chio_http_core/
evaluation.rs

1//! Shared HTTP substrate response types.
2
3use chio_kernel::SignedExecutionNonce;
4use serde::{Deserialize, Serialize};
5
6use crate::{GuardEvidence, HttpReceipt, Verdict};
7
8/// Response body for sidecar HTTP request evaluation.
9///
10/// On an `Allow` verdict from a kernel configured with
11/// `ExecutionNonceConfig`, the response carries a short-lived signed nonce
12/// that the client MUST re-present before executing the tool call. The
13/// field is `None` on `Deny`/`Cancel`/`Incomplete` and on deployments
14/// without a nonce config, preserving wire-level backward compatibility.
15#[derive(Debug, Clone, Serialize, Deserialize)]
16pub struct EvaluateResponse {
17    pub verdict: Verdict,
18    pub receipt: HttpReceipt,
19    #[serde(default)]
20    pub evidence: Vec<GuardEvidence>,
21    /// Optional signed execution nonce. Present only when the kernel
22    /// issues one (allow verdict + strict/opt-in nonce mode). See
23    /// `docs/protocols/STRUCTURAL-SECURITY-FIXES.md` section 1.
24    #[serde(default, skip_serializing_if = "Option::is_none")]
25    pub execution_nonce: Option<SignedExecutionNonce>,
26}
27
28/// Response body for receipt verification.
29#[derive(Debug, Clone, Serialize, Deserialize)]
30pub struct VerifyReceiptResponse {
31    pub valid: bool,
32}
33
34/// Sidecar health states.
35#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
36#[serde(rename_all = "snake_case")]
37pub enum SidecarStatus {
38    Healthy,
39    Degraded,
40    Unhealthy,
41}
42
43/// Response body for sidecar health checks.
44#[derive(Debug, Clone, Serialize, Deserialize)]
45pub struct HealthResponse {
46    pub status: SidecarStatus,
47    pub version: String,
48}
chio_http_core/evaluation.rs

chio_http_core/
evaluation.rs
