Settlement Policy Disclosure v1

Source schema: doc/schemas/settlement-policy-disclosure.v1.schema.json

Machine-readable schema for one append-only disclosure or audit event affecting a trusted gateway or escrow policy in the host-ledger settlement rail.

Governing Basis

• doc/project/20-memos/settlement-policy-disclosure-v1-invariants.md
• doc/project/40-proposals/016-supervised-prepaid-gateway-and-escrow-mvp.md
• doc/project/40-proposals/017-organization-subjects-and-org-did-key.md
• doc/project/50-requirements/requirements-007.md
• doc/project/50-requirements/requirements-008.md
• doc/normative/50-constitutional-ops/ABUSE-DISCLOSURE-PROTOCOL.md

Project Lineage

Requirements

• doc/project/50-requirements/requirements-006.md
• doc/project/50-requirements/requirements-007.md
• doc/project/50-requirements/requirements-008.md

Stories

• doc/project/30-stories/story-001.md
• doc/project/30-stories/story-004.md

Fields

Field	Required	Shape	Description
schema/v	yes	const: 1	Schema version.
disclosure/id	yes	string	Stable identifier of this settlement policy disclosure event.
recorded-at	yes	string	Timestamp when the disclosure event was committed as an auditable fact.
effective/from	yes	string	Timestamp from which the disclosed impact becomes effective.
effective/until	no	string	Optional timestamp until which the disclosed impact remains effective.
federation/id	yes	string	Federation scope in which the disclosed settlement policy event applies.
policy/ref	yes	string	Referenced settlement policy affected by this disclosure event.
operator/org-ref	yes	string	Accountable organization operating the affected settlement policy at event time.
serving/node-id	yes	string	Serving node observed under the affected settlement policy at event time.
event/type	yes	string	Open event namespace for settlement-policy disclosures. Example families: lifecycle/suspended, limits/tightened, incident/opened.
disclosure/scope	yes	enum: internal-only, federation-redacted, federation-scoped, public-redacted	Maximum disclosure scope admitted for this event.
impact/mode	yes	enum: informational, degraded, blocked, manual-review-only	Practical operator impact implied by the disclosed event.
decision/basis	no	enum: policy-bounded, case-bounded, exception-bounded, not-applicable	Why a practical gate such as manual-review-only or blocked is allowed to exist. This keeps refusal semantics auditable without forcing every refusal to become a transaction.
reason/summary	yes	string	Short human-readable summary explaining why the disclosure event exists.
changed/fields	no	array	Optional policy fields or operational dimensions materially affected by this disclosure event.
case/ref	no	string	Optional review or incident case reference.
exception/ref	no	string	Optional bounded exception record authorizing or constraining the disclosed event.
basis/refs	no	array	Optional references to receipts, holds, incident materials, or other audit artifacts that justify the disclosure event.
supersedes/ref	no	string	Optional earlier disclosure event superseded by this one.
notes	no	string	Optional human-readable notes.
policy_annotations	no	object

Conditional Rules

Rule 1

When:

{
  "properties": {
    "impact/mode": {
      "enum": [
        "manual-review-only",
        "blocked"
      ]
    }
  },
  "required": [
    "impact/mode"
  ]
}

Then:

{
  "required": [
    "decision/basis"
  ]
}

Rule 2

When:

{
  "properties": {
    "decision/basis": {
      "const": "case-bounded"
    }
  },
  "required": [
    "decision/basis"
  ]
}

Then:

{
  "required": [
    "case/ref"
  ]
}

Rule 3

When:

{
  "properties": {
    "decision/basis": {
      "const": "exception-bounded"
    }
  },
  "required": [
    "decision/basis"
  ]
}

Then:

{
  "required": [
    "exception/ref"
  ]
}

Rule 4

When:

{
  "properties": {
    "event/type": {
      "pattern": "^incident/"
    }
  },
  "required": [
    "event/type"
  ]
}

Then:

{
  "anyOf": [
    {
      "required": [
        "case/ref"
      ]
    },
    {
      "required": [
        "exception/ref"
      ]
    },
    {
      "properties": {
        "basis/refs": {
          "minItems": 1
        }
      },
      "required": [
        "basis/refs"
      ]
    }
  ]
}

Field Semantics

schema/v

• Required: yes
• Shape: const: 1

Schema version.

disclosure/id

• Required: yes
• Shape: string

Stable identifier of this settlement policy disclosure event.

recorded-at

• Required: yes
• Shape: string

Timestamp when the disclosure event was committed as an auditable fact.

effective/from

• Required: yes
• Shape: string

Timestamp from which the disclosed impact becomes effective.

effective/until

• Required: no
• Shape: string

Optional timestamp until which the disclosed impact remains effective.

federation/id

• Required: yes
• Shape: string

Federation scope in which the disclosed settlement policy event applies.

policy/ref

• Required: yes
• Shape: string

Referenced settlement policy affected by this disclosure event.

operator/org-ref

• Required: yes
• Shape: string

Accountable organization operating the affected settlement policy at event time.

serving/node-id

• Required: yes
• Shape: string

Serving node observed under the affected settlement policy at event time.

event/type

• Required: yes
• Shape: string

Open event namespace for settlement-policy disclosures. Example families: lifecycle/suspended, limits/tightened, incident/opened.

disclosure/scope

• Required: yes
• Shape: enum: internal-only, federation-redacted, federation-scoped, public-redacted

Maximum disclosure scope admitted for this event.

impact/mode

• Required: yes
• Shape: enum: informational, degraded, blocked, manual-review-only

Practical operator impact implied by the disclosed event.

decision/basis

• Required: no
• Shape: enum: policy-bounded, case-bounded, exception-bounded, not-applicable

Why a practical gate such as manual-review-only or blocked is allowed to exist. This keeps refusal semantics auditable without forcing every refusal to become a transaction.

reason/summary

• Required: yes
• Shape: string

Short human-readable summary explaining why the disclosure event exists.

changed/fields

• Required: no
• Shape: array

Optional policy fields or operational dimensions materially affected by this disclosure event.

case/ref

• Required: no
• Shape: string

Optional review or incident case reference.

exception/ref

• Required: no
• Shape: string

Optional bounded exception record authorizing or constraining the disclosed event.

basis/refs

• Required: no
• Shape: array

Optional references to receipts, holds, incident materials, or other audit artifacts that justify the disclosure event.

supersedes/ref

• Required: no
• Shape: string

Optional earlier disclosure event superseded by this one.

notes

• Required: no
• Shape: string

Optional human-readable notes.

policy_annotations

• Required: no
• Shape: object