# XXVI. Amendments

### Part 26 — Amendments, Change Control, Pricing Governance, and Supersession

*(Binding objective: establish a records-first, non-regressive change-control system for the **Membership Constitution** that (i) protects non-derogable safeguards (“lockbox” invariants), (ii) prevents silent edits and retroactive burdens, and (iii) reconciles **Constitution ↔ Platform** behavior so pricing and entitlements can evolve without creating implied governance authority or weakening neutrality/safety.)*

***

#### 26.1 Purpose, Scope, and Non-Regression Doctrine

26.1.1 **Membership Constitution change control as a safety system.** The amendment and change-control regime is a governance safety control designed to preserve trust-under-scrutiny, prevent capture, maintain correctionability, and ensure that member rights, duties, and safeguards change only through record-valid, auditable processes.

26.1.2 **Scope boundary: membership constitution only; no perimeter change by implication.** This Part governs amendments and supersession of the Membership Constitution only; it does not amend external instruments, annexes, platform documentation, service descriptions, or any execution perimeter boundaries by implication, and no change shall be construed to authorize operational execution, enforcement, procurement steering, or regulated activity.

26.1.3 **Non-regression rule: safeguards may be strengthened, never weakened.** Amendments may increase precision, auditability, or protections, but shall not weaken safety, neutrality, due process minima, privacy/identity minimization, handling discipline, validity-by-record, correction/supersession discipline, or the strict non-executing perimeter.

26.1.4 **Voluntary-by-default preserved across amendments.** No amendment may impose compelled service, compelled contribution, compelled disclosure, or compelled role acceptance; participation remains opt-in except where a member affirmatively requests a privilege that is explicitly form-gated and consented.

26.1.5 **No silent edits; record-first doctrine for all changes.** All changes require a record-valid proposal, a diff/redline, a decision record, and a supersession record with effective dates; off-platform statements, marketing, or “updated webpages” have no effect unless reconciled to the authoritative platform record.

***

#### 26.2 Change Taxonomy and Classification

26.2.1 **Change typology (mandatory classification).** Every proposed change shall be classified as one or more of: (a) editorial; (b) operational (process clarity); (c) technical (schema/fields); (d) financial (pricing, billing, cost recovery); (e) safeguards; (f) rights-impacting; (g) platform-critical; (h) handling-regime impacting; (i) jurisdiction-activation impacting; (j) entitlements-impacting.

26.2.2 **Safeguard-critical classification (binding).** A change is safeguard-critical if it touches any non-derogable invariant, any safety gate, any stop-the-line power, any handling-class rule, any correction/recall mechanism, or any protected participation/identity minimization control.

26.2.3 **Membership rights-impacting classification (binding).** A change is rights-impacting if it modifies eligibility, standing states, due process rights, access restrictions, appeal routes, sanctions ladder, or any substantive obligation that affects member status or participation conditions.

26.2.4 **Platform schema critical classification (binding).** A change is platform-critical if it modifies governance-critical data structures, record-validity rules, role markers, credit systems, audit logs, distribution logging, or any mechanism that determines platform behavior for rights/safeguards.

26.2.5 **Handling regime impacting classification (binding).** A change is handling-impacting if it modifies handling classes, storage/disclosure rules, watermarking, identity minimization rules, distribution logs, or any rule affecting confidentiality and safety posture.

26.2.6 **Jurisdiction activation impacting classification (binding).** A change is jurisdiction-activation impacting if it affects activation gates, local mirror rules, host institution designation prerequisites, or public listing logic for Activated/Global-only status.

26.2.7 **Entitlements-impacting classification (binding; distinct from rights-impacting).** A change is entitlements-impacting if it modifies service access, availability, support pathways, or add-on features; entitlements-impacting changes are treated as service-layer adjustments and must not be construed as governance-rights changes.

26.2.8 **Retroactivity flag (binding constraints).** Every change must declare retroactivity status; retroactive burdens are prohibited, and retroactive clarifications are permitted only when they reduce ambiguity without increasing duties, costs, sanctions exposure, or access restrictions for any member.

***

#### 26.3 Authorities and Reserved Matters

26.3.1 **General Assembly reserved matters.** The General Assembly (GA) is the ultimate membership authority for adoption of constitutional amendments, ratification of safeguard-critical changes, and any designated escalations explicitly reserved to GA by the Constitution.

