Skip to main content
[AVAILABLE]. packages/runtime. Wires together @parmana/policy, @parmana/crypto, @parmana/storage, and whichever ExecutionSystem you supply.

Purpose

Given a BusinessTransaction and an ExecutionSystem, runs the full pipeline: validate, evaluate policy, sign an authorization if approved, release execution, assemble and store the resulting Execution trust record.

Install

npm install @parmana/runtime

Key exports

Entry points, [AVAILABLE]

ExportSignature
RuntimeFactory.create(transactions, trustRecords, policyRepository, executionSystem)Returns an ExecutionTrustApplication. The default server’s own bootstrap follows this exact call.
RuntimeBuilderFluent alternative: .withPolicyRepository(repo).build(trustRecords), used throughout examples/tutorials/.
ExecutionTrustApplication.execute(transaction), .verify(id), .replay(id), .generateReceipt(id), .getTrustRecord(id), .getTransaction(id), .listTransactions(page, pageSize). What packages/api’s routes call directly.

Advanced / lower-level, [AVAILABLE]

ExportPurpose
RuntimeEngineThe actual pipeline: validation, ExecutionGate.enforce() (throws on a REJECTED decision), authorization signing, execution, trust record assembly
RuntimePipeline, RuntimeComponentThe composable stage interface, ExecutionComponent, TrustChainValidationComponent, etc. implement this
RuntimeHook, RuntimeHookRunnerLifecycle hooks around pipeline stages
RuntimeContextPer-execution context threaded through the pipeline (context.authorization is where a signed authorization is visible before it’s discarded, see Authorize and execute end to end)

Services, [AVAILABLE]

business-transaction-service, execution-service, receipt-service (uses @parmana/crypto’s ReceiptCrypto, not @parmana/receipt, see that package’s reference page), verification-service.

Errors, [AVAILABLE]

RuntimeError (base, carries status and code), BusinessTransactionValidationError, DuplicateBusinessTransactionError, VerificationFailedError, ReceiptGenerationError. packages/api/src/middleware/error-handler.ts checks these by instanceof to pick an HTTP status, verified per-route on Endpoints, including one gap where a raw TypeError from validation bypasses this entirely.

A rejected decision throws, it does not return

ExecutionTrustApplication.execute() throws a RuntimeError when the policy decision is REJECTED, it does not return an object with outcome: "REJECTED". Verified live in Write your first policy: the thrown message is the matched rule’s rejection reason, status: 500, code: "RUNTIME_ERROR". A caller that wants to handle rejection gracefully needs a try/catch.

Minimal example

import { RuntimeFactory } from "@parmana/runtime";
import { DefaultExecutionSystem } from "@parmana/execution-system";

const application = RuntimeFactory.create(
  transactionRepository, trustRecordRepository, policyRepository,
  new DefaultExecutionSystem(),
);

const trustRecord = await application.execute(transaction); // throws if REJECTED

Next

Authorize and execute an action end to end

See RuntimeContext.authorization directly, something the REST API never exposes.

@parmana/execution-system

The one interface the fourth RuntimeFactory.create() argument must implement.