TrigGuard
TRIGGUARD
Open Console

Authority Infrastructure

Every action passes through authority before reality changes

TrigGuard is the control layer between AI-generated intent and irreversible execution. One authority model across agents, applications, SDKs, and CI/CD pipelines.

View architecture Developer docs

Infrastructure properties

Built for production authority

The same guarantees whether you integrate via SDK, CLI, or public protocol interfaces.

Fail Closed

Execution stops when authority is unavailable. No silent bypass, no degraded permit path.

Cryptographic Receipts

Every decision produces Ed25519-signed proof bound to the action, actor, and policy context.

Protocol First

SDKs, APIs, and CLI share the same authority model. One protocol, multiple integration surfaces.

Deterministic Outcomes

Every evaluation resolves to exactly one outcome: Permit, Deny, Escalate, or Silence.

Public interfaces

Protocol surfaces for automation

Machine-readable endpoints on the same origin as this site. Mapped by Firebase Hosting to Cloud Functions; authoritative verification and policy logic live in protocol repositories and client libraries.

Capabilities API GET
Purpose

Machine-readable authority capabilities and deterministic capability manifest.

/protocol/capabilities · protocolCapabilities

Open endpoint →
Status API GET
Purpose

Authority health and availability. Protocol status snapshot for monitoring and integration checks.

/protocol/status · protocolStatus

Open endpoint →
Metadata API GET
Purpose

Versioning and deployment metadata. Engine and environment identifiers for conformance.

/protocol/metadata · protocolMetadata

Open endpoint →
Test Vectors API GET
Purpose

Deterministic SDK conformance vectors with inputs and expected decisions.

/protocol/test-vectors · protocolTestVectors

Open endpoint →
Metrics API GET
Purpose

In-memory request and decision counters for this instance. Resets on cold start.

/protocol/metrics · protocolMetrics

Open endpoint →
Offline Verification CLI
Purpose

Canonical receipt trust path: published keys plus local Ed25519 verification. No server round-trip required.

CLI /verify · n/a (offline)

Verification guide →
Request Access POST
Purpose

Request-access and lead flow. Not part of the core protocol API.

/api/request-access · requestAccess

Contact →
Protocol TG-01 v1.0.4-STABLE Controlled deployment pathways Backward-compatible (TG-01 series) Specification