> ## Documentation Index > Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt > Use this file to discover all available pages before exploring further. # Deterministic Decisions > Why the same inputs always produce the same decision, and why this is required for governance ## The requirement An authority verification outcome must be reproducible. If a regulator, auditor, or counterparty presents the same policy, the same signals, and asks "what should the decision have been?" — the answer must be provable, not re-derived probabilistically. This requires that the evaluation engine produce the same output for the same input, every time, on every system that runs it. *** ## How Parmana achieves this **No randomness in the evaluation path.** Policy rules evaluate signals against conditions using only deterministic comparisons: equals, greater\_than, less\_than, greater\_than\_or\_equal, less\_than\_or\_equal, and logical combinations of these. No random sampling, no probabilistic scoring. **No time dependence.** Evaluation does not read the system clock. Conditions cannot depend on "is today before some date." This prevents the same inputs from producing different outputs at different times. **No external calls.** The policy evaluation engine makes no network calls, reads no external state, and does not access databases. The only inputs are the signals you provide and the compiled policy bundle. **Canonical serialization before hashing.** Before computing the `execution_fingerprint`, signals are serialized using a canonical JSON algorithm (`canonicalizeForSigning`) that produces the same byte sequence regardless of key insertion order. `{ "a": 1, "b": 2 }` and `{ "b": 2, "a": 1 }` produce the same fingerprint. *** ## Canonical serialization ```typescript theme={null} import { canonicalize, canonicalizeForSigning, SIGNING_DOMAINS } from "@parmanasystems/core"; const signals = { claimAmount: 1200, customerTier: "gold", priorFraudSignals: false }; // Canonical JSON — deterministic key ordering const canonical = canonicalize(signals); // '{"claimAmount":1200,"customerTier":"gold","priorFraudSignals":false}' // Canonical form for signing — includes domain separator const forSigning = canonicalizeForSigning(signals, SIGNING_DOMAINS.audit); ``` The `SIGNING_DOMAINS` object contains domain separators that prevent cross-context signature confusion: ```typescript theme={null} export const SIGNING_DOMAINS = { token: "PARMANA_TOKEN_V1", audit: "PARMANA_AUDIT_V1", }; ``` *** ## What this means for reproduction Given: * The policy bundle at a specific `policyId` and `policyVersion` * The exact signals (normalized and canonicalized) * A runtime that implements the same evaluation semantics Any party can reproduce the decision. They do not need access to your database, your server, or your history. They evaluate the policy against the signals and get the same result. This is provable because: 1. The `bundleHash` in the attestation identifies the exact policy content 2. The `signalsHash` in the attestation is the SHA-256 of the canonical signals 3. The `evaluatorSemanticHash` identifies the evaluation semantics 4. The decision is part of the signed payload — it cannot have been altered after signing *** ## Policy rule evaluation order Rules are evaluated in the order they appear in `policy.json`. The first rule whose condition matches wins. No further rules are evaluated. ```json theme={null} { "rules": [ { "id": "rule-1", "condition": { "signal": "fraudScore", "greater_than": 0.8 }, "outcome": { ... } }, { "id": "rule-2", "condition": { "signal": "amount", "greater_than": 10000 }, "outcome": { ... } }, { "id": "catch-all", "condition": { "all": [] }, "outcome": { ... } } ] } ``` * If `fraudScore > 0.8`, rule-1 fires. rule-2 and catch-all are never evaluated. * If `fraudScore <= 0.8` and `amount > 10000`, rule-2 fires. * If neither condition matches, catch-all fires. A policy without a catch-all rule will throw `[SYS-006]` if no rule matches. Always include a catch-all. *** ## What this is not * **Not a model.** There is no probability distribution, no embedding, no language model in the evaluation path. * **Not "AI governance."** Parmana governs whether an action executes. It does not govern AI model behavior or output quality. * **Not approximate.** The evaluation is exact. There are no confidence scores. The decision is binary (or from a fixed set of defined outcomes) and fully reproducible.