Skip to main content

Auditability

Auditability ensures that every action in Parmana can be independently verified without relying on internal system access. It is a core property of deterministic governance.

System role

Auditability ensures that external parties can verify:
  • Authorization Decisions
  • execution outcomes
  • policy versions
  • signal integrity
without requiring system-level access.

System model

Signals → Governance → Authorization Decision → Execution Runtime → Attestation → Audit Layer
What is auditable

The following are fully auditable:

verified signals
policy versions
Authorization Decisions
execution results
runtime metadata
cryptographic attestations
How auditability works

Auditability is enabled through:

1. Deterministic evaluation

Same inputs always produce the same outputs.

2. Cryptographic attestation

Every decision is signed using Ed25519.

3. Immutable lineage

Historical records cannot be modified.

4. Independent verification

Any external party can verify results using public keys.

Audit process

An external auditor can:

Obtain attestation
Extract policy version
Reconstruct decision inputs
Verify signature
Confirm execution integrity

No internal system access is required.

What auditability is NOT

Auditability is NOT:

internal logging only
observability dashboards
probabilistic tracing
unverifiable logs

It is cryptographic verifiability.

Relationship to system components

Auditability spans the entire system:

Governance → Decision → Execution Runtime → Attestation → Verification
Key invariant

If it is not verifiable, it is not part of Parmana’s trust system.

Summary

Auditability ensures that:

all decisions can be independently verified
execution history is reconstructable
trust does not depend on internal systems
governance is externally accountable