paper and spec
Research foundation and normative specification.
Faramesh is backed by a published system paper and a normative core specification.
The paper
Faramesh: A Protocol-Agnostic Execution Control Plane for Autonomous Agent Systems (arXiv:2601.17744) defines the execution-control model for autonomous agent side effects.
Core contribution from the paper:
01A non-bypassable Action Authorization Boundary (AAB) before effectful execution.
02Canonical Action Representation (CAR) as deterministic evaluation input.
03Deterministic PERMIT or DEFER or DENY decision artifacts that executors must validate before side effects.
04Decision-centric append-only provenance logging keyed by canonical action hashes.
05Deterministic replay and verification without re-running agent reasoning.
The normative spec
Faramesh Core Specification v1.0 (Normative) defines an interoperable and testable execution-time authorization control plane for implementers of compatible servers, SDKs, CLIs, and integrations.
The spec uses RFC 2119 normative language and standardizes:
01Canonical Action Representation (CAR) and canonicalization stability.
02Request hashing, policy hash binding, and profile hash binding.
03Deterministic first-match-wins policy semantics with default deny.
04Independent risk scoring and high-risk upgrade semantics.
05Fail-closed decision behavior and non-bypassable lifecycle transitions.
06Approval gating and exactly-one-outcome decision contracts.
07Immutable append-only hash-chained Decision Provenance Records (DPR).
08Deterministic replay verification without re-execution side effects.
09Conformance test requirements for canonicalization, policy semantics, risk, lifecycle, DPR integrity, and replay.
Audience and intent
This spec release is for implementers building Faramesh-compatible control planes and integrations. It is designed to make compatibility testable rather than rhetorical.
FIELDVALUE
StatusFinal
AudienceImplementers of compatible servers, SDKs, CLIs, and integrations
Normative languageRFC 2119 (MUST, MUST NOT, SHOULD, MAY, etc.)
Decision setEXECUTE or ABSTAIN or HALT at spec level
Conformance basisPass required canonicalization, semantics, fail-closed, lifecycle, DPR, and replay tests
Practical reading order: paper first for model and threat framing, then the normative spec for wire formats, hashing, lifecycle, and conformance test requirements.