chio_kernel/
lib.rs

1//! Chio Runtime Kernel.
2//!
3//! The kernel is the trusted computing base (TCB) of the Chio protocol.
4//! It sits between the untrusted agent and the sandboxed tool servers,
5//! mediating every tool invocation.
6//!
7//! The kernel's responsibilities:
8//!
9//! 1. **Capability validation** -- verify signatures, time bounds, revocation
10//!    status, scope matching, and invocation budgets.
11//! 2. **Guard evaluation** -- run policy guards against the tool call before
12//!    forwarding it.
13//! 3. **Receipt signing** -- produce a signed receipt for every decision
14//!    (allow or deny) and append it to the receipt log.
15//! 4. **Tool dispatch** -- forward validated requests to the appropriate tool
16//!    server over an authenticated channel.
17//!
18//! The kernel is architecturally invisible to the agent. The agent communicates
19//! through an anonymous pipe or Unix domain socket and never learns the kernel's
20//! PID, address, or signing key.
21
22#![cfg_attr(test, allow(clippy::expect_used, clippy::unwrap_used))]
23
24pub mod approval;
25pub mod approval_channels;
26pub mod authority;
27pub mod budget_store;
28pub mod capability_lineage;
29pub mod checkpoint;
30pub mod compliance_score;
31pub mod cost_attribution;
32pub mod dpop;
33pub mod evidence_export;
34pub mod execution_nonce;
35pub mod memory_provenance;
36pub mod operator_report;
37pub mod payment;
38pub mod post_invocation;
39pub mod receipt_analytics;
40pub mod receipt_query;
41pub mod receipt_store;
42mod receipt_support;
43mod request_matching;
44pub mod revocation_runtime;
45pub mod revocation_store;
46pub mod runtime;
47pub mod session;
48pub mod transport;
49
50pub(crate) use std::collections::HashMap;
51pub(crate) use std::future::Future;
52pub(crate) use std::time::{Duration, Instant, SystemTime, UNIX_EPOCH};
53
54pub(crate) use chio_core::canonical::canonical_json_bytes;
55pub(crate) use chio_core::capability::{
56    AttestationTrustPolicy, CapabilityToken, ChioScope, Constraint, GovernedApprovalDecision,
57    GovernedApprovalToken, GovernedAutonomyTier, Operation, PromptGrant, ResourceGrant,
58    RuntimeAssuranceTier, ToolGrant,
59};
60pub(crate) use chio_core::crypto::{sha256_hex, Keypair};
61pub(crate) use chio_core::receipt::{
62    ChildRequestReceipt, ChildRequestReceiptBody, ChioReceipt, ChioReceiptBody, Decision,
63    FinancialReceiptMetadata, GovernedApprovalReceiptMetadata, GovernedAutonomyReceiptMetadata,
64    GovernedCommerceReceiptMetadata, GovernedTransactionReceiptMetadata,
65    MeteredBillingReceiptMetadata, ReceiptAttributionMetadata, RuntimeAssuranceReceiptMetadata,
66    SettlementStatus, ToolCallAction,
67};
68pub(crate) use chio_core::session::{
69    CompleteOperation, CompletionReference, CompletionResult, CreateElicitationOperation,
70    CreateElicitationResult, CreateMessageOperation, CreateMessageResult, GetPromptOperation,
71    NormalizedRoot, OperationContext, OperationKind, OperationTerminalState, ProgressToken,
72    PromptDefinition, PromptResult, ReadResourceOperation, RequestId, ResourceContent,
73    ResourceDefinition, ResourceTemplateDefinition, ResourceUriClassification, RootDefinition,
74    SessionAuthContext, SessionId, SessionOperation, ToolCallOperation,
