AgentTrust
AgentTrust
Reference

Byte-offset reference

Fixed offsets used by AgentTrust's manual byte-offset readers — Quantu AtomStats and AgentTrust ValidationAttestation.

PolicyVault reads two foreign PDAs through byte-precise parsers rather than Borsh deserialization. Schema-version canaries fail loud rather than silently misread fields if the upstream layout changes.

Sources: programs/policy-vault/src/ext/atom_engine.rs, programs/policy-vault/src/ext/validation_registry.rs.

Quantu AtomStats (561 bytes)

Pinned to commit bfb09ad. Account-data-relative offsets — the 8-byte Borsh discriminator at 0..8 is verified via owner check, not by re-parsing.

OffsetWidthFieldNotes
549u8risk_score0..=255 — lower is better
551u8tier_immediate0..=4 — v1 demo default; what CounterpartyTier reads in GATE_MODE_IMMEDIATE
555u8tier_confirmed0..=4 — post-vesting; production policies prefer this via GATE_MODE_CONFIRMED
557u16 LEconfidence0..=10000 (basis points)
560u8schema_versioncanary — must equal 1; mismatch → Deny(AtomStatsSchemaMismatch)

Constants:

SymbolValue
ATOM_STATS_SIZE561
ATOM_TIER_MAX4
ATOM_STATS_SCHEMA_VERSION_EXPECTED1
ATOM_ENGINE_ID (devnet)AToMufS4QD6hEXvcvBDg9m1AHeCLpmZQsyfYa5h9MwAF
ATOM_ENGINE_ID (mainnet)AToMw53aiPQ8j7iHVb4fGt6nzUNxUhcPc3tbPBZuzVVb

A tier byte above ATOM_TIER_MAX with schema_version == 1 implies tampering or an undeclared spec change — the parser fails with AtomStatsSchemaMismatch rather than silently clamp.

AgentTrust ValidationAttestation (290 bytes)

Account-data-relative offsets. Field declaration order is load-bearing — reordering fields silently breaks PolicyVault's reads.

OffsetWidthFieldNotes
8Pubkeysubject_assetThe payee this attestation is about
40[u8; 32]capability_hashSHA-256 of the namespace name
72PubkeyattestorThe key that signed respond_to_validation
104[u8; 32]claim_payload_hashnot read by v1 policy
136[u8; 64]attestor_signaturereserved for v1.1+ Ed25519 sysvar verify
200u64 LEissued_atnot read by v1 policy
208u64 LEexpires_at0 = never expires
216boolrevokedrevoked == trueDeny(AttestationRevoked)
217u64 LErevoked_atnot read by v1 policy
225[u8; 32]revocation_reason_hashnot read by v1 policy
257[u8; 32]claim_uri_hashnot read by v1 policy
289u8bumpnot read by v1 policy

Constants:

SymbolValue
VALIDATION_ATTESTATION_SIZE290
VA_SUBJECT_ASSET_OFFSET8
VA_CAPABILITY_HASH_OFFSET40
VA_ATTESTOR_OFFSET72
VA_EXPIRES_AT_OFFSET208
VA_REVOKED_OFFSET216
VALIDATION_REGISTRY_ID (devnet)Cx4RFa6ysw3qXYhugPkF8pFSWBkmKq59h2dWgF2tKhtv

AgentTrust PolicyAccount (240 bytes — own program)

PolicyVault's own state. Field offsets matter for the playbook contract; readers (the composer, the SDK's parseGateDecision) use the Anchor-generated decoder rather than byte offsets, but the layout is documented for downstream tooling.

OffsetWidthField
8Pubkeypayer_agent_asset
40u32policy_id
44u8bump
48u8enabled_kinds_bitmask
49u8gate_mode
50u64spending_per_tx_max
58u64spending_daily_max
66u64spending_weekly_max
74u64spending_today_used
82u64spending_week_used
90u64spending_today_anchor
98u64spending_week_anchor
106u64velocity_window_secs
114u64velocity_max_in_window
122u64velocity_tier0_decay_factor
130u8min_counterparty_tier
131u8max_risk_score
132u16min_confidence
134u8default_unrated_treatment
135[u8; 32]required_capability_hash
167[Pubkey; 2]accepted_attestors
231u8scope_kind
232[u8; 8]_reserved

Source: programs/policy-vault/src/state/policy_account.rs.

On this page

⌘I