TrigGuard
TRIGGUARD
Login Sign up

NOTHING EXECUTES WITHOUT AUTHORIZATION

DETERMINISTIC AUTHORIZATION FOR AUTOMATED SYSTEMS

TrigGuard is a pre-execution safety gate that determines whether automated systems are allowed to act.

[ SYSTEM ]

Evaluate → PERMIT, DENY, or SILENCE → enforce before irreversible work.

Receipts are signed; outcomes are verifiable offline.

Installation → Documentation

NODE_IDENTITY TG-ALPHA-01
CRYPTO_SUITE Ed25519
FAILURE_MODE Fail-Closed
LATENCY (KERNEL) <5ms · p99 · hot path
LATENCY (EVAL E2E) <15ms · p99 · finite-state
// REQUEST FLOW

Verification before execution

TrigGuard is a verification layer: your application or agent uses the SDK to reach the authority API; only actions backed by a valid PERMIT receipt should run.

No execution without verification.

// HOW TRIGGUARD WORKS

Where TrigGuard sits

Between intent and execution: deterministic policy, verifiable receipts, no irreversible action without authorization.

Execution timeline

Control plane vs data plane

Governance and configuration above; real-time authorization on the hot path.

Deployment Modes

// QUICKSTART

Integrate TrigGuard in seconds.

[ FETCH ]
const response = await fetch("https://trigguardai.com/protocol/verify-receipt", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    decision: "PERMIT",
    timestamp: new Date().toISOString()
  })
});

const data = await response.json();
// Protocol rule: ignore unknown JSON keys — read only what you need
if (data.valid === true && data.type === "verify_receipt") {
  executeAction();
}

Responses are extensible: protocol, protocol_version, and type identify the contract; new fields may appear anytime. See Documentation.

[ Documentation → ]

// CORE CAPABILITIES

Execution interception

Blocks unsafe automated actions before execution occurs.

Deterministic enforcement

All execution decisions resolve to PERMIT or DENY (or SILENCE when no authorization is issued).

Fail-closed safety

If policy cannot be evaluated, execution is denied.

Every action produces a verifiable record. Receipts carry decisions only; runtimes record enforcement (EXECUTED / BLOCKED).

[ EXECUTION TRACE ]

TRACE_ID: TG-A7C192B

ACTOR: finance-bot

ACTION: transfer_funds

AMOUNT: $50,000

DECISION: DENY

ENFORCEMENT: BLOCKED

RECEIPT_STATUS: SIGNED

SILENCE means no authorization was issued. Without authorization, execution cannot proceed. (Incomplete evaluation—still explicit non-permission.)

// EXECUTION FLOW

Request → Evaluation → Decision → Execution (only on PERMIT)

Application surface · action · context · idempotency_key TrigGuard irreversible execution gate Signed Receipt verifiable outcome

Decisions DENY. Systems BLOCK.

TrigGuard produces the decision. Your systems enforce the outcome.

// SYSTEM BOUNDARY

Execution Authorization Boundary

Automation Systems
GitHub Actions · Terraform · GitLab CI · ArgoCD · Internal Systems
POST /execute · surface · action · context · idempotency_key
TRIGGUARD
Authoritative evaluation layer
policy-bound outcome

Managed service or private deployment—same fail-closed contract: no PERMIT, no execution.

signed receipt
Execution Surfaces
deploy.release · infra.apply · database.migrate · secrets.access · data.export

Evaluate → PERMIT · DENY · SILENCE
Finite execution outcomes.

// GET STARTED

Gate your first irreversible path

Wire POST /execute before commit in minutes. One authoritative evaluation: execution does not proceed until policy returns PERMIT.

DOCS Documentation Quick start, guides API API Reference Endpoint specs EXAMPLES Integration Patterns GitHub, Terraform VERIFY Receipt Verification Offline demo
Read the Docs Explore Protocol

Access Requested

Request received. We will be in touch.