MAX-Governed Domain — External Attacks and Deterministic Behaviour

Outside the MAX-governed domain

External attacks target keys, infrastructure, hardware and people. Conventional security describes how strongly these surfaces are constrained by controls, monitoring and process. It remains observational, probabilistic and reactive.

Inside the MAX-governed domain

MAX does not observe, detect or interpret attacks. It enforces signed rule capsules. If a behaviour is not present in the domain model as an activated, signed rule path, it cannot be executed. MAX does not recover from undefined behaviour; undefined behaviour simply has no path.

External attacks mapped to domain behaviour

Select an external attack surface to see the resulting state of the domain under conventional controls and under MAX rule enforcement.

Attack surface

Domain under conventional controls

Posture partial

Key theft targets secrets used by applications, services and operators. Typical controls include hardened key generation, storage, rotation and isolation.

Even with good practice, the domain remains dependent on correct configuration and operator discipline, and behaviour may still drift in ways that are hard to predict and audit.

Domain under MAX rule enforcement

Mode INFRA

MAX does not treat keys as implicit authority. A stolen key cannot invent new rule capsules or extend the rule space. It can only interact with behaviours that were already modeled, simulated, authorized and signed.

Misuse of keys may still create infrastructure load or repeated valid invocations, but it cannot create any new domain behaviour. The behaviour space remains exactly the same set of activated rule capsules as before the attack.

Posture describes how strongly conventional controls typically constrain the external attack surface.

Mode describes whether the attack can affect only infrastructure (INFRA), is not defined inside the domain (NDEF), or depends on what the operator authorizes (MIXED).