FeaturesHow It WorksPricingDocs

Observe vs Enforce

Observe classifies and accounts for loss without retrying. Enforce performs bounded retry and fallback under a cost ceiling.

Agent hint

Use when choosing resilience.mode, explaining fail-open, or proof_window_pct sampling.

In scope

  • observe semantics
  • enforce semantics
  • fail-open on auditor errors
  • proof_window_pct

Out of scope

  • Fallback registration — see Fallbacks
  • Event fields — see Loss Accounting

observe (default when enabled)

  • Single provider call — no automatic retry
  • Classifies response/exception and logs counterfactual metrics
  • Computes projected_cost and loss_avoided for analytics
  • Safe for production shadow mode before enforce

enforce

  • Retries on retry_on kinds up to max_attempts
  • Invokes registered fallbacks within max_extra_cost_usd
  • Raises AurexResilienceExhausted when cap exceeded
  • Raises AurexRecovered when a retry/fallback succeeds

Fail-open

Resilience wraps provider calls fail-open: unexpected auditor errors propagate the original provider exception rather than masking failures. Observe mode never doubles calls on network errors.

proof_window_pct

When mode is observe and proof_window_pct > 0, a random sample of calls run enforce logic for validation while the majority stay observe-only. Use briefly to validate fallback wiring before full enforce.

See also