Gantral
Execution Authority Control Plane
Where Execution Becomes Admissible
Orchestration coordinates execution.
Guardrails filter actions.
Observability reports behavior.
Gantral makes execution authority structurally provable.
Run AI across your organization — without losing control.
→ Read the Paper
→ Explore Architecture
→ Verifiability & Independent Replay
→ Git
Audit logs reconstruct.
Gantral proves.
Why Existing AI Control Layers Break at Scale
As AI systems move from experimentation to material execution, three structural failures emerge:
1. Policy Drift
Approval thresholds embedded in workflow code.
Policy updates require redeployment.
Governance diverges from implementation.
2. Execution Fragmentation
Guardrails operate separately from orchestration.
Humans approve in external dashboards.
Execution resumes without structural binding.
3. Broken Chain of Custody
When actions are challenged:
Financial approvals
Infrastructure changes
Security responses
Authority must be reconstructed from logs.
Reconstruction is not proof.
What Gantral is
Authority as Execution State
Gantral is an Execution Control Plane for Agentic AI.
It introduces deterministic authority semantics directly into workflow state.
Gantral does not build agents.
Gantral does not evaluate business policy.
Gantral does not replace orchestration.
Gantral does not provide GRC dashboards.
Gantral governs whether execution is admissible.
Layer
What It Does
Orchestration
Coordinates tasks
Guardrails
Filter actions
Observability
Reports behavior
Gantral
Makes authority part of execution state
How It Works
Deterministic Authority Model
Gantral defines canonical workflow states:
CREATED → RUNNING → WAITING_FOR_HUMAN
→ APPROVED / REJECTED / OVERRIDDEN
→ RESUMED → COMPLETED
Authority is not a log event.
It is part of the execution state machine.
Invalid transitions are rejected.
Execution fails closed under ambiguity.
Why Existing Systems Are Not Enough
Approvals and audit logs have existed for years.
But AI systems have changed.
They now act more independently.
They adapt.
They make decisions across systems.
The risk has increased.
The control model has not.
What Used to Work
Before, approvals were simple pauses in a workflow.
If something went wrong, teams checked the logs.
That was enough.
What Changed
Today, AI systems:
Make dynamic decisions
Trigger real-world actions
Affect money, infrastructure, and customers
When impact increases, reconstruction is not enough.
You must be able to prove that authority was valid - at the moment execution resumed.
The Shift
Approval can no longer be just a task.
It must be a defined, enforced boundary.
Authority must be:
Explicit
Validated
Recorded in a way that cannot be altered
Not reconstructed later.
Provable by design.
Gantral exists because modern AI systems require structural authority - not just workflow pauses.
Separation of Policy and Code
Gantral integrates with policy engines (e.g., OPA) in advisory mode.
Policy bundles are versioned.
Policy thresholds are external to agent code.
Workflow implementations remain deterministic.
Policy updates do not require agent redeployment.
This reduces:
Agent workflow duplication
Configuration drift
Governance fragility
Operational risk
Before
With Gantral
Policy updates no longer require workflow redeployment.
The Commitment Artifact
Audit logs reconstruct.
Gantral proves.
At every authority boundary, Gantral emits an immutable artifact binding:
Execution Binding
execution instance identifier
workflow version id
policy version id
Authority Binding
authority state
human actor identity
timestamp
Integrity Binding
context snapshot hash
previous artifact hash
Artifacts form a recursive hash chain.
Any modification invalidates downstream artifacts.
[Artifact 1] → [Artifact 2] → [Artifact 3]
Artifacts are append-only and verifiable without runtime access.
Independent Replay
Verifiable Without Runtime Access
Given an artifact chain and public execution semantics, a third party can determine:
Whether authority was required
Whether authority was granted
Which policy version governed evaluation
Which workflow version governed execution
Whether transitions were valid
Replay outcomes:
VALID — authority intact and untampered
INVALID — tampering detected
INCONCLUSIVE — insufficient evidence
Replay does not require:
Access to Gantral runtime
Internal databases
Logs
Operator testimony
Authority becomes independently inspectable.
Policy Integration
Policy Without Workflow Duplication
Gantral integrates with policy engines (e.g., OPA) in advisory mode.
Policy bundles are versioned.
Thresholds are externalized from workflow code.
Policy updates do not require agent redeployment.
This reduces:
Agent workflow duplication
Configuration drift
Governance fragility
Operational risk
Architecture Overview
Where Gantral Sits
Gantral sits:
Below guardrails
Above orchestration
Between agent frameworks and workflow runtimes
It alone advances or blocks execution state.
Gantral binds authority before execution proceeds.
Designed for High-Materiality Environments
Gantral is built for environments where execution-time authority must withstand adversarial scrutiny:
Financial institutions
Regulated enterprises
Infrastructure automation platforms
Security-sensitive environments
Long-horizon auditability
Gantral enables incremental, reversible introduction of deterministic authority without rewriting agents.
Open Infrastructure
Gantral’s execution core is open source (Apache 2.0).
This enables:
Independent inspection of execution semantics
Third-party security review
Long-term regulatory confidence
Vendor-neutral authority infrastructure
The formal specification and reference implementation are described formally in the Zenodo publication (v1.0).
Structural Alignment
Designed for environments aligned with emerging control expectations in:
NIST AI Risk Management Framework
EU AI Act (Human Oversight)
ISO/IEC 42001
Gantral provides execution-time control primitives and evidence infrastructure.
It does not replace governance processes.
It makes authority structurally provable.
Engage as a Design Partner
Authority Must Be a Property of Execution
Governance cannot remain procedural.
Authority cannot remain reconstructive.
Execution authority must be structural.
→ Engage as a Design Partner
→ Review Execution Semantics
→ Verifiability & Independent Replay
Build with Deterministic Authority
Gantral restores execution authority as a first-class property of AI systems.
Infrastructure for agentic AI begins at the control plane.