Skip to main content
Need the strict launch-ready path? See 5-Minute Quickstart.
1

Install Attesta

pip install attesta[terminal]
This installs the core library plus the rich terminal UI for interactive approval prompts.For YAML config support add:
pip install attesta[terminal,yaml]
pip install attesta (without extras) installs the core library only. Without the terminal extra, Attesta auto-approves all actions in non-interactive environments. Use attesta[terminal] to see approval prompts.
2

Protect a function

Add the @gate decorator to any function that should require human approval.
from attesta import gate

@gate
def delete_user(user_id: str) -> str:
    """Permanently delete a user account."""
    return f"Deleted user {user_id}"
3

Call the function

When you call a gated function, Attesta intercepts the call, scores the risk, and presents the appropriate challenge.
# This triggers a risk assessment + approval prompt
result = delete_user("usr_12345")
For delete_user, the risk scorer will detect the destructive verb “delete” and score it as HIGH risk, presenting a comprehension quiz before allowing execution.
4

Initialize a config file (optional)

For production use, create a configuration file to customize policies:
attesta init
This generates an attesta.yaml with sensible defaults for challenge mappings, review times, trust settings, and risk overrides.
5

Use with a config file

Load the config to apply your custom policies:
from attesta import Attesta

attesta = Attesta.from_config("attesta.yaml")

@attesta.gate(risk_hints={"production": True})
def deploy(service: str, version: str) -> str:
    """Deploy a service to production."""
    return f"Deployed {service} v{version}"

What Happens When You Call a Gated Function

  1. Risk scoring — The DefaultRiskScorer analyzes the function name, arguments, docstring, hints, and novelty
  2. Challenge selection — The risk level determines the challenge: LOW -> auto-approve, MEDIUM -> confirm, HIGH -> quiz, CRITICAL -> multi-party
  3. Verification — The human operator completes the challenge (or the action is auto-approved for low risk)
  4. Audit — The decision is recorded in a SHA-256 hash-chained audit log
If the operator denies the action or fails the challenge, Attesta raises an AttestaDenied exception. The protected function is never executed.