Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt

Use this file to discover all available pages before exploring further.

Governed signals are explicitly typed, schema-declared inputs that policy rules evaluate against. They are the boundary layer between probabilistic AI inference and deterministic governance evaluation.

The problem with raw AI output

AI systems produce probabilistic interpretations. Those interpretations vary across model versions, prompt chains, hardware, and time. Using raw AI output directly in governance evaluation means:
  • Non-deterministic decisions - the same input produces different governance outcomes at different times
  • Unverifiable lineage - the reasoning behind a decision cannot be independently reconstructed
  • Replay ambiguity - the execution_fingerprint depends on canonical signals; unstable inputs produce unstable IDs
  • Hidden reasoning state - the model’s internal state is not auditable
Governed signals solve this by converting probabilistic interpretation into stable, typed, schema-declared values.

Examples

SignalTypeSource
risk_scoreintegerRisk model output
fraud_probability_classenumFraud classifier ("low", "medium", "high")
insurance_activebooleanInsurance system API
pii_detectedbooleanPII detection model
escalation_levelenumTriage model output
compliance_statusbooleanCompliance system API
The AI may reason in complex ways. The governance system consumes the stable, typed result.

Schema enforcement

Every policy declares its signalsSchema. The runtime enforces it strictly: 
{
  "signalsSchema": {
    "risk_score":       { "type": "integer" },
    "insurance_active": { "type": "boolean" },
    "claim_amount":     { "type": "integer" }
  }
}
ErrorCause
VAL-003Signal not declared in signalsSchema
VAL-004Required signal missing from input
VAL-006 - VAL-012Signal has wrong type
Signals not declared in the schema are rejected entirely - they cannot pass through to policy evaluation. This makes the schema the explicit, auditable admissibility boundary for governance inputs.

Signals vs metadata

SignalsMetadata
Declared in signalsSchemaNot in signalsSchema
Evaluated by policy rulesExcluded from rule evaluation
Part of fingerprint derivationNot part of fingerprint
In signing scopeNot in signing scope
Metadata (timestamps, trace IDs, IP addresses, request headers) is excluded from governance evaluation entirely. Including it would break determinism - the same business input would produce different decisions at different times.

Canonical signal hashing

Before evaluation, signals are canonicalized to produce the execution_fingerprint: 
const execution_fingerprint = sha256(canonicalize(signals));
// stable regardless of key insertion order, whitespace, or platform
Two requests with the same signals always produce the same fingerprint - and the second is rejected by replay protection. The fingerprint is the atomic identity of the execution.

NFC and CRLF normalization

String signals are normalized before hashing:
  • Unicode NFC normalization - é as one code point vs e + combining accent produce the same hash
  • CRLF normalization - Windows \r\n line endings are converted to \n
This ensures identical content produces identical fingerprints across platforms and locales.

Human-generated signals

Not all signals come from AI. A compliance officer entering a review decision, an upstream API returning a risk classification, a rule-based system flagging a transaction - all can produce governed signals. The governance runtime does not care where signals originate. It cares only that they are typed, schema-declared, and deterministically reproducible.

The strategic principle

Governed signals isolate deterministic execution authority from probabilistic interpretation systems. They transform probabilistic system output into reproducible, auditable governance admissibility.

See also