docs4. The PlatformThe Engine & Schema

The Engine & Data Specification

The core of EAP is the Enterprise Anchors Engine—a distributed processing kernel that powers the platform. Unlike legacy governance tools that function as centralized chokepoints, the Engine is architected as a set of event-driven behaviors replicated across the Control Plane and embedded within every Anchor Sidecar.

The Decision Spine Object (DSO)

The Charter defines the Decision Spine as the canonical, immutable tuple {WHY, WHAT, WHO, WHEN, HOW}. The Platform implements this as a Context Header required for every inter-agent communication. An agent cannot invoke a tool unless it transmits a valid Decision Spine Object (DSO) in the request metadata.

  • WHY (Intent): Maps to the namespace and intent hash. The Mesh uses this to enforce multi-tenancy and network segmentation by intent.
  • WHAT (Artifacts): Maps to the artifact manifest. The Platform validates that the running image matches the cryptographic hash in the DSO.
  • WHO (Authority): Maps to the SPIFFE ID embedded in the mTLS certificate, verifying the authorized principal.
  • WHEN (Lifecycle): Maps to the lifecycle tag (e.g., dev, prod). The Platform enforces stricter thresholds for production environments.
  • HOW (Mode): Maps to the policy version and current autonomy state.

The Constraint: The Anchor Sidecar injects this DSO into every egress request. If the DSO is malformed or unsigned, the Gateway Fabric rejects the packet.

The Engine Cycle

For every transaction in the mesh, the Engine executes a deterministic Decision-Control Loop at the network edge (within the Anchor Sidecar):

  1. Ingest (The Spine): The Engine extracts the Intent Hash, Identity Token, and Policy Version from the request header.
  2. Evaluate (The Bundle): The Engine queries the Autonomy Manager for the current state of the 5-vector Autonomy Bundle (Safety, Sigma, KRI, Flow, Evidence).
  3. Verdict (The Mode): Based on the evaluation, the Engine dictates the Operating Mode (HITL, HOTL, HOOTL) for that specific transaction.
  4. Orchestrate (The Route):
    • If HOOTL: The Engine routes the packet to the Tool Gateway for execution.
    • If HITL: The Engine suspends the packet and emits a Human Approval Required event to the workflow stream.

Policy Enforcement

Governance documents in PDFs are “dead artifacts.” To govern an agent operating in milliseconds, policy must be executable code enforced at Policy Enforcement Points (PEPs) when actions occur. The platform compiles high-level rules into optimized decision logic that is distributed to the Anchor Sidecars, ensuring enforcement happens at the edge with sub-millisecond latency overhead.

Model Agnosticism

Regardless of the underlying AI model or framework, the platform governs Intent, not specific Models. The Gateway Fabric provides a standardized abstraction layer, allowing the enterprise to swap underlying LLMs without breaking governance policies or audit trails.

Reference Architecture