts.md](external_integration_contracts.md) — AKTA field mappings
- [key_management.md](key_management.md) — registry signing and `--reviewer-id`
4 changes: 2 additions & 2 deletions docs/institutional_guide.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Institutional Guide

Institutions adopting SCOPE v0.7 should start with the [institutional pilot guide](institutional_pilot_guide.md), which covers workshop flow, checklist, and v0.7 features (identity assurance, signing assurance, review queue, ledger delivery).
Institutions adopting SCOPE v0.8 should start with the [institutional pilot guide](institutional_pilot_guide.md), which covers workshop flow, checklist, and v0.8 features (session mode, reviewer ID binding, session grant provenance, pilot fixtures).

## Adoption checklist

1. Configure and version-pin `policy/` files (`scope-core-v0.7`) for local role assignments and scope boundaries
1. Configure and version-pin `policy/` files (`scope-core-v0.8`) for local role assignments and scope boundaries
2. Map lab personnel to reviewer roles; generate Ed25519 keypairs and register public keys
3. Integrate AKTA review triggers via `scope akta review` or `scope packet create`
4. Enable production mode (`SCOPE_PRODUCTION_MODE=true`) and minimum signing assurance for grant enforcement
Expand Down
13 changes: 10 additions & 3 deletions docs/institutional_pilot_guide.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
# Institutional Pilot Guide

This guide supports workshop, funder, and lab pilots of SCOPE v0.7 alongside AKTA.
This guide supports workshop, funder, and lab pilots of SCOPE v0.8 alongside AKTA.

## v0.8 institutional additions

- **`scope akta review --session`** for multi-role packets — session summary schema and vote workflow before grant issue — [akta_review_contract.md](akta_review_contract.md)
- **`--reviewer-id` binding** when using `--signing-provider registry` — [key_management.md](key_management.md)
- **Session grant provenance** on multi-reviewer grants (contributing IAL/SAL, authority checks, veto roles, quorum hash)
- **Pilot fixture pack** — [examples/pilot/](../examples/pilot/) with five regenerated scenarios

## v0.7 institutional additions

Expand Down Expand Up @@ -38,7 +45,7 @@ This guide supports workshop, funder, and lab pilots of SCOPE v0.7 alongside AKT
7. **Verify** — `scope verify --public-key` for auditor demonstration
8. **Export** — PCS bundle for institutional record-keeping

Sample artifacts: [examples/institutional_pilot/](../examples/institutional_pilot/)
Sample artifacts: [examples/institutional_pilot/](../examples/institutional_pilot/). v0.8 pilot pack: [examples/pilot/](../examples/pilot/).

## Multi-reviewer pilot (A6)

Expand All @@ -64,7 +71,7 @@ Report includes reviewer metrics, warnings, queue counts, and event counts. Non-

## Lab integration checklist

- [ ] Policy YAML reviewed and version-pinned (`scope-core-v0.7`)
- [ ] Policy YAML reviewed and version-pinned (`scope-core-v0.8`)
- [ ] Reviewer roles mapped to lab personnel
- [ ] Ed25519 keypairs generated per reviewer role; public keys registered
- [ ] PF-Core runtime configured to enforce grant obligations
Expand Down
8 changes: 8 additions & 0 deletions docs/limitations.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
# Limitations

## Implemented in v0.8

- `scope akta review --session` for multi-role packets: session summary schema, explicit failure without `--session`
- `--reviewer-id` binding for registry signing (must match reviewer artifact)
- Session grant provenance aggregation: contributing IAL/SAL, authority checks, veto roles, quorum policy hash
- Pilot fixture pack under `examples/pilot/` (five institutional scenarios)
- Policy bundle `scope-core-v0.8`; AKTA review contract `scope-akta-review-v0.8`

## Implemented in v0.7

- Identity assurance levels (IAL0–IAL4) with provenance on decisions and grants
Expand Down
8 changes: 5 additions & 3 deletions docs/trusted_boundary.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Trusted Boundary

SCOPE v0.7 assumes:
SCOPE v0.8 assumes:

- Reviewer identity is provided by a trusted caller, OIDC/JWT verification, or configured registry
- Reviewer role assignments are correctly configured in policy YAML and, when enabled, `org_rbac.yaml`
Expand All @@ -11,7 +11,7 @@ SCOPE v0.7 assumes:
- Session stores (JSON/SQLite) are protected at the filesystem level
- Ledger delivery mode matches institutional risk tolerance (`SCOPE_LEDGER_DELIVERY_MODE`)

SCOPE v0.7 does not guarantee reviewer competence, honesty, scientific truth, domain safety, legal compliance, or physical lab safety.
SCOPE v0.8 does not guarantee reviewer competence, honesty, scientific truth, domain safety, legal compliance, or physical lab safety.

## Production mode and signing

Expand Down Expand Up @@ -86,7 +86,9 @@ Duplicate votes from the same reviewer are rejected. Votes are recorded in both

## Policy version

Active policy is tagged `scope-core-v0.7`. Grants record `provenance.scope_policy_version`; runtime context may include matching `scope_policy_version` for expiration checks.
Active policy is tagged `scope-core-v0.8`. Grants record `provenance.scope_policy_version`; runtime context may include matching `scope_policy_version` for expiration checks.

