AURA Runtime — the governance layer powering every Metaprise agent. Read the changelog →
AURA OrgKernel Mission Layer Runtime Control Plane
CORE GOVERNANCE ENGINE

AURA

Enterprise Agent Execution Governance Runtime — the Layer 2 infrastructure between LLM providers and vertical applications. Identity, permissions, mission execution, durability, and policy governance in one runtime.

START FREE → VIEW DOCS
AGENT OS ARCHITECTURE
Layer 3
Vertical Applications
Agent Store · Industry Solutions
Layer 2
AURA — Agent Lambda Runtime
Execution Governance Infrastructure
OrgKernel Mission Layer Runtime Control Plane
Layer 1
LLM Providers
642 Models · 40+ Providers · Metaprise LLM
IDENTITY · MISSIONS · DURABILITY · POLICY
4
Subsystems
8-State
Mission Machine
99.99%
SLA Uptime
Apache 2.0
OrgKernel License

SUBSYSTEMS

Four subsystems, one governance runtime

AURA is not a single service — it is four interlocking subsystems that together provide identity, execution, durability, and policy governance for every agent on the platform.

6A

OrgKernel

Open-Source Trust Layer (Apache 2.0 License)

Cryptographic identity and trust foundation. Every agent gets Ed25519-signed credentials, instance-scoped execution tokens, and a tamper-proof audit chain — all open-source under Apache 2.0 license.

AgentIdentity ExecutionToken AuditChain SSO/SAML SCIM
6B

Mission Layer

Core Execution Primitives

Every agent task is a Mission — a four-field declaration with objective, tools, authority, and timeout. Missions flow through a strict 8-state machine with immutable context and tamper-proof outcomes.

MissionDefinition MissionState MissionContext MissionBoundary MissionOutcome
6C

AURA Runtime

Execution Engine

The durable execution engine that powers every agent. Crash recovery with event replay, saga compensation for multi-step rollback, heartbeat monitoring, configurable retry policies, and per-step checkpoint persistence.

Durable Execution Saga Compensation Heartbeat Retry Policy Checkpoint
6D

Control Plane

Enterprise Governance Layer

Deterministic policy enforcement — not model-based judgment. Authority Graph (L1–L4), approval rules, deployment boundary routing, namespace isolation, multi-region replication with 99.99% SLA, and canary releases.

Policy Engine Authority Graph Namespace Multi-Region Canary

SUBSYSTEM 6A

OrgKernel

The open-source trust foundation of AURA. Every agent, every tool call, and every execution is cryptographically identified, permission-scoped, and audit-logged — from the ground up.

IDENTITY & AUTH

AgentIdentity (Ed25519): Cryptographically signed organizational identity credentials — revocable, time-limited, and bound to specific org units. Every agent has a verifiable identity
ExecutionToken: Instance-scoped permission tokens issued per execution, enforced at the Tool Gateway layer. No token, no tool access — zero trust by default
DualToken Authentication: Two-layer token system ensures both the agent identity and the specific execution instance are validated before any tool call proceeds

AUDIT & ENTERPRISE SSO

AuditChain: SHA-256 hash-chained tamper-proof audit log, written synchronously. Every state change, every tool call, every decision — immutably recorded
SSO / SAML Integration: Enterprise single sign-on support — connect to your existing identity provider
SCIM User Sync: Cross-domain identity management — automatically sync users and groups from your identity provider to Metaprise

SUBSYSTEM 6B

Mission Layer

The atomic unit of work in Metaprise is the Mission — not a prompt, not a chat, but a formally declared task with an objective, authorized tools, permission boundaries, and a timeout. Missions are governed, not improvised.

MISSION PRIMITIVES

MissionDefinition: Four-field declaration — objective (what), tools (how), authority (who approves), timeout (when it expires). Every mission starts with a clear contract
MissionState: Strict 8-state machine: CREATED → PLANNING → WAITING_APPROVAL → APPROVED → PENDING_EXECUTION → IN_PROGRESS → EXECUTED → CLOSED. No skipping states, no ambiguity
MissionContext: Immutable input environment — snapshot-frozen at launch, never modified during execution. The agent cannot alter its own instructions
MissionBoundary: Four constraint groups (authority / policy / data / runtime), all snapshot-frozen at launch. The guardrails cannot be loosened mid-execution

IMMUTABLE RECORDS

MissionOutcome: Immutable result record — cannot be modified after the mission reaches CLOSED state. The output is as permanent as the input
MissionStateData: Mutable execution state — each write generates an AuditChain entry, creating a complete history of every decision made during execution

SUBSYSTEM 6C

AURA Runtime

Enterprise-grade durable execution for AI agents. Crash recovery, automatic rollback, heartbeat monitoring, and checkpoint persistence — the same reliability patterns used by mission-critical financial infrastructure, applied to agent workloads.

