Warrants
Warrants are the core primitive in Tenuo's authorization model. They are cryptographically signed tokens that grant specific capabilities to an agent.
What is a Warrant?
A warrant is like a permission slip that says:
"The holder of this warrant is allowed to perform these specific actions, until this expiration time"
Unlike traditional access control (roles, ACLs), warrants are:
- Bearer tokens: Whoever holds the warrant can use it
- Self-contained: All permission info is in the token itself
- Cryptographically signed: Cannot be forged or modified
- Time-limited: Automatically expire
Warrant Structure
βββββββββββββββββββββββββββββββββββββββββββ
β Warrant β
βββββββββββββββββββββββββββββββββββββββββββ€
β ID: tnu_wrt_abc123 β
β Holder: agent-456 β
β Actions: ["read:docs", "write:summary"]β
β Issued At: 2024-01-15T10:00:00Z β
β Expires: 2024-01-15T11:00:00Z β
β Issuer: (public key of issuer) β
β Signature: (Ed25519 signature) β
βββββββββββββββββββββββββββββββββββββββββββHow Warrants Work
ββββββββββββββ ββββββββββββββ βββββββββββββββ
β Issuer β β Agent β β Authorizer β
β (your app) β β β β (sidecar) β
βββββββ¬βββββββ βββββββ¬βββββββ ββββββββ¬βββββββ
β β β
β Issue Warrant β β
ββββββββββββββββββ>β β
β β β
β β Present Warrant β
β βββββββββββββββββββ>β
β β β
β β β Verify:
β β β - Signature
β β β - Expiration
β β β - Not revoked
β β β
β β Grant Access β
β β<βββββββββββββββββββ- Issue: Your application creates a warrant for an agent
- Present: The agent presents the warrant when requesting access
- Verify: The authorizer checks the warrant is valid
- Grant: If valid, the action is allowed
Warrant vs JWT
| Feature | Warrant | JWT |
|---|---|---|
| Delegation | Native support | Manual implementation |
| Revocation | Built-in SRL | Requires blacklist |
| Constraints | CEL expressions | Claims only |
| Audit | Receipt signatures | None built-in |
Key Concepts
Holder
The entity (usually an AI agent) that holds and presents the warrant. Identified by a public key or opaque ID.
Actions
The specific operations the warrant allows. Actions are strings that you define:
read:documents
write:summaries
execute:code
access:database:usersConstraints
Optional CEL expressions that further restrict when the warrant is valid:
resource.owner == holder.id
request.time.hour >= 9 && request.time.hour < 17
action.amount < 1000Expiration
All warrants have an expiration time. Short-lived warrants (minutes to hours) are more secure than long-lived ones.
Creating Warrants
Warrants are created using the Tenuo SDK, not directly in the dashboard:
from tenuo import Tenuo
tenuo = Tenuo(issuer_key="your-issuer-key")
warrant = tenuo.issue(
holder="agent-123",
actions=["read:documents"],
expires_in="1h",
constraints=["resource.category == 'public'"]
)Viewing Warrants
The Warrants page in the dashboard lets you:
- Decode and inspect warrant contents
- Verify warrant signatures
- Check revocation status
- View the delegation chain
Best Practices
Use short expiration times
Issue warrants for the minimum time needed. Hours, not days.
Scope actions narrowly
read:documents:project-123 is better than read:*
Add constraints for sensitive actions
Use CEL constraints to limit when and how warrants can be used.
Rotate issuer keys
Regularly rotate issuer keys and re-issue warrants.