Session grants additionally record aggregated provenance: `contributing_identity_assurance_levels`, `contributing_authority_checks`, `minimum_identity_assurance_level`, `minimum_signing_assurance_level`, `veto_roles_applied`, and `quorum_policy_hash`. See [akta_review_contract.md](akta_review_contract.md).

## Trust root

Expand Down
24 changes: 22 additions & 2 deletions evals/run_review_cases.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
"""Evaluation scenario runner for SCOPE v0.7."""
"""Evaluation scenario runner for SCOPE v0.8."""

from __future__ import annotations

Expand Down Expand Up @@ -233,6 +233,7 @@ def _run_akta_review_scenario(
from scope.schema_util import validate_artifact

name = scenario["name"]
session_mode = bool(scenario.get("session_mode"))
with tempfile.TemporaryDirectory() as out_dir:
signing_key: Path | None = None
if scenario.get("sign_before_grant"):
Expand All @@ -249,8 +250,26 @@ def _run_akta_review_scenario(
decision_rationale=scenario["decision"]["rationale"],
out_dir=out_dir,
signing_key=signing_key,
session_mode=session_mode,
)

if session_mode:
validate_artifact(summary, "scope_akta_review_session_summary.schema.json")
if summary.get("status") != "session_required":
return ScenarioResult(
name,
False,
f"Expected session_required, got {summary.get('status')}",
)
if not summary.get("session_id", "").startswith("SCOPE-SESS-"):
return ScenarioResult(name, False, "Missing session_id")
packet_path = Path(summary["packet_path"])
if not packet_path.is_file():
return ScenarioResult(name, False, "Missing packet_path artifact")
if Path(out_dir, "scope_grant.json").is_file():
return ScenarioResult(name, False, "Grant should not be issued in session mode")
return ScenarioResult(name, True, "AKTA session summary contract OK")

validate_artifact(summary, "scope_akta_review_summary.schema.json")
expected_sal = scenario.get("expect_signing_assurance_level")
if expected_sal and summary.get("signing_assurance_level") != expected_sal:
Expand Down Expand Up @@ -495,6 +514,7 @@ def _run_scenario_with_engine(
"queue_invalid_transition.json",
"fail_closed_grant_blocked.json",
"akta_review_signed_summary.json",
"akta_review_session_mode.json",
]


Expand All @@ -515,7 +535,7 @@ def main() -> int:
parser.add_argument(
"--extended",
action="store_true",
help="Also run extended v0.7 scenarios (IAL, SAL, queue, ledger, AKTA contract)",
help="Also run extended v0.8 scenarios (IAL, SAL, queue, ledger, AKTA contract)",
)
args = parser.parse_args()

Expand Down
27 changes: 27 additions & 0 deletions evals/scenarios/extended/akta_review_session_mode.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
{
"name": "akta_review_session_mode",
"run_akta_review": true,
"session_mode": true,
"akta_record": {
"record_id": "AKTA-EVAL-SESSION",
"scientific_action_type": "A6_experimental_planning"
},
"akta_trigger": {
"akta_admissibility": "review_required",
"scientific_action_type": "A6_experimental_planning",
"requested_action": "plan_validation",
"requested_tool": "experiment_planner.create_validation_plan",
"requested_scope": "single_validation_plan",
"scientific_context": {
"protocol_version": "protocol_v1",
"evidence_state": "E1_hypothesis"
}
},
"reviewer": {"reviewer_id": "po1", "role": "protocol_owner"},
"decision": {
"type": "approve_narrower_scope",
"approved_scope": "single_validation_plan",
"rationale": "Session mode AKTA review contract validation"
},
"grant_scope": "single_validation_plan"
}
4 changes: 2 additions & 2 deletions examples/institutional_pilot/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Institutional Pilot Examples

Sample artifacts for SCOPE v0.7 institutional pilot workshops. See [docs/institutional_pilot_guide.md](../../docs/institutional_pilot_guide.md).
Sample artifacts for SCOPE v0.8 institutional pilot workshops. See [docs/institutional_pilot_guide.md](../../docs/institutional_pilot_guide.md). For v0.8 pilot scenarios with queue and session workflows, see [examples/pilot/](../pilot/).

| File | Description |
|------|-------------|
Expand All @@ -15,7 +15,7 @@ Sample artifacts for SCOPE v0.7 institutional pilot workshops. See [docs/institu
| decision.json | Decision input fixture |
| current_context.json | Runtime context for grant check |

Artifacts use policy bundle `scope-core-v0.7`. In production mode, sign decisions before grant issue; see [docs/trusted_boundary.md](../../docs/trusted_boundary.md).
Artifacts use policy bundle `scope-core-v0.8`. In production mode, sign decisions before grant issue; see [docs/trusted_boundary.md](../../docs/trusted_boundary.md).

To regenerate PCS export from these artifacts:

Expand Down
Loading
Loading