Tentarc LogoDocs

Recovery Contract

Tentarc treats recovery as a first-class contract, not afterthought retries.

Recovery boundary

On crash/restart, runtime restores from persisted control/state plane data:

  • pending control intents
  • last committed status transition
  • latest memory revision
  • resumable execution cursor/checkpoint

Guarantees

  • admitted duplicate requests stay blocked after restart
  • completed side effects are not replayed blindly
  • interrupted non-terminal runs can resume
  • terminal runs remain terminal unless explicitly forked/replayed

Failure taxonomy

Classify failures explicitly:

  • admission failure: rejected before execution
  • execution failure: runtime/tool path failed during data plane
  • projection failure: state write failed after execution step

Different class, different operator action.

Operator playbook

For production-like workflows:

  1. inspect status timeline
  2. locate last durable checkpoint
  3. decide resume vs replay vs fork
  4. preserve audit trail of control decisions

This keeps reliability high without hiding failure reality.

Previous: Revisioned Memory

Revisit revision semantics and fallback records.

Back →
Next: Multi-Agent Coordination

Move into cross-lane scheduling and handoff design.

Continue →
Share feedbackLast updated: Mar 6, 2026
Was this page helpful?YesNo