Skip to main content

Python bindings for Calybris Core — experimental/pre-1.0; Rust kernel is the stable surface

Project description

Calybris Core

Calybris Core

CI CodSpeed codecov Crates.io docs.rs License MSRV

Deterministic, auditable decision primitive for high-stakes routing & guardrails.

Given a frozen catalog, a policy snapshot, and a typed request, Calybris returns one action plus an audit bundle that replays to the same answer.

catalog + policy + request  ->  decision + audit bundle

Integer-only Rust hot path. No hosted dependency. No unsafe in project code.

What is this?

Calybris is a proof-carrying decision kernel: not an OMS, not an LLM gateway, not a matching engine. You bring the catalog (suppliers, models, venues); the kernel evaluates hard constraints, picks the best eligible candidate, and emits digests you can replay and verify offline.

Same primitive, different adapters: supplier routing, model routing, and pre-trade admission are reference mappings onto one API, not three products.

When to use / when not to

Use Calybris when... Do not use it for...
Decisions must be deterministic and replay-auditable Inventory, WMS, label printing, carrier booking
You need hard gates (budget, risk, latency, region, capability) in your control plane A hosted routing API or managed decision service
Post-mortems and compliance need proof bundles, not log grep Live market data, order matching, exchange connectivity

Stability model

Layer Status Notes
calybris-core (Rust) Stable crates.io: this is the contract
calybris (Python) Experimental / pre-1.0 PyO3 + Pydantic convenience wrapper around the kernel
calybris_commerce (Python) Experimental / pre-1.0 Thicker adapter (orders, suppliers, batch routing), still calls the same Rust kernel; API may change

Rust owns correctness and replay semantics. Python packages are ergonomic entry points for integration and demos; mature them in your stack before treating them as production infrastructure.

Quickstart (~5 minutes)

git clone https://github.com/emirhuseynrmx/calybris-core.git
cd calybris-core
cargo run --example quickstart

That example builds a two-model policy, prescribes one request, verifies replay, and prints an audit bundle. For Python:

pip install maturin pydantic
maturin develop --release
python bindings/python/examples/quickstart.py

What gets proved

Calybris can bind the full decision path:

policy digest + input digest + decision digest + replay result

Since 0.5.0 the proof format is a written contract, not an implementation detail: docs/CALY_PROOF.md specifies every digest and chain byte-exactly, golden vectors pin them across versions and platforms, and the bundled calybris-verify CLI lets an auditor check a decision trail: chain integrity, digests, and full kernel replay against a policy artifact without running your engine.

cargo install calybris-core   # ships the calybris-verify binary
calybris-verify chain decisions.wal.jsonl
calybris-verify audit decisions.wal.jsonl --policy policy.json

0.5.0 adds:

  • state — record state_digest_before/after per decision; verify_trajectory rejects dropped, reordered, or forged transitions in a sequence.
  • provenance (feature) — bind a policy digest to an Ed25519 signer and timestamp, non-transferable across policies.
  • certificate — bind the audit bundle, state trajectory, WAL position, and signer into one fail-closed envelope.
  • Golden and conformance vectors pin the byte-exact contract, so an independent reimplementation can prove itself against a fixed reference.

The verification path builds for wasm32-unknown-unknown (--no-default-features).

docs/THREAT_MODEL.md is explicit about scope: the system proves trail integrity, not confidentiality, policy quality, or input truth.

Architecture at a glance

Module Role
kernel Integer-only decision kernel (~115 ns/decision); prescribe, prescribe_with_trace for per-constraint rejection counts
digest Canonical tagged byte digests — policy / input / decision / ledger / state
verify Full replay verification and audit bundles; fail-closed verified_audit_bundle
certificate One fail-closed envelope binding audit bundle + state + WAL position + signer (0.5.0)
state Domain-state digest trajectories; verify_trajectory rejects dropped/reordered/forged steps (0.5.0)
provenance Ed25519-signed policies, domain-separated (0.5.0, feature)
wal Hash-chained tamper-evident WAL; append_verified_audited; optional keyed HMAC
budget CAS reserve/commit/release; remaining + reserved + committed == initial (Loom + Miri)
finance Ledger digests, conservation proofs and certificates
proof ProofEnvelope: policy + input + decision digests + WAL position + budget proof
builder / config Hard-to-misuse constructors with validation
persistence fsync-backed snapshot save/load, crash recovery_plan
async_wal / instrument Tokio WAL (feature async), tracing spans (feature observability)

Ships a calybris-verify auditor CLI (chain / audit / policy, --json) so a third party can verify a decision trail without running your engine.

Install

# Rust (stable surface)
cargo add calybris-core

# Python (experimental wrappers)
pip install calybris

Local Python build: maturin develop --release or see docs/PYTHON.md.

Examples & adapters

Reference integrations that map domain objects onto the kernel:

Question Rust Python
Which model/provider? cargo run --example llm_routing quickstart.py, batch_routing.py
Which venue admits an order? cargo run --example pretrade_guard pretrade_budget_guard.py
Which supplier fulfills? - orion_market.py, novamart_benchmark.py

Full command list and code samples: docs/ADAPTERS.md

Performance

CodSpeed CI (Linux x86_64, release): ~8.6M prescribe/sec, ~115 ns/decision, 22-model synthetic catalog. Hardware and workload dependent — provenance and a reproduction recipe are in docs/BENCHMARKS.md; run cargo bench --bench kernel_bench on your own hardware.

