Expand description
§typesec
Type-level security capabilities for Rust agents.
This facade crate re-exports the core capability model by default and exposes the policy engines, agent API, and macros behind feature flags.
Modules§
- agent
- Agent executor API.
- capability
- Capability — the unforgeable proof token
- combinator
- Policy Combinator
- glob
- Shared glob pattern matching for subjects, resources, and policy targets.
- lattice
- Capability Lattice
- macros
- Procedural macros.
- odrl
- ODRL policy engine.
- permissions
- Permission marker traits
- policy
- Policy engine trait and audit trail types.
- rbac
- RBAC policy engine.
- resource
- Resource trait — the thing a capability grants access to.
- role
- Role abstraction — a named collection of permissions.
- secure_
value - Opaque labeled values for information-flow style data handling.
- typestate
- Agent typestate
Structs§
- Agent
- An agent with a typestate parameter
Sand an attached policy engine. - Agent
Builder - Builder for
SecureAgent— convenient when wiring multiple engines together. - AiCan
Exfiltrate - Permission for an AI agent to exfiltrate (export/transmit) data.
- AiCan
Infer - Permission for an AI agent to run inference over a resource.
- AiCan
Train - Permission for an AI agent to use a resource as training data.
- Audit
Event - A structured record of every policy decision.
- Authenticated
- Authenticated state. Policy checks and capability requests become available.
- CanDeclassify
- Permission to intentionally lower the security label of protected data.
- CanDelegate
- Permission to delegate capabilities to other agents.
- CanDelete
- Permission to delete a resource.
- CanExecute
- Permission to execute code or invoke actions on a resource.
- CanRead
- Permission to read a resource (non-sensitive).
- CanRead
Internal - Permission to read internal resources.
- CanRead
Sensitive - Permission to read sensitive resources (PII, credentials, etc.).
- CanWrite
- Permission to write (create or update) a resource.
- CanWrite
Sensitive - Permission to write sensitive resources.
- Capability
- An unforgeable proof that subject
subjectholds permissionPon resourceR. - Capability
Id - Stable identity for one minted capability within this process.
- Capability
Revocation List - Per-capability revocation list.
- Composed
Engine - A multi-engine policy combinator with configurable strategy.
- Credentials
- Credentials used to authenticate an agent.
- Delegation
Reason - Structured explanation for an unresolved policy decision.
- Fallback
Engine - A two-engine fallback: tries
primaryfirst, thenfallbackon delegation. - Generic
Resource - A generic, string-keyed resource for use in tests and the CLI simulator.
- Internal
- Internal data: not public, but below sensitive and secret data.
- Lattice
Engine - Runtime lattice engine wrapper.
- Mint
Options - Lease parameters for capability minting.
- Odrl
Engine - An ODRL policy engine.
- Policy
Engine Builder - Builder for
ComposedEngine. - Protected
Tool - A tool that cannot run unless the caller supplies a matching capability.
- Public
- Public data: safe to reveal without a capability.
- Rbac
Engine - A compiled, fast-lookup RBAC engine.
- Request
Context - Runtime context attached to a policy decision request.
- Resource
Id - Stable identifier for one protected resource instance.
- Revocation
Epoch - A shared revocation epoch for live capability invalidation.
- Secret
- Secret data such as credentials or highly restricted model inputs.
- Secure
Agent - A secure agent that ties together typestate, policy engines, and capabilities.
- Secure
Value - Data protected by a type-level privacy label and resource type.
- Sensitive
- Sensitive data such as PII or confidential business records.
- Subject
Id - Stable identifier for a policy subject or agent identity.
- Token
- A bearer secret (API key, signed JWT, etc.) that must not leak into logs.
- Tool
Registry - Registry for named capability-protected tools.
- Tool
Spec - Metadata describing the authorization boundary for a protected tool.
- Tracing
Audit Sink - Default
AuditSinkthat emits events viatracing::info!. - Unauthenticated
- The initial agent state. No policy operations are available yet.
Enums§
- Agent
Error - Error types for agent operations.
- Capability
Error - Error type for capability acquisition failures.
- Capability
UseError - Error returned when a capability is no longer valid for use.
- Combine
Strategy - How to combine multiple policy engine verdicts into a single decision.
- Glob
Pattern - A compiled glob pattern, with the literal
"*"special-cased to match everything (including across/separators). - Policy
Result - The verdict returned by a policy engine.
- Secure
Access Error - Error returned when a capability does not authorize access to a protected value.
- Secure
Value Error - Error returned when protected values cannot be safely combined.
- Task
Error - Error type for task execution failures.
Constants§
- DEFAULT_
CAPABILITY_ TTL - Default lease duration for minted capabilities.
Traits§
- Agent
State - Sealed state trait for the
Agenttypestate machine. - Async
Policy Engine - Async companion interface for policy engines.
- Audit
Sink - Destination for audit events.
- Authenticator
- Verifies credentials and returns the canonical subject identity.
- Implies
- Trait encoding the permission lattice.
- Join
- Type-level least upper bound for two privacy labels.
- Permission
- A marker trait for permissions.
- Policy
Engine - The core runtime policy interface.
- Privacy
Level - A type-level privacy label.
- Resource
- A resource that can be protected by a
Capability. - Role
- A role is a named collection of permissions.
Functions§
- format_
audit_ timestamp - Format an audit timestamp as RFC 3339 with millisecond precision.
- is_
glob_ pattern - Returns
trueifvaluecontains any glob metacharacter (*,?,[). - mint_
capability - Mint a
Capabilityby running a policy check. - mint_
capability_ async - Async variant of
mint_capability. - mint_
capability_ for_ id - Mint a capability for a resource identified only by its id string.
- mint_
capability_ for_ id_ async - Async variant of
mint_capability_for_id. - mint_
capability_ with - Like
mint_capability, but with explicit lease parameters. - mint_
capability_ with_ async - Async variant of
mint_capability_with. - set_
audit_ sink - Install a process-wide audit sink, replacing the previous one.
Type Aliases§
- Audit
Future - Boxed async audit-recording future.
- Audit
Timestamp - UTC timestamp used in audit records.
- Policy
Future - Boxed async policy-decision future.
- Task
Result - The result type for task execution.
- Tool
Future - Boxed future returned by protected tool handlers.