Expand description
§Tenuo Core
Agent Capability Flow Control - Rust core library.
Tenuo provides cryptographically-enforced capability attenuation for AI agent workflows. Unlike traditional IAM systems that answer “Who are you?”, Tenuo answers “Who delegated this authority, what task context does it carry, and is this action within the delegated bounds?”
§Key Concepts
- Warrant: A transferable token of authority containing tool name, constraints, TTL, and signature
- Attenuation: Capabilities can only shrink when delegated, never expand
- Constraints: Restrictions on argument values (Pattern, Exact, OneOf, Range, CEL)
§Example
ⓘ
use tenuo::{Warrant, Pattern, Keypair};
use std::time::Duration;
// Create a keypair for the control plane
let keypair = SigningKey::generate();
// Issue a warrant for cluster upgrades
let warrant = Warrant::builder()
.capability("upgrade_cluster")
.constraint("cluster", Pattern::new("staging-*"))
.ttl(Duration::from_secs(600))
.build(&keypair)?;
// Attenuate to a narrower scope for a worker agent
let worker_warrant = warrant.attenuate()
.constraint("cluster", Exact::new("staging-web"))
.build(&worker_keypair)?;Re-exports§
pub use extraction::CompiledExtractionRule;pub use extraction::CompiledExtractionRules;pub use extraction::CompiledPath;pub use extraction::ExtractionRule;pub use extraction::ExtractionSource;pub use extraction::RequestContext;pub use gateway_config::CompiledGatewayConfig;pub use gateway_config::CompiledRoute;pub use gateway_config::GatewayConfig;pub use gateway_config::GatewaySettings;pub use gateway_config::MethodMask;pub use gateway_config::RouteConfig;pub use gateway_config::RouteMatch;pub use gateway_config::ToolConfig;pub use mcp::CompiledMcpConfig;pub use mcp::CompiledTool;pub use mcp::McpConfig;pub use mcp::McpSettings;pub use constraints::All;pub use constraints::Any;pub use constraints::CelConstraint;pub use constraints::Constraint;pub use constraints::ConstraintSet;pub use constraints::ConstraintValue;pub use constraints::Contains;pub use constraints::Exact;pub use constraints::Not;pub use constraints::NotOneOf;pub use constraints::OneOf;pub use constraints::Pattern;pub use constraints::Range;pub use constraints::RegexConstraint;pub use constraints::Subset;pub use constraints::Wildcard;pub use constraints::MAX_CONSTRAINT_DEPTH;pub use crypto::PublicKey;pub use crypto::Signature;pub use crypto::SigningKey;pub use error::Error;pub use error::Result;pub use planes::Authorizer;pub use planes::AuthorizerBuilder;pub use planes::ChainStep;pub use planes::ChainVerificationResult;pub use planes::ControlPlane;pub use planes::DataPlane;pub use planes::DEFAULT_CLOCK_TOLERANCE_SECS;pub use revocation::RevocationRequest;pub use revocation::SignedRevocationList;pub use revocation::SrlBuilder;pub use revocation::MAX_REVOCATION_REQUEST_AGE_SECS;pub use revocation_manager::RevocationManager;pub use warrant::Clearance;pub use warrant::OwnedAttenuationBuilder;pub use warrant::OwnedIssuanceBuilder;pub use warrant::Warrant;pub use warrant::WarrantBuilder;pub use warrant::WarrantId;pub use warrant::WarrantType;pub use warrant::POP_TIMESTAMP_WINDOW_SECS;pub use warrant::WARRANT_ID_PREFIX;pub use wire::MAX_WARRANT_SIZE;pub use diff::ChangeType;pub use diff::ClearanceDiff;pub use diff::ConstraintDiff;pub use diff::DelegationDiff;pub use diff::DelegationReceipt;pub use diff::DepthDiff;pub use diff::ToolsDiff;pub use diff::TtlDiff;
Modules§
- approval
- Approval types for human-in-the-loop and multi-sig workflows.
- audit
- Audit Logging infrastructure.
- cel
- CEL (Common Expression Language) evaluation for Tenuo constraints.
- constraints
- Constraint types for Tenuo warrants.
- crypto
- Cryptographic primitives for Tenuo.
- diff
- Delegation diff computation for audit and preview.
- error
- Error types for Tenuo.
- extraction
- Constraint Extraction System
- gateway_
config - Gateway Configuration Parser
- mcp
- MCP (Model Context Protocol) Integration Helpers
- payload
- planes
- Control Plane and Data Plane separation.
- revocation
- Revocation System
- revocation_
manager - Revocation Manager
- warrant
- Warrant type - the core primitive of Tenuo.
- wire
- Wire format for Tenuo warrants.
Constants§
- DEFAULT_
WARRANT_ TTL_ SECS - Default TTL when not specified (5 minutes).
- MAX_
DELEGATION_ DEPTH - Maximum delegation depth to prevent unbounded chains (protocol-level hard cap).
- MAX_
WARRANT_ TTL_ SECS - Protocol-level maximum TTL (90 days).
- SIGNATURE_
CONTEXT - Context string for Ed25519 signatures (prevents cross-protocol attacks).
- WIRE_
VERSION - Current wire format version