Kenshiki Glossary

The Boundary Gate is the final emission checkpoint. It reads the Claim Ledger result and decides whether the response is authorized, partial, narrative-only, blocked, or needs tighter specification.

The Claim Ledger decomposes a response into atomic claims and checks each one against governed evidence. It records what held up, what failed, and why.

Kadai is the caller-facing reasoning API. It orchestrates governed retrieval, generation, evaluation, and output-state assignment before returning a response.

Kura is Kenshiki's governed evidence store. It ingests source material, preserves provenance and retrieval boundaries, and defines what downstream answers are allowed to rely on.

The Prompt Compiler rewrites a loose request into a governed query before any generation layer sees it. It applies CFPO structure so evidence, policy, and output expectations stay mechanically enforceable.

The Admissibility Gate runs before retrieval to verify that the required approved evidence exists for the operation in question. It is separate from SIRE exclusion and separate from authorization.

CFPO stands for Content, Format, Policy, and Output. It is the structure the Prompt Compiler uses to organize evidence, constraints, and response expectations inside the compiled prompt.

The evidence boundary is the line around what the system is allowed to use as real support for an answer. Everything inside it is governed, attributable, and scoped. Everything outside it is not authority.

Governed evidence is source material that has been ingested, structured, scoped, and made admissible inside the Kenshiki pipeline. It is not just retrieved text; it is evidence the system is prepared to defend.

An output state is the explicit classification attached to every Kenshiki response, such as AUTHORIZED, PARTIAL, REQUIRES_SPEC, NARRATIVE_ONLY, or BLOCKED.

ReBAC stands for relationship-based access control. In Kenshiki, it scopes evidence by caller identity and document relationship so the model only sees material the caller is authorized to use.

SIRE stands for Subject, Included, Relevant, and Excluded. It is the identity metadata that governs what a source covers, how it connects to other sources, and what it must never be used to answer.

The bounded-synthesis pipeline is the end-to-end flow from identity and compilation through retrieval, generation, evaluation, and emission. Every stage operates inside a governed boundary.

The control plane is the part of Kenshiki that governs what the generation layer may see, what claims it may emit, and what policies apply across the system.

Cross-plane policy propagation means governance rules defined in the control plane keep applying as requests move through build and orchestration layers instead of stopping at one integration boundary.

Portable agent identity is Kenshiki's idea that the identity and scope rules attached to evidence should travel with the runtime rather than being reinvented at each layer or deployment tier.

Kenshiki describes itself as a three-plane architecture: build, orchestration, and control. Build shapes evidence and prompts, orchestration runs inference, and control verifies and gates what leaves.