JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 79
  • Score
    100M100P100Q98766F
  • License Apache-2.0

Deterministic canonicalization infrastructure for reproducible governance payloads, cross-platform hashing continuity, cryptographic signature stability, and independently verifiable deterministic serialization.

Package Exports

  • @parmanasystems/canonical
  • @parmanasystems/canonical/package.json

Readme

@parmanasystems/canonical

Deterministic canonicalization infrastructure for reproducible governance payloads, cross-platform hashing continuity, cryptographic signature stability, and independently verifiable deterministic serialization.

Overview

@parmanasystems/canonical provides canonical serialization utilities for Parmana Systems.

The canonical package ensures:

  • identical governed data produces identical deterministic bytes
  • cross-platform serialization continuity
  • stable hashing semantics
  • reproducible cryptographic signatures
  • deterministic manifest generation
  • portable verification continuity
  • reproducible governance artifacts

Canonicalization is foundational to:

  • bundle signing
  • release manifests
  • provenance continuity
  • replay-safe execution
  • deterministic attestations
  • reproducibility verification
  • independently verifiable governance

Core Principle

Canonicalization ensures identical governed data produces identical deterministic bytes across environments.

Deterministic governance requires:

  • stable serialization
  • stable hashing
  • stable signatures
  • stable verification outcomes

Without canonicalization:

  • JSON ordering may differ
  • whitespace may diverge
  • runtimes may serialize differently
  • hashes may become unstable
  • signatures may fail verification

Canonicalization removes serialization ambiguity.

What This Package Does

@parmanasystems/canonical:

  • canonicalizes governed payloads
  • generates deterministic UTF-8 payloads
  • stabilizes serialization ordering
  • enables reproducible hashing
  • enables deterministic signatures
  • preserves cross-platform continuity
  • supports reproducible verification workflows
  • enables deterministic governance artifacts

What This Package Does NOT Do

@parmanasystems/canonical does not:

  • perform cryptographic signing
  • determine governance admissibility
  • perform AI inference
  • determine business truth
  • mutate governance lineage
  • bypass verification semantics
  • probabilistically serialize payloads
  • silently repair invalid canonical payloads

Installation

npm install @parmanasystems/canonical

Quickstart

Canonicalize Governed Payload

import {
  canonicalize
} from "@parmanasystems/canonical";

const result =
  canonicalize({

    b: 1,
    a: 2
  });

console.log(
  result
);

Deterministic output:

{"a":2,"b":1}

Deterministic Guarantees

@parmanasystems/canonical guarantees:

  • deterministic serialization
  • deterministic UTF-8 payload generation
  • stable property ordering
  • reproducible canonical bytes
  • stable hashing continuity
  • stable signature continuity
  • reproducible verification payloads
  • cross-platform deterministic output

Identical governed input produces identical canonical output.

Why Canonicalization Exists

Standard JSON serialization is not sufficient for deterministic governance.

Without canonicalization:

  • property ordering may differ
  • whitespace may diverge
  • encoding behavior may vary
  • runtime serialization may differ
  • hashes may become unstable
  • signatures may fail verification

Example instability:

{"b":1,"a":2}

versus:

{"a":2,"b":1}

Semantically identical data may otherwise produce different hashes.

Canonicalization removes this ambiguity.

Deterministic Byte Semantics

Canonicalization produces deterministic UTF-8 bytes.

These bytes become the authoritative representation for:

  • hashing
  • signatures
  • attestations
  • manifests
  • provenance continuity
  • replay continuity
  • reproducibility verification

Signing and verification both operate on identical canonical payloads.

Persisted canonical bytes are authoritative.

Cross-Platform Guarantees

@parmanasystems/canonical is designed to preserve deterministic continuity across:

  • Windows
  • Linux
  • macOS
  • containers
  • CI environments
  • isolated runtimes

This enables:

  • stable hashes
  • stable signatures
  • reproducible manifests
  • deterministic verification continuity

Canonical Hash Continuity

Canonicalization stabilizes:

  • bundle hashes
  • manifest hashes
  • provenance hashes
  • runtime hashes
  • execution fingerprints
  • release attestations

This enables reproducible deterministic trust continuity.

Signature Continuity

Canonicalization is foundational to deterministic signing.

Identical canonical payloads produce:

  • identical hashes
  • identical signatures
  • identical verification outcomes

This preserves:

  • cryptographic continuity
  • provenance continuity
  • admissibility continuity
  • replay-safe trust semantics

Reproducibility Semantics

Canonicalization is foundational to reproducible governance.

Reproducibility depends on:

  • identical canonical payloads
  • deterministic serialization
  • stable UTF-8 encoding
  • immutable hashing semantics

Canonicalization enables:

  • deterministic rebuild verification
  • reproducible release manifests
  • portable trust continuity
  • independently verifiable governance artifacts

Fail-Closed Canonicalization

Canonicalization intentionally rejects invalid deterministic continuity.

Example failures:

✖ canonical hash mismatch
✖ deterministic payload divergence
✖ signature continuity broken

Silent canonical repair is intentionally forbidden.

Architecture Boundaries

@parmanasystems/canonical:

  • stabilizes deterministic payload representation
  • preserves reproducible serialization continuity
  • enables deterministic hashing and signing

The canonical layer does not:

  • perform governance evaluation
  • determine admissibility
  • execute policy
  • replace cryptographic verification

Canonicalization is a deterministic infrastructure foundation.

Security Model

@parmanasystems/canonical supports:

  • deterministic UTF-8 serialization
  • stable hashing continuity
  • canonical signature continuity
  • reproducible verification payloads
  • deterministic provenance continuity

Security continuity depends on:

  • identical canonical payloads
  • immutable serialization semantics
  • deterministic byte continuity

Portable Verification

Canonical payloads support:

  • external verification
  • reproducible rebuild validation
  • clean-room verification
  • portable provenance continuity
  • independent auditability

Verification does not require:

  • runtime-specific serialization assumptions
  • platform-specific ordering behavior
  • mutable payload transformations

Example Use Cases

Deterministic Manifest Signing

Generate stable release manifests for cryptographic signing.

Replay-Safe Execution Fingerprints

Generate deterministic execution hashes for replay continuity.

Portable Provenance Validation

Preserve reproducible provenance hashes across environments.

Independent Rebuild Verification

Validate identical canonical payloads across clean-room rebuilds.

Non-Goals

Parmana canonicalization does not:

  • replace cryptographic signing
  • determine governance admissibility
  • perform probabilistic serialization
  • mutate immutable governance lineage
  • bypass deterministic verification semantics

License

Apache-2.0