Registry Governance Model
Governance in Authryl should behave more like standards maintenance than protocol theater. The purpose is to protect the integrity of a shared issuer registry and a shared set of policy packs, not to submit every identity decision to a token poll.
Governance scope
Authryl governance is limited to shared controls such as:
- issuer admission criteria
- gateway certification standards
- jurisdiction policy packs
- default freshness classes for common evidence types
- registry quality enforcement and dispute review processes
Decision classes
| Decision class | Who is affected | Why governance matters |
|---|---|---|
| Issuer admission standards | issuers, verifiers | weak standards degrade trust across the whole registry |
| Policy pack approval | verifiers, relying parties | shared templates must be predictable and auditable |
| Gateway certification | operators and integrators | verification surfaces depend on reliable network behavior |
| Dispute handling | issuers and auditors | incorrect revocation or status changes need structured review |
Who decides what
| Decision surface | Primary decision-maker | Why that split exists |
|---|---|---|
| issuer admission and suspension standards | standards council | these decisions affect trust across the whole registry |
| jurisdiction and assurance packs | domain reviewers plus council approval | local rules need specialist review before they become shared defaults |
| gateway certification and penalties | operations committee | uptime, attestation quality, and dispute responsiveness need technical review |
| customer-private verification rules | customer only | these are not shared governance objects |
Decision process
1. File a standards memorandum
Every proposal should arrive with a concrete memorandum, not a slogan. That memo needs to state:
- what standard is being added, changed, suspended, or removed
- which issuers, gateways, or verifiers are affected
- what evidence supports the change
- what failure could result if the change is accepted
- what rollback path exists if the change proves harmful
2. Run specialist review before any vote opens
Authryl should not push raw standards proposals directly to broad token voting. A standards council and domain reviewers should first test whether the proposal is internally consistent, jurisdictionally coherent, and operationally enforceable.
3. Escalate only shared questions to AUT governance
AUT holders should vote only on questions that genuinely affect shared registry trust:
- issuer admission criteria
- shared freshness classes
- cross-jurisdiction rule packs
- gateway certification and penalty rules
- formal dispute-handling procedures
4. Publish the result as a versioned standard
If a proposal passes, the resulting rule should be published as a versioned standard with an effective date, superseded version history, and an explicit appeals path.
Thresholds and emergency actions
Normal governance is too slow for every trust failure. Authryl needs two lanes:
- a normal lane for standard changes, where AUT participation can happen with notice and review
- an emergency lane for issuer suspension, gateway freeze, or disputed revocation events that could damage many verifiers immediately
Emergency actions should require a narrow, reviewable threshold such as a supermajority of the standards council plus written justification. They should also expire automatically unless affirmed through the normal lane.
Governance principles
- keep decisions tied to real trust consequences
- preserve an auditable record of standard changes
- avoid governance over customer-specific internal policies
- escalate review when issuer trust or revocation disputes could affect many verifiers
The point of governance in Authryl is quality control for a shared trust rail. If a decision cannot be tied back to registry integrity, policy interoperability, or dispute resolution, it should probably stay out of governance.