Module peer_governor 

PeerGovernor - the single source of truth for peer policy and health tracking per .

The framework owns this Component; it’s consulted at both delivery boundaries:

• **Inbound **: Phase 1 of Engine::poll calls PeerGovernor::check_inbound for every IngressEvent::EnvelopeFrom { src_peer, .. }. Blocked / non-allowlisted peers are dropped before any slot is written.

• **Outbound **: the compiler pass bb-compiler/src/insert_peer_health_gates.rs inserts a PeerHealthGate syscall op upstream of every wire::Send. The gate’s dispatch_atomic calls PeerGovernor::check_outbound.

Health state (per-peer consecutive failures + last-seen) is updated by Send-completion callbacks so Component authors stop touching BackoffTable by hand - the compiler wires the tracking in for every wire send automatically.

Structs

PeerGovernor

Per-peer policy + health state owner.

PeerHealth

Per-peer health snapshot. Read by Node::peer_health() for operator introspection.

Enums

BlockReason

Why a peer can’t receive an envelope, surfaced both inbound (drop) and outbound (gate failure).

Decision

Outcome of a check_inbound / check_outbound consultation.

LifecycleTransition

Side-effect of recording a failure or success - the engine translates these into EngineStep variants in Phase 8.

Constants

DEFAULT_FAILURE_THRESHOLD

Default number of consecutive wire::Send failures before a peer is marked as down. PeerGovernor::record_failure emits the lifecycle transition; the engine’s Phase 8 surfaces it as EngineStep::PeerDown.