75};
76pub(crate) use chio_link::convert::convert_supported_units;
77pub(crate) use chio_link::{PriceOracle, PriceOracleError};
78pub(crate) use tracing::{debug, info, warn};
79
80pub(crate) use receipt_support::*;
81pub(crate) use request_matching::{
82    begin_child_request_in_sessions, begin_session_request_in_sessions, check_subject_binding,
83    check_time_bounds, complete_session_request_with_terminal_state_in_sessions,
84    nested_child_request_id, resolve_matching_grants, session_from_map, session_mut_from_map,
85    validate_elicitation_request_in_sessions, validate_sampling_request_in_sessions,
86};
87pub use request_matching::{
88    capability_matches_prompt_request, capability_matches_request,
89    capability_matches_request_with_model_metadata, capability_matches_resource_pattern,
90    capability_matches_resource_request, capability_matches_resource_subscription,
91};
92
93pub use approval::{
94    compute_parameter_hash, resume_with_decision, ApprovalChannel, ApprovalContext,
95    ApprovalDecision, ApprovalFilter, ApprovalGuard, ApprovalOutcome, ApprovalRequest,
96    ApprovalStore, ApprovalStoreError, ApprovalToken, BatchApproval, BatchApprovalStore,
97    ChannelError, ChannelHandle, HitlVerdict, InMemoryApprovalStore, InMemoryBatchApprovalStore,
98    ResolvedApproval, MAX_APPROVAL_TTL_SECS,
99};
100pub use approval_channels::{RecordingChannel, WebhookChannel, WebhookPayload};
101pub use authority::{
102    AuthoritySnapshot, AuthorityStatus, AuthorityStoreError, AuthorityTrustedKeySnapshot,
103    CapabilityAuthority, LocalCapabilityAuthority,
104};
105pub use budget_store::{BudgetStore, BudgetStoreError, BudgetUsageRecord, InMemoryBudgetStore};
106pub use capability_lineage::{
107    CapabilityLineageError, CapabilitySnapshot, StoredCapabilitySnapshot,
108};
109pub use checkpoint::{
110    build_checkpoint, build_checkpoint_with_previous, build_inclusion_proof,
111    checkpoint_body_sha256, is_supported_checkpoint_schema, verify_checkpoint_continuity,
112    verify_checkpoint_signature, CheckpointError, KernelCheckpoint, KernelCheckpointBody,
113    ReceiptInclusionProof, CHECKPOINT_SCHEMA,
114};
115pub use chio_core::credit::{
116    CapitalAllocationDecisionArtifact, CapitalAllocationDecisionFinding,
117    CapitalAllocationDecisionOutcome, CapitalAllocationDecisionReasonCode,
118    CapitalAllocationDecisionSupportBoundary, CapitalAllocationInstructionDraft, CapitalBookEvent,
119    CapitalBookEventKind, CapitalBookEvidenceKind, CapitalBookEvidenceReference, CapitalBookQuery,
120    CapitalBookReport, CapitalBookRole, CapitalBookSource, CapitalBookSourceKind,
121    CapitalBookSummary, CapitalBookSupportBoundary, CapitalExecutionAuthorityStep,
122    CapitalExecutionInstructionAction, CapitalExecutionInstructionArtifact,
123    CapitalExecutionInstructionSupportBoundary, CapitalExecutionIntendedState,
124    CapitalExecutionObservation, CapitalExecutionRail, CapitalExecutionRailKind,
125    CapitalExecutionReconciledState, CapitalExecutionRole, CapitalExecutionWindow,
126    CreditBacktestQuery, CreditBacktestReasonCode, CreditBacktestReport, CreditBacktestSummary,
127    CreditBacktestWindow, CreditBondArtifact, CreditBondDisposition, CreditBondFinding,
