# Parmana > Execution Trust Infrastructure — verifiable trust between business authorization, policy evaluation, runtime execution, and execution evidence. ## Docs - [Endpoints](https://docs.parmanasystems.com/api-reference/endpoints.md): All 14 routes mounted in packages/api/src/app.ts. Every request/response/error shape below was triggered against a live local server, not inferred from code. - [REST API Introduction](https://docs.parmanasystems.com/api-reference/introduction.md): 14 routes, enumerated from packages/api/src/app.ts. Every status code and error shape on this page was triggered against a live server in this session, not inferred from code. - [The Execution Pipeline](https://docs.parmanasystems.com/architecture/execution-pipeline.md): Stage by stage: what runs on every request through the default server today, updated to reflect the gateway now being wired unconditionally. - [Architecture Overview](https://docs.parmanasystems.com/architecture/overview.md): How Parmana's packages fit together, and which parts of the pipeline actually run today. - [Packages](https://docs.parmanasystems.com/architecture/packages.md): Every package in packages/*, its real purpose, and its evidence-backed status. - [Content Binding & TOCTOU](https://docs.parmanasystems.com/concepts/content-binding-toctou.md): The real mechanism that closes the check-vs-use gap between authorization and execution, what it covers, and what it doesn't. - [Credential Isolation](https://docs.parmanasystems.com/concepts/credential-isolation.md): The caller that proposes an action never holds the credential that executes it. Session credentials are issued fresh, scoped to one call, and consumed once. - [Determinism and Clocks](https://docs.parmanasystems.com/concepts/determinism-and-clocks.md): Two different things share the word "deterministic" on this site. This page is about the narrower one: injected Clock and IdGenerator, and exactly where that pattern is and isn't used. - [Execution Authorization](https://docs.parmanasystems.com/concepts/execution-authorization.md): The signed envelope: proof that Parmana authorized one specific execution request. Single use, time bounded, content bound. - [Execution Trust Records](https://docs.parmanasystems.com/concepts/execution-trust-records.md): The canonical, immutable, cryptographically signed record of everything Parmana knows about a Business Transaction. - [Gateway Attestation](https://docs.parmanasystems.com/concepts/gateway-attestation.md): A request-bound signature proving the gateway itself released one specific request, separate from the authorization envelope's own signature. What it proves, and what it does not. - [Policies and the Decision](https://docs.parmanasystems.com/concepts/policies-and-the-decision.md): Deterministic, first-match rule evaluation over runtime signals: what a Policy is, why it's structured this way, and how a Decision comes out of it. - [The Gateway](https://docs.parmanasystems.com/concepts/the-gateway.md): The sole boundary through which Parmana releases approved execution requests to connectors. Wired into the default server unconditionally, as of commit 651497a. - [Contributing to This Documentation](https://docs.parmanasystems.com/contributing.md): The rule this entire site follows, and how to add a page without breaking it. - [Cryptography](https://docs.parmanasystems.com/cryptography/overview.md): Ed25519 default, ML-DSA-65 (post-quantum) configurable. Local PEM keys today; KMS/HSM is roadmap. - [Local / Self-Hosted Deployment](https://docs.parmanasystems.com/deployment/local.md): The real, current deployment model: a single Node.js process, local PEM keys, your choice of memory or Supabase storage. - [FAQ](https://docs.parmanasystems.com/faq.md): Direct answers, including the ones that aren't flattering. - [Glossary](https://docs.parmanasystems.com/glossary.md): Every term used on this site, mapped to its real source. - [Add a Connector with the Connector SDK](https://docs.parmanasystems.com/guides/add-a-connector.md): Implement a Connector, test it hermetically with MockConnector, and see exactly what registering it into the default server requires. - [Authorize and Execute an Action End to End](https://docs.parmanasystems.com/guides/authorize-and-execute.md): See the signed authorization envelope Quickstart hides behind the REST API, then run the same request through the full gateway-wired server. - [Choose a Signature Provider](https://docs.parmanasystems.com/guides/choose-a-signature-provider.md): Ed25519 by default, ML-DSA-65 (post-quantum) as a configured alternative, and hybrid signing with both at once. What each one actually requires and costs. - [Deploy Patterns](https://docs.parmanasystems.com/guides/deploy-patterns.md): In-memory vs Supabase storage, the full environment variable checklist, and how key management actually works: two separate keypairs, one directory, one optional rotation variable. - [Detect Tampering](https://docs.parmanasystems.com/guides/detect-tampering.md): Mutate a parameter, a signature, and a nonce, run the same verification each time, and watch each one fail. This mirrors the always-running negative-path tutorials. - [Issue and Verify Session Credentials](https://docs.parmanasystems.com/guides/session-credentials.md): Issue a single-use, time-bounded session credential, consume it, and confirm expiry, reuse, and revocation are all rejected. - [Verify a Trust Record Independently](https://docs.parmanasystems.com/guides/verify-independently.md): Take a trust record someone else gave you and verify its hash and signature with only the public key, no Parmana server, no database, no network call. - [Write Your First Policy](https://docs.parmanasystems.com/guides/write-your-first-policy.md): Write a custom Policy, evaluate a transaction against it, and confirm both the approve and reject paths. - [How Parmana thinks](https://docs.parmanasystems.com/how-parmana-thinks.md): The six ideas behind every