qae_kernel/
lib.rs

1// SPDX-License-Identifier: BUSL-1.1
2//! QAE Safety Certification Kernel — domain-agnostic action certification layer.
3//!
4//! An agent proposes an action, the safety kernel certifies it, and the result
5//! is one of: Certified, CertifiedWithWarning, EscalateToHuman, or Blocked.
6//!
7//! The kernel is domain-agnostic. Domain-specific logic (e.g., finance, agentic AI)
8//! is plugged in via the `DomainAdapter` trait.
9//!
10//! ## Architecture
11//!
12//! ```text
13//! ProposedAction → DomainAdapter → ConstraintChannels → SafetyCertifier → SafetyCertificate
14//! ```
15//!
16//! ## Key Traits
17//!
18//! - [`DomainAdapter`]: Plugs domain-specific logic into the kernel
19//! - [`ConstraintChannel`]: Evaluates a single constraint dimension
20//! - [`ProposedAction`]: Represents an agent's proposed action
21//!
22//! ## Zero Finance Dependencies
23//!
24//! This crate depends only on serialization, crypto (SHA-256), and timestamps.
25//! No `nalgebra`, `ndarray`, or domain-specific types.
26
27pub mod action;
28pub mod certificate;
29pub mod certifier;
30pub mod constraint;
31pub mod declarative;
32pub mod domain;
33pub mod registry;
34
35pub use action::{ActionPriority, ProposedAction, SimpleAction, StateDelta};
36pub use certificate::{
37    CertificationDecision, SafetyCertificate, SafetyCertificateBuilder, SafetyZone,
38};
39pub use certifier::{certify_action, CertifierConfig, SafetyCertifier};
40pub use constraint::ConstraintChannel;
41pub use declarative::{ConstraintDefinition, DeclarativeChannel, MarginRule, ThresholdOverrides};
42pub use domain::DomainAdapter;
43pub use registry::{ChannelConfig, ChannelSummary, ConstraintRegistry, RegisteredChannel};
44
45use serde::{Deserialize, Serialize};
46
47/// Deterministic hash wrapper for reproducibility verification.
48#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
49pub struct DeterministicHash(pub String);
50
51/// Error types for the kernel.
52#[derive(Debug, thiserror::Error)]
53pub enum KernelError {
54    #[error("Constraint channel evaluation failed: {0}")]
55    ConstraintError(String),
56
57    #[error("Domain adapter error: {0}")]
58    AdapterError(String),
59
60    #[error("Certification pipeline error: {0}")]
61    CertificationError(String),
62
63    #[error("Registry error: {0}")]
64    RegistryError(String),
65
66    #[error("Declarative constraint error: {0}")]
67    DeclarativeError(String),
68
69    #[error("Serialization error: {0}")]
70    SerializationError(String),
71}
72
73/// Result type alias for kernel operations.
74pub type KernelResult<T> = Result<T, KernelError>;
qae_kernel/lib.rs

qae_kernel/
lib.rs
