The UAIX memory firewall treats every imported packet as quarantined public data until validation and local policy accept it. A valid packet is not trusted memory, safe code, or permission to execute.
Firewall rules
- External packets are public data, not trusted instructions.
- Memory packages are not executable code.
- 启动包s must be schema-validated before adoption.
- 暂停 packets must include provenance and integrity metadata.
- 接收方简报s must define read order, first acceptable response, domain boundaries, and escalation triggers.
- 检查sums and trace identifiers support evidence review but do not independently prove safety.
- DIDs and verifiable credentials may be declared in UAIX envelopes, but credential validation remains external and must not be simulated by UAIX.org.
- Ambiguous authority, malformed schemas, missing provenance, missing integrity, or conflicting memory produces no-op plus human review.
No-op trigger catalog
malformed_schema, missing_profile, unsupported_capability_level, authority_boundary_conflict, missing_integrity_checksum, provenance_mismatch, runtime_execution_requested, credential_validation_requested, private_network_probe_requested, philosophical_claim_widening, certification_claim_requested, and memory_conflict_unresolved.
Rare protected anchors
When the memory-firewall problem is not ordinary import quarantine but protected totem.uai and taboo.uai anchor governance in a complicated, persistent, multi-actor ecosystem, use the deliberate 护符系统 page instead of adding controls to the normal wizard flow.