26.3.2 **Trustees reserved matters (fiduciary and perimeter enforcement).** Trustees retain reserved authority to enforce legal and fiduciary duties, protect the non-executing perimeter, require safety holds, direct integrity remediation, and escalate or pause changes that introduce unacceptable legal, safety, or perimeter risk.

26.3.3 **Stewardship Committee reserved matters (safety and integrity baselines).** The Stewardship Committee retains reserved authority over handling rules, stop-the-line triggers, correction clocks, safety gate requirements, publication safety screening, and integrity baselines, subject to non-regression and record-validity.

26.3.4 **Domain Council authority in change proposals (bounded to domain rules).** Domain Councils may propose and recommend changes within their domain scope, but may not weaken cross-cutting safeguards and must comply with the change taxonomy, COI rules, and record-valid adoption requirements.

26.3.5 **Guild charter alignment and precedence.** Guild charters and subordinate instruments must conform to the Membership Constitution; conflicts are resolved by precedence, and subordinate documents must be superseded or corrected by record to restore alignment.

26.3.6 **Delegation limits and “no implied authority.”** Any delegation of change-control responsibilities must be explicit, time-boxed, and recorded; no committee, staff function, sponsor, or vendor acquires implied authority to amend, interpret, or enforce changes absent a record-valid delegation.

26.3.7 **Pricing authority firewall (binding).** Pricing decisions may govern access to services and tools, but shall not grant or diminish governance rights, voting weight, role eligibility, reviewer priority, badge outcomes, or dispute outcomes, and shall not be used as an influence mechanism.

***

#### 26.4 Proposal Intake and Drafting Standards

26.4.1 **Change proposal form requirement (Part 25 linkage).** Every change must be initiated using the canonical change proposal form and schema, including handling election, authority basis, COI fields, and classification per Section 26.2.

26.4.2 **Diff/redlines and plain-language summary (mandatory).** Every proposal must include machine-readable diffs/redlines and a plain-language “what changes / what stays the same” summary suitable for public-safe disclosure.

26.4.3 **Rationale, objectives, and problem statement.** Each proposal must state the problem being solved, why existing text is insufficient, and the objective metrics or outcomes expected (including risk reduction and clarity improvements).

26.4.4 **Scope, exclusions, and perimeter reaffirmation.** Each proposal must define in-scope provisions, explicit exclusions, and a reaffirmation that the non-executing perimeter is unchanged unless a higher-order safeguard instrument explicitly permits otherwise (which is presumed not to be the case).

26.4.5 **Impact statement across rights, duties, roles, access, safety, and costs.** Proposals must include a structured impact assessment covering membership rights, obligations, standing states, role markers, controlled access, safety posture, administrative burden, and cost/fee implications (if any).

26.4.6 **Handling class election for proposal and review artifacts.** Proposers must elect handling for the proposal package and for all review artifacts, ensuring sensitive discussions occur in controlled lanes and public-safe summaries remain safe.

26.4.7 **COI disclosures for proposers and reviewers.** Proposals must include COI disclosures for all named proposers and any pre-identified reviewers, including sponsor adjacency flags, employment ties, and self-interest indicators.

26.4.8 **Migration plan (mandatory).** Proposals must include a migration plan for in-flight work, existing role markers, existing records, credit systems, and existing entitlements, including failure modes, edge cases, and continuity controls.

26.4.9 **Back-out plan (mandatory).** Proposals must include rollback triggers, a safe-minimum continuity posture, and a record-valid rollback procedure that preserves auditability and avoids retroactive harm.

***

#### 26.5 Notice, Consultation, and Contestation Windows

26.5.1 **Notice-by-record rule (authoritative).** Notice is valid only when issued by platform record; emails, external posts, or verbal statements are non-authoritative and must not be relied upon absent a record pointer.

26.5.2 **Minimum notice periods by change class.** Notice periods scale with impact: editorial changes require shorter notice; safeguard-critical, rights-impacting, handling-impacting, and platform-critical changes require extended notice with additional consultation steps.

26.5.3 **Consultation lanes (tiered).** Consultation shall include (a) public-safe comment window by default; (b) controlled comment window for sensitive matters; and (c) expert review lane where technical, legal, safety, or rights impacts require specialized scrutiny.

26.5.4 **Contestation window rules and standing.** The process shall define who may contest, on what grounds, in what time window, under what handling, and with what remedies; contestation rights shall include integrity-based challenges and safety-regression claims.

26.5.5 **Dissent and minority report preservation (public-safe default).** Dissent and minority views must be preserved as part of the record; public-safe summaries should preserve the existence and basis of dissent without disclosing controlled details.

