Nine Gates

AFA evaluates every enhancement candidate through nine quantitative gates. All nine must pass for an enhancement to be committed. If any gate fails, the enhancement enters a redesign loop (up to 3 retries) or is rejected.

Gate summary

#	Gate	What it measures	Threshold	Hard floor?
1	Risk	Risk reduction ratio	Delta >= 2.0	No
2	Profit	Profit improvement ratio	Delta >= 2.0	No
3	Novelty	New concepts introduced	G(N) >= 0.8	No
4	Complexity	Structural simplicity	C_norm >= 0.5	Yes
5	Quality	Aggregate code quality	Q >= 0.7, no zero sub-scores	No
6	Utility	Economic value vs. cost	LCB(U) > 1.5	No
7	Entropy	Diff meaningfulness	H(diff) >= 0.25	No
8	Supply Chain	Build provenance	SLSA v1.0 valid	No
9	KPI	Business alignment	R-squared >= 0.6	No

Evaluation order

Gates are evaluated in a specific order to fail fast on cheap checks:

Complexity (hard floor first -- instant reject if < 0.5)
Risk / Profit (disjunctive -- either suffices)
Novelty
Quality
Utility
Entropy (includes anti-gaming checks)
Supply Chain
KPI

Gate details

1. Risk gate

Measures how much an enhancement reduces risk relative to the baseline.

Delta_Risk = baseline_risk / max(proposed_risk, epsilon)

Gate passes when Delta_Risk >= 2.0 OR Delta_Profit >= 2.0 (disjunctive -- either suffices).

2. Profit gate

Measures improvement in profit proxy (deployment velocity, error reduction, etc.).

Delta_Profit = proposed_profit / max(baseline_profit, epsilon)

Both risk and profit deltas are validated through Bayesian posterior probability: P(Delta >= 2 | data) > 0.95.

3. Novelty gate

Prevents trivial changes from consuming pipeline resources. Uses a logistic function:

G(N) = 1 / (1 + e^(-k * (N - N0)))

Where N is the number of new concepts introduced, k is the logistic slope (default 5.0), and N0 is the logistic center (default 3.5). Gate passes when G(N) >= 0.8.

4. Complexity gate

The only non-overridable gate. See Complexity deep-dive.

5. Quality gate

Aggregate quality score across security, performance, maintainability, and documentation. Gate passes when Q >= 0.7 AND no individual sub-score equals zero.

The zero-sub-score rule prevents gaming: an enhancement cannot have perfect security but zero maintainability.

6. Utility gate (economic optimization)

Answers "is this enhancement worth the cost?" using a utility function with a lower confidence bound:

U = (Delta_P_H + gamma * Delta_V_L) + kappa * |Delta_R| - (phi_S * Delta_C_S + phi_D * Delta_C_D) - Delta_OPEX
LCB(U) = U - z_alpha * sqrt(Var(U))

Gate passes when LCB(U) > 1.5 (configurable). Uses PERT three-point estimation for variance.

7. Entropy gate (anti-gaming)

Prevents trivially small or artificially inflated changes by measuring Shannon entropy of the diff token distribution:

H(diff) = -sum(p_i * log2(p_i))

Gate passes when H(diff) >= 0.25 (configurable). Also runs three anti-gaming detectors:

Detector	Threshold	Detects
Dead code	0.8	Unreachable code added to pad metrics
Edit locality	0.3	Scattered edits across unrelated areas
Generated code	0.5	Minified or machine-generated output

8. Supply chain gate

Validates build integrity: SLSA level check, signature validity, and SBOM change allowlisting. Gate passes when all three conditions hold.

9. KPI alignment gate

Ensures enhancements align with business objectives. Gate passes when R-squared >= 0.6.

What happens when a gate fails

Near miss (all scores within 1.1x of their threshold): eligible for redesign retry
Hard failure: enhancement is rejected
Hard floor violation (complexity < 0.5): immediate rejection, no retry

Use afa explain <enhancement-id> to see exactly which gates failed and why.

Operating modes

Mode	Gate engine	Use case
Standalone	Built-in threshold comparisons	Most teams
AEGIS-connected	Full Bayesian posterior evaluation	Enterprise governance

In standalone mode, gates use simple threshold comparisons. With the optional AEGIS connector, gates use full Bayesian posterior evaluation with confidence intervals, SHA-256 audit hash chains, and governance workflows.

Nine Gates

On this page