Skip to main content
[PARTIAL], and more precisely split than the name suggests. There are two unconnected things called “replay” in the current codebase. Conflating them would overclaim what either one does.

1. POST /replay (what the SDKs and HTTP API expose)

This is what client.replay.replay(transaction_id) actually calls. Its real implementation, ExecutionTrustApplication.replay() (packages/runtime/src/ExecutionTrustApplication.ts:142-171):
async replay(businessTransactionId: string): Promise<{
  businessTransactionId: string;
  trustRecordHash: string;
  verified: boolean;
}> {
  const trustRecord = await this.trustRecords.findByTransactionId(businessTransactionId);
  if (!trustRecord) throw new Error("Execution Trust Record not found.");
  const verified = await this.crypto.verify(trustRecord);
  return { businessTransactionId, trustRecordHash: trustRecord.trustRecordHash, verified };
}
This re-verifies the Trust Record’s cryptographic signature — it does not reconstruct or re-execute anything. [AVAILABLE], but narrower than “replay” implies: it’s a signature recheck with a replay-shaped response, not deterministic execution reconstruction.

2. packages/replay (the deterministic reconstruction engine)

A separate, real package: ReplayEngine, ReplayPipeline, ReplayExecutor, ReplayBuilder — builds an execution plan from recorded execution IDs and replays it, proven deterministic regardless of input order (ReplayDeterminism.test.ts — “should produce identical output regardless of input order”; ReplayEngine.test.ts; 9 tests total).
Confirmed disconnected: nothing in packages/api or packages/runtime imports @parmana/replay. This engine is not reachable through POST /replay or any other route today. It’s real, tested, standalone library code — not yet wired into the runtime or the HTTP surface.

What “semantic verification” would add — not built yet

CLAIMS.md explicitly withholds this claim: “Replay semantically verifies every trust artifact” is listed under Future Claims, not Supported Claims. Neither of the two mechanisms above re-evaluates the original policy against the recorded signals and confirms the same Decision would result — that’s what “semantic” replay verification would mean, and it doesn’t exist yet. See Roadmap.