The Open Execution Engine (OEE) is the enforcement layer of the Sigil Open Framework. It provides the deterministic primitives that make autonomous agents safe to deploy — policy evaluation, Intent Attestation issuance, consensus hold management, and gated RPC/bundler execution — across any deployment domain. OEE is not specific to venture capital, healthcare, or banking. It is the substrate. Domain-specific behaviour lives in verticals — pre-configured OEE implementations that inherit these enforcement primitives and add domain-tuned policy templates and integration examples on top.Documentation Index
Fetch the complete documentation index at: https://docs.sigilcore.com/llms.txt
Use this file to discover all available pages before exploring further.
How OEE Enforces Execution
Every SOF-compliant agent routes high-stakes actions through the same enforcement pipeline:- Intent Declaration — the agent submits a structured transaction intent to the Sigil execution firewall.
- Policy Evaluation — Sigil Sign reads the operator’s
warranty.mdat runtime and deterministically evaluates the intent against the typed-block policy schema. - Authorization Decision — the firewall returns an approved Intent Attestation, a denial, or a consensus hold requiring human approval.
- Gated Execution — the RPC/bundler gateway rejects any write operation that does not carry a valid, matching attestation.
Policy Enforcement Model
warranty.md uses a typed-block schema. Each block governs a distinct enforcement surface:
| Block | Enforcement | Outcome on Violation |
|---|---|---|
## evm | Hard limits — max transaction size, action allowlist, chain allowlist, per-chain action overrides, consensus hold threshold | DENIED immediately or PENDING hold |
## tool_calls | Agent tool governance — allowed tools, blocked commands, blocked domains, blocked paths, email approval gate | DENIED immediately |
## custom | Operator-defined deny rules — field match (deny_if) and string match (deny_string) | DENIED immediately |
## soft_limits | Aggregate daily caps — ETH and tool call volume | APPROVED with informational flag — never a hard denial |
PENDING) are stored with a 24-hour TTL. Execution remains blocked until the hold is resolved through Sigil Command. This is the structural implementation of human-in-the-loop governance — not optional monitoring, but enforced at the cryptographic level.
Verticals
OEE verticals are domain-specific implementations of the enforcement stack. Each vertical inherits OEE’s enforcement primitives and adds domain-appropriatewarranty.md templates, legal wrapper guidance, and integration examples.
| Vertical | Domain | Status |
|---|---|---|
| Open Healthcare Engine (OHE) | Clinical AI agents | Planned |
| Open Banking Engine (OBE) | Treasury and financial agents | Planned |