> ## Documentation Index
> Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt
> Use this file to discover all available pages before exploring further.

# Parmana Systems

> Execution Authorization system infrastructure for AI agents and automated decision systems

AI systems can recommend actions. Parmana evaluates whether those actions are authorized to execute.

Parmana is an Execution Authorization system. It determines whether an automated action is allowed to execute, produces a cryptographic record of every decision, and makes that record independently verifiable by any party — without access to your systems.

***

## What Parmana does

When an AI agent or automated system proposes an action — approving a loan, processing a refund, escalating a patient, modifying infrastructure — Parmana evaluates that proposal against a signed policy, produces an attestation, and either authorizes or blocks execution.

Every decision is:

* **authorized by a signed policy** — policies are compiled, signed, and versioned before deployment. The runtime evaluates only signed bundles.
* **Reproducible from the same inputs** — the same signals and policy version always produce the same decision on any runtime. No variance.
* **Cryptographically attested** — every decision carries an Ed25519 signature over a canonical payload that includes the policy identity, signal hash, runtime identity, and decision outcome.
* **Independently verifiable** — anyone with the public key can verify the attestation without database access, runtime access, or infrastructure access of any kind.
* **Replay-safe** — every execution is keyed to an `executionId`. The same ID cannot execute twice.

Parmana is not a monitoring platform, an observability tool, an LLM framework, or a workflow engine. It controls execution authorization.

***

## Architecture

```mermaid theme={null}
flowchart LR
    A[Signals] --> B[Policy Bundle]
    B --> C[Authorization Decision]
    C --> D[Execution Token]
    D --> E[Ed25519 Attestation]
    E --> F[Audit Record]
    E --> G[Independent Verifier]

    style A fill:#1e1e2e,color:#cdd6f4
    style B fill:#1e1e2e,color:#cdd6f4
    style C fill:#313244,color:#cdd6f4
    style D fill:#313244,color:#cdd6f4
    style E fill:#45475a,color:#cdd6f4
    style F fill:#1e1e2e,color:#cdd6f4
    style G fill:#1e1e2e,color:#cdd6f4
```

***

## Key capabilities

<CardGroup cols={2}>
  <Card title="Same input, same decision" icon="function">
    The same signals and policy version produce the same decision on every runtime, every time. No model variance, no timestamp dependence, no environmental drift.
  </Card>

  <Card title="No AI in the evaluation path" icon="shield-check">
    Decisions are produced by a policy rule engine. AI may generate signals or recommendations, but Parmana's evaluation contains no probabilistic component.
  </Card>

  <Card title="Fail-closed execution" icon="lock">
    If the Authorization system runtime is not configured, if signing fails, or if replay protection is absent, execution is blocked. There is no fallback to unverified execution.
  </Card>

  <Card title="Replay protection" icon="arrows-rotate">
    Every execution is keyed by `executionId`. Attempting to re-execute the same ID is blocked at the replay store. Distributed replay protection requires Redis.
  </Card>

  <Card title="Cryptographic attestation" icon="certificate">
    Every decision produces an Ed25519-signed attestation over the canonical payload. The signature covers policy identity, signal hash, runtime identity, and decision outcome.
  </Card>

  <Card title="Independent verification" icon="globe">
    Verification requires only the attestation and the public key. No database, no runtime, no infrastructure access. Auditors, regulators, and counterparties can verify without involvement from your team.
  </Card>

  <Card title="Immutable policy lineage" icon="timeline">
    Policies are versioned and signed at compile time. Deployed bundles cannot be modified. Every attestation records the exact policy version and bundle hash that produced it.
  </Card>

  <Card title="Override authority" icon="user-check">
    When policy requires human review, execution enters `pending_override` state. A named, credentialed approver can authorize or reject the override. Both outcomes are cryptographically recorded.
  </Card>
</CardGroup>

***

## Quick start

```bash theme={null}
# Run the complete stack in under 5 minutes
cp .env.example .env          # set POSTGRES_PASSWORD and PARMANA_API_KEY
docker compose up -d
curl http://localhost:3000/health
```

<Cards>
  <Card title="Docker quick start" href="/getting-started/quickstart">
    Full stack running in under 5 minutes
  </Card>

  <Card title="First Authority Verification" href="/getting-started/first-authority-verification">
    Request → Decision → Attestation → Verification
  </Card>

  <Card title="SDK quick start" href="/sdk/quickstart">
    `@parmanasystems/sdk-client` in 10 lines
  </Card>

  <Card title="REST API" href="/api/execute">
    POST /execute and all endpoints
  </Card>
</Cards>

***

## Packages

| Package                                                              | Role                                                                                 |
| -------------------------------------------------------------------- | ------------------------------------------------------------------------------------ |
| [`@parmanasystems/core`](/concepts/human-authority)                  | Policy lifecycle, execution engine, verification, replay protection, canonical types |
| [`@parmanasystems/sdk-client`](/sdk/installation)                    | Type-safe HTTP client for the Authorization system server                            |
| [`@parmanasystems/server`](/docker/architecture)                     | Fastify Authorization system server — the deployable runtime                         |
| [`@parmanasystems/policy-engine`](/concepts/deterministic-decisions) | Policy creation, compilation, bundle signing                                         |
| [`@parmanasystems/verifier`](/verification/independent)              | Standalone attestation and bundle verification                                       |
| [`@parmanasystems/execution-runtime`](/concepts/replay-protection)   | `executeFromSignals`, `MemoryReplayStore`, `RedisReplayStore`, override resolution   |
| [`@parmanasystems/audit-db`](/audit/decisions)                       | PostgreSQL-backed audit storage                                                      |
| [`@parmanasystems/provenance`](/concepts/auditability)               | Signal provenance types, evidence hashing, source adapters                           |
| [`@parmanasystems/crypto`](/verification/attestations)               | Ed25519 primitives — sign, verify, key management                                    |
| [`@parmanasystems/canonical`](/concepts/deterministic-decisions)     | Canonical JSON serialization for signing                                             |
| [`@parmanasystems/bundle`](/verification/bundle)                     | Bundle manifest, content-addressing, read/write                                      |

***

## What Parmana is not

Parmana is not a replacement for your application logic, your AI model, or your workflow engine. It governs a specific question: **is this action authorized to execute, and can that answer be proven?**

* It does not generate signals. Your system collects signals and passes them in.
* It does not orchestrate workflows. It evaluates one decision at a time.
* It does not store your business data. It stores decision records and audit evidence.
* It does not require a SaaS connection. You deploy it in your own infrastructure.