Spec-08-Quarantine-Garden
What this spec defines
Quarantine garden behavior — isolating facts from low-trust or failed-validation sources before they reach the main recall surface.
Extraction status
This file contains the ADR-010 prose extraction for quarantine
semantics. General garden ACL is owned by Spec-02-Scopes-and-ACL;
federation source trust is owned by Spec-05-Federation-Trust;
route shape is owned by Spec-03-HTTP-API.
Purpose
Quarantine is a safety boundary.
A fact that cannot be trusted enough for normal ingest may still be worth retaining for moderator review. Instead of silently discarding it or admitting it into the main fabric, the node routes it to a designated quarantine garden.
Quarantine admission
A node MAY quarantine inbound facts when:
Low source-trust score
Below the configured admission threshold.
Missing or invalid source attestation
Sanitizer policy selects quarantine mode
Federation validation flag
Reviewable but non-fatal issue.
Operator policy
Explicitly routes a source to quarantine.
Facts admitted to quarantine MUST carry enough metadata to explain the admission reason.
Quarantine garden requirements
A quarantine garden is a Memory Garden with quarantine behavior enabled. It MUST retain normal garden ACL properties and add a moderator role.
QuarantineRole = "admin" | "quarantine:moderator" | "writer" | "reader"
Promotion and rejection require admin or quarantine:moderator
in the quarantine garden.
Fact state
Quarantined facts SHOULD record:
quarantine_garden_id: UUID
quarantine_status: "pending" | "promoted" | "rejected"
quarantine_reason: string
source_trust: number?
Pending quarantined facts MUST NOT appear in normal recall/query results.
Unless the caller explicitly queries the quarantine surface and has permission.
Promote
Promotion moves a pending fact out of quarantine and into either the main fabric or a target garden. Promotion MUST record who promoted the fact, when, and why. Promoting an already promoted or rejected fact MUST return a conflict response.
Promotion MUST re-check target garden scope and write permissions before moving the fact.
Reject
Rejection permanently marks a quarantined fact as rejected. Rejection MUST record who rejected the fact, when, and why. Rejected facts remain available for audit to authorized quarantine moderators, but MUST NOT enter normal recall.
Deletion guard
A quarantine garden with pending facts MUST NOT be deleted. The node must require moderation of pending facts before deleting the garden container.
Audit
Nodes SHOULD audit:
Quarantine admission
Promotion
Rejection
Deletion blocked by pending facts
Attempts to moderate without required role
Audit record shape belongs to Spec-09-Audit-Log.
Out of scope
This spec does not define source-trust formula details, source attestation, sanitizer pattern catalogues, or advanced Memory Garden ACL behavior.