128    CreditBondLifecycleState, CreditBondListQuery, CreditBondListReport, CreditBondListSummary,
129    CreditBondPrerequisites, CreditBondReasonCode, CreditBondReport, CreditBondRow,
130    CreditBondSupportBoundary, CreditBondTerms, CreditBondedExecutionControlPolicy,
131    CreditBondedExecutionDecision, CreditBondedExecutionEvaluation, CreditBondedExecutionFinding,
132    CreditBondedExecutionFindingCode, CreditBondedExecutionSimulationDelta,
133    CreditBondedExecutionSimulationQuery, CreditBondedExecutionSimulationReport,
134    CreditBondedExecutionSimulationRequest, CreditBondedExecutionSupportBoundary,
135    CreditCertificationState, CreditFacilityArtifact, CreditFacilityCapitalSource,
136    CreditFacilityDisposition, CreditFacilityFinding, CreditFacilityLifecycleState,
137    CreditFacilityListQuery, CreditFacilityListReport, CreditFacilityListSummary,
138    CreditFacilityPrerequisites, CreditFacilityReasonCode, CreditFacilityReport, CreditFacilityRow,
139    CreditFacilitySupportBoundary, CreditFacilityTerms, CreditLossLifecycleArtifact,
140    CreditLossLifecycleEventKind, CreditLossLifecycleFinding, CreditLossLifecycleListQuery,
141    CreditLossLifecycleListReport, CreditLossLifecycleListSummary, CreditLossLifecycleQuery,
142    CreditLossLifecycleReasonCode, CreditLossLifecycleReport, CreditLossLifecycleRow,
143    CreditLossLifecycleSummary, CreditLossLifecycleSupportBoundary, CreditProviderFacilitySnapshot,
144    CreditProviderRiskPackage, CreditProviderRiskPackageQuery,
145    CreditProviderRiskPackageSupportBoundary, CreditRecentLossEntry, CreditRecentLossHistory,
146    CreditRecentLossSummary, CreditReserveControlAppealState, CreditReserveControlExecutionState,
147    CreditRuntimeAssuranceState, CreditScorecardAnomaly, CreditScorecardAnomalySeverity,
148    CreditScorecardBand, CreditScorecardConfidence, CreditScorecardDimension,
149    CreditScorecardDimensionKind, CreditScorecardEvidenceKind, CreditScorecardEvidenceReference,
150    CreditScorecardProbationStatus, CreditScorecardReasonCode, CreditScorecardReport,
151    CreditScorecardReputationContext, CreditScorecardSummary, CreditScorecardSupportBoundary,
152    ExposureLedgerCurrencyPosition, ExposureLedgerDecisionEntry, ExposureLedgerEvidenceKind,
153    ExposureLedgerEvidenceReference, ExposureLedgerQuery, ExposureLedgerReceiptEntry,
154    ExposureLedgerReport, ExposureLedgerSummary, ExposureLedgerSupportBoundary,
155    SignedCapitalAllocationDecision, SignedCapitalBookReport, SignedCapitalExecutionInstruction,
156    SignedCreditBond, SignedCreditFacility, SignedCreditLossLifecycle,
157    SignedCreditProviderRiskPackage, SignedCreditScorecardReport, SignedExposureLedgerReport,
158    CAPITAL_ALLOCATION_DECISION_ARTIFACT_SCHEMA, CAPITAL_BOOK_REPORT_SCHEMA,
159    CAPITAL_EXECUTION_INSTRUCTION_ARTIFACT_SCHEMA, CREDIT_BACKTEST_REPORT_SCHEMA,
160    CREDIT_BONDED_EXECUTION_SIMULATION_REPORT_SCHEMA, CREDIT_BOND_ARTIFACT_SCHEMA,
161    CREDIT_BOND_LIST_REPORT_SCHEMA, CREDIT_BOND_REPORT_SCHEMA, CREDIT_FACILITY_ARTIFACT_SCHEMA,
162    CREDIT_FACILITY_LIST_REPORT_SCHEMA, CREDIT_FACILITY_REPORT_SCHEMA,
163    CREDIT_LOSS_LIFECYCLE_ARTIFACT_SCHEMA, CREDIT_LOSS_LIFECYCLE_LIST_REPORT_SCHEMA,
