Skip to content
SYSNOMINAL|BUILDv2026.06.27|REGIONSELF_HOST

Boundary Essay

DATA PLATE
DOC
Boundary
ID
SS-ESSAY-BOUNDARY-2026.01
REV
A
SURFACE
PUBLIC
MODEL
State is queried. Decisions are made. Actions remain application-owned.
PURPOSE
Defines SimpleStates constraints and application-owned outcomes.
REF
Boundary
ESSAY FRAME

This page is the constraints document. The StateMirror spec is the technical truth; notes are supporting examples.

The core rule is intentionally plain: StateMirror preserves decision-time evidence, companion primitives expose focused facts, and the application owns decisions and actions. Verification proves preserved evidence integrity only. SimpleStates does not authenticate users, authorize actions, block requests, evaluate policy, run workflows, or decide outcomes.

THE BOUNDARY RULE

SimpleStates stops before the outcome.

State is queried. Decisions are made. Actions remain application-owned.

Your application owns identity, business rules, authorization, gating, side effects, human overrides, and final judgment.

This boundary is the point: evidence should clarify what happened without becoming the thing that makes it happen.

STATE IS NOT OUTCOME

Most boundary failures begin when a system treats a readable fact as if it were an executable decision.

  • State is a fact your system can read.
  • Outcome is behavior your system causes.

StateMirror preserves submitted evidence. Companion primitives return focused facts. Your application implements outcomes.

WHY THE BOUNDARY EXISTS

Outcome logic is application-specific. It depends on routes, domain rules, user experience, risk posture, and operational judgment.

A generic outcome layer tends to become one of three things:

  • over-promised and incorrect
  • too invasive to integrate safely
  • a hidden dependency that becomes a new outage surface

SimpleStates refuses that role. StateMirror preserves submitted evidence. Companion primitives return focused facts. Your application decides what happens next.

NON-NEGOTIABLE SEMANTICS
  • Not denied does not mean permitted. It only means no denial signal is currently present.
  • Not expired does not mean authorized. It only means the expiry signal does not currently indicate expiration.
  • Plan state does not mean permission. It is one input among many in your own enforcement logic.
  • Evidence does not mean judgment. A snapshot can preserve what the application knew when it acted; it does not decide whether the outcome was correct.
  • Verification does not mean correctness. Integrity verification can check payload/hash/chain continuity; it does not prove upstream truth, policy correctness, or decision correctness.
  • Absence of a restriction is not permission.
FAILURE MODES

SimpleStates is self-hosted. Your environment can misfire. Networks can fail. Databases can go down. Inputs can be stale, missing, or incorrect.

Your application defines how to behave when evidence is missing or focused facts cannot be confirmed. That includes choosing fail-open or fail-closed behavior per use case.

SimpleStates preserves submitted evidence and emits stored facts only. It does not guarantee safety, correctness, or appropriateness for your domain.

WHO THIS IS FOR
  • Founders who want explainable billing and access moments
  • Teams who want to own outcome logic
  • Engineers who prefer explicit boundaries over platform promises
  • Builders who want evidence they can inspect and explain later

If you want a plug-and-play access control system, SimpleStates is not that.

Self-hosted evidence and fact artifacts. No SLAs. No emergency support.

Back: index