Architecture

Decision DAG

Name: MARIA OS
Author: MARIA OS

How MARIA OS transforms organizational judgment into a Directed Acyclic Graph — the mathematical foundation for traceable, reproducible decision-making.

Decision Architecture

Not Just a Workflow. A Responsibility-Aware DAG.

Traditional workflows route tasks. MARIA OS routes decisions — each node carries ownership, evidence requirements, and gate conditions that enforce accountability at every step.

Propose

R1AgentGate

Validate

R2AgentGate

Approve

R4HumanGate

Complete

R1SystemGate

Execute

R2Agent

Audit

R3Human

Each node carries Risk Level, Owner, and Gate Status — no implicit dependencies

Directed

Every edge has direction. Responsibility flows forward.

Acyclic

No circular dependencies. No infinite loops.

Evidence-Linked

Every connection carries verifiable evidence.

Workflows describe what happens. DAGs describe who is responsible.

Execution Ordering

Deterministic Execution Engine

Topological sorting ensures every decision node executes only after its dependencies are satisfied. No race conditions. No skipped gates.

READY(v) ⇔ ∀u ∈ Pred(v), state(u) = DONE

A node becomes ready only when ALL dependencies are complete

Graph Model

G = (V, E)

V: Decision / Execution Nodes

E: Evidence-based dependencies

Topological Scheduler

ReadySet(G) = { v ∈ V | READY(v) }

O(V + E) linear time

Dependency order guaranteed

Parallel Execution

Parallelism = |ReadySet|

Ready nodes run concurrently

Failures trigger local re-execution

G=(V,E)

Graph

Topo Sort

O(V+E)

ReadySet

Parallel

Execute

Concurrent

Trace

Evidence

Topological sort guarantees dependency order

Ready nodes are safely parallelized

Failures trigger local re-execution only

All transitions are immutably logged

Execute in order. Never skip a gate.

Resource Allocation

Automation Without Losing Responsibility

Every decision node carries a Human/Agent allocation ratio. Higher risk nodes require more human involvement. The ratio evolves as evidence accumulates.

Example Node

NodeContract Approval

Risk Level4

ResponsibilityHUMAN

ExecutionAgent-assisted

h(v)=0.8 | a(v)=0.2

Allocation Model

alloc(v) = (h(v), a(v))

h(v) + a(v) = 1

Responsibility allocation per node. h = human, a = agent.

Gate Policy Constraint

h(v) ≥ f(risk(v))

risk(v) ≥ 3 → owner_R = HUMAN

Gate Policy enforces minimum human involvement by risk.

Risk-Based Human Involvement Floor

Risk 0

0.0Full automation

Risk 1

0.0Full automation

Risk 2

0.2Light oversight

Risk 3

0.6Human required

Risk 4

1.0Human only

Responsibility Phase

owner_R: Who is accountable

HUMAN by default for high-risk decisions

Execution Phase

owner_X: Who performs the work

AGENT where safe and efficient

H_total = (Σ w(v)·h(v)) / (Σ w(v))

Even as total human ratio decreases, responsibility phase integrity is preserved

Risk scores drive allocation. Not intuition — equations.

Quality Gates

Fail-Closed Governance Engine

Every critical path passes through a Gate. Gates enforce evidence requirements, approval chains, and constraint validation. When conditions are not met, the system stops — it never proceeds by default.

NEW

READY

Gate

RUNNING

DONE

BLOCKED

Gate check failed

Gate Transition Rule

allow(v, READY → RUNNING) ⇔
READY(v) ∧ PolicySatisfied(v) ∧ ApprovalSatisfied(v) ∧ EvidenceComplete(v)

Safety-1

High-risk nodes never complete without human approval

□(risk(v) ≥ 3 → ¬(DONE(v) ∧ ¬HumanApproved(v)))

Safety-2

Nodes never execute without required evidence

□(RUNNING(v) → ReqEvidence(v) ⊆ Available(v))

Auditability

All completed nodes produce trace records

□(DONE(v) → TraceExists(v))

Policy unclear→ BLOCKED

Approval missing→ BLOCKED

Evidence insufficient→ BLOCKED

Trace write fails→ BLOCKED

When in doubt, stop. Never proceed by default.