26.5.6 **Anti-coercion and anti-capture safeguards during windows.** The process shall prohibit coercion, bundling, quid-pro-quo, sponsor pressure, retaliatory threats, or “visibility-for-support” practices during consultation and voting windows.

26.5.7 **Translation window and authoritative language integrity.** Where authoritative language changes or translation disputes arise, a translation window is mandatory; translation conflicts freeze to the safest interpretation until reconciled by record.

***

#### 26.6 Voting, Quorum, and Integrity Controls

26.6.1 **Quorum rules by change class.** Quorum requirements vary with change classification; safeguard-critical and rights-impacting changes require higher quorum than editorial or non-substantive clarifications.

26.6.2 **Voting thresholds and supermajority logic.** Thresholds scale with impact: simple majority for editorial; enhanced thresholds for operational/technical; supermajority for safeguard-critical, rights-impacting, handling-impacting, and platform-critical changes.

26.6.3 **Anti-sybil, anti-gaming, and integrity controls.** Ballots must include proportionate sybil resistance, anomaly detection, concentration limits, and audit trails; suspicious patterns trigger a ballot integrity review lane.

26.6.4 **Prohibitions on pay-to-vote and influence.** Payments, sponsorships, and service purchases must not influence voting weight, eligibility, or outcomes; any attempt to trade money, access, or visibility for votes is prohibited.

26.6.5 **Proxy rules (if any) and identity minimization constraints.** If proxies are permitted, they must be recorded, time-boxed, and identity-minimized; proxy aggregation caps shall prevent bloc capture.

26.6.6 **Vote auditability and challenge process.** Votes are recorded via role markers, with record-valid tallies and an auditable ledger of counts; a defined challenge process allows time-boxed verification without doxxing.

26.6.7 **Ballot challenge lane (fast integrity review).** A dedicated lane permits rapid, time-boxed challenges to ballot integrity (notice defects, quorum errors, COI defects, sybil anomalies), with remedies including pause, re-vote, or rollback.

***

#### 26.7 Safeguard-Critical Change Gate

26.7.1 **Definition of safeguard-critical provisions (non-derogable invariants).** Safeguard-critical provisions include: strict non-executing perimeter; activation gates; identity minimization and protected participation; handling and distribution logging; neutrality (competition/procurement/political safety); validity-by-record; correction/supersession discipline; due process minima; proportional sanctions; stop-the-line and safety hold powers.

26.7.2 **Mandatory Stewardship safety review with reason-coded sign-off.** Any safeguard-critical proposal requires Stewardship review with written reason codes, threat/abuse analysis, and explicit non-regression attestation before it may proceed.

26.7.3 **Trustees escalation triggers (legal/fiduciary/perimeter risk).** Trustees may pause or block proposals that introduce unacceptable legal exposure, fiduciary risk, safety risk, or perimeter confusion, pending correction or withdrawal.

26.7.4 **Enhanced notice and consultation requirements.** Safeguard-critical proposals require extended notice, dual-lane consultation (public-safe + controlled), and explicit documentation of how comments were addressed.

26.7.5 **Mandatory impact simulation and harm analysis.** The proposal must include failure analysis (“how could this be abused”), harm mapping (“who is harmed and how”), and mitigations sufficient to preserve trust-under-scrutiny.

26.7.6 **Hard prohibition on weakening non-derogable invariants.** No proposal may weaken, directly or indirectly, any of the following:

* strict non-executing perimeter;
* jurisdiction activation rule;
* identity minimization and protected participation;
* handling election and distribution logging;
* neutrality and safe-meeting controls;
* validity-by-record and correction/supersession discipline;
* due process minima and proportional sanctions.

26.7.7 **Lockbox clause (binding “out of order” rule).** Any proposal that directly or indirectly weakens a lockbox invariant is **out of order**, shall not proceed to consultation or vote, and must be withdrawn or re-drafted to comply with non-regression.

***

#### 26.8 Platform Change Control and Release Discipline

26.8.1 **Governance schema changes (governance-critical fields).** Changes to role markers, sanctions states, rights gates, records logic, appeals routing, credits, and distribution logs are platform-critical and require the platform schema change process.

26.8.2 **Secure change management with approvals and logging.** Platform releases require approvals, change logs, access controls, and tamper-evident records, with rollback capabilities aligned to the back-out plan.

26.8.3 **Backward compatibility and migration rules.** Releases must include backward compatibility posture, migration steps for in-flight records, and explicit mapping for how old records remain auditable and interpretable.

