AsiBackbone.Core
2.2.0
dotnet add package AsiBackbone.Core --version 2.2.0
NuGet\Install-Package AsiBackbone.Core -Version 2.2.0
<PackageReference Include="AsiBackbone.Core" Version="2.2.0" />
<PackageVersion Include="AsiBackbone.Core" Version="2.2.0" />
<PackageReference Include="AsiBackbone.Core" />
paket add AsiBackbone.Core --version 2.2.0
#r "nuget: AsiBackbone.Core, 2.2.0"
#:package AsiBackbone.Core@2.2.0
#addin nuget:?package=AsiBackbone.Core&version=2.2.0
#tool nuget:?package=AsiBackbone.Core&version=2.2.0

AsiBackbone
Accountable Systems Infrastructure for governed .NET decision flow.
AI may provide the intellect. AsiBackbone provides the accountable spine.
The practical problem
Most software can tell you what happened. Far less can show that an action was evaluated before it executed: which rules shaped the decision, which policy version applied, whether acknowledgment was required, how follow-on authority was scoped, and where the host took responsibility for execution.
AsiBackbone is a .NET package family for that decision boundary. It helps a host application build safe policy context, evaluate constraints, return a structured decision, preserve a decision receipt, optionally scope continuation, and then let the host decide whether and how to execute.
In this software project, ASI means Accountable Systems Infrastructure.
Implementation-first mental model
A normal API adoption path looks like this:
HTTP request
-> host builds safe evaluation context
-> host-owned rules evaluate the request
-> AsiBackbone returns a GovernanceDecision
-> host writes audit residue / decision receipt
-> host continues only when decision.CanProceed is true
Use plain engineering translations first:
| Project term | Practical meaning |
|---|---|
| Governance spine | Policy decision pipeline around consequential operations. |
| Audit residue | Decision receipt or audit-log payload. |
| Acknowledgment handshake | Confirmation workflow before a risky operation. |
| Capability grant | Short-lived scoped permission. |
| Governance outbox | Durable outbox pattern for governance events. |
| OpenTelemetry projection | Optional traces/metrics projection after local records exist. |
| Host-owned execution boundary | The application code that performs or refuses the protected operation. |
First code path
The snippet below is an intentionally small README slice, not a complete Program.cs. It shows the primary governance path: build safe context, evaluate policy, write audit residue, and let the host execute only after the decision allows it. The full compile-ready walkthrough lives in First 15 Minutes: Standard API Gating.
// Registration: Core evaluator + one host-owned rule + local in-memory audit sink.
builder.Services.AddAsiBackboneAspNetCore();
builder.Services.AddSingleton<InMemoryAuditLedger>();
builder.Services.AddSingleton<IAsiBackboneAuditSink>(sp =>
sp.GetRequiredService<InMemoryAuditLedger>());
builder.Services.AddSingleton<IAsiBackboneConstraint<AsiBackboneConstraintEvaluationContext>, AllowedRegionConstraint>();
builder.Services.AddSingleton<IAsiBackbonePolicyEvaluator<AsiBackboneConstraintEvaluationContext>>(sp =>
new DefaultAsiBackbonePolicyEvaluator<AsiBackboneConstraintEvaluationContext>(
sp.GetServices<IAsiBackboneConstraint<AsiBackboneConstraintEvaluationContext>>(),
decisionPolicy: null,
options: new AsiBackbonePolicyEvaluatorOptions { DenyWhenNoConstraints = true }));
app.MapPost("/api/orders/{region}/approve", async (
string region,
HttpContext httpContext,
IAsiBackbonePolicyEvaluator<AsiBackboneConstraintEvaluationContext> evaluator,
IAsiBackboneAuditSink auditSink,
CancellationToken cancellationToken) =>
{
var metadata = new Dictionary<string, string>(StringComparer.Ordinal)
{
["operation"] = "orders.approve",
["region"] = region,
["risk"] = "routine-api-write"
};
var context = new AsiBackboneConstraintEvaluationContext(
correlationId: httpContext.TraceIdentifier,
policyVersion: "policy-v1",
policyHash: "policy-hash-v1",
metadata: metadata);
GovernanceDecision decision = await evaluator.EvaluateAsync(context, cancellationToken);
AuditResidue residue = AuditResidue.FromDecision(
AsiBackboneActorContext.Human("example-user", "Example User"),
operationName: "orders.approve",
decision,
metadata: context.Metadata);
await auditSink.WriteAsync(residue, cancellationToken);
if (!decision.CanProceed)
{
return Results.Json(new
{
allowed = false,
decision = decision.Outcome.ToString(),
decision.ReasonCodes,
auditEventId = residue.EventId
}, statusCode: StatusCodes.Status403Forbidden);
}
// Host-owned execution starts here. AsiBackbone does not approve the order itself.