CORE ENGINES

Agent Executor: The task execution engine that coordinates agent reasoning, tool calls, and state management across the full mission lifecycle
Memory Engine: State memory management — persists agent working memory across steps, enabling complex multi-step reasoning without context loss
Tool Gateway: Tool-call gateway with DualToken authentication. Every outbound tool call is validated, rate-limited, and logged before execution
Audit Engine: Synchronous audit write engine — every state transition and tool call is recorded to the AuditChain before the next step proceeds

DURABILITY & RECOVERY

Durable Execution Engine: Crash recovery with event replay — if a worker crashes mid-mission, execution resumes exactly where it left off. Tasks are never lost
Saga Compensation: Compensating transaction pattern for automatic rollback on multi-step failures. If step 5 of 10 fails, steps 1–4 are automatically reversed
Activity Heartbeat: Progress monitoring for long-running tasks — the runtime detects stalled executions and triggers recovery or escalation
Retry Policy Engine: Configurable retry policies — exponential backoff, max attempts, non-retryable error classification. Fine-grained control over failure handling
Continue-As-New: State renewal for extremely long executions, overcoming single-execution history limits without losing progress
Checkpoint Persistence: Per-step state checkpoint persistence — every completed step is durably stored, enabling instant recovery from any point

SUBSYSTEM 6D

Control Plane

Enterprise governance that runs on rules, not model judgment. The Control Plane enforces deterministic PERMIT / DENY / ESCALATE decisions through a formal policy engine and organizational authority graph — ensuring agents operate within precisely defined boundaries.

POLICY & AUTHORITY

Policy Engine: Deterministic PERMIT / DENY / ESCALATE decisions — not model-based judgment. Policies are code, not prompts. They execute the same way every time
Authority Graph (L1–L4): Organizational permission graph from L1 (self-authorized, low-risk actions) to L4 (board-level approval for high-impact operations). Maps directly to your org structure
Approval Rules: Configurable approval workflows set by the Org Architect. Define who approves what, when human-in-the-loop is required, and escalation paths
Deployment Boundary Manager: On-premises / cloud data classification routing — sensitive data stays on-prem, public data routes to cloud, automatically

INFRASTRUCTURE

Namespace Isolation: Multi-tenant namespace isolation — business units, departments, or environments run in fully isolated namespaces with no data leakage
Multi-Region Replication: Multi-region replication with automatic failover and 99.99% SLA. Your governance layer is as available as your production infrastructure
Workflow Versioning + Canary: Worker version control with canary releases for safe rolling updates. Deploy new policy versions to 5% of traffic, validate, then promote

MISSION LIFECYCLE

The 8-state Mission machine

Every agent task flows through a strict 8-state machine. No skipping states, no ambiguity. Every transition is logged to the AuditChain, creating a complete, tamper-proof execution history.

01
Created
Mission declared
02
Planning
Agent plans steps
03
Waiting
Approval required
04
Approved
Authority granted
05
Pending
Queued for exec
06
In Progress
Agent executing
07
Executed
Task completed
08
Closed
Outcome sealed

ARCHITECTURE POSITION

The Agent Lambda Runtime

AURA sits at Layer 2 of the Metaprise architecture — between LLM providers (Layer 1) and vertical applications (Layer 3). It is the execution governance infrastructure that makes raw model intelligence enterprise-safe. Every agent call passes through AURA, regardless of which model or application it serves.

LAYER 3 — APPLICATIONS
Vertical Applications & Agent Store
5,500+ agents · Industry solutions · Custom workflows
LAYER 2 — AURA
Agent Lambda Runtime
OrgKernel → Mission Layer → Runtime → Control Plane
LAYER 1 — MODELS
LLM Providers & Model Library
642 models · 40+ providers · Metaprise LLM · Ollama

OrgKernel is open-source (Apache 2.0): The trust foundation of AURA is fully open-source. Inspect the code, audit the cryptography, contribute improvements. The governance runtime you depend on is transparent by design — not by promise.

Enterprise governance that agents can't circumvent.

Identity, missions, durability, and policy — in one runtime. The core of the Metaprise Agent OS.

BROWSE AGENT STORE → TALK TO SALES