26.8.4 **Testing gates for governance integrity.** Releases must pass tests for record validity, RBAC correctness, distribution logging, audit trail completeness, correction/supersession logic, and safety hold enforcement.

26.8.5 **Emergency patch pathway (time-boxed; post-hoc ratification).** Emergency patches are permitted only for integrity, safety, or security; they must be time-boxed, recorded, and subject to post-hoc review and ratification.

26.8.6 **Mismatch lock (off-platform assertions vs platform record).** Where external statements conflict with platform records, the system freezes to the safest posture and requires a reconciliation record before any disputed behavior proceeds.

26.8.7 **Constitution ↔ Platform reconciliation rule (binding).** Platform behavior must conform to the Constitution; where conflict exists, the platform must default to the strictest safeguard-preserving interpretation and freeze contested behaviors until supersession resolves the conflict by record.

***

#### 26.9 Pricing Governance (Free Default + Paid Add-Ons; Nonprofit-Compatible)

26.9.1 **Pricing principles (cost recovery and accessibility).** Pricing is governed as nonprofit-compatible cost recovery, with accessibility and equity provisions, and shall never be used as an influence mechanism.

26.9.2 **Authority to set or modify pricing (bounded).** Pricing authority is exercised under Trustee oversight and any GA-designated constraints, with required notice and a pricing change record.

26.9.3 **Price bands, transparency minima, and controlled detail.** The system may publish price bands publicly while retaining exact commercial details in controlled lanes where necessary, provided public-safe transparency minima are met.

26.9.4 **Scholarship/waiver/sliding-scale governance with audits.** Scholarship eligibility, waiver criteria, and audits must be documented by record and reported in public-safe aggregate to prevent covert influence and exclusion.

26.9.5 **Sponsor-supported memberships with caps and disclosures.** Sponsor-supported pathways must be capped, disclosed in aggregate, monitored for concentration and influence indicators, and prohibited from creating preferential governance outcomes.

26.9.6 **Prohibited constructs and influence products.** VIP governance influence, votes-for-payment, badges-for-payment, reviewer priority-for-payment, access-for-endorsement, and “sponsor veto” constructs are prohibited.

26.9.7 **Pricing neutrality statement (binding).** Payment affects **service access only**; it cannot increase governance weight, voting eligibility, role access, reviewer priority, publication outcomes, badge outcomes, or due process outcomes.

***

#### 26.10 Entitlements, Service Levels, and Safety Holds

26.10.1 **Entitlement change classification and notice.** All entitlement changes must be classified under Section 26.2.7 and noticed by record, with effective dates and a plain-language “what changes” summary.

26.10.2 **Service availability posture (best-efforts; non-guarantee).** Services are offered on a best-efforts basis with explicit non-guarantee language; service descriptions do not imply operational authority or outcome obligations.

26.10.3 **Safety holds supersede entitlements.** Safety/integrity holds may pause services, publications, rooms, or access regardless of entitlement status, subject to mandatory expiry, review cadence, and record-valid notice.

26.10.4 **Refund/credit policy governance (bounded and non-coercive).** Refunds and credits are governed by record with clear exceptions for fraud, abuse, or safety holds, while preserving non-coercion and due process rights.

26.10.5 **Dispute lane for billing/entitlement integrity issues.** Members must have a dispute lane for billing errors and entitlement integrity issues, with clocks, reason codes, and remedies recorded.

26.10.6 **Transparency minima for entitlement changes.** Entitlement changes require public-safe disclosures sufficient to prevent misrepresentation and reliance confusion, without revealing sensitive operational details.

26.10.7 **No implied duty clause (binding).** Entitlements do not create any implied duty to act, respond, coordinate, dispatch, enforce, certify, or deliver outcomes; they govern access to membership services only.

***

#### 26.11 Versioning, Supersession, and Deprecation

26.11.1 **Version identifiers and effective dates (baseline logic).** Every constitutional version shall have a unique identifier, effective date, and authoritative pointer; older versions remain accessible for audit and contestability.

26.11.2 **Supersession records (diffs, rationale, and impact mapping).** Every supersession must include diffs/redlines, rationale, impacted sections, and an explicit mapping of changes to rights, safeguards, or entitlements.

26.11.3 **Deprecation and sunset rules with migration support.** Deprecations must specify sunset dates and migration steps; members must be given a reasonable transition path that avoids retroactive burdens.

26.11.4 **Preservation of old versions (audit integrity).** Old versions remain immutable and accessible as historical records; interpretive guidance must be issued by record rather than retroactive rewriting.

