Documentation Index
Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt
Use this file to discover all available pages before exploring further.
Most governance and compliance tools are SaaS platforms. Your decisions go to their servers. Your data lives in their database. Your audit trail depends on their uptime, their pricing, and their continued existence as a business.
Parmana is different. It is an open-source SDK - infrastructure you deploy in your own environment, with your own keys, your own store, and your own database. Nothing leaves your system.
The principle
The governance guarantee - deterministic decisions, Ed25519 signatures, replay protection, portable verification - does not require a centralized service. It requires correct cryptography and deterministic rule evaluation. Both run entirely in your process.
Parmana provides the protocol. You bring the infrastructure.
What you bring
Signing keys
Parmana never generates or stores your private keys. You provide a Signer implementation.
The simplest option is LocalSigner with an Ed25519 keypair you generate yourself. But the Signer interface is a single method - implement it against any key management system:
interface Signer {
sign(payload: string): string | Promise<string>;
}
| Key management system | How to integrate |
|---|
| Ed25519 local keypair | new LocalSigner(privateKeyPem) - built-in |
| AWS KMS | Implement Signer using KMSClient.SignCommand |
| HashiCorp Vault Transit | Implement Signer using /v1/transit/sign/{key} |
| Azure Key Vault | Implement Signer using CryptographyClient.sign |
| Google Cloud KMS | Implement Signer using KeyManagementServiceClient.asymmetricSign |
| Hardware Security Module | Implement Signer against your HSM’s signing API |
Replay store
Replay protection requires persistent state - a record of which execution fingerprints have been consumed. You choose the backend by implementing ReplayStore:
interface ReplayStore {
reserve(fingerprint: string): Promise<void>; // atomic claim - throw if already exists
confirm(fingerprint: string): Promise<void>; // mark as confirmed
hasExecuted(fingerprint: string): Promise<boolean>;
markExecuted(fingerprint: string): Promise<void>;
}
| Backend | Built-in | Notes |
|---|
| In-process memory | MemoryReplayStore | Dev only - lost on restart |
| Redis | RedisReplayStore | Built-in production option |
| DynamoDB | Implement ReplayStore | Atomic via ConditionExpression |
| PostgreSQL | Implement ReplayStore | Atomic via INSERT ... ON CONFLICT DO NOTHING |
| Custom | Implement ReplayStore | Any store with conditional write semantics |
reserve() must be atomic and reject if the fingerprint already exists. Anything with a conditional write primitive works.
Audit database
Attestations are plain JSON. They are self-verifying - you don’t need Parmana’s database to verify them later. Store them anywhere that fits your compliance requirements:
| Storage | Notes |
|---|
PostgreSQL via @parmanasystems/audit-db | Built-in - structured schema, query support |
| Amazon S3 | Store as JSON objects, query with Athena |
| MongoDB | Store as documents, query by field |
| Your existing audit system | Attestations are plain JSON - import them anywhere |
| Your SIEM platform | Forward attestation events to your security tooling |
Framework
Parmana has no framework dependency. executeFromSignals is a plain async function. Use it in:
- Express
- Fastify
- Next.js API routes
- Hono
- AWS Lambda
- Google Cloud Functions
- Any Node.js runtime
Policy storage
Policies are JSON files. Deploy them however you deploy code:
| Storage | Notes |
|---|
| Git repository | Version-controlled alongside source code |
| Container image | Bundle policies into your Docker image at build time |
| S3 bucket | Load policies from S3 at startup |
| Local filesystem | Simplest option for single-node deployments |
Why this matters
For regulated industries
Financial services, healthcare, and government organizations often cannot send decision data to third-party SaaS platforms. Data sovereignty requirements, security review processes, and compliance frameworks make external dependencies on governance-critical paths unacceptable.
With Parmana:
- Decisions are evaluated in your process, not a remote server
- Keys never leave your HSM or key management system
- Attestations are stored in your database under your retention policies
- The compliance boundary is entirely within your control
For enterprise security teams
Your security team does not need to approve a new SaaS vendor, review a third-party’s SOC 2, or assess a new network dependency. Parmana is a library - it has the same security surface as any npm package, auditable in the same way as any open-source dependency.
For air-gapped deployments
Parmana makes no outbound network calls. It runs in any environment, including air-gapped networks with no internet access. The governance runtime requires only your policy files, your signing key, and a replay store - all of which can be fully on-premises.
For long-term auditability
Attestations signed with your keys remain verifiable as long as you keep the public key - decades later, with no dependency on Parmana Systems as a company, a service, or a product. The verification algorithm is Ed25519 over canonical JSON - a stable, standardized, widely supported specification.
The guarantee
You bring the infrastructure. Parmana brings the cryptographic guarantee.
Regardless of which key management system signs the attestation, which replay store enforces single-use execution, or which database stores the audit trail - the output is always:
- Deterministic - same inputs produce the same decision
- Signed - Ed25519 over a canonical payload
- Portable - verifiable by any party with the public key
- Replay-protected - each fingerprint consumed exactly once
The governance property is in the cryptography and the protocol, not in the infrastructure. Infrastructure is yours to control.
See also
