Does Parmana prevent an AI from executing an unauthorized action?
Does Parmana prevent an AI from executing an unauthorized action?
Is Parmana's signing key stored securely?
Is Parmana's signing key stored securely?
Today it’s a PEM file on disk, read by
FileKeyProvider — the only implemented key
provider. There’s a live incident on record: an earlier committed key was publicly
exposed and is permanently compromised (rotated 2026-07-05). KMS/HSM custody is
designed but not built — see Cryptography and
Roadmap.Which SDK should I use?
Which SDK should I use?
Python, without much hesitation right now. It’s [AVAILABLE]: real tests, structured
errors that actually raise, generated models with a drift guard. The TypeScript SDK is
[PARTIAL] — real client code, but its test suite is currently empty and its HTTP
transport doesn’t raise on 4xx/5xx. See Python SDK and
TypeScript SDK.
Can I use Go / Java / .NET?
Can I use Go / Java / .NET?
Not via an SDK — none exists. Call the REST API directly;
it’s 13 small, documented routes. See Other Languages.
Does Parmana support post-quantum signatures?
Does Parmana support post-quantum signatures?
Yes — ML-DSA-65 (FIPS 204), selectable via
SIGNATURE_PROVIDER=dilithium3, real and
tested. Requires Node ≥ 24. Its signatures are randomized, not deterministic — don’t
build tooling that assumes otherwise. See Cryptography.What does 'replay' actually do?
What does 'replay' actually do?
Two different things share the name, and neither is what you might assume. See
Replay — this is worth reading in full before relying on either.
Is there an 'Execution Permit'?
Is there an 'Execution Permit'?
Not anymore, under that name. An early prototype used it; it was deleted the same
session it was replaced by the current
SignedExecutionAuthorization + Execution
Gateway architecture, which is what actually ships. See Glossary.Is this API authenticated?
Is this API authenticated?
No. No auth middleware exists on any route today. See Security.