26.11.5 **Current-version designation and authoritative pointers.** The platform must clearly identify the current version and provide authoritative pointers to the supersession chain to prevent confusion and misrepresentation.

26.11.6 **No silent edits and tamper-evidence for records.** All changes are supersession-only; tamper-evident logging is required for publishing, access, and change events.

26.11.7 **Effective-date gating (binding).** No rule, restriction, entitlement change, or enforcement posture may operate before the recorded effective date; pre-effective actions are invalid.

***

#### 26.12 Errata Process for the Constitution

26.12.1 **Errata vs amendment distinction (binding).** Errata correct non-substantive errors (typos, numbering, cross-references) without changing meaning; any substantive change is an amendment.

26.12.2 **Rapid errata lane (non-substantive only).** A fast lane may issue errata with minimal notice when strictly non-substantive, provided diffs and a public-safe explanation are recorded.

26.12.3 **Substantive correction requires amendment process.** If an errata changes meaning, rights, duties, safeguards, or interpretation, it must be reissued as an amendment proposal with full process.

26.12.4 **Public-safe errata notice requirements.** Errata must be published with public-safe notice describing what changed, why, and confirming non-substantive nature.

26.12.5 **Controlled rationale when safety-sensitive.** Where safety-sensitive, rationale may be recorded in controlled detail with a public-safe summary that preserves correctionability.

26.12.6 **Errata audit trail and rollback.** Errata must include a reversible audit trail and rollback path if misclassified or contested.

26.12.7 **Errata misuse guard (binding).** If contested as substantive, the errata automatically pauses and is routed into the amendment lane until resolved by record.

***

#### 26.13 Emergency Amendments and Time-Boxed Variances

26.13.1 **Emergency governance mode interface (Part 2.10 linkage).** Emergency mechanisms must align to emergency governance controls, including time-boxing, reason codes, and post-hoc review.

26.13.2 **Time-boxed variance requests (bounded scope).** Variances may adjust procedures or timing under crisis constraints, but may not alter lockbox invariants, rights minima, or handling and identity protections.

26.13.3 **Mandatory expiry and post-hoc ratification.** Emergency variances must have expiry and require post-hoc ratification or termination by record; indefinite emergency modes are prohibited.

26.13.4 **After-action records and corrective measures.** Emergency use requires after-action reporting, correction records, and remediation of any failures or abuses discovered.

26.13.5 **Public-safe explanation baseline.** A public-safe explanation is required unless prohibited by handling or law, preserving legitimacy without disclosing sensitive details.

26.13.6 **Abuse prevention and sanctions for misuse.** Misuse of emergency pathways triggers due process lanes, sanctions ladder remedies, and potential removal of role markers.

26.13.7 **Non-derogable invariants remain non-derogable (binding).** Lockbox safeguards remain binding even in emergency mode; emergency cannot be used to weaken core protections.

***

#### 26.14 Disputes, Appeals, and Remedies Related to Change Control

26.14.1 **Standing to appeal change-control outcomes.** Defined parties (members, affected participants, relevant councils/roles) may appeal process outcomes within time windows and handling constraints.

26.14.2 **Process challenges (integrity defects).** Appeals may challenge notice defects, quorum defects, COI defects, ballot integrity, classification errors, or failure to preserve dissent and contestation rights.

26.14.3 **Substantive challenges (rights/safety regression).** Appeals may challenge safety regression, disproportionate burdens, improper retroactivity, or violations of lockbox invariants.

26.14.4 **Interim relief (temporary hold).** A temporary hold may pause enforcement of a contested change pending review where safety, rights, or integrity risk is credible.

26.14.5 **Remedies (corrective and restorative).** Remedies include clarified notice, corrected classification, re-opened consultation, re-vote, rollback to prior version, supersession correction, or limited re-issuance with mitigations.

26.14.6 **Publication of outcomes (public-safe default).** Change-control dispute outcomes require public-safe reporting describing what happened, what changed, and what remains in effect.

26.14.7 **Reinstatement of prior version (binding remedy).** Where integrity of adoption is compromised, reinstatement of the prior version is an available remedy, effective immediately by record pending corrected process.

***

#### 26.15 Change-Related Integrity Monitoring and Control Testing

26.15.1 **Change-control audit schedule (annual and event-driven).** The system must schedule periodic audits of change processes and trigger event-driven audits after contested or high-impact changes.

