Docs Product
What’s real today vs planned
These docs describe what KIFF does, not what it might do. This page is the explicit line between the two, so you never build on a claim the product can’t back yet. If something isn’t here as shipped, treat it as not shipped.
Real today
- The decision boundary. KIFF evaluates a proposed action against an
entity’s state and your policy and returns
allowed,blocked, orapproval_required— before the action runs. A malformed or misconfigured request isinvalid(a client error to fix, not a governance decision, and not a governed operation). See Decisions. - Read an entity’s lifecycle. The recorded proposals, approvals, and executions for an entity can be read back as one chronological, tenant-scoped, read-only view. See Decisions.
- Observe mode, zero config. Attach the guard to an agent you already run, with no account and no config, and get a real audit trail plus a derived starter policy. See the quickstart.
- Enforce mode through the guard. Switch the guard to enforce, point it at a tenant, and KIFF’s decision is acted on before each tool runs, failing closed on error. See How the guard works.
- Shipped framework adapters. Several adapters are verified against the real framework and pass the conformance suite; others are clearly labelled preview. The sidebar badges tell you which is which.
- Signed, tamper-evident receipts. Every decision records one signed receipt of what was authorized, before execution. See Receipts & proof packs.
- Govern + proof packs. A per-control evidence view on your real traffic, exportable as a proof pack from the same evidence object, with honest empty / not-yet-recorded states. See Govern.
- Shadow → enforce posture, with the moment of the flip recorded.
Not shipped — do not assume
- Production anchoring. Receipts are signed and tamper-evident, and can be anchored to an external trail, but the production form of public anchoring is not shipped. The honest claim is signed, tamper-evident, verifiable — nothing stronger.
- Reviewer attribution as a guarantee. The full linkage between an approval and the specific control decision is limited; where it isn’t recorded, the evidence says “not yet recorded” rather than inventing it. Don’t rely on reviewer-attribution claims.
- Compliance certification. KIFF produces evidence that’s useful in a compliance conversation, but it is not a certification and does not assert legal sufficiency for any regime.
- KIFF as the executor. KIFF never runs your action, moves money, or holds your credentials. Your runtime is always the executor.
How we keep these docs honest
Two rules govern this page and the rest of the docs:
- Copy never outruns the artifact. A capability is described as real only if it’s shipped and verifiable. If it isn’t, it lives in the “not shipped” list above until it is.
- No demo data presented as real. Screenshots and examples in these docs are either clearly labelled as examples or drawn from a clean, safe tenant — never synthetic data dressed up as production evidence.
If you find a claim in these docs that contradicts this page, this page wins, and it’s a bug in the other page. Tell us.
Next
- Start using it → Quickstart.
- Understand the model → What KIFF is.