Treasury policy is expressed in the constitution and enforced on every disbursement attempt.

Policy fields

treasury:
  daily_spend_limit_usd: 10000
  reserve_minimum_usd: 25000
  require_human_above_usd: 50000
  counterparty_caps_usd:
    "*": 5000
    "aws.amazon.com": 15000
    "payroll.gusto.com": 25000

Semantics

daily_spend_limit_usd

Maximum combined USD spent in any rolling 24-hour window. Measured at disbursement-request time. If spent_today + requested > daily_spend_limit_usd, the request is rejected.

reserve_minimum_usd

Minimum USD balance after a disbursement. The engine computes post_spend_balance = current_available - requested and rejects if below the minimum.

require_human_above_usd

Any individual disbursement ≥ this threshold triggers escalation. A named human must sign off before voting opens.

counterparty_caps_usd

Per-recipient caps. Wildcard matching:
  • "*" — default for any recipient not otherwise matched
  • "aws.amazon.com" — exact match for this domain
  • "*.aws.amazon.com" — any subdomain
Most specific wins. Useful for approving certain high-volume vendors without raising the global cap.

Policy changes

Treasury policy changes are constitution amendments. They use amendment_threshold, not voting_threshold.

Audit

Every policy check writes to the audit chain, including reason on rejection: 
{
  "event": "treasury.policy.check",
  "amount_usd": 15000,
  "result": "rejected",
  "reason": "counterparty_cap_exceeded",
  "recipient": "unknown-vendor.com",
  "cap": 5000
}