Skip to main content

@parmanasystems/execution-runtime

The Execution Runtime package orchestrates policy loading, deterministic execution, replay protection, signing, runtime provenance, and attestation generation. It is the runtime responsible for producing verifiable authority verification outcomes.

Installation

npm install @parmanasystems/execution-runtime

Responsibilities

The runtime provides:
  • Policy loading
  • Signal validation
  • Deterministic execution orchestration
  • Replay protection enforcement
  • Attestation generation
  • Runtime provenance
  • Execution state management

Why it exists

The execution engine determines the outcome. The runtime manages the environment in which execution occurs. This separation allows:
  • deterministic verification
  • independent validation
  • runtime upgrades
  • portable trust

Runtime flow

Request

Schema Validation

Policy Loading

Deterministic Execution

Replay Reservation

Attestation Signing

Audit Recording

Core capabilities

Policy Loading

The runtime loads the exact policy version referenced by the request. 
policyId
policyVersion
Both are bound into the resulting attestation.

Replay Enforcement

Replay protection occurs before execution completes. Duplicate fingerprints are rejected. 
INV-013
Replay Detected

Attestation Generation

Successful execution produces a signed: 
ExecutionAttestation
containing:
  • execution identifier
  • policy identifier
  • policy version
  • authority verification outcome
  • runtime provenance
  • signature

Runtime Provenance

Each attestation contains a runtime identity. This enables:
  • independent verification
  • runtime integrity validation
  • historical reproducibility
  • trust portability

Relationship to other packages

PackageResponsibility
@parmanasystems/execution-runtimeRuntime orchestration
@parmanasystems/executionDeterministic evaluation
@parmanasystems/signingCryptographic signing
@parmanasystems/verifierVerification
@parmanasystems/audit-dbPersistence

Authority Verification

The runtime does not decide authority. Humans define authority through policy. The runtime enforces the evaluation process and produces evidence showing that authority was verified before execution.

Design principles

Fail Closed

Verification failures block execution.

Deterministic

Execution outcomes are reproducible.

Verifiable

Every attestation can be independently checked.

Portable

Trust does not depend on a specific deployment.

Runtime outputs

The primary output is: 
ExecutionAttestation
which provides:
  • authority verification evidence
  • replay evidence
  • runtime evidence
  • signature evidence

See also

  • /packages/execution
  • /packages/signing
  • /packages/verifier
  • /architecture/runtime-provenance
  • /concepts/execution-authority-verification