Skip to main content
TermMeaningSource
AuthorityThe entity empowered to authorize execution within a trust domainpackages/shared/src/domain/authority.ts
AuthorizationA grant, from an Authority, for a specific business purposepackages/shared/src/domain/authorization.ts
IntentThe specific action + target + parameters an Authority intends to executepackages/shared/src/domain/intent.ts
Business TransactionThe immutable input to policy evaluation, combining Authority + Authorization + Intent + a Policy referencepackages/shared/src/domain/business-transaction.ts
DecisionThe immutable result of evaluating an Intent against a Policy — APPROVED or REJECTEDpackages/shared/src/domain/decision.ts
ExecutionWhat actually happened after a Decision — status, mode, evidencepackages/shared/src/domain/execution.ts
Execution Trust RecordThe canonical, append-only, signed aggregate of a Business Transaction’s complete historyTrust Record
Signed Execution AuthorizationThe v1 envelope: a signed, content-bound, single-use, time-bounded proof that Parmana authorized one specific executionSigned Execution Authorization
Execution PermitAn earlier prototype name for the same idea now covered by Signed Execution Authorization. Added in commit 39c89e9, deleted the same day in 17dfe81 in favor of the current architecture. Does not exist in the current codebase — do not treat references to it elsewhere as describing shipped behavior.git history only
businessTransactionHashThe canonical content hash bound into a Signed Execution Authorization’s payload — the mechanism that closes the check-vs-use (TOCTOU) gapContent Binding & TOCTOU
Execution GatewayThe library that recomputes businessTransactionHash and releases verified content to a Connector — real, but not wired into the default serverExecution Gateway
ConnectorAn interface for an enterprise execution system (SAP, a bank’s payment rail, etc.) integrated behind the Gateway. One reference implementation (HttpConnector) exists.packages/execution-gateway/src/Connector.ts
Execution ControlGateway-authenticated, session-scoped credential isolation for connectors — real, tested, in-memory scaffold; not the finished credential-brokering claimRoadmap
NonceA single-use value inside an authorization payload; a receiving system must reject a repeatSigned Execution Authorization
VerificationThe 3-check process (integrity, signature, authorization binding) confirming an Execution Trust Record’s validityVerification
ReplayTwo unconnected things share this name — a signature recheck (POST /replay) and a disconnected determinism engine (packages/replay). Neither does semantic re-evaluation.Replay
ReceiptA signed, independently-verifiable attestation of an Execution Trust Record’s statepackages/shared/src/domain/receipt.ts
TOCTOUTime-Of-Check-To-Time-Of-Use — the gap between what was authorized and what was actually executedContent Binding & TOCTOU
TTLTime-to-live; the bounded window an authorization is valid for, capped to limit exposure from other gaps (e.g. an unshared NonceStore)CLAIMS.md 3.2