SBO3L · Operator Console

"Don't give your agent a wallet. Give it a mandate."
agent operator-fixture-agent-01 commit fedcba987654 generated 2026-04-28T00:00:00Z schema sbo3l-demo-summary-v1

Allow / deny timeline

Allow · legit-x402 · allow-small-x402-api-call
decision
Allow
matched_rule
allow-small-x402-api-call
request_hash
1010101010101010101010101010101010101010101010101010101010101010
policy_hash
2020202020202020202020202020202020202020202020202020202020202020
audit_event
evt-OPERATORALLOW00000000000
receipt_signature
ab1010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010ab
keeperhub_execution_ref
kh-OPERATORALLOW000000000000 mock
Deny · prompt-injection · policy.deny_unknown_provider
decision
Deny
deny_code
policy.deny_unknown_provider
matched_rule
deny-unknown-provider
request_hash
3030303030303030303030303030303030303030303030303030303030303030
policy_hash
2020202020202020202020202020202020202020202020202020202020202020
audit_event
evt-OPERATORDENY0000000000000
receipt_signature
cd2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020cd
denied_action_executed
false
keeperhub_refused
true

No-key proof

status
PASS
agent_source_signer_references
0
agent_cargo_signer_deps
0
agent_key_material_files
0

Audit-chain tamper detection

structural_verify_accepts_tampered_actor
true
strict_hash_verify_rejects_tampered
true

Mock sponsor disclosure

KeeperHub allow path
kh-OPERATORALLOW000000000000 mock
KeeperHub deny path
refused
denied action executed
false
ENS resolver
offline fixture
Uniswap executor
local_mock

Audit-bundle verification

Bundle not provided. Pass --bundle <path> to render the verification result of a previously-exported sbo3l.audit_bundle.v1 file. not provided

Build a bundle from a live demo run with:
./demo-agents/research-agent/run --scenario legit-x402 --storage-path /tmp/m.db --save-receipt /tmp/r.json
./target/debug/sbo3l audit export --receipt /tmp/r.json --db /tmp/m.db --receipt-pubkey <hex> --audit-pubkey <hex> --out /tmp/bundle.json

Real-evidence panels (B2.v2)

Each panel below renders evidence captured by demo-scripts/run-production-shaped-mock.sh's step 12 transcript (sbo3l-operator-evidence-v1). When the transcript is missing or unreadable, the panel says so explicitly — never a fake-OK.

PSM-A2 · HTTP Idempotency-Key safe-retry (4-case behaviour matrix)

case 1 — first POST (key=K1, body=B1)
200 · audit_event=evt-OPERATOREVIDENCEFIXTUREA · decision=allow
case 2 — same key + same body retry
200 · byte_identical_to_case_1=true
case 3 — same key + mutated body
409 · code=protocol.idempotency_conflict
case 4 — new key + same nonce
409 · code=protocol.nonce_replay

Source: demo-scripts/run-production-shaped-mock.sh step 7 (real sbo3l-server on 127.0.0.1:18730, persistent SQLite).

PSM-A5 · sbo3l doctor

overall=ok · ok=3 skip=1 fail=0 · report_type=sbo3l.doctor.v1

ok (3)

migrations
V001..V007 applied
nonce_replay
table present, rows=0
idempotency_keys
table present, rows=0

skip (1)

audit_chain
no audit events yet — fresh DB

Source: sbo3l doctor --json (production-shaped runner step 2, in-memory DB).

PSM-A1.9 · Mock KMS keyring mock, not production KMS

roleversionkey_idverifying_key_hex (prefix)created_atmock
audit-mockv1audit-mock-v1565c20f205e0…2026-04-29T00:00:01Zmock
audit-mockv2audit-mock-v26fe0243c7b13…2026-04-29T00:00:02Zmock

Every entry above is from --mock keyring. Not production KMS. Source: sbo3l key list --mock --db <path> (production-shaped runner step 3, post-rotate).

PSM-A3 · Active policy lifecycle

version
v1
policy_hash
e044f13c5acb792dd3109f1be3a98536168b0990e25595b3cedc131d02e666cf
source
operator-cli
activated_at
2026-04-29T00:00:03Z

Local production-shaped lifecycle, not remote governance — there is no on-chain anchor, no consensus, no signing on activation; whoever opens the DB activates the policy. Source: sbo3l policy current --db <path> (production-shaped runner step 4 after policy activate).

PSM-A4 · Audit checkpoints mock anchoring, NOT onchain

schema
sbo3l.audit_checkpoint.v1
sequence
2
latest_event_id
evt-OPERATOREVIDENCEFIXTUREB
latest_event_hash
3b14a381374c605dbab95d95dd89c5293f75bba850ecfb596d1ae7704f4dc6bb
chain_digest
d376dba4aed8314c3ed09df75a9a7cee7a72701350fd8dbfc9785ba285a0cf61
mock_anchor_ref
local-mock-anchor-fixturedeadbeef
created_at
2026-04-29T00:00:04Z
structural_verify_ok
true
db_cross_check_ok
true
verify result_ok
true

Mock anchoring, NOT onchain. Source: sbo3l audit checkpoint create + verify (production-shaped runner step 10).

Passport capsule (P2.2)

Each tile below renders one sbo3l.passport_capsule.v1 capsule (allow path / deny path). When a capsule file is missing, malformed, or carries the wrong schema, that tile says so explicitly — never a fake-OK.

Allow capsule · agent=research-agent.team.eth · resolver=offline-fixture
ENS records
sbo3l:mcp_endpoint
https://schemas.sbo3l.dev/passport-mcp/v1.json
sbo3l:policy_hash
e044f13c5acb792dd3109f1be3a98536168b0990e25595b3cedc131d02e666cf
sbo3l:audit_root
local-mock-anchor-9202d6bc7b751225
sbo3l:passport_schema
sbo3l.passport_capsule.v1
active policy
policy_hash=e044f13c5acb… · version=1 · activated_at=2026-04-28T10:00:00Z · source=operator-cli
decision
Allow · matched_rule=allow-low-risk-x402
execution
keeperhub mock · execution_ref=kh-01HTAWX5K3R8YV9NQB7C6P2DGS · status=submitted
audit checkpoint
local-mock-anchor-9202d6bc7b751225 mock anchoring, NOT onchain · sequence=1
verification
doctor_status=ok · offline_verifiable=yes · live_claims=[(none)]
Deny capsule · capsule evidence not gathered reason=missing

capsule file missing. Expected at /home/runner/work/SBO3L-ethglobal-openagents-2026/SBO3L-ethglobal-openagents-2026/demo-scripts/artifacts/passport-deny.json · schema sbo3l.passport_capsule.v1.

Once Passport P2.1 emits a capsule into demo-scripts/artifacts/, this tile renders the captured proof. Never a fake-OK.