observe-recommend-explain-approve-deploy-CAR loop. Seven pattern classes. Customer-controlled adaptation.
§5 The Architecture
The architecture
Five planes. Four AI-native modules. Voice Execution Gateway. Six pre-configured industry packs. Seventeen Foundation standards. Seven trust domains with operational separation.
/v1/execute
Guardidentity, intent, policy, compliance
Walletspend, exposure, insurance
Contextmemory, routing, coordination
Dataprovenance, exposure, egress
Proofsigning, audit, verification
Certified Action Record…
- Guard Plane
identity, intent, policy, compliance
Should this action ever execute?
- Wallet Plane
spend, exposure, insurance
What does this action cost?
- Context Plane
memory, routing, coordination
What context does this action need?
- Data Plane
provenance, exposure, egress
Should data leave the actor’s boundary?
- Proof Plane
signing, audit, verification
What evidence proves the decision?
Four AI-native modules
Six pre-configured packs covering 105 regulatory citations. 30-second deployment.
Six regulatory feed adapters, 4-hour critical review.
Proactive registration with declared scope, four-state lifecycle, seven drift classes.
VEX-1 Voice Execution Gateway
AuthorityRail is the only execution authority infrastructure with a voice gateway at v1.0. VEX-1 implements three-class clone detection running in parallel, each class under a 200ms hard timeout with fail-closed semantics — the timeout is an enforced ceiling, not a benchmark. Voice credential enrollment with privacy-by-design — raw audio is NEVER persisted, only 256-dimensional embeddings and signed transcripts. Phone numbers stored hashed not plaintext. HCES-1 escalation via the existing Twilio mobile_approval flow. Voice attack surface closed at the architectural layer.
Seven trust domains
Different operational ownership per the cryptographic separation pattern. Compromise of one key does not compromise the others.
Twenty Foundation standards
All twenty Foundation standards reuse ARES-v1.1 cryptographic primitives: pure Ed25519 over COSE_Sign1, length-prefixed canonical inputs. No parallel cryptosystem. Single primitive surface to migrate when post-quantum cryptography becomes operational. Foundation governance under ASFC-v1 with three external reviewers per standard advancement.
Read the standards§9 Reproducibility
Verify it yourself
AuthorityRail’s architectural quality posture is procurement-grade: every claim is verifiable independently. Clone the repo, run the canonical reproduction commands, verify any CAR against the federation manifest. The Standards Site verification console runs entirely client-side — no trust required in AuthorityRail’s servers.
git clone https://github.com/AuthorityRail-ai/authorityrail.git cd authorityrail npm install --include=dev
npx tsx packages/axap/scripts/verify-test-vectors.ts ares-v1.2 npx tsx packages/axap/scripts/verify-test-vectors.ts ades-v1
curl -s https://[customer-gateway]/v1/cars/[car_id] \ | npx tsx packages/axap/scripts/verify-car.ts
Honest engagement status
| Cryptographic primitive review | Pending — engagement target Trail of Bits / NCC Group / Cure53 / Filippo Valsorda |
| Foundation reviewer engagement | Pending per ASFC-v1 §3 |
| Production-shape benchmarks | Shipping post-launch per PRODUCTION_SHAPE_ROADMAP.md |
| Test vectors for fifteen standards | Shipping in v1.0.1 |
| First three pilot customers | In deployment phase |
| False-positive telemetry | Shipping after first 90 days of pilot deployment |
None of these engagements is hidden. All are surfaced openly, with honest timelines. AuthorityRail’s architectural quality posture is the procurement signal that distinguishes the Foundation from vendors making category claims without substance.
Read the Reproducibility Guide