Approval Is Not Enough: Building a Sub‑Microsecond Runtime Governance Gate in Rust

A developer built Nanogate, a software-only gate in Rust that re-tests admissibility before every AI agent action in approximately 530 nanoseconds. The tool addresses the failure of point-in-time approval systems by implementing continuous admissibility, checking identity, policy version, and evidence freshness at runtime. Nanogate achieved zero false admits and zero false denies in adversarial and stability tests.

Most AI governance systems check approval once. Then they assume the agent is still authorised to act. That assumption fails silently. Policy changes. Delegation revokes. Evidence expires. Yet the agent continues executing under a stale authority context. I built Nanogate – a software‑only gate that re‑tests admissibility before every action, in ~530 nanoseconds. It answers the question that most governance tools ignore: “Does this agent still deserve to execute right now?” The Problem with Point‑in‑Time Approval A typical AI governance flow looks like this: Approval – a human or policy engine says “yes” at time T₀. Execution – the agent acts at time T₁ seconds, minutes, or days later . Between T₀ and T₁, many things can change: The policy version is updated. The delegation chain is modified. The agent’s identity or session mutates. Supporting evidence expires. A malicious actor replays an old approval. Traditional systems log these changes but do not stop the agent. The result: an action that was approved but is no longer admissible at execution time. Approval is not enough. Continuous Admissibility I propose a different principle: every action must re‑prove its admissibility immediately before execution. The agent must present: Its stable identity agent id, session id, memory state The active reference frame policy version, delegation chain, external state hash A monotonic timestamp and a nonce to prevent replay The gate then: Hashes the identity and reference frame using xxHash64 fast, non‑cryptographic Compares the hashes with the last verified state If unchanged and timestamp increased → ADMIT Else → DENY with a clear reason identity drift, policy drift, etc. Emits a BLAKE3 proof hash of all inputs signed, replayable, court‑admissible This is Continuous Admissibility – a category I am defining and implementing. Nanogate: A Reference Implementation Nanogate is a Rust library and CLI that implements the gate. It is: Fast – median 530 ns per evaluation Criterion benchmark Deterministic – the same input always produces the same output Adversarially validated – 0 false admits after 100k random mutations Reliable – 0 false denies after 100k stable continuity traces Lightweight – no hardware attestation, no external dependencies beyond Rust std Performance bash $ cargo bench nanogate evaluate time: 528.91 ns 530.01 ns 531.18 ns That’s ~1.9 million evaluations per second per CPU core. Faster than the time light travels in 160 metres. Correctness Validation Test Type Cases Result Unit tests 4 ✅ pass Property tests stable context, drift, timestamp 4 ✅ pass Adversarial mutation false admits 100,000 ✅ 0 false admits Stable continuity false denies 100,000 ✅ 0 false denies Run the full suite yourself: bash git clone https://github.com/a1k7/nanogate https://github.com/a1k7/nanogate cd nanogate cargo test --release Why Rust? No runtime overhead – the hot path avoids allocations, JSON parsing, and interpreted code. xxHash64 is ~10x faster than SHA‑256 for non‑cryptographic hashing. BLAKE3 is hardware‑accelerated on modern CPUs AVX‑512, SSE and still very fast. pyo3 bindings exist if you need to call Nanogate from Python optional . Next Steps: The Continuous Admissibility Protocol CAP Nanogate is not the end goal. It is the reference implementation of a larger idea. I am drafting CAP – the Continuous Admissibility Protocol – a lightweight open standard for runtime admissibility proofs. Every CAP‑compliant agent would emit a proof containing: agent id observer hash identity + session + memory constitution hash policy hash continuity hash chained from the previous proof admissible boolean No vendor lock‑in. No black boxes. The Runtime Governance Index will benchmark agent frameworks LangGraph, CrewAI, AutoGen, etc. for CAP compliance. Public leaderboard. Transparent criteria. Commercial Licensing Nanogate is open source under MIT / Apache‑2.0 for non‑commercial and internal use. For embedding Nanogate inside proprietary agent runtimes, a commercial license is required: Perpetual use in one product Email support for one year $5,000 one‑time fee + $1,000/year support renewal Contact: akhilesh@decisionassure.io mailto:akhilesh@decisionassure.io Try It Yourself bash git clone https://github.com/a1k7/nanogate https://github.com/a1k7/nanogate cd nanogate cargo build --release cargo run --release Final Thought The AI governance community has built many tools for approval. What we lack is a tool for continuous admissibility – proof that an agent still deserves to act at the exact moment of execution. Nanogate is my contribution to that gap. Approval is not enough. Continuity first. If you are building agent frameworks, runtime governance systems, or compliance tooling – I invite you to read the CAP spec coming soon and run the Nanogate benchmark. Open source is free. Commercial licensing is available. Let’s make runtime governability the new standard. rust aigovernance runtime continuousadmissibility. Continuity first.