164    CREDIT_LOSS_LIFECYCLE_REPORT_SCHEMA, CREDIT_PROVIDER_RISK_PACKAGE_SCHEMA,
165    CREDIT_SCORECARD_SCHEMA, EXPOSURE_LEDGER_SCHEMA, MAX_CREDIT_BACKTEST_WINDOW_LIMIT,
166    MAX_CREDIT_BOND_LIST_LIMIT, MAX_CREDIT_FACILITY_LIST_LIMIT,
167    MAX_CREDIT_LOSS_LIFECYCLE_LIST_LIMIT, MAX_CREDIT_PROVIDER_LOSS_LIMIT,
168    MAX_EXPOSURE_LEDGER_DECISION_LIMIT, MAX_EXPOSURE_LEDGER_RECEIPT_LIMIT,
169};
170pub use chio_core::governance::{
171    build_generic_governance_case_artifact, build_generic_governance_charter_artifact,
172    evaluate_generic_governance_case, GenericGovernanceAuthorityScope,
173    GenericGovernanceCaseArtifact, GenericGovernanceCaseEvaluation,
174    GenericGovernanceCaseEvaluationRequest, GenericGovernanceCaseIssueRequest,
175    GenericGovernanceCaseKind, GenericGovernanceCaseState, GenericGovernanceCharterArtifact,
176    GenericGovernanceCharterIssueRequest, GenericGovernanceEffectiveState,
177    GenericGovernanceEvidenceKind, GenericGovernanceEvidenceReference, GenericGovernanceFinding,
178    GenericGovernanceFindingCode, SignedGenericGovernanceCase, SignedGenericGovernanceCharter,
179    GENERIC_GOVERNANCE_CASE_ARTIFACT_SCHEMA, GENERIC_GOVERNANCE_CHARTER_ARTIFACT_SCHEMA,
180};
181pub use chio_core::listing::{
182    aggregate_generic_listing_reports, build_generic_trust_activation_artifact,
183    ensure_generic_listing_namespace_consistency, evaluate_generic_trust_activation,
184    normalize_namespace, GenericListingActorKind, GenericListingArtifact, GenericListingBoundary,
185    GenericListingCompatibilityReference, GenericListingDivergence, GenericListingFreshnessState,
186    GenericListingFreshnessWindow, GenericListingQuery, GenericListingReplicaFreshness,
187    GenericListingReport, GenericListingSearchError, GenericListingSearchPolicy,
188    GenericListingSearchResponse, GenericListingSearchResult, GenericListingStatus,
189    GenericListingSubject, GenericListingSummary, GenericNamespaceArtifact,
190    GenericNamespaceLifecycleState, GenericNamespaceOwnership, GenericRegistryPublisher,
191    GenericRegistryPublisherRole, GenericTrustActivationArtifact,
192    GenericTrustActivationDisposition, GenericTrustActivationEligibility,
193    GenericTrustActivationEvaluation, GenericTrustActivationEvaluationRequest,
194    GenericTrustActivationFinding, GenericTrustActivationFindingCode,
195    GenericTrustActivationIssueRequest, GenericTrustActivationReviewContext,
196    GenericTrustAdmissionClass, SignedGenericListing, SignedGenericNamespace,
197    SignedGenericTrustActivation, DEFAULT_GENERIC_LISTING_REPORT_MAX_AGE_SECS,
198    GENERIC_LISTING_ARTIFACT_SCHEMA, GENERIC_LISTING_NETWORK_SEARCH_SCHEMA,
199    GENERIC_LISTING_REPORT_SCHEMA, GENERIC_LISTING_SEARCH_ALGORITHM_V1,
200    GENERIC_NAMESPACE_ARTIFACT_SCHEMA, GENERIC_TRUST_ACTIVATION_ARTIFACT_SCHEMA,
201    MAX_GENERIC_LISTING_LIMIT,
202};
203pub use chio_core::market::{
204    LiabilityAutoBindDecisionArtifact, LiabilityAutoBindDisposition, LiabilityAutoBindFinding,
205    LiabilityAutoBindReasonCode, LiabilityBoundCoverageArtifact,
206    LiabilityClaimAdjudicationArtifact, LiabilityClaimAdjudicationOutcome,
207    LiabilityClaimDisputeArtifact, LiabilityClaimEvidenceKind, LiabilityClaimEvidenceReference,
