Skip to main content

exo_gatekeeper/
lib.rs

1// Copyright 2026 Exochain Foundation
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at:
6//
7//     https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// SPDX-License-Identifier: Apache-2.0
16
17//! EXOCHAIN Gatekeeper — the Judicial Branch.
18//!
19//! This crate implements the Constitutional Governance Runtime (CGR):
20//! - **Kernel** — immutable adjudicator enforcing constitutional invariants
21//! - **Invariants** — the eight constitutional invariants
22//! - **Combinator** — deterministic algebra for composing governance operations
23//! - **Holon** — autonomous agent runtime with kernel-adjudicated steps
24//! - **MCP** — Model Context Protocol enforcement for AI systems
25//! - **TEE** — Trusted Execution Environment attestation
26//! - **Governance Monitor** — T-14 defense: signed attestation, circuit breaker, human approval gate
27
28#![cfg_attr(test, allow(clippy::expect_used, clippy::unwrap_used))]
29
30pub mod combinator;
31#[cfg(not(target_arch = "wasm32"))]
32pub mod dagdb_gate;
33pub mod error;
34pub mod governance_monitor;
35pub mod holon;
36pub mod invariants;
37pub mod kernel;
38pub mod mcp;
39pub mod mcp_audit;
40pub mod tee;
41pub mod types;
42
43// Re-export primary types.
44pub use combinator::{Combinator, CombinatorInput, CombinatorOutput};
45#[cfg(not(target_arch = "wasm32"))]
46pub use dagdb_gate::{
47    ConsentEngine, DagDbConsentRecord, DagDbGatekeeperService, IdentityRegistry,
48    sign_write_payload, usage_event_payload_hash, verify_write_consent, verify_write_signature,
49};
50pub use error::GatekeeperError;
51pub use governance_monitor::{
52    ApprovalGate, ApprovalStatus, GovernanceAttestation, GovernanceCircuitBreaker,
53    GovernanceMonitorError,
54};
55pub use holon::{Holon, HolonState};
56pub use invariants::{
57    ConstitutionalInvariant, InvariantEngine, InvariantSet, authority_link_signature_message,
58    provenance_signature_message,
59};
60pub use kernel::{ActionRequest, AdjudicationContext, Kernel, Verdict};
61pub use mcp::{McpContext, McpRule, McpViolation};
62pub use mcp_audit::{McpAuditLog, McpAuditRecord, McpEnforcementOutcome};
63pub use tee::{TeeAttestation, TeePlatform, TeePolicy};