Guards

Overview

Aspect	Details
Purpose	Safety checks that validate edits against baseline-derived contracts.
Audience	Users tuning guard behavior and reviewing report evidence.
Supported guards	`invariants`, `spectral`, `rmt`, `variance` (plus optional plugin guards).
Requires	`invarlock[guards]` for torch/numpy guard math.
Network	Offline by default; guard logic itself is local.
Inputs	Model, adapter, calibration data, tier policy (`--tier`/`auto_config`).
Outputs / Artifacts	`report.guards` entries, report `resolved_policy`, `validation.*` flags.
Source of truth	`src/invarlock/guards/*.py`, `src/invarlock/guards/policies.py`, packaged `runtime/tiers.yaml`.

See the Glossary for definitions of guard terms such as kappa threshold, epsilon band, and guard overhead.

Quick Start

guards:
  order: ["invariants", "spectral", "rmt", "variance", "invariants"]
  spectral:
    sigma_quantile: 0.95
    deadband: 0.10
    scope: ffn
  rmt:
    epsilon_by_family: { ffn: 0.01, attn: 0.01, embed: 0.01, other: 0.01 }
  variance:
    min_gain: 0.0
    scope: ffn

Most thresholds come from the tier defaults (see tiers.yaml). Use overrides sparingly and keep evidence in the report.

Assurance scope note: the published assurance basis covers GPT-2 and BERT profiles. Repo-included presets and pilot configs for families such as Mistral 7B, Qwen2 7B, Qwen2.5 7B, and Qwen2.5 14B expand runnable coverage, not the published assurance basis.

Guard Pipeline Flow

Concepts

Guard lifecycle: the core runner calls prepare(...) (if implemented) and always calls validate(...). Optional hooks (before_edit, after_edit, finalize) are only used when you manage guards manually (e.g., with GuardChain).
Tier policies: --tier balanced|conservative|aggressive resolves a full policy bundle from runtime/tiers.yaml; overrides in config are merged on top.
Measurement contracts: Spectral and RMT guards record estimator + sampling contracts in reports and are enforced by invarlock verify in CI/Release, alongside required runtime.manifest.json runtime provenance for evaluation outputs.

Guard hooks

Hook	When called	Evidence
`prepare`	Before edit (GuardWithPrepare only).	`report.meta.tier_policies`, `report.meta.guard_prepare_failures` (when prepare fails).
`validate`	After edit.	`report.guards[].passed`, `report.guards[].decision`, `report.guards[].diagnostics`, `report.guards[].violations`.

Verify gate requirements

Gate	Required fields	Applies
Measurement contracts	`spectral.measurement_contract_hash`, `rmt.measurement_contract_hash`, `resolved_policy.*`.	CI/Release.
Guard overhead	`guard_overhead.*`.	Release only.
Validation allow‑list	`validation.*` booleans.	Schema validation.

Reference

Guard summary

Guard	Purpose	Key knobs (override)	Evidence (report/report)
`invariants`	Structural integrity + non-finite checks.	`strict_mode`, `on_fail`, `profile_checks`.	`validation.invariants_pass`, `invariants.*`.
`spectral`	Baseline-relative spectral norm stability.	`sigma_quantile`, `family_caps`, `deadband`, `scope`, `correction_enabled`, `estimator`, `degeneracy`, `multiple_testing`.	`validation.spectral_stable`, `spectral.*`, `resolved_policy.spectral`.
`rmt`	Activation edge-risk stability (ε-band).	`epsilon_default`, `epsilon_by_family`, `deadband`, `margin`, `correct`, `estimator`, `activation.sampling`.	`validation.rmt_stable`, `rmt.*`, `resolved_policy.rmt`.
`variance`	Variance equalization with A/B gate.	`min_gain`, `min_effect_lognll`, `max_calib`, `scope`, `clamp`, `deadband`, `predictive_gate`, `predictive_one_sided`, `calibration`, `tap`.	`variance.*`, `resolved_policy.variance`.

Guard evidence matrix

Guard config	Report evidence	report evidence	Verify gate
`guards.invariants.*`	`report.guards[name=invariants]`	`report.invariants`, `validation.invariants_pass`	Schema only.
`guards.spectral.*`	`report.guards[name=spectral]`	`report.spectral`, `resolved_policy.spectral`, `validation.spectral_stable`	Measurement contracts (CI/Release).
`guards.rmt.*`	`report.guards[name=rmt]`	`report.rmt`, `resolved_policy.rmt`, `validation.rmt_stable`	Measurement contracts (CI/Release).
`guards.variance.*`	`report.guards[name=variance]`	`report.variance`, `resolved_policy.variance`	Schema only.
`--profile release`	`report.guard_overhead`	`report.guard_overhead`	Required unless skipped.

Invariants Guard

guards:
  invariants:
    strict_mode: false
    on_fail: monitor   # monitor | rollback | block

Spectral Guard (measurement contract)

guards:
  spectral:
    sigma_quantile: 0.95
    deadband: 0.10
    scope: all
    family_caps: { ffn: 3.85, attn: 3.02, embed: 1.05, other: 0.0 }
    estimator: { iters: 4, init: ones }
    degeneracy:
      enabled: true
      stable_rank: { warn_ratio: 0.5, fatal_ratio: 0.25 }
      norm_collapse: { warn_ratio: 0.25, fatal_ratio: 0.10 }

RMT Guard (activation edge-risk)

guards:
  rmt:
    epsilon_by_family: { ffn: 0.01, attn: 0.01, embed: 0.01, other: 0.01 }
    epsilon_default: 0.01
    estimator: { iters: 3, init: ones }
    activation:
      sampling:
        windows: { count: 8, indices_policy: evenly_spaced }

Variance Guard (A/B gate)

guards:
  variance:
    scope: ffn
    min_gain: 0.0
    min_effect_lognll: 0.0
    max_calib: 200
    clamp: [0.85, 1.12]
    deadband: 0.02
    predictive_gate: true
    predictive_one_sided: false
    calibration:
      windows: 200
      min_coverage: 50
      seed: 123

Guard order

guards.order defines the execution chain and is required in YAML presets. The packaged presets include it by default; remove a guard from the list to skip it.

Troubleshooting

Guard prepare failed: set context.run.strict_guard_prepare: false in your run config for local debugging, or adjust tier policies for the guard that failed.
Spectral instability: lower sigma_quantile, narrow scope, or increase deadband to reduce noise.
RMT ε-band violations: tighten calibration (more windows) or adjust epsilon_by_family only if you are updating tier policy evidence.
Variance guard never enables: A/B gate may fail; inspect variance.metrics.predictive_gate and variance.metrics.ab_gain in the report.

Observability

report.guards contains guard results by name.
reports include resolved_policy.{spectral,rmt,variance} and evidence blocks (spectral.*, rmt.*, variance.*).
Validation flags are recorded under validation.* (invariants_pass, spectral_stable, rmt_stable).