Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt

Use this file to discover all available pages before exploring further.

Execution authority is the capability to cause an externally consequential state transition: approve a payment, escalate a patient, deploy software, modify infrastructure, revoke access. The key word is consequential. Most software operations are trivially reversible. Governance exists for the operations that aren’t - the ones that affect real systems, real people, and real outcomes in ways that are difficult or impossible to undo.

Intelligence is not authority

A system may reason without execution authority. A system may recommend without execution authority. Intelligence and authority are separate. An AI agent that plans an infrastructure change has exercised intelligence. The governance runtime that decides whether that change is permitted exercises authority. The agent cannot grant itself authority by virtue of having planned something. When intelligence and authority are conflated, there is no clear boundary between “the AI suggested this” and “the AI is allowed to do this.” This distinction is foundational - and it becomes critical as AI agents gain the ability to execute real-world actions.

Why execution authority requires governance

Execution authority carries operational risk, legal responsibility, and auditability requirements that intelligence systems are not designed to provide:
RequirementWhy
Operational riskA wrong execution can affect real systems irreversibly
Legal responsibilityRegulated industries require documented admissibility decisions
AuditabilityYou must be able to reconstruct why an execution was permitted
Bounded trustExecution authority must be bounded by explicit policy constraints
AI systems may be highly capable and still be inappropriate as the sole authority over consequential execution decisions.

How the runtime manifest binds decisions to code

Every attestation records which runtime version produced it. The runtimeHash field is a SHA-256 digest of the runtime itself - pinning the exact code that made the decision to the signed proof. 
{
  "executionId":    "88a9db95-5f31-4f0d-84de-28a3ec9e3c83",
  "runtimeVersion": "1.0.0",
  "runtimeHash":    "4ece56164e1a8809...",
  "decision": {
    "action":            "approve",
    "requires_override": false,
    "reason":            "Credit score meets standard threshold."
  },
  "signature": "TU6LMv5N..."
}
This means:
  • You can prove which code made a historical decision
  • Runtime updates don’t retroactively change what was decided
  • Auditors can independently confirm the runtime version was known and trusted

Governance before authority

Execution authority only emerges after deterministic governance admissibility is established. The sequence is enforced:
  1. Input signals are validated against the policy schema
  2. Policy rules are evaluated deterministically
  3. The decision is cryptographically signed
  4. Replay protection is atomically enforced
  5. All verification checks pass
Only then does execution proceed. There is no shortcut through this sequence. Each step is enforced by the runtime - not by application code, not by convention.

Autonomous agents and bounded authority

As AI agents gain the ability to execute real-world actions - deploying infrastructure, approving financial transactions, modifying production systems - bounded authority becomes the essential safety guarantee:
  • Explicit admissibility boundaries defined by policy (not by the agent)
  • Cryptographic proof that governance was enforced before execution
  • Replay protection preventing duplicate consequential actions
  • Independent verifiability for audit and compliance after the fact
This is what makes autonomous agents deployable in production environments where consequences matter. The agent doesn’t govern itself - the governance runtime governs the agent.

The strategic principle

Intelligence may generate intention. Governance determines whether execution authority is admissible. Execution authority is not merely the ability to act - it is the governed permission to transform intent into externally consequential execution.

See also