Thanks to visit codestin.com
Credit goes to epicon.mobius-substrate.com

EPICON GUARD Mobius Substrate · constitutional gate ACTION v1 · LIVE github.com/kaizencycle/epicon mobius-substrate.com

Intent accountability for git

Commits tell you what changed.
EPICON tells you why.

No consequential action without recorded intent. EPICON Guard is a GitHub Action that validates a structured Intent Publication in every pull request — who, why, within what scope, until when, and what would make you revert — and classifies the PR into a consequence tier before it can merge.

The protocol does not prevent actions. It makes divergence legible, attributable, and time-bound.

Intent Publication EPICON-02 · IPDP
epicon_id: EPICON_C-367_CORE_payments_v1
ledger_id: kaizencycle
scope: core
issued_at: 2026-07-09T00:00:00Z
expires_at: 2026-08-09T00:00:00Z  # authority ends
justification:
  REASONING: lower fees, stronger fraud detection
  ANCHORS: 2 independent
  COUNTERFACTUAL: fraud > 0.5% voids this
counterfactuals:
  - if conversion drops in A/B, revert

EPICON-02 · §2

Six invariants. Every check cites one.

The Guard enforces the Intent Publication & Divergence Protocol directly — a failed check names the invariant it protects, so the gate teaches the protocol instead of just rejecting the contributor.

I1

Intent precedes authority

A pull request without a published intent block cannot merge into consequential surfaces. Authority is requested in writing, before the fact.

I2

Intent is immutable once published

The Guard emits a SHA-256 justification_hash of the published block — a witness against quiet rewriting after the fact.

I3

Authority is scoped and time-bounded

Every intent declares a scope envelope and an issued_at → expires_at window. Unbounded authority is a malformed intent.

I4

Divergence is observable, never blocked

Changed files outside the declared envelope are flagged as divergent — a state condition, not an accusation. Visibility, not prevention.

I5

Expiration is mandatory

Past expires_at, authority terminates. No renewal without a new Intent Publication and a version bump. Zombie permissions fail the gate.

I6

Narrative never substitutes verification

Structured justification — values, reasoning, anchors, boundaries, counterfactual — is required. Prose alone never passes the gate.

EPICON Tiering Spec v0.1 · §4–§8

Consequence is classified by policy, never self-assessed.

The Guard computes the PR's tier from a declarative path registry — the proposer's own risk assessment is advisory only. The more consequential the action, the stronger the requirement, and the harder the failure.

EP-1

Low-risk record

Docs, comments, trivially reversible changes. Minimal intent; backfill permitted.

fails open — pass, honestly marked

EP-2

Meaningful state change

Application code, configuration, staging deploys. Full intent, validated before merge, single attestor.

quarantines — check fails, remediable

EP-3

Consequential action

Value, rights, safety, canon, workflows, ledger state. Full intent plus constitutional commitment.

fails closed — no intent, no merge

Paths matching no registry pattern classify EP-3 — deny-by-default, because unknown ≠ harmless. A PR's tier is the maximum across its changed files. Override the registry per-repo with .github/epicon-policy.json.

Quick start

Five lines to install. One block to publish intent.

Zero dependencies, one Node file, roughly two seconds of CI. The gate becomes binding when you mark Intent Publication Gate as a required status check in branch protection.

1 · .github/workflows/epicon-guard.yml
name: EPICON Guard
on:
  pull_request:
    types: [opened, edited, synchronize, reopened]
permissions:
  contents: read
  pull-requests: read
jobs:
  epicon:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: kaizencycle/epicon@v1
2 · in your PR body
```intent
epicon_id: EPICON_C-000_CORE_my-change_v1
ledger_id: your-github-username
scope: core
mode: normal
issued_at: 2026-07-09T00:00:00Z
expires_at: 2026-08-09T00:00:00Z
justification:
  VALUES INVOKED: integrity, transparency
  REASONING: why this change makes sense
  ANCHORS:
    - independent support one
    - independent support two
  BOUNDARIES: where this does not apply
  COUNTERFACTUAL: what would void this
counterfactuals:
  - if tests fail, do not merge
```

The Guard reports PASS · PASS_WITH_BACKFILL · QUARANTINE · FAIL_CLOSED with the tier, the divergent paths, and the justification hash — as annotations, a run summary, and workflow outputs your downstream steps can consume.

Source of truth

The Action implements. Canon defines.

The specifications live in the Mobius Substrate monorepo, CC0 public domain — free for anyone to implement.

Status

What exists, exactly.

Claims match reality — the same discipline the gate enforces.

GitHub Action — Intent Publication Gate● LIVE · v1
GitHub App — Checks API, intent immutability◐ ROADMAP
CPC ledger attestation for EP-3 merges◐ ROADMAP
Integrity dashboard / CII○ CONCEPT
GitLab · Jira · Slack integrations○ CONCEPT

If it isn't marked live, it doesn't exist yet. This page does not sell futures.