Skip to main content

Crate exo_avc

Crate exo_avc 

Source
Expand description

§exo-avc — Autonomous Volition Credential

AVC is a portable, signed, machine-verifiable credential that defines what an autonomous actor is authorized to pursue under a human or organizational principal.

Identity proves who an actor is. Authority proves who delegated power. Consent proves what posture applies. AVC proves what autonomous intent is allowed before action occurs.

In this crate, volition strictly means delegated operational intent. It does not denote consciousness, sentience, emotion, or human-like free will.

§Determinism contract

  • All collections in signed payloads are sorted and deduplicated.
  • All hashing is BLAKE3 over canonical CBOR — only ordered maps and sets (BTreeMap, BTreeSet), no platform-dependent integer widths, and no floating-point arithmetic.
  • Validation never reads system time; the caller passes now.
  • Validation is fail-closed: any unresolved key, missing required reference, malformed structural value, scope violation, expiration, or revocation produces an explicit Deny decision with reason codes describing why.

§High-level API

use exo_avc::{
    AutonomyLevel, AuthorityScope, AvcConstraints, AvcDraft, AvcSubjectKind,
    DelegatedIntent, InMemoryAvcRegistry, AvcRegistryWrite, AvcValidationRequest,
    AvcDecision, issue_avc, validate_avc, AVC_SCHEMA_VERSION,
};
use exo_authority::permission::Permission;
use exo_core::{Did, Hash256, Timestamp};
use exo_core::crypto::KeyPair;

let issuer_keypair = KeyPair::from_secret_bytes([0x11; 32]).unwrap();
let issuer_did = Did::new("did:exo:issuer").unwrap();
let mut registry = InMemoryAvcRegistry::new();
registry.put_public_key(issuer_did.clone(), issuer_keypair.public);

let draft = AvcDraft {
    schema_version: AVC_SCHEMA_VERSION,
    issuer_did: issuer_did.clone(),
    principal_did: issuer_did.clone(),
    subject_did: Did::new("did:exo:agent").unwrap(),
    holder_did: None,
    subject_kind: AvcSubjectKind::AiAgent {
        model_id: "alpha".into(),
        agent_version: None,
    },
    created_at: Timestamp::new(1_000, 0),
    expires_at: Some(Timestamp::new(2_000, 0)),
    delegated_intent: DelegatedIntent {
        intent_id: Hash256::from_bytes([0xAA; 32]),
        purpose: "research".into(),
        allowed_objectives: vec!["primary".into()],
        prohibited_objectives: vec![],
        autonomy_level: AutonomyLevel::Draft,
        delegation_allowed: false,
    },
    authority_scope: AuthorityScope {
        permissions: vec![Permission::Read],
        tools: vec![],
        data_classes: vec![],
        counterparties: vec![],
        jurisdictions: vec!["US".into()],
    },
    constraints: AvcConstraints::permissive(),
    authority_chain: None,
    consent_refs: vec![],
    policy_refs: vec![],
    parent_avc_id: None,
};

let credential = issue_avc(draft, |bytes| issuer_keypair.sign(bytes)).unwrap();
let request = AvcValidationRequest {
    credential,
    action: None,
    now: Timestamp::new(1_500, 0),
};
let result = validate_avc(&request, &registry).unwrap();
assert_eq!(result.decision, AvcDecision::Allow);

Re-exports§

pub use credential::AVC_CREDENTIAL_SIGNING_DOMAIN;
pub use credential::AVC_MAX_SUPPORTED_PROTOCOL_VERSION;
pub use credential::AVC_MIN_SUPPORTED_PROTOCOL_VERSION;
pub use credential::AVC_PROTOCOL_DEPRECATION_WINDOW_DAYS;
pub use credential::AVC_PROTOCOL_VERSION;
pub use credential::AVC_SCHEMA_VERSION;
pub use credential::AuthorityChainRef;
pub use credential::AuthorityScope;
pub use credential::AutonomousVolitionCredential;
pub use credential::AutonomyLevel;
pub use credential::AvcConstraints;
pub use credential::AvcDraft;
pub use credential::AvcSubjectKind;
pub use credential::ConsentRef;
pub use credential::DataClass;
pub use credential::DelegatedIntent;
pub use credential::MAX_BASIS_POINTS;
pub use credential::PolicyRef;
pub use credential::TimeWindow;
pub use credential::issue_avc;
pub use credential::require_supported_avc_protocol_version;
pub use delegation::delegate_avc;
pub use delegation::parent_id_of;
pub use error::AvcError;
pub use receipt::AVC_RECEIPT_EVIDENCE_SUBJECT_DOMAIN;
pub use receipt::AVC_RECEIPT_EXTERNAL_TIMESTAMP_DOMAIN;
pub use receipt::AVC_RECEIPT_SIGNING_DOMAIN;
pub use receipt::AvcReceiptEvidenceSubject;
pub use receipt::AvcReceiptExternalTimestampProof;
pub use receipt::AvcReceiptExternalTimestampProofKind;
pub use receipt::AvcReceiptRfc3161TimestampProof;
pub use receipt::AvcReceiptRfc3161TrustAnchorKind;
pub use receipt::AvcReceiptTimestampProvenance;
pub use receipt::AvcTrustReceipt;
pub use receipt::AvcTrustReceiptEvidence;
pub use receipt::create_trust_receipt;
pub use receipt::create_trust_receipt_with_evidence;
pub use registry::AvcRegistryDurableState;
pub use registry::AvcRegistryRead;
pub use registry::AvcRegistryWrite;
pub use registry::InMemoryAvcRegistry;
pub use revocation::AVC_REVOCATION_SIGNING_DOMAIN;
pub use revocation::AvcRevocation;
pub use revocation::AvcRevocationReason;
pub use revocation::revoke_avc;
pub use validation::AVC_ACTION_COMMITMENT_DOMAIN;
pub use validation::AVC_ACTION_DESCRIPTOR_DOMAIN;
pub use validation::AVC_ACTION_SIGNING_DOMAIN;
pub use validation::AVC_HUMAN_APPROVAL_SIGNING_DOMAIN;
pub use validation::AvcActionDescriptor;
pub use validation::AvcActionRequest;
pub use validation::AvcDecision;
pub use validation::AvcHumanApproval;
pub use validation::AvcReasonCode;
pub use validation::AvcValidationRequest;
pub use validation::AvcValidationResult;
pub use validation::avc_action_commitment_hash;
pub use validation::avc_action_descriptor_hash;
pub use validation::avc_action_signature_payload;
pub use validation::human_approval_signature_payload;
pub use validation::validate_avc;

Modules§

credential
Core AVC types: credential, draft, intent, scope, constraints, refs.
delegation
AVC delegation — issuance of a child credential whose scope is strictly narrower than its parent.
error
Error types for the AVC layer.
receipt
AVC trust receipts.
registry
Deterministic in-memory registry for AVC credentials, revocations, receipts, and the ancillary state required by validation (issuer public keys, validated authority chain hashes, consent and policy reference existence).
revocation
AVC revocations: signed records that block future validation of a credential, regardless of expiry.
validation
AVC validation — fail-closed adjudication of a credential and an optional action against a registry.

Constants§

AVC_SIGNING_DOMAINS
All AVC signing domains as a sorted slice — used by hygiene tests and external auditors who need to ensure no domain collisions.