208    LiabilityClaimPackageArtifact, LiabilityClaimPayoutInstructionArtifact,
209    LiabilityClaimPayoutReceiptArtifact, LiabilityClaimPayoutReconciliationState,
210    LiabilityClaimResponseArtifact, LiabilityClaimResponseDisposition,
211    LiabilityClaimSettlementInstructionArtifact, LiabilityClaimSettlementKind,
212    LiabilityClaimSettlementReceiptArtifact, LiabilityClaimSettlementReconciliationState,
213    LiabilityClaimSettlementRoleBinding, LiabilityClaimSettlementRoleTopology,
214    LiabilityClaimWorkflowQuery, LiabilityClaimWorkflowReport, LiabilityClaimWorkflowRow,
215    LiabilityClaimWorkflowSummary, LiabilityCoverageClass, LiabilityEvidenceRequirement,
216    LiabilityJurisdictionPolicy, LiabilityMarketWorkflowQuery, LiabilityMarketWorkflowReport,
217    LiabilityMarketWorkflowRow, LiabilityMarketWorkflowSummary, LiabilityPlacementArtifact,
218    LiabilityPricingAuthorityArtifact, LiabilityPricingAuthorityEnvelope,
219    LiabilityPricingAuthorityEnvelopeKind, LiabilityProviderArtifact,
220    LiabilityProviderLifecycleState, LiabilityProviderListQuery, LiabilityProviderListReport,
221    LiabilityProviderListSummary, LiabilityProviderPolicyReference, LiabilityProviderProvenance,
222    LiabilityProviderReport, LiabilityProviderResolutionQuery, LiabilityProviderResolutionReport,
223    LiabilityProviderRow, LiabilityProviderSupportBoundary, LiabilityProviderType,
224    LiabilityQuoteDisposition, LiabilityQuoteRequestArtifact, LiabilityQuoteResponseArtifact,
225    LiabilityQuoteTerms, SignedLiabilityAutoBindDecision, SignedLiabilityBoundCoverage,
226    SignedLiabilityClaimAdjudication, SignedLiabilityClaimDispute, SignedLiabilityClaimPackage,
227    SignedLiabilityClaimPayoutInstruction, SignedLiabilityClaimPayoutReceipt,
228    SignedLiabilityClaimResponse, SignedLiabilityClaimSettlementInstruction,
229    SignedLiabilityClaimSettlementReceipt, SignedLiabilityPlacement,
230    SignedLiabilityPricingAuthority, SignedLiabilityProvider, SignedLiabilityQuoteRequest,
231    SignedLiabilityQuoteResponse, LIABILITY_AUTO_BIND_DECISION_ARTIFACT_SCHEMA,
232    LIABILITY_BOUND_COVERAGE_ARTIFACT_SCHEMA, LIABILITY_CLAIM_ADJUDICATION_ARTIFACT_SCHEMA,
233    LIABILITY_CLAIM_DISPUTE_ARTIFACT_SCHEMA, LIABILITY_CLAIM_PACKAGE_ARTIFACT_SCHEMA,
234    LIABILITY_CLAIM_PAYOUT_INSTRUCTION_ARTIFACT_SCHEMA,
235    LIABILITY_CLAIM_PAYOUT_RECEIPT_ARTIFACT_SCHEMA, LIABILITY_CLAIM_RESPONSE_ARTIFACT_SCHEMA,
236    LIABILITY_CLAIM_SETTLEMENT_INSTRUCTION_ARTIFACT_SCHEMA,
237    LIABILITY_CLAIM_SETTLEMENT_RECEIPT_ARTIFACT_SCHEMA, LIABILITY_CLAIM_WORKFLOW_REPORT_SCHEMA,
238    LIABILITY_MARKET_WORKFLOW_REPORT_SCHEMA, LIABILITY_PLACEMENT_ARTIFACT_SCHEMA,
239    LIABILITY_PRICING_AUTHORITY_ARTIFACT_SCHEMA, LIABILITY_PROVIDER_ARTIFACT_SCHEMA,
240    LIABILITY_PROVIDER_LIST_REPORT_SCHEMA, LIABILITY_PROVIDER_RESOLUTION_REPORT_SCHEMA,
241    LIABILITY_QUOTE_REQUEST_ARTIFACT_SCHEMA, LIABILITY_QUOTE_RESPONSE_ARTIFACT_SCHEMA,
242    MAX_LIABILITY_CLAIM_WORKFLOW_LIMIT, MAX_LIABILITY_MARKET_WORKFLOW_LIMIT,
243    MAX_LIABILITY_PROVIDER_LIST_LIMIT,
244};
245pub use chio_core::open_market::{
246    build_open_market_fee_schedule_artifact, build_open_market_penalty_artifact,
247    evaluate_open_market_penalty, OpenMarketAbuseClass, OpenMarketBondClass,