26.15.2 **Capture indicators and influence monitoring.** The platform monitors sponsor concentration, unusual coalition patterns, repeated proposer dominance, and influence signals during consultation and voting windows.

26.15.3 **Sybil indicators and ballot anomaly detection.** Identity-minimized anomaly detection monitors for sybil patterns, coordinated manipulation, and suspicious vote distributions, triggering integrity review lanes.

26.15.4 **Distribution log verification for change notices.** The platform verifies that notices reached required recipient sets under the elected handling class and preserves logs of distribution and recalls.

26.15.5 **Records completeness and timeliness checks.** Audits verify that proposals, diffs, COI disclosures, dissent, votes, and supersession records exist, are complete, and meet required clocks.

26.15.6 **Continuous improvement loop for change control.** The change-control system is itself subject to periodic review and improvement, with meta-changes treated as safeguard-critical where they affect integrity.

26.15.7 **Independent review triggers (systemic anomalies).** Repeated contested changes, systemic integrity failures, or sponsor/capture indicators trigger an independent review lane with published public-safe findings.

***

#### 26.16 Communications, Attribution, and Public Trust for Amendments

26.16.1 **Public-safe summaries required for all adopted amendments.** Every adopted amendment must publish a public-safe summary: purpose, key changes, effective date, limitations, and how to contest or appeal.

26.16.2 **Attribution discipline (role markers preferred).** Communications shall prefer role markers and permissioned attribution, with identity minimization preserved and doxxing protections available.

26.16.3 **Misquote and misinformation response protocol.** The system maintains a correction workflow for misquotes, misinformation, and misrepresentation about amendments, linked to registry correction mechanisms.

26.16.4 **External references and non-endorsement statements.** External citations must carry non-endorsement language and cannot be used to imply government delegation, regulatory approval, or certification.

26.16.5 **Translation integrity and authoritative language election.** The authoritative language is designated by record; translations are provided with integrity controls, and disputes freeze to safest interpretation pending reconciliation.

26.16.6 **Archival and citation formats for reuse under scrutiny.** Each amendment is citeable via stable pointers, version IDs, and effective dates; superseded text remains accessible for audit.

26.16.7 **“What changed / what didn’t” disclosure (mandatory).** Every amendment package must include a plain-language disclosure explicitly stating what changed and what did not change, including perimeter and safeguard invariants.

***

#### 26.17 Survival and Severability

26.17.1 **Survival of handling obligations and due process clocks.** Handling obligations, confidentiality survival duties, correction clocks, and due process rights survive amendments and member exit as specified by record.

26.17.2 **Severability.** If any clause is held invalid, the remainder remains effective to the extent possible without weakening lockbox safeguards.

26.17.3 **Continuity of member status during legal or process challenges.** Member status remains governed by the last valid record until superseded; contested changes do not automatically alter status absent record-valid enforcement.

26.17.4 **Preservation of safeguards during disputes.** During disputes, the system defaults to the strictest safeguard-preserving posture and maintains stop-the-line capabilities.

26.17.5 **Non-waiver and non-precedent rule.** Failure to enforce a provision once does not waive future enforcement; discretionary resolutions do not create binding precedent absent recorded policy.

26.17.6 **Notices and jurisdiction notes (membership dispute venue).** Notices are issued by record; membership dispute venue and procedural notes are recorded without implying external adjudication authority.

***

#### 26.18 Embedded Governance Wiring Summary for Change Control

26.18.1 **End-to-end workflow (record-valid).** Proposal → classification → safety review → notice → consultation → contestation → vote/ratify → publish public-safe summary → supersession record → migration → audit and monitoring.

26.18.2 **Role wiring and separation of functions.** GA (adoption) → Trustees (fiduciary/perimeter) → Stewardship (safety/handling/corrections) → Domain Councils (domain input) → Guilds (implementation alignment) → Registry/Records Officer (record integrity).

26.18.3 **Special protections for lockbox invariants and jurisdiction activation rule.** Safeguard-critical invariants and activation gates receive enhanced review, enhanced notice, and an out-of-order block for weakening proposals.

26.18.4 **Voluntary-by-default preserved across all paths.** No change pathway may create compelled contribution or service; role acceptance remains opt-in; service entitlements remain non-authority and non-duty.

26.18.5 **Freeze-to-safe-default rule (binding).** Any ambiguity, mismatch, or conflict freezes to the most safety-preserving interpretation until corrected by supersession record, with platform behavior constrained accordingly.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.therisk.global/organization/cooperation/nexus-guilds/membership/xxvi.-amendments.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.