This work addresses safety concerns in packet-switched networks—such as queue instability, tail latency spikes, and resource starvation—arising from adaptive or learning-driven control policies. To mitigate these issues, the paper proposes a composable action authentication framework that inserts an authentication operator between the proposer and the data plane. This operator enforces predefined safety constraints on closed-loop control through either certificate-based action projection or a relaxed fallback mechanism. The approach unifies multiple objectives—including backlog upper bounds, service lower bounds, and drift constraints—by integrating Foster–Lyapunov drift analysis, small-gain cyclic closure theory, and robust calibration under delayed telemetry. Experimental results demonstrate that, even under delayed observations, weak proposers, or overload conditions, the system maintains stability and safety in a byte-level closed-loop backend while generating auditable traffic envelopes to support downstream compositional verification.

Packet networks are controlled dynamical systems with discontinuities, delayed observations, and partial state information. Adaptive or learning-driven proposers can improve performance, but an unsafe proposal may still cause starvation, tail-delay spikes, or unstable queue behaviour. This paper treats packet-network control as an executed-action certification problem. A certified operator sits between any proposer and the dataplane. At each control tick, the proposer emits an arbitrary candidate action $\tilde u(t)$. The operator either projects it to an executable action $u(t)$ that satisfies a configuration-compiled certificate, or reports INFEASIBLE and executes an always-defined fallback with quantified slack. The certificate also exports an auditable envelope $\bar z(t)$ for downstream composition. The guarantees are conditional and explicit. They apply on ticks where the operator reports CERTIFIED, the declared arrival envelope and backlog bound are valid, and the platform realises the assumed service lower bound. Under these conditions, one mechanism covers backlog caps, service floors, mitigation caps, Foster--Lyapunov drift constraints, and compositional envelope contracts. We prove operator-level safety, feed-forward compositional safety and stability using exported envelopes, and a cyclic closure result under a small-gain condition. We also define breach and infeasibility semantics, discuss calibration of the service-tracking factor that links certified targets to realised scheduler behaviour, and evaluate the design under delayed telemetry, delayed actuation, weak proposers, envelope mismatch, overload, and millisecond-scale certification. The present evaluation validates the certified execution boundary in a byte-level closed-loop backend; deployment-level scheduler tracking is left to future Linux or hardware experiments.