Boundary Essay
This page is the constraints document. The StateMirror spec is the technical truth; notes are supporting examples.
The core rule is intentionally plain: StateMirror preserves decision-time evidence, companion primitives expose focused facts, and the application owns decisions and actions. Verification proves preserved evidence integrity only. SimpleStates does not authenticate users, authorize actions, block requests, evaluate policy, run workflows, or decide outcomes.
SimpleStates stops before the outcome.
State is queried. Decisions are made. Actions remain application-owned.
Your application owns identity, business rules, authorization, gating, side effects, human overrides, and final judgment.
This boundary is the point: evidence should clarify what happened without becoming the thing that makes it happen.
Most boundary failures begin when a system treats a readable fact as if it were an executable decision.
- State is a fact your system can read.
- Outcome is behavior your system causes.
StateMirror preserves submitted evidence. Companion primitives return focused facts. Your application implements outcomes.
Outcome logic is application-specific. It depends on routes, domain rules, user experience, risk posture, and operational judgment.
A generic outcome layer tends to become one of three things:
- over-promised and incorrect
- too invasive to integrate safely
- a hidden dependency that becomes a new outage surface
SimpleStates refuses that role. StateMirror preserves submitted evidence. Companion primitives return focused facts. Your application decides what happens next.
- Not denied does not mean permitted. It only means no denial signal is currently present.
- Not expired does not mean authorized. It only means the expiry signal does not currently indicate expiration.
- Plan state does not mean permission. It is one input among many in your own enforcement logic.
- Evidence does not mean judgment. A snapshot can preserve what the application knew when it acted; it does not decide whether the outcome was correct.
- Verification does not mean correctness. Integrity verification can check payload/hash/chain continuity; it does not prove upstream truth, policy correctness, or decision correctness.
- Absence of a restriction is not permission.
SimpleStates is self-hosted. Your environment can misfire. Networks can fail. Databases can go down. Inputs can be stale, missing, or incorrect.
Your application defines how to behave when evidence is missing or focused facts cannot be confirmed. That includes choosing fail-open or fail-closed behavior per use case.
SimpleStates preserves submitted evidence and emits stored facts only. It does not guarantee safety, correctness, or appropriateness for your domain.
- Founders who want explainable billing and access moments
- Teams who want to own outcome logic
- Engineers who prefer explicit boundaries over platform promises
- Builders who want evidence they can inspect and explain later
If you want a plug-and-play access control system, SimpleStates is not that.
Self-hosted evidence and fact artifacts. No SLAs. No emergency support.
Back: index