Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt

Use this file to discover all available pages before exploring further.

@parmanasystems/core bundles CJS dependencies. Do NOT set "type": "module" in package.json. Wrap all async code in an async function - do not use top-level await.

Install

npm install @parmanasystems/core

Create your policy

Create this file at policies/loan-approval/1.0.0/policy.json: 
{
  "policyId": "loan-approval",
  "policyVersion": "1.0.0",
  "schemaVersion": "1.0.0",
  "signalsSchema": {
    "credit_score": { "type": "integer" },
    "loan_amount":  { "type": "integer" }
  },
  "rules": [
    {
      "id": "reject-low-score",
      "condition": { "signal": "credit_score", "less_than": 500 },
      "outcome": {
        "action": "reject",
        "requires_override": false,
        "reason": "Credit score below minimum threshold."
      }
    },
    {
      "id": "approve-standard",
      "condition": { "signal": "credit_score", "greater_than": 700 },
      "outcome": {
        "action": "approve",
        "requires_override": false,
        "reason": "Credit score meets standard threshold."
      }
    },
    {
      "id": "catch-all",
      "condition": { "all": [] },
      "outcome": {
        "action": "manual_review",
        "requires_override": true,
        "reason": "Credit score requires manual review."
      }
    }
  ]
}

Execute a governed decision

import crypto from "crypto";
import {
  executeFromSignals,
  verifyAttestation,
  LocalSigner,
  LocalVerifier,
  MemoryReplayStore,
} from "@parmanasystems/core";

async function main() {
  // Generate ephemeral keys - use stored keys in production
  const { privateKey, publicKey } = crypto.generateKeyPairSync("ed25519", {
    privateKeyEncoding: { type: "pkcs8", format: "pem" },
    publicKeyEncoding:  { type: "spki",  format: "pem" },
  });

  const signer   = new LocalSigner(privateKey);
  const verifier = new LocalVerifier(publicKey);
  const store    = new MemoryReplayStore();

  const attestation = await executeFromSignals(
    {
      policyId:      "loan-approval",
      policyVersion: "1.0.0",
      signals:       { credit_score: 720, loan_amount: 15000 },
    },
    signer,
    verifier,
    store
  );

  console.log(attestation.decision);
  // { action: "approve", requires_override: false, reason: "Credit score meets standard threshold." }

  // Verify the attestation - works with only the public key, no runtime access needed
  const result = verifyAttestation(attestation, verifier);
  console.log(result.valid); // true
}

main().catch(console.error);

What you get back

The attestation object contains everything needed to independently verify the decision:
FieldDescription
decisionaction, reason, requires_override
executionIdUnique UUID for this execution event
execution_fingerprintSHA-256 of the canonical input signals - the replay protection key
signatureEd25519 signature over the full canonical payload
policyId / policyVersionWhich policy governed this decision
runtimeVersion / runtimeHashWhich runtime produced the decision
execution_state"completed" or "pending_override"

Next steps