return Results.Ok(new
{
allowed = true,
message = "Host order approval would run after this governance decision.",
auditEventId = residue.EventId
});
});
For production-style hosts, add durable audit/outbox persistence, signing or verification, DLP/classification, provider emission, and operational monitoring only where the host has explicitly chosen and configured those boundaries.
Package family
Stable 2.2.x package family. 2.2.0 is the current compatible minor release. 2.0.0 began the current major release line after the public package and namespace identity moved from CDCavell.AsiBackbone.* to AsiBackbone.*. The package family carries forward the governance-spine surface with builder-facade, analyzer, OpenTelemetry, signing-provider, testing-harness, template package, endpoint diagnostics, endpoint reduced metadata mode, sample, Source Link metadata, package SBOM/provenance artifacts, benchmark guidance, custom decision-policy examples, and documentation-alignment surfaces.
| Package | Role |
|---|---|
AsiBackbone.Core |
Framework-neutral governance primitives: decisions, constraints, acknowledgments, audit residue, lifecycle events, capability-token abstractions, durable outbox contracts, provider-neutral emission contracts, DLP/classification policy primitives, signing-ready metadata, canonical hashing/signing seams, verification-policy primitives, optional policy evaluator fast-abort options, and builder-style audit residue construction. |
AsiBackbone.DependencyInjection |
Explicit AddAsiBackbone(...) builder facade for coordinating host-selected provider registrations without making Core own infrastructure. |
AsiBackbone.Storage.InMemory |
Non-durable in-memory storage helpers for tests, samples, local validation, lifecycle events, and outbox proof paths. |
AsiBackbone.EntityFrameworkCore |
EF Core model configuration and host-owned persistence for audit ledger, acknowledgments, lifecycle events, and governance outbox records. |
AsiBackbone.AspNetCore |
ASP.NET Core host adapters for actor context, request correlation, audit enrichment, HTTP result mapping, acknowledgment challenge flows, endpoint governance, endpoint metadata mode, endpoint fast-abort metadata, and hosted outbox drain integration. |
AsiBackbone.Testing |
Test-only harness helpers for deterministic endpoint governance, policy results, capability validation, in-memory audit inspection, non-durable outbox storage, and no-signature signing seams. |
AsiBackbone.Templates |
dotnet new templates for generating governed ASP.NET Core host scaffolds with endpoint governance, sample policies, local in-memory audit inspection, analyzers, and README guidance. |
AsiBackbone.Analyzers |
Roslyn analyzer safety rails for governance persistence and continuation flows. |
AsiBackbone.OpenTelemetry |
Released OpenTelemetry governance emission provider that projects provider-neutral envelopes into .NET diagnostics. |
AsiBackbone.Signing.LocalDevelopment |
Local-development signing and verification for tests, samples, and wiring proof paths only. Not for production key custody. |
AsiBackbone.Signing.ManagedKey |
Managed-key signing adapter boundary. The host supplies the actual managed-key client, credentials, key operations, verification path, monitoring, and operational policy. |
Future Event Hubs, Purview, Azure-specific, gateway, robotics, immutable-storage, or additional provider packages are not part of the stable contract unless separately reviewed and released.
Start here
For implementation-first adoption:
- Implementation-First Adoption Path — plain engineering translations and the recommended first reading path.
