Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Architecture

CB is a three-component system:

Gateway

  • Accepts requests.
  • Selects a route deterministically.
  • Executes the selected backend.
  • Settles the output under a policy envelope.
  • Writes evidence records (WALs) that can be verified later.

Signer

  • Optional isolated signing boundary.
  • Receives a digest/envelope and returns a signature.
  • Produces seal.jsonl records.

Operator Terminal

  • Non-secret viewport.
  • Ledger-first evidence surface.
  • Human-in-the-loop governance actions are explicit and justified.