Docs Product
Protected Controls
A Protected Control is how you express one consequential action inside a domain: one production action that KIFF decides on before it runs, scoped to the thing it acts on. It’s the natural place to start — pick the one action you’d least like an agent to take unsupervised — but it’s a part of the domain, not the foundation. The domain is what you build once and reuse; a control is how a single action within it is governed.
What this does
A Protected Control wraps a single consequential action — PAY_INVOICE,
ISSUE_REFUND, CREATE_PAYOUT — and says: before this action runs,
ask KIFF, and only proceed on the answer. You start with the one action
you’d least like an agent to take unsupervised, and add more controls
over time.
How it works
A control is built from a few pieces you define:
- Action — the operation being governed (e.g.
ISSUE_REFUND). - Entity — the thing the action acts on (an order, an invoice, a customer account), identified so KIFF can reason about this one.
- State — the entity’s current status, derived from the events KIFF
has seen. Whether an action is allowed usually depends on state: a
refund on an order that is already
FULLY_REFUNDEDis not the same request as a refund on aPAIDorder, even if the call looks identical. - Policy — your rules: which states permit the action, what parameters are required, what thresholds apply, and whether a human must approve.
When the action is proposed, KIFF checks it against the entity’s state and your policy and returns one of:
allowed— the action satisfies the policy for the current state; your runtime runs it.blocked— the action is not permitted in this state, or violates a rule; your runtime does not run it.approval_required— the action needs a human sign-off before it can proceed; it is held, not run, until resolved.invalid— the proposal is malformed or missing required data.
What you configure
You own the policy, the state model, the thresholds, and the approval rules. A control is your declaration of when an action is acceptable — KIFF enforces what you declared and proves it did. KIFF does not decide your business rules for you; it decides whether a given action conforms to the rules you set.
KIFF helps you start: attached in observe mode, the guard derives the action surface from real traffic so your first control isn’t a blank file (see the quickstart). But the risk levels, thresholds, and approval requirements are yours to fill in.
State is what makes a control more than a log
The reason a control is worth more than an if statement in your app is
state held outside the acting system. The classic case: an agent tries
to pay an invoice, the response drops, and the call retries. Each retry
is individually valid — same invoice, same amount. Only something that
knows the invoice was PENDING on the first call and PAID on the
retry can refuse the duplicate. A control is that independent,
state-aware authority.
What KIFF still does not do
A control decides; it does not execute. On allowed, your runtime
runs the action. On blocked or approval_required, your runtime
withholds it. KIFF is the boundary and the record, not the hand that
moves the money. See What KIFF is for the full
boundary.

A Protected Control in Govern — control identity, current mode, and decisions grouped by outcome, from a clean demo tenant.
Next
- See a control in action → Decisions.
- See the evidence a control produces → Receipts & proof packs and Govern.