[AVAILABLE] as a library. 25 tests,
packages/execution-gateway.What it does
ExecutionGateway implements @parmana/execution-system’s ExecutionSystem interface, so
it plugs into RuntimeFactory.create() exactly like the default execution system — no
change to RuntimeEngine or RuntimePipeline is required to use it. It composes
@parmana/envelope-verifier’s checks and adds exactly one more: recomputing the executable
content hash and comparing it to businessTransactionHash (see
Content Binding & TOCTOU for that mechanism in detail).
Connectors
AConnector is what the Gateway hands verified, frozen content to after every check
passes. One reference implementation ships:
Execution Control (credential isolation) — [PARTIAL]
ExecutionGatewayOptions.executionControl is an alternative to a direct Connector: it
routes a verified release through @parmana/execution-control’s ExecutionControlService,
which authenticates the calling gateway, issues a short-lived session
(InMemoryGatewaySessionStore), and only then invokes the target connector — auditing
session.created / execution.completed / execution.rejected at each step
(ExecutionControlService.ts).
This is real and tested (11 tests), but it’s a single-process, in-memory scaffold — not the
finished “AI systems never possess Parmana’s execution credentials” claim. See
Roadmap for exactly what’s left (KMS-backed, cross-system, real-cloud-provider
credential minting).
Failure reporting
ExecutionGateway.execute() throws on any failed check, naming every failing check and —
on a content mismatch — both hashes:
ExecutionGateway.ts:250-265, describeFailure.)