HaltState.ai Protect your first action
Documentation home

Environment Variables

Use environment variables or a secrets manager to keep tenant IDs, API keys, API origins, and worker settings outside source code.

Required SDK variables

HALTSTATE_TENANT_ID=your-tenant-id
HALTSTATE_API_KEY=hs_your_api_key
HALTSTATE_API_BASE=https://haltstate.ai

Retail refund worker variables

HALTSTATE_REFUND_AGENT_TENANT_ID=krystal-unity
HALTSTATE_REFUND_AGENT_API_BASE=http://127.0.0.1:7860
HALTSTATE_REFUND_AGENT_API_KEY=$HALTSTATE_API_KEY
DATABASE_URL=postgresql://...
DATABASE_POOL_URL=postgresql://...

Operational guidance

Use separate keys for development, staging, and production. Rotate keys after staff changes, incident response, or accidental exposure. Do not place API keys in browser JavaScript, public logs, Proof Pack public fields, screenshots, or copied support tickets.

Node service variables

HALTSTATE_TENANT_ID=your-tenant-id
HALTSTATE_API_KEY=hs_your_api_key
HALTSTATE_BASE_URL=https://haltstate.ai
HALTSTATE_AGENT_ID=retail-refund-agent

Secret handling rules

  • Do not expose API keys in frontend bundles, public live events, screenshots, or support tickets.
  • Use different keys for local development, staging, production, and operator tools.
  • Prefer least-privilege keys: a worker key should check and report actions, not administer policy.
  • Rotate keys after a staff change, a suspected leak, or any incident response window.

Implementation notes

Keep the HaltState call as close as possible to the side effect. The agent may plan and draft freely, but the wrapper around the actual action should be the place where authority is checked. That wrapper should send only the context required for policy evaluation: safe identifiers, normalized amounts, action names, risk flags, schedule windows, and redaction status. Raw customer payloads and secrets should stay in the business system or protected operator tooling.

Operational evidence

For each action, preserve the decision, the worker outcome, the idempotency key, safe resource references, latency, proof status, and redaction status. This evidence supports incident response and control narratives because it shows what the system did at runtime rather than only describing what the policy document intended. HaltState supports alignment work; it is not a substitute for legal advice or a compliance certification.