Skip to content

Agreements

Agreements describe the effective system state produced after a contract has been processed.

They are the counterpart of contracts. A contract describes what should exist. An agreement records what actually exists after generation, compilation, packaging, or runtime preparation.

An agreement is evidence-oriented. It can contain or reference:

  • generated files and their paths;
  • compiled binaries and their hashes;
  • container images and build metadata;
  • routes and exposed endpoints that were actually produced;
  • runtime configuration resolved from generation;
  • component discovery metadata;
  • binary imports, exports, and ABI checks;
  • validation results and error messages;
  • timestamps, generator versions, and reproducibility metadata;
  • links between generated artifacts and the contracts they satisfy.

The agreement does not replace the generated artifact. It describes it, fingerprints it, and makes it comparable with the expected state.

Agreements mirror the contract hierarchy.

LevelEffective state recorded
Application AgreementGenerated topology, component list, exposed routes, dependencies, images, and deployment-level evidence.
Component AgreementProduced component surface, local artifacts, OpenAPI output, health endpoints, documentation, and runtime metadata.
Binary AgreementCompiled WASM artifact, hash, imports, exports, ABI conformance, memory expectations, and execution constraints.

This mirroring matters because validation can happen at the right level. A binary can be rejected without rejecting the whole application model. A component can be inspected without re-running every generation step.

Effective state

defines target

record files

record binary

record evidence

effective result

matches or drifts

auditable outcome

Contract

expected state

Generated

artifacts

Compiled

WASM

Build metadata

hashes

Agreement

evidence record

Compare

Accept

or reject

Agreements are useful because they can be compared with contracts.

The validation question is simple:

If the agreement satisfies the contract, the generated state can be accepted. If not, the system has drift, missing artifacts, invalid binary shape, unexpected exposure, or another mismatch that must be investigated.

Agreements can capture evidence at different depths depending on the artifact:

ArtifactAgreement evidence
Generated filePath, content hash, generator version, source contract reference.
WASM binaryBinary hash, imports, exports, ABI layout, memory limits, validation result.
ComponentExposed routes, OpenAPI file, health endpoint, docs output, image reference.
ApplicationComponent list, internal dependencies, public exposure, generated compose or deployment model.

Contracts and agreements should be read together.

The contract alone is only intent. The agreement alone is only a snapshot. The pair gives sigMAX an auditable loop:

  1. describe the expected state;
  2. generate or compile artifacts;
  3. record the effective state;
  4. compare expected and effective state;
  5. accept, reject, or investigate drift.

An agreement can reveal drift when the generated result does not match the contract.

Drift can be caused by:

  • missing generated files;
  • changed routes or unexpected exposure;
  • a binary importing a primitive that was not allowed;
  • a mismatched ABI layout;
  • an image or artifact hash that differs from the recorded result;
  • a runtime configuration that does not match the expected topology.

This is why agreements are not optional metadata. They are part of the trust boundary for generated systems.

A good agreement should be:

  • tied to a specific contract version;
  • reproducible enough to compare later;
  • explicit about artifact hashes;
  • precise about generated endpoints and binaries;
  • readable during review;
  • stable enough to support audit and drift detection.

The agreement should not hide failures behind a generic success flag. It should preserve enough evidence to explain why a generated result was accepted or rejected.