Skip to main content
Enforce compliance rules, trust requirements, and security policies across your ecosystem.

Policy Templates

B2C - Consumer

Consumer-focused policy with trust disclosure and risk protections. - Issuer must be in trusted status - Trust tier must be verified_org or higher - Block high/critical risk issuers - Key must be active

B2B - Enterprise

Business-to-business with industry requirements and key rotation. - Issuer must be in trusted status - Finance/Healthcare require regulated_issuer tier
  • Key rotation required every 180 days - Governance approvals for status changes

B2G - Government

Government-grade policy with strict compliance requirements. - All attestations require regulated_issuer tier - Block medium or higher risk issuers - Key rotation required every 90 days - Mandatory documented revocation reasons

B2B2C - Hybrid

Hybrid policy for enterprise-to-consumer scenarios with dual disclosure. - Issuer must be in trusted status - Trust tier must be verified_org or higher
  • Privacy protection: payload not stored - Consumer-friendly + enterprise audit details

Usage

import { EnterprisePolicyEngine, templates } from "@truthlock/policy";

// Create engine with B2B template
const engine = new EnterprisePolicyEngine(templates.B2B);

// Evaluate policy
const result = engine.evaluate({
  tenant_id: "tenant-uuid",
  issuer_current: {
    id: "issuer-uuid",
    status: "trusted",
    trust_tier: "verified_org",
    risk_rating: "low",
    jurisdiction: "US",
    assurance_level: "standard",
  },
  key: {
    kid: "key-1",
    status: "ACTIVE",
    valid_from: "2024-01-01T00:00:00Z",
    age_days: 30,
  },
  context: {
    request_type: "mint",
    industry: "technology",
  },
});

if (!result.allowed) {
  console.log("Denied:", result.code);
  console.log("Reason:", result.compliance_explanation);
}

Policy Result

interface PolicyResult {
  allowed: boolean;
  code: string; // e.g., "ISSUER_NOT_TRUSTED"
  reason: string; // Human-readable reason
  compliance_explanation: string; // Compliance-friendly explanation
  disclosures?: {
    type: "warning" | "info" | "critical";
    message: string;
    audience: "consumer" | "enterprise" | "all";
  }[];
}

Policy Versioning

Each policy instance has a unique hash computed from the template and rules. This hash can be stored with attestations for audit purposes. 
const engine = new EnterprisePolicyEngine(templates.B2G);

console.log("Policy hash:", engine.getPolicyHash());
// => "a1b2c3d4e5f6g7h8"

console.log("Policy version:", engine.getPolicyVersion());
// => "1.0.0-1704067200000"