AgentTrust
AgentTrust
Reference

Discriminator constants

Pinned instruction discriminators, PDA seed prefixes, and account size canaries used across AgentTrust.

The constants below are the load-bearing discriminators and seeds AgentTrust depends on. Anything that drifts here breaks downstream tooling.

Quantu CPI discriminator

ValueNotes
[145, 136, 123, 3, 215, 165, 98, 41]agent_registry_8004::give_feedback 8-byte instruction discriminator. TrustGate's emit_feedback and dispute_payment invoke this via invoke_signed.

Source: programs/trustgate/src/ext/agent_registry.rs. Pinned to Quantu commit bfb09ad.

AgentTrust PDA seed prefixes

ProgramSeed prefixSeedsWhat it identifies
policy_vaultb"policy"["policy", agent_asset, policy_id_le]PolicyAccount
policy_vaultb"velocity"["velocity", agent_asset, policy_id_le]VelocityLedger
policy_vaultb"killswitch"["killswitch", &[scope_kind], scope_key]KillSwitchState
policy_vaultb"policy_authority"["policy_authority", agent_asset]PolicyAuthority
trustgateb"trustgate_auth"["trustgate_auth", facilitator]TrustGateAuthority
trustgateb"feedback_log"["feedback_log", payment_id_hash]FeedbackEmissionLog
validation_registryb"capability"["capability", capability_hash]CapabilityNamespace
validation_registryb"attestor"["attestor", attestor_pubkey]AttestorProfile
validation_registryb"request"["request", subject_asset, capability_hash, requester]ValidationRequest
validation_registryb"attestation"["attestation", subject_asset, capability_hash, attestor]ValidationAttestation

The SDK exposes derivers for every PDA: SDK → Exports reference.

Account size canaries

AccountSizeSource
PolicyAccount240policy_account.rs
VelocityLedger80velocity_ledger.rs
KillSwitchState96kill_switch_state.rs
PolicyAuthority272policy_authority.rs
TrustGateAuthority104trustgate_authority.rs
FeedbackEmissionLog72feedback_emission_log.rs
ValidationAttestation290validation_attestation.rs
AtomStats (Quantu)561upstream-pinned at commit bfb09ad; canary at byte 560

Sizes are validated at parse time — a size mismatch fails loud rather than silently misread.

TrustGate emit_feedback field bounds

FieldLimitError
score≤ 100ScoreOutOfRange
tag1≤ 32 bytesTagTooLong
tag2≤ 32 bytesTagTooLong
endpoint≤ 64 bytesEndpointTooLong
feedback_uri≤ 256 bytesUriTooLong

DISPUTE_SCORE (the score dispute_payment hard-codes for negative feedback) lives at programs/trustgate/src/constants.rs.

ValidationRegistry name + URI bounds

FieldLimitError
CapabilityNamespace.namemin 3, max 32 bytes; no ':'NameTooShort / NameTooLong / NamespaceColonForbidden
CapabilityNamespace.version≤ 16 bytesVersionTooLong
CapabilityNamespace.schema_uri≤ 160 bytesUriTooLong
AttestorProfile.display_name_uri≤ 100 bytesUriTooLong

PolicyVault constants module

Bitmask flags for PolicyAccount.enabled_kinds_bitmask:

FlagValuePolicy
KIND_KILLSWITCH0b00001 (1)KillSwitch
KIND_SPENDING0b00010 (2)Spending
KIND_VELOCITY0b00100 (4)Velocity
KIND_COUNTERPARTY_TIER0b01000 (8)CounterpartyTier
KIND_REQUIRE_VALIDATION0b10000 (16)RequireValidation

gate_mode enum:

ValueConstantReads
0GATE_MODE_IMMEDIATEAtomStats.tier_immediate (byte 551)
1GATE_MODE_CONFIRMEDAtomStats.tier_confirmed (byte 555)

default_unrated_treatment enum:

ValueConstantComposer maps to
0UNRATED_DENYDeny(UnratedTreatmentDeny) (code 15)
1UNRATED_ALLOWAllow
2UNRATED_REQUIRE_VALIDATIONRequireValidation(capability_hash)

Constants module: programs/policy-vault/src/constants.rs.

On this page

⌘I