Domain map
Action Domains
DAR applies wherever digital actions can be questioned later. These domains describe common action surfaces and the evidentiary questions that follow. The list is intentionally extensible.
On this page
- #nonrepudiation — Action Proof & Non-Repudiation
- #access — Access & Control Decisions
- #state — State Transitions
- #agents — Autonomous & Agent Actions
- #incident — Incident & Exception Events
- #audit — Audit & Regulatory Continuity
- #cross — Cross-System Trust Anchors
- #temporal — Temporal Integrity
- #delegation — Delegation & Responsibility Tracking
Action Proof & Non-Repudiation
Establishes durable proof that an action occurred at a specific time, by a specific actor, against a specific object—anchored with integrity proofs so the record cannot be altered after the fact.
Typical actions
approve · deny · execute · send · revoke · grant · block · publish · sign
Common integration surfaces
payments · identity · security enforcement · workflow approvals · system automations
Dedicated page: domain-nonrepudiation.html →
Access & Control Decisions
Records authentication, authorization, privilege changes, and boundary enforcement events—without diagnosing intent or user behavior. This domain is about proving that a decision occurred under a specific policy context.
Typical actions
authenticate · challenge · grant_access · deny_access · elevate · revoke
Common integration surfaces
identity providers · access control gateways · regulated enterprise environments
Dedicated page: domain-access.html →
State Transitions
Covers irreversible or consequential changes to system state: infrastructure applies, configuration updates, key rotations, policy updates, data migrations, and lifecycle transitions. DAR distinguishes the original change from later remediation.
Typical actions
apply · deploy · rotate · update_config · migrate · delete · rollback
Common integration surfaces
IaC pipelines · cloud control planes · secrets management · change management
Dedicated page: domain-state.html →
Autonomous & Agent Actions
Records what an automated system or agent did at execution time—tool invocations, delegated actions, workflow steps—without becoming a monitoring system. This domain is central to post-incident accountability for automation.
Typical actions
invoke_tool · approve_step · execute_task · modify_resource · send_notification
Common integration surfaces
agent runtimes · orchestration frameworks · automated decision engines · robotics pipelines
Dedicated page: domain-agents.html →
Incident & Exception Events
Captures the moments systems most often try to reconstruct later: incident declarations, severity changes, emergency overrides, break-glass access, and exception paths. This domain is about preserving timelines without narrative control.
Optional dedicated page: domain-incident.html →
Audit & Regulatory Continuity
Ensures operational history remains defensible months or years later—even if systems, vendors, or policies change. DAR becomes an exportable evidence spine for audits, disputes, and regulatory reviews.
Optional dedicated page: domain-audit.html →
Cross-System Trust Anchors
Provides stable, verifiable references across systems that don’t fully trust each other. DAR enables “evidence by reference” without tight coupling or a shared database.
Optional dedicated page: domain-cross.html →
Temporal Integrity
Separates what happened at time T from what was changed later. DAR provides an immutable anchor so later modifications cannot masquerade as the original event.
Optional dedicated page: domain-temporal.html →
Delegation & Responsibility Tracking
Records “acting on behalf of” relationships, authority chains, and responsibility boundaries—especially important for agents and automated workflows. This domain supports accountability without surveillance.
Optional dedicated page: domain-delegation.html →
Domain pages (hub)
Dedicated pages expand each domain with: receipt moment, preserved fields, integration surfaces, partner fit, boundary posture, and example events.
Action Proof & Non-Repudiation
Durable proof an action occurred, tamper-evident and verifiable.
Access & Control Decisions
Authentication, authorization, privilege changes, boundary enforcement.
State Transitions
Infrastructure/config changes, lifecycle events, irreversible mutations.
Autonomous & Agent Actions
Agent tool calls, delegated authority, automated workflows.
Incident & Exception Events
Break-glass, escalations, emergency overrides, milestone timelines.
Audit & Regulatory Continuity
Evidence continuity across policy, vendor, and system changes.
Cross-System Trust Anchors
Stable references across systems that don’t fully trust each other.
Temporal Integrity
Separating original events from later remediation or manipulation.