{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "urn:orbiplex:schema:agora-authority-policy:v1",
  "title": "AgoraAuthorityPolicy v1",
  "description": "Node-global policy artifact describing accountable subjects that may establish Agora namespace authority, organization custody policies, publish/subscribe namespace policies, namespace defaults, and public decision-receipt diagnostics. Components consume an effective snapshot of this policy; authority roots are not Agora-private runtime settings.",
  "type": "object",
  "additionalProperties": false,
  "x-dia-workflow": "project",
  "x-dia-status": "draft",
  "x-dia-basis": [
    "doc/project/60-solutions/008-agora/008-agora.md",
    "doc/project/60-solutions/021-agora-authority/021-agora-authority.md"
  ],
  "required": [
    "schema",
    "schema/v",
    "policy/id",
    "authority_roots",
    "namespace_defaults"
  ],
  "properties": {
    "schema": { "const": "agora-authority-policy.v1" },
    "schema/v": { "const": 1 },
    "policy/id": {
      "type": "string",
      "minLength": 1,
      "maxLength": 256,
      "pattern": "^agora-authority-policy:",
      "description": "Stable local or federated authority policy identifier."
    },
    "valid_from": { "$ref": "#/$defs/rfc3339" },
    "valid_until": { "anyOf": [{ "$ref": "#/$defs/rfc3339" }, { "type": "null" }] },
    "authority_roots": {
      "type": "array",
      "maxItems": 256,
      "items": { "$ref": "#/$defs/authority_root" },
      "description": "Configured accountable subjects that may establish namespace authority. Empty means no protected namespace has local authority unless another local policy says public-open."
    },
    "org_custody_policies": {
      "type": "array",
      "default": [],
      "maxItems": 256,
      "items": { "$ref": "#/$defs/org_custody_policy_ref" },
      "description": "Inline or referenced org custody policies available to org authority roots. Inline entries use the org-custody-policy.v1 shape."
    },
    "publish_policies": {
      "type": "array",
      "default": [],
      "maxItems": 256,
      "items": { "$ref": "#/$defs/topic_policy" }
    },
    "subscribe_policies": {
      "type": "array",
      "default": [],
      "maxItems": 256,
      "items": { "$ref": "#/$defs/topic_policy" }
    },
    "namespace_defaults": {
      "type": "array",
      "minItems": 1,
      "maxItems": 128,
      "items": { "$ref": "#/$defs/namespace_default" },
      "description": "Default posture for topic namespaces. Protected ai.orbiplex/** namespaces should be fail-closed unless explicitly public-open."
    },
    "diagnostics": {
      "type": "object",
      "additionalProperties": false,
      "default": {},
      "properties": {
        "public_decision_receipts": {
          "type": "object",
          "additionalProperties": false,
          "required": ["enabled", "topic"],
          "properties": {
            "enabled": { "type": "boolean" },
            "topic": { "$ref": "#/$defs/topic_pattern" },
            "max_receipts_per_record": { "type": "integer", "minimum": 1, "maximum": 16, "default": 1 },
            "redaction": { "type": "string", "enum": ["digest-only"], "default": "digest-only" }
          }
        }
      }
    }
  },
  "$defs": {
    "rfc3339": {
      "type": "string",
      "format": "date-time",
      "minLength": 20,
      "maxLength": 64
    },
    "subject": {
      "type": "object",
      "additionalProperties": false,
      "required": ["kind", "id"],
      "properties": {
        "kind": { "type": "string", "enum": ["participant", "org"] },
        "id": { "type": "string", "minLength": 1, "maxLength": 512 }
      },
      "allOf": [
        {
          "if": { "properties": { "kind": { "const": "participant" } }, "required": ["kind"] },
          "then": { "properties": { "id": { "pattern": "^participant:" } } }
        },
        {
          "if": { "properties": { "kind": { "const": "org" } }, "required": ["kind"] },
          "then": { "properties": { "id": { "pattern": "^org:" } } }
        }
      ]
    },
    "topic_pattern": {
      "type": "string",
      "minLength": 1,
      "maxLength": 512,
      "description": "Agora topic key or topic pattern. A trailing /** means prefix match."
    },
    "authority_root": {
      "type": "object",
      "additionalProperties": false,
      "required": ["root/id", "subject", "topic_patterns", "purposes", "assurance/min"],
      "properties": {
        "root/id": { "type": "string", "minLength": 1, "maxLength": 256, "pattern": "^root:" },
        "subject": { "$ref": "#/$defs/subject" },
        "topic_patterns": {
          "type": "array",
          "minItems": 1,
          "maxItems": 128,
          "items": { "$ref": "#/$defs/topic_pattern" }
        },
        "purposes": {
          "type": "array",
          "minItems": 1,
          "maxItems": 32,
          "items": { "type": "string", "enum": ["agora.namespace.root", "agora.moderation.clear", "agora.reputation.publish"] }
        },
        "assurance/min": { "type": "string", "minLength": 1, "maxLength": 64 },
        "custody_policy_ref": { "anyOf": [{ "type": "string", "minLength": 1, "maxLength": 256 }, { "type": "null" }], "default": null },
        "valid_from": { "$ref": "#/$defs/rfc3339" },
        "valid_until": { "anyOf": [{ "$ref": "#/$defs/rfc3339" }, { "type": "null" }] },
        "metadata": { "type": "object", "additionalProperties": true, "default": {} }
      },
      "allOf": [
        {
          "if": {
            "properties": {
              "subject": {
                "properties": { "kind": { "const": "org" } },
                "required": ["kind"]
              }
            },
            "required": ["subject"]
          },
          "then": { "required": ["custody_policy_ref"] }
        }
      ]
    },
    "org_custody_policy_ref": {
      "type": "object",
      "additionalProperties": true,
      "required": ["schema"],
      "properties": {
        "schema": { "enum": ["org-custody-policy.v1", "org-custody-policy-ref.v1"] }
      }
    },
    "topic_policy": {
      "type": "object",
      "additionalProperties": false,
      "required": ["policy/id", "topic_patterns", "mode"],
      "properties": {
        "policy/id": { "type": "string", "minLength": 1, "maxLength": 256 },
        "topic_patterns": {
          "type": "array",
          "minItems": 1,
          "maxItems": 128,
          "items": { "$ref": "#/$defs/topic_pattern" }
        },
        "mode": { "type": "string", "enum": ["public-open", "capability", "authority-root", "deny"] },
        "capability_id": { "type": "string", "minLength": 1, "maxLength": 256 },
        "record_kinds": {
          "type": "array",
          "default": [],
          "maxItems": 128,
          "items": { "type": "string", "minLength": 1, "maxLength": 128 }
        },
        "content_schemas": {
          "type": "array",
          "default": [],
          "maxItems": 128,
          "items": { "type": "string", "minLength": 1, "maxLength": 128 }
        },
        "assurance/min": { "type": "string", "minLength": 1, "maxLength": 64 },
        "policy/ref": { "type": "string", "minLength": 1, "maxLength": 256, "default": "default" }
      }
    },
    "namespace_default": {
      "type": "object",
      "additionalProperties": false,
      "required": ["topic_pattern", "publish", "subscribe"],
      "properties": {
        "topic_pattern": { "$ref": "#/$defs/topic_pattern" },
        "publish": { "type": "string", "enum": ["public-open", "capability", "authority-root", "deny"] },
        "subscribe": { "type": "string", "enum": ["public-open", "capability", "deny"] },
        "policy/ref": { "type": "string", "minLength": 1, "maxLength": 256, "default": "default" }
      }
    }
  }
}