request Parmana handles: deterministic policy, fail-closed defaults, signed authorization, gateway verification, credential isolation, and trust records. - [Welcome](https://docs.parmanasystems.com/index.md): Parmana is Execution Trust Infrastructure: AI proposes an action, Parmana authorizes it, your systems execute it. - [Connector Development Guide](https://docs.parmanasystems.com/integrations/connector-development-guide.md): How to implement a Connector against @parmana/connector-sdk, every example uses MockConnector or HttpConnector, no enterprise-specific example. - [Integrations](https://docs.parmanasystems.com/integrations/overview.md): The Connector SDK foundation is real. Four enterprise-named connectors exist as explicit, self-documented mocks; no real enterprise integration is built on it yet. - [Quickstart](https://docs.parmanasystems.com/quickstart.md): Install to your first authorized execution in under 10 minutes, using the in-memory server. - [@parmana/api](https://docs.parmanasystems.com/reference/api.md): The Express server and its bootstrap composition root. For the REST surface itself, see the API Reference section. - [@parmana/connector-sdk](https://docs.parmanasystems.com/reference/connector-sdk.md): Connector authoring contracts, reference implementations, and four enterprise-named reference mocks. Extends execution-control's seams, does not replace them. - [@parmana/crypto](https://docs.parmanasystems.com/reference/crypto.md): Signing, hashing, and verification. Ed25519 and ML-DSA-65 providers, canonical serialization, and the file-based key provider. - [@parmana/envelope-verifier](https://docs.parmanasystems.com/reference/envelope-verifier.md): Independently verifies a signed execution authorization: version, signature, expiry, TTL, and nonce. Zero third-party runtime dependencies. - [@parmana/execution-control](https://docs.parmanasystems.com/reference/execution-control.md): Gateway-authenticated, session-scoped credential isolation for connectors. Also home to a separate, currently-unwired Execution Permit model, disambiguated below. - [@parmana/execution-gateway](https://docs.parmanasystems.com/reference/execution-gateway.md): The sole boundary through which Parmana releases approved execution requests to connectors. Includes two deprecated fields, documented here with their replacements. - [@parmana/execution-system](https://docs.parmanasystems.com/reference/execution-system.md): The single interface every execution boundary implements: a no-op placeholder, an HTTP forwarder, and the real Execution Gateway all plug into the same seam. - [@parmana/policy](https://docs.parmanasystems.com/reference/policy.md): Deterministic, first-match-wins rule evaluation, plus loading and validating policy documents. - [@parmana/receipt](https://docs.parmanasystems.com/reference/receipt.md): A real, tested receipt/permit model. Nothing in packages/runtime or packages/api currently consumes it. - [@parmana/replay](https://docs.parmanasystems.com/reference/replay.md): Genuinely re-evaluates a recorded policy decision against its recorded signals. Real, tested, and disconnected from packages/api and packages/runtime. - [@parmana/runtime](https://docs.parmanasystems.com/reference/runtime.md): Orchestrates policy evaluation, authorization signing, execution, and trust record assembly. The composition root for everything else. - [@parmana/shared](https://docs.parmanasystems.com/reference/shared.md): Domain types, config loading, and error classes every other package depends on. No business logic of its own. - [@parmana/storage](https://docs.parmanasystems.com/reference/storage.md): Append-only persistence for Business Transactions, Trust Records, and policies. memory and supabase are real, postgres and sqlite are declared but not implemented. - [Replay](https://docs.parmanasystems.com/replay/overview.md): Two separate things share this name today, what each actually does. - [Roadmap](https://docs.parmanasystems.com/roadmap.md): What's designed but not built, stated plainly, this is a feature of this documentation, not an apology. - [Other Languages](https://docs.parmanasystems.com/sdks/other-languages.md): [ROADMAP], no Go, Java, or .NET SDK exists in this repository today. - [Python SDK](https://docs.parmanasystems.com/sdks/python.md): The actively maintained SDK, generated models, structured errors, real test coverage. - [TypeScript SDK](https://docs.parmanasystems.com/sdks/typescript.md): Real client code and a full error taxonomy, neither is tested, and the error taxonomy is never actually used. - [Security](https://docs.parmanasystems.com/security/overview.md): What Parmana actually guarantees, precisely scoped, and, as important, what it explicitly does not claim. - [Storage](https://docs.parmanasystems.com/storage/overview.md): Append-only persistence for Business Transactions, Trust Records, and policies. - [Troubleshooting](https://docs.parmanasystems.com/troubleshooting.md): Real problems encountered while building and using this repo, with real causes. - [The CLAIMS.md Discipline](https://docs.parmanasystems.com/trust-and-claims/claims-discipline.md): Every capability claim on this site maps to a line in docs/CLAIMS.md, which maps to a source file or test. How to read it, and how to check any claim yourself. - [What Parmana Does Not Claim](https://docs.parmanasystems.com/trust-and-claims/what-we-dont-claim.md): Honest limitations, sourced from CLAIMS.md's own refused claims and from what this documentation effort found while verifying every page against code. - [Tutorials](https://docs.parmanasystems.com/tutorials/index.md): All 60 numbered examples in examples/tutorials/, grouped by what they demonstrate. This page links to them, it does not duplicate their content. - [Verification](https://docs.parmanasystems.com/verification/overview.md): Exactly 3 checks, always run, always reported independently. ## OpenAPI Specs - [openapi](https://docs.parmanasystems.com/openapi.json)