Deadline Room Incident Commander console

For the CISO office, the incident commander, and the general counsel running the first 72 hours after a breach.

Walk a real incident One console, four ways the first 72 hours can go. The default is already running.
Watch for
Veto
Live kill
Amendment

Statutory clocks

replay time --
running

Reading the room...

The incident commander watches this line. It says whether the filing set can go out, and if not, exactly what is holding it.

Filing set not yet released
Examiner drill

Deadline pressure: the worst week to be breached

no-AI clock sweep

The SEC 8-K clock is four BUSINESS days, not 96 hours. A team that reads it as 96 hours is most wrong over a holiday cluster. This is the deterministic worst-case start window across the calendar: the days on which a materiality determination pushes the real deadline furthest past the naive guess.

step 0 / 0
Press play to replay the captured run.

The war room

The four AI teams and the no-AI referee, talking it out live in a Band room.

Filing status by regulator

Where each of the four filings stands right now.

Who handed off to whom for engineers

Every @mention handoff, lit as it happens.

The Examiner Packet: the one filing set you hand the regulator

One consistent, signed, examiner-ready filing set. Without this: four teams, four versions of the truth. With it: one set of filings that agree, on time, that anyone can prove was not altered.

Prove it was not altered for engineers

An examiner can confirm the filing set is genuine without trusting us. Re-run all three proofs in your own browser: it reads the bundled run log and recomputes the same values the referee recorded. The raw cryptographic detail is below for the engineers on the panel.

1. Byte-identical replay hashnot run
recorded--
recomputed--
SHA-256 of the bundled run log, recomputed client-side, compared to the hash the Warden recorded.
2. Tamper-evident chain headnot run
recorded--
recomputed--
A per-entry hash chain folds each log entry into the prior hash, so a reorder or omission moves the head and points at the first broken link.
3. Warden signature (Ed25519)not run
signer--
key fp--
The Warden signed the run-log bytes with an Ed25519 key. The browser verifies the signature against the bundled public key.

Filings

Why each decision, in plain English

one source, fixed rules

Every gated decision the referee made, each badged "fixed rule (no AI judgment)" or "AI drafted, fixed rule checked", and each bound to the exact run-log entries it rests on by content hash (recomputed in your browser from the bundled log). The text is the same source the Examiner Packet and the war room show, so the three never disagree.

Plain answers to what a non-engineer asks

The questions an incident commander, a general counsel, or a board member actually asks, answered deterministically from the records above.

What if? The counterfactual the deterministic core can compute

signed counterfactuals

The same no-AI engine that replays the past byte-for-byte can compute the counterfactual: change one deterministic input (a clock anchor, the contradiction block, a fact value) and recompute the consequence. Each what-if carries its own signed receipt under a separate "counterfactual" label, so it is never confused with a real run. Re-verify any of them in your browser.

Across every incident: the fleet SLA and throughput

signed rollup

A standing operations center is judged on its SLA, not a single deadline. This is every sealed incident at once: the worst-case and median statutory margin, how many filings landed near a breach, whether it EVER breached, and the throughput. Every number is a no-AI read of the recorded clocks, folded into the signed portfolio manifest, so editing one breaks the signature.

Incident path Filings Tightest margin Breaches Drafted Released Suppressed Vetoes

By subsidiary: the group fleet split into a two-level signed tree

signed sub-roots

A standing operations center serves a group with subsidiaries, each a regulated entity with its own incidents and regulator exposure. The fleet is segmented by entity into a two-level signed tree: each subsidiary's incidents fold into a per-subsidiary Merkle SUB-ROOT, signed on its own, and the sub-roots combine into the group root. Each subsidiary's scoped sub-attestation carries ONLY that subsidiary's runs, so its general counsel can hand it to its own regulator without exposing the rest of the group. The entity mapping is declarative configuration beside the sealed captures, never inside the signed run-log bytes.

The intake queue: every incident on the board, by deadline

live status board

A standing operations center does not watch one incident, it watches a queue. New incidents arrive and sit queued; the running ones move queued to active to released as the Warden settles each filing. Every running incident's status here is READ from its sealed log, never asserted, and the board is sorted by the nearest statutory deadline so the next thing due is always on top.