> ## Documentation Index
> Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt
> Use this file to discover all available pages before exploring further.
# Quickstart
> Perform your first authority verification in 5 minutes
`@parmanasystems/core` bundles CJS dependencies. Do NOT set `"type": "module"` in `package.json`. Wrap all async code in an `async` function - do not use top-level `await`.
## Install
```bash theme={null}
npm install @parmanasystems/core
```
## Create your policy
Create this file at `policies/loan-approval/1.0.0/policy.json`:
```json theme={null}
{
"policyId": "loan-approval",
"policyVersion": "1.0.0",
"schemaVersion": "1.0.0",
"signalsSchema": {
"credit_score": { "type": "integer" },
"loan_amount": { "type": "integer" }
},
"rules": [
{
"id": "reject-low-score",
"condition": { "signal": "credit_score", "less_than": 500 },
"outcome": {
"action": "reject",
"requires_override": false,
"reason": "Credit score below minimum threshold."
}
},
{
"id": "approve-standard",
"condition": { "signal": "credit_score", "greater_than": 700 },
"outcome": {
"action": "approve",
"requires_override": false,
"reason": "Credit score meets standard threshold."
}
},
{
"id": "catch-all",
"condition": { "all": [] },
"outcome": {
"action": "manual_review",
"requires_override": true,
"reason": "Credit score requires manual review."
}
}
]
}
```
## Verify authority before execution
```typescript theme={null}
import crypto from "crypto";
import {
executeFromSignals,
verifyAttestation,
LocalSigner,
LocalVerifier,
MemoryReplayStore,
} from "@parmanasystems/core";
async function main() {
// Generate ephemeral keys - use stored keys in production
const { privateKey, publicKey } = crypto.generateKeyPairSync("ed25519", {
privateKeyEncoding: { type: "pkcs8", format: "pem" },
publicKeyEncoding: { type: "spki", format: "pem" },
});
const signer = new LocalSigner(privateKey);
const verifier = new LocalVerifier(publicKey);
const store = new MemoryReplayStore();
const attestation = await executeFromSignals(
{
policyId: "loan-approval",
policyVersion: "1.0.0",
signals: { credit_score: 720, loan_amount: 15000 },
},
signer,
verifier,
undefined, // use default runtime paths (policies/ at project root, or set PARMANA_REPO_ROOT)
store
);
console.log(attestation.decision);
// { action: "approve", requires_override: false, reason: "Credit score meets standard threshold." }
// Verify the attestation - works with only the public key, no runtime access needed
const result = verifyAttestation(attestation, verifier);
console.log(result.valid); // true
}
main().catch(console.error);
```
## What you get back
The `attestation` object contains everything needed to independently verify the decision:
| Field | Description |
| -------------------------------- | ------------------------------------------------------------------ |
| `decision` | `action`, `reason`, `requires_override` |
| `executionId` | Unique UUID for this execution event |
| `execution_fingerprint` | SHA-256 of the canonical input signals - the replay protection key |
| `signature` | Ed25519 signature over the full canonical payload |
| `policyId` / `policyVersion` | Which policy governed this decision |
| `runtimeVersion` / `runtimeHash` | Which runtime produced the decision |
| `execution_state` | `"completed"` or `"pending_override"` |
## Next steps
Understand the execution model
Compile and sign a policy with the CLI
What to do before going live