Mathematical Guarantee

Formal Verification Properties

The DAG structure provides mathematical guarantees: completeness (all decisions reachable), soundness (no invalid transitions), and termination (all paths end).

Graph Definition

G = (V, E)

V: Decision/Execution Nodes, E: Evidence-based dependency edges

Acyclic Constraint

∀v ∈ V, ¬∃ path: v → … → v

No node can reach itself through any directed path

Execution Condition

READY(v) ⇔ ∀u ∈ Pred(v), state(u) = DONE

Execute only when all predecessors complete

Evidence Constraint

ReqEvidence(v) ⊆ ⋃ OutEvidence(u)

Required evidence must be supplied by predecessors

Risk-Gated Allocation

h(v) ≥ f(risk(v))

Higher risk demands more human involvement

Safety Property (LTL)

□(risk(v) ≥ 3 → ¬(DONE ∧ ¬Approved))

High-risk nodes never complete without human approval

Gate Transition Rule

allow(v, READY → RUNNING) ⇔ READY(v) ∧ PolicySatisfied(v) ∧ ApprovalSatisfied(v)

Not aspirational. Mathematically guaranteed.

Audit & Replay

Every Decision Is Replayable

The DAG preserves the complete execution trace: inputs, outputs, gate evaluations, and timing. Any decision can be replayed with its original context.

TraceEvent

{

node_id

state_before → state_after

timestamp

evidence_hash

approval_signature

gate_result

policy_version

}

State Transition Flow

NEW

READY

RUNNING

DONE

Each transition generates a TraceEvent

t₀t₁t₂t₃

Time-travel to any point via Trace

Replay(G, TraceEvents, t) → Deterministic State Reconstruction

Same graph + Same trace + Same policy = Same final state

Full Causality Chain

Every state change traces back to its cause

Human Approval Bound

Approval signatures are cryptographically linked to nodes

Policy Versioning

Every decision records which policy version was active

Evidence Immutability

Evidence bundles are hash-verified and tamper-proof

If you cannot replay it, you cannot audit it.

Execution Boundaries

Scope Cannot Drift

Execution boundaries are fixed at design time. New requirements create new nodes — they never mutate existing specifications. The Architect enforces structural integrity.

AgentProposes action

Decision DAGRoutes through graph

GateResponsibility check

TicketSigned authorization

Action GatewaySole execution surface

ExternalSide effect occurs

Action Gateway is the sole execution surface — agents have no direct write permission

Execution Ticket

{

node_id

action_type

args_hash

risk_level

policy_version

expires_at

nonce

signature

}

Gateway Verification

Signature verification

Action type match

Within expiration

Single-use (nonce)

Gate approval confirmed

Any failure → Execution denied

Agents have no direct write permission.

All side effects pass through Action Gateway.

Even if monitoring fails, no side effect can occur without a valid ticket.

Scope drift is a governance failure. The DAG prevents it by construction.

Unified View

DAG as the Universal Coordination Layer

The Decision DAG is not a visualization. It is the execution substrate — the single source of truth for what decisions exist, who owns them, and what evidence they require.

Knowledge & Memory Layer

Raw Data Sources→

Extraction Engine→

Knowledge Graph→

Embedding Index→

Event-Based Memory

Evidence Control Layer

Retrieve→

Cross-check→

Contradiction Scan→

Confidence Bound→

Evidence Bundle

risk ≥ 3 → primary source required

Responsibility-Aware Decision DAG

Decision Nodes→

Execution Nodes→

Approval Nodes

READY(v) ∧ EvidenceComplete(v) ∧ PolicySatisfied(v) ∧ ApprovalSatisfied(v)

Trace & Replay Engine

TraceEvent Log→

Replay Engine→

Deterministic Reconstruction

Replay(G, Trace, t) → Same State

Data is separated from Decisions.

Decisions are separated from Responsibility.

Responsibility is enforced by Gate.

Everything is replayable.

The DAG is not a diagram. It is the architecture.