Gantral

Execution Authority Control Plane
Where Execution Becomes Admissible

Orchestration coordinates execution.
Guardrails filter actions.
Observability reports behavior.

Gantral makes execution authority structurally provable.

Run AI across your organization — without losing control.

Read the Paper
Explore Architecture
Verifiability & Independent Replay
Git

Audit logs reconstruct.
Gantral proves.

Why Existing AI Control Layers Break at Scale

As AI systems move from experimentation to material execution, three structural failures emerge:

1. Policy Drift

Approval thresholds embedded in workflow code.
Policy updates require redeployment.
Governance diverges from implementation.

2. Execution Fragmentation

Guardrails operate separately from orchestration.
Humans approve in external dashboards.
Execution resumes without structural binding.

3. Broken Chain of Custody

When actions are challenged:

  • Financial approvals

  • Infrastructure changes

  • Security responses

Authority must be reconstructed from logs.

Reconstruction is not proof.

What Gantral is

Authority as Execution State

Gantral is an Execution Control Plane for Agentic AI.

It introduces deterministic authority semantics directly into workflow state.

Gantral does not build agents.
Gantral does not evaluate business policy.
Gantral does not replace orchestration.
Gantral does not provide GRC dashboards.

Gantral governs whether execution is admissible.

Layer

What It Does

Orchestration

Coordinates tasks

Guardrails

Filter actions

Observability

Reports behavior

Gantral

Makes authority part of execution state

How It Works

Deterministic Authority Model

Gantral defines canonical workflow states:

CREATED → RUNNING → WAITING_FOR_HUMAN
→ APPROVED / REJECTED / OVERRIDDEN
→ RESUMED → COMPLETED

Authority is not a log event.
It is part of the execution state machine.

Invalid transitions are rejected.

Execution fails closed under ambiguity.

Why Existing Systems Are Not Enough

Approvals and audit logs have existed for years.

But AI systems have changed.

They now act more independently.
They adapt.
They make decisions across systems.

The risk has increased.
The control model has not.

What Used to Work

Before, approvals were simple pauses in a workflow.
If something went wrong, teams checked the logs.

That was enough.

What Changed

Today, AI systems:

  • Make dynamic decisions

  • Trigger real-world actions

  • Affect money, infrastructure, and customers

When impact increases, reconstruction is not enough.

You must be able to prove that authority was valid - at the moment execution resumed.

The Shift

Approval can no longer be just a task.

It must be a defined, enforced boundary.

Authority must be:

  • Explicit

  • Validated

  • Recorded in a way that cannot be altered

Not reconstructed later.
Provable by design.

Gantral exists because modern AI systems require structural authority - not just workflow pauses.

Separation of Policy and Code

Gantral integrates with policy engines (e.g., OPA) in advisory mode.

Policy bundles are versioned.
Policy thresholds are external to agent code.
Workflow implementations remain deterministic.

Policy updates do not require agent redeployment.

This reduces:

  • Agent workflow duplication

  • Configuration drift

  • Governance fragility

  • Operational risk

Before

With Gantral

Policy updates no longer require workflow redeployment.

The Commitment Artifact

Audit logs reconstruct.
Gantral proves.

At every authority boundary, Gantral emits an immutable artifact binding:

Execution Binding

  • execution instance identifier

  • workflow version id

  • policy version id

Authority Binding

  • authority state

  • human actor identity

  • timestamp

Integrity Binding

  • context snapshot hash

  • previous artifact hash

Artifacts form a recursive hash chain.

Any modification invalidates downstream artifacts.

[Artifact 1] → [Artifact 2] → [Artifact 3]

Artifacts are append-only and verifiable without runtime access.

Independent Replay

Verifiable Without Runtime Access

Given an artifact chain and public execution semantics, a third party can determine:

  • Whether authority was required

  • Whether authority was granted

  • Which policy version governed evaluation

  • Which workflow version governed execution

  • Whether transitions were valid

Replay outcomes:

VALID — authority intact and untampered
INVALID — tampering detected
INCONCLUSIVE — insufficient evidence

Replay does not require:

  • Access to Gantral runtime

  • Internal databases

  • Logs

  • Operator testimony

Authority becomes independently inspectable.

Policy Integration

Policy Without Workflow Duplication

Gantral integrates with policy engines (e.g., OPA) in advisory mode.

Policy bundles are versioned.
Thresholds are externalized from workflow code.
Policy updates do not require agent redeployment.

This reduces:

  • Agent workflow duplication

  • Configuration drift

  • Governance fragility

  • Operational risk

Architecture Overview

Where Gantral Sits

Gantral sits:

  • Below guardrails

  • Above orchestration

  • Between agent frameworks and workflow runtimes

It alone advances or blocks execution state.

Gantral binds authority before execution proceeds.

Designed for High-Materiality Environments

Gantral is built for environments where execution-time authority must withstand adversarial scrutiny:

  • Financial institutions

  • Regulated enterprises

  • Infrastructure automation platforms

  • Security-sensitive environments

  • Long-horizon auditability

Gantral enables incremental, reversible introduction of deterministic authority without rewriting agents.

Open Infrastructure

Gantral’s execution core is open source (Apache 2.0).

This enables:

  • Independent inspection of execution semantics

  • Third-party security review

  • Long-term regulatory confidence

  • Vendor-neutral authority infrastructure

The formal specification and reference implementation are described formally in the Zenodo publication (v1.0).

Structural Alignment

Designed for environments aligned with emerging control expectations in:

  • NIST AI Risk Management Framework

  • EU AI Act (Human Oversight)

  • ISO/IEC 42001

Gantral provides execution-time control primitives and evidence infrastructure.
It does not replace governance processes.
It makes authority structurally provable.

Engage as a Design Partner

Authority Must Be a Property of Execution

Governance cannot remain procedural.
Authority cannot remain reconstructive.

Execution authority must be structural.

Engage as a Design Partner
Review Execution Semantics
Verifiability & Independent Replay

Build with Deterministic Authority

Gantral restores execution authority as a first-class property of AI systems.

Infrastructure for agentic AI begins at the control plane.

© Gantral | 2025. Licensed under Apache 2.0. Reference implementation available publicly.

© Gantral | 2025. Licensed under Apache 2.0. Reference implementation available publicly.