Skip to content

Identity & Roles⚓︎

This document defines the identities within DMS and the immutable boundaries between platform operation and the decision domain.

System Identities⚓︎

DMS strictly enforces a separation of concerns between those who operate the platform and those who use the decision memory.

User (The Participant)⚓︎

The only identity allowed inside the Decision Domain.
Create and participate in Topics
Hold specific roles (Owner, Advisor, etc.)
Influence and finalize Decisions

Admin (The Operator)⚓︎

Responsible for the Platform only.
Manage accounts and organizations
Enforce security and legal policies
Strictly forbidden from seeing or participating in Topics

System (The Automation)⚓︎

The automated background identity.
Enforces auto-archiving and retention
Triggers notifications and reminders

Identity Boundaries⚓︎

The Iron Wall

To ensure total trust in the Decision Memory, DMS enforces these hard boundaries:
1. No Silent Access: Admins cannot "shadow" a topic. Access must be granted via an explicit Role.
2. Zero-Knowledge Ops: The platform is designed so that Operators (Admins) manage the "theater" but never see the "play."
3. Attributed History: Every action in a Topic is signed by a User or the System. Admins never appear in decision history.

Trust Principles⚓︎

Integrity Manifest

  • Participation is explicit: You always know who is "in the room."
  • Authority is explicit: Capabilities are tied to visible roles.
  • Memory is protected: Decisions cannot be altered once finalized.