Solution Packs

Ship a governed solution once. Deploy anywhere.

A Solution Pack bundles your ontology, policies, Action Fabric actions, and agents into one versioned, signed, verifiable artifact — exported from one tenant, published to a registry, and imported into another with its hash and signature checked at the door.

canonicalize → sha256 contentHash → HMAC signature · verifyPack(hashOk + signatureOk)

packs/transfer
Tenant AontologypoliciesactionsagentsexportSigned packv2.4 · HMAC-SHA2560x9f3a…c1publishRegistrystable · betainstallverifyPackhashOk · signatureOkvalidTenant BimportPreview diffimportApply (own tenant)Tampered contentshashOk:false → importApply 409409 blocked
packs ▸ canonicalize → sha256 contentHash → HMAC signature
The capstone

One governed solution, portable across every environment.

The hard part of enterprise AI isn't building one agent — it's redeploying a governed solution, intact, to the next tenant, region, or air-gapped network. Solution Packs make that solution a first-class artifact: bundle it, sign it, and re-deploy it without rebuilding governance from scratch.

Bundle

Gather a tenant's governed definitions — ontology types, policies, Action Fabric actions, and agent metadata — into one contents bundle, versioned by key.

Sign

Canonicalize to stable key-sorted JSON, hash to a sha256 contentHash, then HMAC-sign it. Production refuses to sign without a configured signing secret.

Distribute

Publish to a shared registry on a stable or beta channel — provenance recorded by publishing tenant, install always targeting the caller's own tenant.

Verify

Every import re-checks hashOk and signatureOk before a single row is written. Tamper with the contents and it fails closed — no partial apply.

What's in a pack

Four governed sections, one signed bundle.

A pack is the contents bundle plus its integrity envelope. The bundle carries the definitions; the envelope is what makes it portable and provable.

ontologyTypes
  • Object-type key, name, description
  • Property schema (incl. restricted)
  • allowedActions per type
policies
  • name, whenExpr condition
  • effect (allow / deny / require approval)
  • priority & enabled flag
actions
  • Action Fabric key, name, description
  • riskTier (drives oversight)
  • enabled flag
agents
  • name, type, requiredModule
  • skillCodes, status
  • Captured for reference — not auto-created on import
Integrity & signing

The math that makes a pack provable.

  1. 01

    canonicalize

    Serialize the contents to stable, key-sorted JSON so the bytes are deterministic — the same definitions always hash to the same value.

  2. 02

    hashContents → contentHash

    Compute a sha256 over the canonical bytes. Any edit to any field — one policy priority, one property — changes the hash.

  3. 03

    signHash → signature

    HMAC-SHA256 the contentHash with the deployment signing secret (CORTEX_PACK_SIGNING_SECRET). verifyPack then checks hashOk and signatureOk; a tampered bundle breaks hashOk, a wrong secret breaks signatureOk.

Tamper with the stored contents and verifyPack returns hashOk:false — and any attempt to apply it returns a 409. The check runs offline, with no call home.

Safe import

See exactly what changes before anything is written.

Importing a pack is a two-step, verify-first flow. importPreview gives you a per-section diff against your live definitions; importApply re-verifies the signature, then idempotently upserts — into your own tenant only.

  • importPreview — verifyPack result plus a per-section diff: added / changed / unchanged
  • importApply verifies first — invalid packs return 409 with no partial write
  • Idempotent upsert of ontology types, policies, and actions — re-running is safe
  • Always targets the caller's own tenant — cross-tenant transfer happens via the artifact, never a direct cross-tenant write
import/preview
us-individual-tax · v2.4valid: true
ontologyTypes+1 added~0 changed0 unchanged
policies+4 added~2 changed0 unchanged
actions+3 added~1 changed0 unchanged
importApply verifies first ▸ 409 if invalid · upserts into your tenant only
audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
Registry & certification

A shared registry for publishing and installing packs.

Publish a verified pack to a channel and any admin can browse and install it into their own tenant — after the signature is checked. Cross-tenant distribution works because the HMAC signature is over the content hash with the deployment's signing secret, so an entry published by one tenant verifies and installs cleanly for another.

  • Channels: stable and beta — latest version kept per channel
  • publish re-verifies hash + signature before copying to the registry (refuses an unverifiable pack)
  • install verifies the signature, then applies into the caller's tenant — tenant isolation always holds
  • Certification program: signed, version-pinned packs carry a Certified badge with measured eval coverage
Available packs

Production-ready, signed & certified.

Versioned bundles you can verify by hash and signature, then import into your tenant. Each pack ships with its own ontology, policies, actions, and agent definitions.

US Individual Tax
v2.4 · signed
  • Ontology types1
  • Policies6
  • Actions4
  • Agents4
CertifiedInstall
Insurance Claims
v1.8 · signed
  • Ontology types3
  • Policies5
  • Actions4
  • Agents3
CertifiedInstall
KYC / AML Review
v1.2 · signed
  • Ontology types2
  • Policies7
  • Actions3
  • Agents3
CertifiedInstall

Bundle it. Sign it. Deploy it anywhere.

Turn your governed AI solution into a portable, verifiable artifact — and ship governance with it, every time.