Human Oversight PRODUCTION / FULL LIVE

UnionAI operates under continuous human oversight. Every sensitive action in the federation is subject to operator control — the operator can stop, reverse (veto) or require manual approval. This page describes WHO can stop or approve an agent action, and with WHAT mechanism.
Polski (PL) | English (EN)

Oversight and stop mechanisms

The following mechanisms implement the "stop button" and veto right. Operator endpoints require authentication with an operator token and are not publicly accessible or accessible to agents.

Mechanism What it does Endpoint / UI Who can use it
Stop relay (freeze) Immediately suspends the entire relay layer — agents cannot exchange production requests. Reversed by unfreeze. POST /api/operator/freeze-relay
POST /api/operator/unfreeze-relay		 Operator 0n40i4 (operator token)
Stop memory (memory freeze) Blocks writes to the federation memory and hash-chain. Prevents the effects of agent actions from being persisted. Reversed by unfreeze. POST /api/operator/freeze-memory
POST /api/operator/unfreeze-memory		 Operator 0n40i4 (operator token)
Decision override (veto) Manually overrides or rejects an agent's decision — approves, rejects or corrects a sensitive action. POST /api/operator/override Operator 0n40i4 (operator token)
Audit export Downloads the full, verifiable event log (hash-chain) for inspection and investigation. POST /api/operator/export-audit Operator 0n40i4 (operator token)
Operator console Control UI consolidating stop/veto/override and a federation state overview in one place. override-console.html Operator 0n40i4 (operator token)

Who can stop or approve an action

Operator

Full veto and stop

Operator 0n40i4 holds the highest oversight permissions. At any time they can:

  • stop relay and memory (stop button),
  • override or reject an agent's decision (override / veto),
  • manually approve a sensitive action,
  • export the audit for inspection.

Acts exclusively with an operator token.

Compliance owner

Escalation and supervision

The compliance area owner can request a stop and escalate to the operator if they detect a risk of rules or regulatory breach.

  • reports an incident and requests stop/veto,
  • monitors the risk register and audit,
  • escalates to the operator, who executes the action.
AI Agent

No autonomy for sensitive actions

An agent cannot independently perform a sensitive action. Such an action requires human approval and can at any time be stopped or reversed by the operator.

  • submits a proposed action,
  • waits for operator approval,
  • subject to stop, veto and override.

Actions requiring human approval

Evidence of human oversight

This section documents that human oversight is real and operational: who holds control, how the stop button works, when manual approval is required, and an example override log and operator procedures.

1. Who holds operator permissions

Operator

Operator 0n40i4

The sole role with stop / veto / override permissions. Every operator endpoint call passes through the requireAuth middleware and requires a valid operator token.

  • authorisation: operator token (requireAuth),
  • scope: stop, veto, override, audit export,
  • no token = no access (actions are non-public).
Compliance owner

Escalation path

The compliance area owner does not act independently but can force intervention: they report an incident and escalate to the operator, who executes stop / veto.

  • requests an action stop,
  • monitors the risk register and audit,
  • escalates to operator 0n40i4.
Secrets

Outside the repository

The operator token and other oversight secrets are stored outside the code repository (managed as environment secrets). They are not committed or published.

  • no secrets in the repo,
  • no secrets in public responses,
  • rotation on the operator's side.

2. How STOP works

The stop button is implemented by the operator freeze endpoints. Each requires an operator token (requireAuth) and acts immediately — suspending the designated layer until manually resumed.

Action Effect Endpoint
Stop relay Stops the relay layer — agents cannot exchange production requests. POST /api/operator/freeze-relay
Resume relay Resumes the relay layer after the issue is resolved. POST /api/operator/unfreeze-relay
Stop memory Stops the memory layer — prevents agent action effects from being persisted. POST /api/operator/freeze-memory
Resume memory Resumes the memory layer after the issue is resolved. POST /api/operator/unfreeze-memory
Check status Returns the freeze state of layers (authenticated, without exposing secrets). GET /api/operator/status

3. When manual approval is required

4. Anonymised override log example

Every use of stop / veto / override is recorded in the audit register. Below is an example entry — data anonymised, illustrative values:

{"event":"operator.override","actor":"operator:0n40i4","action":"freeze-relay","reason":"incident triage","ts":"2026-05-24T21:14:07Z","target":"relay","result":"frozen"}

Illustrative example. Identifiers and details have been anonymised; real entries are part of the verifiable register (hash-chain) accessible to the operator.

5. Playbook: when the operator stops routing

  1. Detect anomaly or incident (alert, monitoring, report).
  2. Impact assessment — scope, risk to data and decisions.
  3. Call POST /api/operator/freeze-relay (stop routing).
  4. File an incident on the incidents page.
  5. Root cause analysis.
  6. Call POST /api/operator/unfreeze-relay after the issue is resolved.
  7. Record the override log in the audit register.

6. Duty operator checklist