Documentation Index
Fetch the complete documentation index at: https://docs.sudont.xyz/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The Sudont Constitution is an AOT-compiled policy object. Operators author their rules in JSON or YAML; the compiler lowers every allowlist, denylist, and mathematical bound into memory-aligned RustHashSet and BTreeMap structures. At evaluation time, the Judge dereferences
pre-hashed keys against pre-aligned buckets so policy evaluation stays line-rate with the RPC
— indistinguishable from zero alongside the Cage’s bare-metal simulation run.
The Constitution is compiled once at policy load, not interpreted per-transaction. Hot-path
decisions never parse strings, walk trees, or allocate. This is how Sudont meets sub-millisecond
latency targets while enforcing thousands of rules.
Why AOT Compilation
A policy-as-code system that evaluates JSON at runtime loses to garbage collection, cache misses, and branch mispredictions. Sudont’s compiler flattens the entire ruleset into a single contiguous memory layout:Memory-Aligned HashSets
Every allowlist entry is pre-hashed into a fixed-capacity Rust
HashSet with a cache-line
aligned backing allocation. Lookups hit L1 on the first probe.Zero Allocation
Evaluation never calls
malloc. The compiler reserves every buffer during policy load; the
hot path is pure arithmetic and pointer comparison.Deterministic Dispatch
Rule lookup is
O(1) by construction. No tree walks, no regex, no string comparison in the
Judge.Line-Rate Evaluation
Hash-set membership and integer comparison against pre-aligned buckets. A full Constitution
evaluation fits well inside the RPC path alongside the Cage’s bare-metal simulation run.
Policy Fields
Every Constitution exposes the same compiled schema. ThePolicySnapshot struct in
sudont-types captures the compiled form used by the Judge.
| Field | Type (compiled) | Purpose |
|---|---|---|
chain_allowlist | HashSet<ChainId> | Permitted chain IDs |
protocol_allowlist | HashSet<ProtocolId> | Permitted protocol identifiers |
target_allowlist | HashSet<Address> | Permitted router / contract addresses |
token_allowlist | HashSet<Address> | Permitted tokens |
token_denylist | HashSet<Address> | Blocked tokens |
max_trade_size | U256 | Absolute size cap in base units |
max_slippage_bps | u32 | Slippage tolerance in basis points |
max_price_impact_bps | u32 | Price impact cap |
min_liquidity | U256 | Minimum pool liquidity threshold |
private_route_required | bool | Force private mempool egress |
fail_closed | bool | Reject any transaction with uncertain state |
Compilation Pipeline
Author Policy
Operators write JSON or YAML against the Constitution schema. Source-of-truth is versioned in
source control, not stored in a database.
Validate and Canonicalise
The compiler validates every field, resolves aliases, and canonicalises addresses to their
checksummed form.
Lower to HashSets
Allowlists and denylists are lowered into fixed-capacity, memory-aligned
HashSet structures.
Numerical bounds are unpacked into native U256 / u32 fields.Hot-Path Evaluation
At evaluation time the Judge holds a shared reference to the compiledPolicySnapshot and
performs only the following operations per transaction:
- Hash-set membership checks against allowlists and denylists — pre-hashed keys landing in cache-line-aligned buckets that hit L1 on the first probe.
- Integer comparisons of simulated State-Diff against
max_slippage_bps,max_price_impact_bps, andmax_trade_size— single-cycle each. - Boolean gates for
private_route_requiredandfail_closed.
ReAct Error Payload
See how Constitution violations are serialised into deterministic JSON errors consumed by
agentic ReAct loops.