248    OpenMarketBondRequirement, OpenMarketCollateralReferenceKind, OpenMarketEconomicsScope,
249    OpenMarketEvidenceKind, OpenMarketEvidenceReference, OpenMarketFeeScheduleArtifact,
250    OpenMarketFeeScheduleIssueRequest, OpenMarketFinding, OpenMarketFindingCode,
251    OpenMarketPenaltyAction, OpenMarketPenaltyArtifact, OpenMarketPenaltyEffectiveState,
252    OpenMarketPenaltyEvaluation, OpenMarketPenaltyEvaluationRequest, OpenMarketPenaltyIssueRequest,
253    OpenMarketPenaltyState, SignedOpenMarketFeeSchedule, SignedOpenMarketPenalty,
254    OPEN_MARKET_FEE_SCHEDULE_ARTIFACT_SCHEMA, OPEN_MARKET_PENALTY_ARTIFACT_SCHEMA,
255};
256pub use chio_core::underwriting::{
257    build_underwriting_decision_artifact, evaluate_underwriting_policy_input,
258    SignedUnderwritingDecision, SignedUnderwritingPolicyInput, UnderwritingAppealCreateRequest,
259    UnderwritingAppealRecord, UnderwritingAppealResolution, UnderwritingAppealResolveRequest,
260    UnderwritingAppealStatus, UnderwritingBudgetAction, UnderwritingBudgetRecommendation,
261    UnderwritingCertificationEvidence, UnderwritingCertificationState,
262    UnderwritingComplianceEvidence, UnderwritingDecisionArtifact, UnderwritingDecisionFinding,
263    UnderwritingDecisionLifecycleState, UnderwritingDecisionListReport,
264    UnderwritingDecisionOutcome, UnderwritingDecisionPolicy, UnderwritingDecisionQuery,
265    UnderwritingDecisionReasonCode, UnderwritingDecisionReport, UnderwritingDecisionRow,
266    UnderwritingDecisionSummary, UnderwritingEvidenceKind, UnderwritingEvidenceReference,
267    UnderwritingPolicyInput, UnderwritingPolicyInputQuery, UnderwritingPremiumQuote,
268    UnderwritingPremiumState, UnderwritingReasonCode, UnderwritingReceiptEvidence,
269    UnderwritingRemediation, UnderwritingReputationEvidence, UnderwritingReviewState,
270    UnderwritingRiskClass, UnderwritingRiskTaxonomy, UnderwritingRuntimeAssuranceEvidence,
271    UnderwritingSignal, UnderwritingSimulationDelta, UnderwritingSimulationReport,
272    UnderwritingSimulationRequest, MAX_UNDERWRITING_DECISION_LIMIT, MAX_UNDERWRITING_RECEIPT_LIMIT,
273    UNDERWRITING_APPEAL_SCHEMA, UNDERWRITING_COMPLIANCE_EVIDENCE_SCHEMA,
274    UNDERWRITING_DECISION_ARTIFACT_SCHEMA, UNDERWRITING_DECISION_POLICY_SCHEMA,
275    UNDERWRITING_DECISION_POLICY_VERSION, UNDERWRITING_DECISION_REPORT_SCHEMA,
276    UNDERWRITING_POLICY_INPUT_SCHEMA, UNDERWRITING_RISK_TAXONOMY_VERSION,
277    UNDERWRITING_SIMULATION_REPORT_SCHEMA,
278};
279pub use compliance_score::{
280    compliance_factor_breakdown, compliance_score, ComplianceFactor, ComplianceFactorBreakdown,
281    ComplianceScore, ComplianceScoreConfig, ComplianceScoreInputs, COMPLIANCE_SCORE_MAX,
282    DEFAULT_ATTESTATION_STALENESS_SECS, WEIGHT_ATTESTATION_FRESHNESS, WEIGHT_DENY_RATE,
283    WEIGHT_POLICY_COVERAGE, WEIGHT_REVOCATION, WEIGHT_VELOCITY_ANOMALY,
284};
285pub use cost_attribution::{
286    CostAttributionChainHop, CostAttributionQuery, CostAttributionReceiptRow,
287    CostAttributionReport, CostAttributionSummary, LeafCostAttributionRow, RootCostAttributionRow,
288    MAX_COST_ATTRIBUTION_LIMIT,
289};
290pub use dpop::{
291    is_supported_dpop_schema, verify_dpop_proof, DpopConfig, DpopNonceStore, DpopProof,
