Expand description
§exo-avc — Autonomous Volition Credential
AVC is a portable, signed, machine-verifiable credential that
defines what an autonomous actor is authorized to pursue under a
human or organizational principal.
Identity proves who an actor is. Authority proves who delegated power. Consent proves what posture applies. AVC proves what autonomous intent is allowed before action occurs.
In this crate, volition strictly means delegated operational intent. It does not denote consciousness, sentience, emotion, or human-like free will.
§Determinism contract
- All collections in signed payloads are sorted and deduplicated.
- All hashing is BLAKE3 over canonical CBOR — only ordered maps and
sets (
BTreeMap,BTreeSet), no platform-dependent integer widths, and no floating-point arithmetic. - Validation never reads system time; the caller passes
now. - Validation is fail-closed: any unresolved key, missing required
reference, malformed structural value, scope violation, expiration,
or revocation produces an explicit
Denydecision with reason codes describing why.
§High-level API
use exo_avc::{
AutonomyLevel, AuthorityScope, AvcConstraints, AvcDraft, AvcSubjectKind,
DelegatedIntent, InMemoryAvcRegistry, AvcRegistryWrite, AvcValidationRequest,
AvcDecision, issue_avc, validate_avc, AVC_SCHEMA_VERSION,
};
use exo_authority::permission::Permission;
use exo_core::{Did, Hash256, Timestamp};
use exo_core::crypto::KeyPair;
let issuer_keypair = KeyPair::from_secret_bytes([0x11; 32]).unwrap();
let issuer_did = Did::new("did:exo:issuer").unwrap();
let mut registry = InMemoryAvcRegistry::new();
registry.put_public_key(issuer_did.clone(), issuer_keypair.public);
let draft = AvcDraft {
schema_version: AVC_SCHEMA_VERSION,
issuer_did: issuer_did.clone(),
principal_did: issuer_did.clone(),
subject_did: Did::new("did:exo:agent").unwrap(),
holder_did: None,
subject_kind: AvcSubjectKind::AiAgent {
model_id: "alpha".into(),
agent_version: None,
},
created_at: Timestamp::new(1_000, 0),
expires_at: Some(Timestamp::new(2_000, 0)),
delegated_intent: DelegatedIntent {
intent_id: Hash256::from_bytes([0xAA; 32]),
purpose: "research".into(),
allowed_objectives: vec!["primary".into()],
prohibited_objectives: vec![],
autonomy_level: AutonomyLevel::Draft,
delegation_allowed: false,
},
authority_scope: AuthorityScope {
permissions: vec![Permission::Read],
tools: vec![],
data_classes: vec![],
counterparties: vec![],
jurisdictions: vec!["US".into()],
},
constraints: AvcConstraints::permissive(),
authority_chain: None,
consent_refs: vec![],
policy_refs: vec![],
parent_avc_id: None,
};
let credential = issue_avc(draft, |bytes| issuer_keypair.sign(bytes)).unwrap();
let request = AvcValidationRequest {
credential,
action: None,
now: Timestamp::new(1_500, 0),
};
let result = validate_avc(&request, ®istry).unwrap();
assert_eq!(result.decision, AvcDecision::Allow);Re-exports§
pub use credential::AVC_CREDENTIAL_SIGNING_DOMAIN;pub use credential::AVC_MAX_SUPPORTED_PROTOCOL_VERSION;pub use credential::AVC_MIN_SUPPORTED_PROTOCOL_VERSION;pub use credential::AVC_PROTOCOL_DEPRECATION_WINDOW_DAYS;pub use credential::AVC_PROTOCOL_VERSION;pub use credential::AVC_SCHEMA_VERSION;pub use credential::AuthorityChainRef;pub use credential::AuthorityScope;pub use credential::AutonomousVolitionCredential;pub use credential::AutonomyLevel;pub use credential::AvcConstraints;pub use credential::AvcDraft;pub use credential::AvcSubjectKind;pub use credential::ConsentRef;pub use credential::DataClass;pub use credential::DelegatedIntent;pub use credential::MAX_BASIS_POINTS;pub use credential::PolicyRef;pub use credential::TimeWindow;pub use credential::issue_avc;pub use credential::require_supported_avc_protocol_version;pub use delegation::delegate_avc;pub use delegation::parent_id_of;pub use error::AvcError;pub use receipt::AVC_RECEIPT_EVIDENCE_SUBJECT_DOMAIN;pub use receipt::AVC_RECEIPT_EXTERNAL_TIMESTAMP_DOMAIN;pub use receipt::AVC_RECEIPT_SIGNING_DOMAIN;pub use receipt::AvcReceiptEvidenceSubject;pub use receipt::AvcReceiptExternalTimestampProof;pub use receipt::AvcReceiptExternalTimestampProofKind;pub use receipt::AvcReceiptRfc3161TimestampProof;pub use receipt::AvcReceiptRfc3161TrustAnchorKind;pub use receipt::AvcReceiptTimestampProvenance;pub use receipt::AvcTrustReceipt;pub use receipt::AvcTrustReceiptEvidence;pub use receipt::create_trust_receipt;pub use receipt::create_trust_receipt_with_evidence;pub use registry::AvcRegistryDurableState;pub use registry::AvcRegistryRead;pub use registry::AvcRegistryWrite;pub use registry::InMemoryAvcRegistry;pub use revocation::AVC_REVOCATION_SIGNING_DOMAIN;pub use revocation::AvcRevocation;pub use revocation::AvcRevocationReason;pub use revocation::revoke_avc;pub use validation::AVC_ACTION_COMMITMENT_DOMAIN;pub use validation::AVC_ACTION_DESCRIPTOR_DOMAIN;pub use validation::AVC_ACTION_SIGNING_DOMAIN;pub use validation::AVC_HUMAN_APPROVAL_SIGNING_DOMAIN;pub use validation::AvcActionDescriptor;pub use validation::AvcActionRequest;pub use validation::AvcDecision;pub use validation::AvcHumanApproval;pub use validation::AvcReasonCode;pub use validation::AvcValidationRequest;pub use validation::AvcValidationResult;pub use validation::avc_action_commitment_hash;pub use validation::avc_action_descriptor_hash;pub use validation::avc_action_signature_payload;pub use validation::human_approval_signature_payload;pub use validation::validate_avc;
Modules§
- credential
- Core AVC types: credential, draft, intent, scope, constraints, refs.
- delegation
- AVC delegation — issuance of a child credential whose scope is strictly narrower than its parent.
- error
- Error types for the AVC layer.
- receipt
- AVC trust receipts.
- registry
- Deterministic in-memory registry for AVC credentials, revocations, receipts, and the ancillary state required by validation (issuer public keys, validated authority chain hashes, consent and policy reference existence).
- revocation
- AVC revocations: signed records that block future validation of a credential, regardless of expiry.
- validation
- AVC validation — fail-closed adjudication of a credential and an optional action against a registry.
Constants§
- AVC_
SIGNING_ DOMAINS - All AVC signing domains as a sorted slice — used by hygiene tests and external auditors who need to ensure no domain collisions.