- First 15 Minutes: Standard API Gating
- AddAsiBackbone Builder Facade
- dotnet new Templates
- Reference Deployment: Plain ASP.NET Core Host Evidence
- Testing Harness
- Project Boundaries and Non-Claims
- Terminology Map
- Progressive Adoption Ladder
For optional conceptual background:
- Intent to Execution: An Accountability Pattern
- Core Governance Flow Diagrams
- ASI Backbone Concept Synopsis
- Dynamic Liability Handshake
- Core Domain Language
- Host-Owned Execution Enforcement
The full, categorized documentation set lives at the documentation site.
Current status
Stable 2.2.x is the current released line, with 2.2.0 as the current compatible minor release. This release preserves the simplified AsiBackbone.* package and namespace identity established by 2.0.0 while carrying forward the Core foundation, builder-facade registration surface, in-memory validation storage, EF Core host-owned persistence, ASP.NET Core integration, test harness helpers, dotnet new templates, analyzers, the OpenTelemetry provider, local-development signing, the managed-key signing adapter boundary, samples, release validation, package SBOM/provenance artifacts, benchmark guidance, custom decision-policy examples, Source Link metadata validation, endpoint-governance reduced metadata mode, and host-validation documentation.
The stable API contract is documented in API Compatibility and SemVer; the original 1.0.0 baseline, 1.1.0 addendum, 1.2.0 minor release boundary, 1.2.1 patch release boundary, 2.0.0 package/namespace migration boundary, 2.0.1 patch release boundary, 2.0.2 package-icon correction boundary, 2.1.0 minor release boundary, and 2.2.0 minor release boundary are recorded in the Historical Stable API Review, 1.1.x Release Notes, 1.2.0 Release Notes, 1.2.1 Release Notes, 2.0.0 Release Notes, 2.0.1 Release Notes, 2.0.2 Release Notes, 2.1.0 Release Notes, and 2.2.0 Release Notes.
Security and vulnerability reporting
Please report sensitive concerns through the repository Security Policy.
Relationship to NetCoreApplicationTemplate
NetCoreApplicationTemplate may be used as a preferred host baseline during development and validation, but AsiBackbone does not require it.
NetCoreApplicationTemplate = preferred host baseline
AsiBackbone = optional governance/module package family
Consumer application = chooses whether to use either or both
A consumer should be able to use AsiBackbone in an application generated from NetCoreApplicationTemplate, in an existing ASP.NET Core application, or in a custom host that provides the required infrastructure. See NetCoreApplicationTemplate Host Validation.
Alignment boundary
AsiBackbone is a governance spine, not an intelligence engine. It implements governance-oriented software primitives for accountable decision flow and keeps execution authority with the host application. See Project Boundaries and Non-Claims for the full scope statement and safe wording guidance.
Current NuGet packages are not signed release artifacts from the project maintainer. Package signing may be adopted later through .NET Foundation-supported infrastructure or another reviewed release-signing process.
Design principles
- Keep Core small.
- Keep Core dependency-light.
- Avoid hidden host assumptions.
- Prefer explicit integration over magic.
- Let the host own infrastructure.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Microsoft.Extensions.Logging.Abstractions (>= 10.0.9)
- Microsoft.Extensions.Options (>= 10.0.9)
NuGet packages (7)
Showing the top 5 NuGet packages that depend on AsiBackbone.Core:
| Package | Downloads |
|---|---|
|
AsiBackbone.Storage.InMemory
Non-durable in-memory storage helpers for Accountable Systems Infrastructure local validation, tests, and samples. |
|
|
AsiBackbone.AspNetCore
ASP.NET Core host adapters for Accountable Systems Infrastructure actor context, request correlation, HTTP result mapping, and acknowledgment challenge flows. |
|
|
AsiBackbone.EntityFrameworkCore
Entity Framework Core model configuration and host-owned persistence helpers for Accountable Systems Infrastructure audit and acknowledgment records. |
|
|
AsiBackbone.OpenTelemetry
OpenTelemetry-friendly Accountable Systems Infrastructure governance emission provider for AsiBackbone decision-flow telemetry. |
|
|
AsiBackbone.Signing.LocalDevelopment
Local-development RSA signing and verification provider for exercising AsiBackbone signing abstractions without cloud key-management dependencies. |
GitHub repositories
This package is not used by any popular GitHub repositories.