292    DpopProofBody, DPOP_SCHEMA,
293};
294pub use evidence_export::{
295    EvidenceChildReceiptRecord, EvidenceChildReceiptScope, EvidenceExportBundle,
296    EvidenceExportError, EvidenceExportQuery, EvidenceRetentionMetadata, EvidenceToolReceiptRecord,
297    EvidenceUncheckpointedReceipt,
298};
299pub use execution_nonce::{
300    is_supported_execution_nonce_schema, mint_execution_nonce, verify_execution_nonce,
301    ExecutionNonce, ExecutionNonceConfig, ExecutionNonceError, ExecutionNonceStore,
302    InMemoryExecutionNonceStore, NonceBinding, SignedExecutionNonce,
303    DEFAULT_EXECUTION_NONCE_STORE_CAPACITY, DEFAULT_EXECUTION_NONCE_TTL_SECS,
304    EXECUTION_NONCE_SCHEMA,
305};
306pub use memory_provenance::{
307    classify_memory_action, next_entry_id as next_memory_provenance_entry_id,
308    recompute_entry_hash as recompute_memory_provenance_entry_hash, InMemoryMemoryProvenanceStore,
309    MemoryActionKind, MemoryProvenanceAppend, MemoryProvenanceEntry, MemoryProvenanceError,
310    MemoryProvenanceStore, ProvenanceVerification, UnverifiedReason,
311    MEMORY_PROVENANCE_ENTRY_SCHEMA, MEMORY_PROVENANCE_GENESIS_PREV_HASH,
312};
313pub use operator_report::{behavioral_anomaly_score, BehavioralAnomalyScore, EmaBaselineState};
314pub use operator_report::{
315    AuthorizationContextReport, AuthorizationContextRow, AuthorizationContextSenderConstraint,
316    AuthorizationContextSummary, BehavioralFeedDecisionSummary,
317    BehavioralFeedGovernedActionSummary, BehavioralFeedMeteredBillingRow,
318    BehavioralFeedMeteredBillingSummary, BehavioralFeedPrivacyBoundary, BehavioralFeedQuery,
319    BehavioralFeedReceiptRow, BehavioralFeedReceiptSelection, BehavioralFeedReport,
320    BehavioralFeedReputationSummary, BehavioralFeedSettlementSummary, BudgetDimensionProfile,
321    BudgetDimensionUsage, BudgetUtilizationReport, BudgetUtilizationRow, BudgetUtilizationSummary,
322    ChioOAuthArtifactBoundary, ChioOAuthAuthorizationDiscoveryMetadata,
323    ChioOAuthAuthorizationExampleMapping, ChioOAuthAuthorizationMetadataReport,
324    ChioOAuthAuthorizationProfile, ChioOAuthAuthorizationReviewPack,
325    ChioOAuthAuthorizationReviewPackRecord, ChioOAuthAuthorizationReviewPackSummary,
326    ChioOAuthAuthorizationSupportBoundary, ChioOAuthRequestTimeContract, ChioOAuthResourceBinding,
327    ChioOAuthSenderConstraintProfile, ComplianceReport, EconomicCompletionFlowReport,
328    EconomicCompletionFlowSummary, EconomicReceiptMeteringProjection,
329    EconomicReceiptProjectionReport, EconomicReceiptProjectionRow,
330    EconomicReceiptProjectionSummary, EconomicReceiptSettlementProjection,
331    GovernedAuthorizationCommerceDetail, GovernedAuthorizationDetail,
332    GovernedAuthorizationMeteredBillingDetail, GovernedAuthorizationTransactionContext,
333    MeteredBillingEvidenceRecord, MeteredBillingReconciliationReport,
334    MeteredBillingReconciliationRow, MeteredBillingReconciliationState,
335    MeteredBillingReconciliationSummary, OperatorReport, OperatorReportQuery,
336    SettlementReconciliationReport, SettlementReconciliationRow, SettlementReconciliationState,
337    SettlementReconciliationSummary, SharedEvidenceQuery, SharedEvidenceReferenceReport,
338    SharedEvidenceReferenceRow, SharedEvidenceReferenceSummary, SignedBehavioralFeed,
