Arxi Decision Gate Asset Core
Docs
Arxi Docs

Proof recording and tamper-evident evidence documentation.

Other product docs

Arxi Decision Gate Integration Architecture

Audience: Engineers implementing or validating Decision Gate to Arxi coupling.

Table of Contents

  1. Executive Overview
  2. Mapping Contract
  3. Runpack Integrity Policy
  4. Redaction and Bounded Transcript Policy
  5. Signing and Verification Modes
  6. Fixture and Test Coverage
  7. Current Limits and Next Steps

Executive Overview

Arxi integrates Decision Gate workflows through a production adapter crate: arxi-decision-gate-adapter. The adapter ingests canonical Decision Gate MCP runpack-flow fixtures and records deterministic Arxi envelopes through the RecorderAdapter boundary.

The system-tests suite is now a forcing-function validator for this production crate, not the location of mapper logic.

F:crates/arxi-decision-gate-adapter/src/adapter.rs L1-L260 F:system-tests/tests/suites/integration_decision_gate.rs L1-L180

Mapping Contract

Decision Gate transcript entries map to Arxi envelopes with this contract:

  • Event type mapping: decision_gate.mcp.<tool_name> for tools/call entries; non-tool RPC entries map as decision_gate.rpc.<method>.
  • Mapping version marker: envelope payload includes mapping.mapping_version = "decision_gate_arxi_v1" and mapping.redaction_policy_version = "decision_gate_redaction_v1".
  • Deterministic IDs: envelope IDs are derived from (fixture_id, sequence, method, tool_name) using SHA-256-to-UUIDv7-shape mapping.
  • Trace correlation: Decision Gate run_id maps to Arxi trace_id.

F:crates/arxi-decision-gate-adapter/src/adapter.rs L226-L585 F:crates/arxi-decision-gate-adapter/src/policy.rs L1-L86

Runpack Integrity Policy

Two runpack-integrity modes are implemented and validated:

  • record_anomaly: when runpack_export root-hash data diverges from fixture manifest expectations, record decision_gate.integration.runpack_integrity_mismatch and continue ingest.
  • strict_fail: fail closed on mismatch and stop ingest immediately.

The policy currently validates:

  • fixture runpack manifest self-integrity by recomputing root hash from integrity.file_hashes,
  • runpack_export root hash parity against fixture manifest,
  • runpack_verify status and checked-file count parity.

F:crates/arxi-decision-gate-adapter/src/adapter.rs L105-L724 F:system-tests/tests/suites/integration_decision_gate.rs L380-L672

Redaction and Bounded Transcript Policy

To reduce disclosure and resource-exhaustion risk in immutable evidence:

  • Sensitive keys are redacted using deterministic hash-only summaries under decision_gate_redaction_v1.
  • Long strings are truncated at policy max_string_chars with deterministic digest + preview metadata.
  • Oversized JSON fragments are bounded at policy max_event_data_bytes with deterministic digest metadata.
  • Sanitization counters (redacted_fields, truncated_fields) are stored for auditability.

F:crates/arxi-decision-gate-adapter/src/policy.rs L24-L73 F:crates/arxi-decision-gate-adapter/src/adapter.rs L382-L523 F:system-tests/tests/suites/integration_decision_gate.rs L658-L786

Signing and Verification Modes

Integration tests run both:

  • Unsigned lane: valid-with-warnings (SignatureVerificationSkipped).
  • Signed lane: strict trust-root verification using TrustPolicy::AllMustSign.

F:system-tests/tests/suites/integration_decision_gate.rs L576-L671

Fixture and Test Coverage

Decision Gate integration coverage currently includes:

  • Canonical runpack MCP flow ingestion and verification.
  • Signed and unsigned verification lanes.
  • Runpack root-hash mismatch anomaly and strict-fail behavior.
  • Runpack manifest self-integrity anomaly and strict-fail behavior.
  • Sensitive transcript-field redaction checks.
  • Oversized transcript-field bounding checks.
  • Deterministic replay hash stability checks.

Fixture:

  • system-tests/tests/fixtures/decision_gate_runpack_mock_flow.json

Registry entries: F:system-tests/test_registry.toml L1-L320

Current Limits and Next Steps

Current limits:

  • Adapter currently ingests deterministic fixture-shaped Decision Gate flow data and does not yet ingest live MCP transport streams directly.
  • Runpack mismatch policy currently checks exported root hash + verify report parity from transcript fixtures; it does not yet import full runpack artifact directories for cross-validation in Arxi.

Natural next steps:

  1. Add fixture corpus for agentic harness variants and anchor-policy lanes.
  2. Add strict contract fixtures for scenario_next and scenario_submit disclosures.
  3. Define Decision Gate-owned versioned schema for transcript/runpack fixture shape to reduce contract drift risk.