Skip to main content

Module rules

ai_memory::cli

Module rules 

Source
Expand description

v0.7.0 (issue #691) — ai-memory rules subcommand. CRUD for the substrate-level agent-action rules engine. Mutation verbs (add / enable / disable / remove) require the operator keypair on disk. ai-memory rules subcommand — operator-facing CRUD for the substrate-level agent-action rules engine (issue #691).

Six verbs:

  • add — insert a new rule (mutation: requires operator key).
  • list — print every rule, including disabled ones (read).
  • check — evaluate a proposed action against the live rule set and print the [Decision] (read).
  • enable — flip enabled = 1 on an existing rule (mutation).
  • disable — flip enabled = 0 on an existing rule (mutation).
  • remove — delete a rule (mutation).

§Operator identity (mutation gate)

Per issue #691 design revision 2026-05-13, the four mutation verbs require the operator’s Ed25519 keypair on disk at ${AI_MEMORY_KEY_DIR:-~/.config/ai-memory/keys}/operator.priv (mode 0600). The CLI:

  1. Resolves the key directory (env override → default).
  2. Loads operator.priv and verifies mode bits (0600 on Unix).
  3. Signs the canonical rule encoding via Ed25519.
  4. Persists the signature alongside the rule ( crate::governance::rules_store::update_signature).

If the key file is absent / wrong-mode, the CLI refuses with governance.no_operator_key error. No mutation lands.

The HTTP / MCP surfaces enforce the same gate: HTTP verifies an Ed25519 signature header against operator.pub; MCP stdio mutation tools are explicitly disabled (return governance.not_available_over_mcp).

Structs§

RulesArgs

Enums§

RulesAction

Constants§

OPERATOR_KEY_ID
Wire id reserved for the operator’s keypair file on disk. Stored under the same directory as per-agent keys but treated specially — the agent_id resolution stack never returns this id; only the rules subcommand looks for it.
OPERATOR_SIGNED_LEVEL
attest_level stamped on rules after the operator signs them. Re-exported from the governance layer so the rules table and the signed_events audit chain share one source of truth for the literal (see crate::governance::rules_store::OPERATOR_SIGNED_ATTEST_LEVEL).

Functions§

load_operator_signing_key
Load the operator signing key from path (32 raw bytes, mode 0600 on Unix). This is the public helper exposed for tests and the L1-6 sign-seed pipeline.
run
Dispatch entry point called by daemon_runtime::run.