339    BEHAVIORAL_FEED_SCHEMA, CHIO_OAUTH_AUTHORIZATION_COMMERCE_DETAIL_TYPE,
340    CHIO_OAUTH_AUTHORIZATION_CONTEXT_REPORT_SCHEMA, CHIO_OAUTH_AUTHORIZATION_METADATA_SCHEMA,
341    CHIO_OAUTH_AUTHORIZATION_METERED_BILLING_DETAIL_TYPE, CHIO_OAUTH_AUTHORIZATION_PROFILE_ID,
342    CHIO_OAUTH_AUTHORIZATION_PROFILE_SCHEMA, CHIO_OAUTH_AUTHORIZATION_REVIEW_PACK_SCHEMA,
343    CHIO_OAUTH_AUTHORIZATION_TOOL_DETAIL_TYPE, CHIO_OAUTH_REQUEST_TIME_AUTHORIZATION_DETAILS_CLAIM,
344    CHIO_OAUTH_REQUEST_TIME_AUTHORIZATION_DETAILS_PARAMETER,
345    CHIO_OAUTH_REQUEST_TIME_TRANSACTION_CONTEXT_CLAIM,
346    CHIO_OAUTH_REQUEST_TIME_TRANSACTION_CONTEXT_PARAMETER,
347    CHIO_OAUTH_SENDER_BINDING_CAPABILITY_SUBJECT, CHIO_OAUTH_SENDER_CONSTRAINT_SCHEMA,
348    CHIO_OAUTH_SENDER_PROOF_CHIO_DPOP, ECONOMIC_COMPLETION_FLOW_SCHEMA,
349    MAX_AUTHORIZATION_CONTEXT_LIMIT, MAX_BEHAVIORAL_FEED_RECEIPT_LIMIT, MAX_METERED_BILLING_LIMIT,
350    MAX_OPERATOR_BUDGET_LIMIT, MAX_SETTLEMENT_BACKLOG_LIMIT, MAX_SHARED_EVIDENCE_LIMIT,
351};
352pub use payment::{
353    AcpPaymentAdapter, CommercePaymentContext, GovernedPaymentContext, PaymentAdapter,
354    PaymentAuthorization, PaymentAuthorizeRequest, PaymentError, PaymentResult,
355    RailSettlementStatus, ReceiptSettlement, X402PaymentAdapter,
356};
357pub use post_invocation::{
358    PipelineOutcome, PostInvocationContext, PostInvocationHook, PostInvocationPipeline,
359    PostInvocationVerdict,
360};
361pub use receipt_analytics::{
362    AgentAnalyticsRow, AnalyticsTimeBucket, ReceiptAnalyticsMetrics, ReceiptAnalyticsQuery,
363    ReceiptAnalyticsResponse, TimeAnalyticsRow, ToolAnalyticsRow, MAX_ANALYTICS_GROUP_LIMIT,
364};
365pub use receipt_query::{ReceiptQuery, ReceiptQueryResult, MAX_QUERY_LIMIT};
366pub use receipt_store::{
367    FederatedEvidenceShareImport, FederatedEvidenceShareSummary, ReceiptStore, ReceiptStoreError,
368    RetentionConfig, StoredChildReceipt, StoredToolReceipt,
369};
370pub use revocation_runtime::{InMemoryRevocationStore, RevocationStore};
371pub use revocation_store::{RevocationRecord, RevocationStoreError};
372pub use runtime::{
373    NestedFlowBridge, NestedFlowClient, ToolCallChunk, ToolCallOutput, ToolCallRequest,
374    ToolCallResponse, ToolCallStream, ToolInvocationCost, ToolServerConnection, ToolServerEvent,
375    ToolServerOutput, ToolServerStreamResult, Verdict,
376};
377pub use session::{
378    InflightRegistry, InflightRequest, LateSessionEvent, PeerCapabilities, Session, SessionError,
379    SessionOperationResponse, SessionState, SubscriptionRegistry, TerminalRegistry,
380};
381
382/// A string-typed agent identifier.
383#[path = "kernel/mod.rs"]
384mod kernel;
385
386pub(crate) use kernel::{current_unix_timestamp, MatchingGrant, ReceiptContent};
387
388pub use kernel::{
389    AgentId, CapabilityId, ChildReceiptLog, ChioKernel, Guard, GuardContext, KernelConfig,
390    KernelError, PromptProvider, ReceiptLog, ResourceProvider, ServerId, StructuredErrorReport,
391    DEFAULT_CHECKPOINT_BATCH_SIZE, DEFAULT_MAX_SIZE_BYTES, DEFAULT_MAX_STREAM_DURATION_SECS,
392    DEFAULT_MAX_STREAM_TOTAL_BYTES, DEFAULT_RETENTION_DAYS, EMERGENCY_STOP_DENY_REASON,
393};
chio_kernel/lib.rs

chio_kernel/
lib.rs
