ClawdStrike uses a Benevolent Dictator For Life (BDFL) governance model with a Maintainer Council for the initial phase of the project.
The BDFL has final authority on all project decisions.
- Current BDFL: Connor (GitHub: @bb-connor)
Maintainers have commit access and review authority within their component areas.
| Maintainer | Component Area | GitHub |
|---|---|---|
| (TBD) | Guards / Policy Engine | |
| (TBD) | Spine Protocol | |
| (TBD) | Desktop / SDK | |
| (TBD) | Bridges / Infrastructure | |
| (TBD) | Documentation / Community |
- Minor changes (bug fixes, docs, typos): Single maintainer approval
- Feature additions (new guards, adapters): Maintainer approval + CI pass
- Architecture changes (new crates, protocol changes): RFC required
- Security-sensitive changes (crypto, guard logic, Spine protocol): Two maintainer reviews
- Governance changes: BDFL approval
Significant design decisions are documented as ADRs in docs/plans/decisions/:
- Author opens a PR adding
docs/plans/decisions/NNNN-title.md - Community comment period: 14 days minimum
- Maintainer Council discusses in weekly call
- BDFL approves, requests changes, or rejects
- Approved RFCs are merged and implementation can begin
| Component | Directory | Owner(s) |
|---|---|---|
| Crypto primitives | crates/libs/hush-core/ |
Guards maintainer |
| Guard engine | crates/libs/clawdstrike/ |
Guards maintainer |
| Spine protocol | crates/libs/spine/ |
Spine maintainer |
| Tetragon bridge | crates/bridges/tetragon-bridge/ |
Bridges maintainer |
| Hubble bridge | crates/bridges/hubble-bridge/ |
Bridges maintainer |
| hushd daemon | crates/services/hushd/ |
Guards maintainer |
| CLI | crates/services/hush-cli/ |
Guards maintainer |
| Desktop app | apps/desktop/ |
Desktop maintainer |
| TypeScript SDK | packages/sdk/hush-ts/ |
Desktop maintainer |
| Python SDK | packages/sdk/hush-py/ |
Community maintainer |
| Rulesets | rulesets/ |
Any maintainer |
| Documentation | docs/ |
Any maintainer |
| Helm chart | infra/deploy/helm/ |
Bridges maintainer |
Maintainer candidates are nominated by existing maintainers based on:
- Sustained, high-quality contributions (6+ merged PRs)
- Demonstrated understanding of the codebase and design philosophy
- Constructive participation in reviews and discussions
- Alignment with the project's fail-closed security philosophy
The BDFL approves all maintainer additions.
When the contributor base grows beyond the founding team:
- Transition to a 5-member elected Steering Committee
- BDFL retains veto on security-critical decisions only
- Sub-teams form around components with designated leads
- Annual elections for Steering Committee seats
Requirements for CNCF Sandbox application:
- 2+ maintainers from different organizations
- Apache 2.0 license (completed)
- Adopt CNCF governance template
- Security audit completed
- 3+ production adopters
| Channel | Purpose |
|---|---|
| GitHub Discussions | Q&A, feature ideas, architecture |
| Discord | Real-time chat, contributor coordination |
| Weekly community call | Demos, roadmap, contributor spotlights |
| Monthly security office hours | Guard design, threat modeling |