Security posture

  • #![forbid(unsafe_code)] — no unsafe in project code.
  • Fail-closed audit boundaries: verified_audit_bundle / append_verified_audited refuse to emit or log a decision that does not replay exactly.
  • Tamper-evident WAL: SHA-256 hash chain, optional HMAC-SHA256 with constant-time comparison (subtle).
  • Ed25519-signed policy provenance, domain-separated so a signature is non-transferable across policies, signers, and timestamps (0.5.0).
  • Byte-exact proof contract (docs/CALY_PROOF.md) locked by golden + conformance vectors and cross-checked in Rust and Python (0.5.0).
  • Concurrency and UB: 7 Loom exhaustive interleavings on budget ops; Miri on nightly for the library tests.
  • Supply chain: cargo-audit + cargo-deny in CI; feature-matrix CI (default / no-default / async / full).
  • Documented boundaries: docs/THREAT_MODEL.md (what it does not guarantee) and docs/KEY_MANAGEMENT.md (key custody and rotation).

Deployment security remains the caller's job: key storage, tenant isolation, inventory/capacity freshness, and an external audit.

Deep dive

Doc Contents
docs/AUDIT_GUIDE.md Module map, audit commands, external review checklist
docs/CALY_PROOF.md CALY-PROOF v1 digest and proof contract
docs/THREAT_MODEL.md Assets, trust boundaries, attackers
docs/KEY_MANAGEMENT.md HMAC / Ed25519 key custody and rotation
docs/BENCHMARKS.md Throughput provenance and reproduction
docs/SECURITY_INVARIANTS.md Invariants I1-I8 and test mapping
docs/MIRI.md UB detection scope in CI
docs/PYTHON.md Python wrappers vs Rust core, commerce API notes
SECURITY.md Vulnerability reporting, supported versions
CONTRIBUTING.md Dev setup, test gate, PR expectations

License

Apache-2.0. See LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

calybris-0.5.0.tar.gz (166.8 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

calybris-0.5.0-cp310-abi3-win_amd64.whl (264.4 kB view details)

Uploaded CPython 3.10+Windows x86-64

calybris-0.5.0-cp310-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (378.6 kB view details)

Uploaded CPython 3.10+manylinux: glibc 2.17+ x86-64

calybris-0.5.0-cp310-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (375.3 kB view details)

Uploaded CPython 3.10+manylinux: glibc 2.17+ ARM64

calybris-0.5.0-cp310-abi3-macosx_11_0_arm64.whl (346.0 kB view details)

Uploaded CPython 3.10+macOS 11.0+ ARM64

calybris-0.5.0-cp310-abi3-macosx_10_12_x86_64.whl (356.0 kB view details)

Uploaded CPython 3.10+macOS 10.12+ x86-64

File details

Details for the file calybris-0.5.0.tar.gz.

File metadata

  • Download URL: calybris-0.5.0.tar.gz
  • Upload date:
  • Size: 166.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for calybris-0.5.0.tar.gz
Algorithm Hash digest
SHA256 e1fc92bb54c768d7ff9f9f56a4b18f1c47861d2a6d18c3f8ea35434cdca3441b
MD5 b3becd2099768ccba91ef16611f8a353
BLAKE2b-256 429650a56330865db9e13434c461871509e61a43c2e52ba930be700bc24a6e20

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0.tar.gz:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file calybris-0.5.0-cp310-abi3-win_amd64.whl.

File metadata

  • Download URL: calybris-0.5.0-cp310-abi3-win_amd64.whl
  • Upload date:
  • Size: 264.4 kB
  • Tags: CPython 3.10+, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for calybris-0.5.0-cp310-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 1636198fef7d5c99b3a407d0bebddb0e8e957cef6465b43d249b4e119802d49a
MD5 305184e0d391c791e73291235a7d60bc
BLAKE2b-256 00c5a5d4657107c01e4f6addd82cdb6d16cc9c3f1fba611b8524a57f0a6b843a

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0-cp310-abi3-win_amd64.whl:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file calybris-0.5.0-cp310-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for calybris-0.5.0-cp310-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 d178fdd135be6eafe570556d0969121a4c1f4c49d804f8a4a44457d20a8ce202
MD5 51093131ae1f2e31432f78457afed676
BLAKE2b-256 b40c20ee6d8ec09c93534756bff6d5546635de7786fb5dd8c56efb414ea2c088

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0-cp310-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file calybris-0.5.0-cp310-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for calybris-0.5.0-cp310-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 260d9cafe45848fad9365f989d0c72ec3eb21daf0602d8ea8a3917544c744c9f
MD5 6b541cf8ecced9f97565789061e6de85
BLAKE2b-256 dca7e28e45a486bc6e32ccc0246384f36e49dc0cba323524083125eda9b18af2

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0-cp310-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file calybris-0.5.0-cp310-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for calybris-0.5.0-cp310-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 13732a5228bafd8f7bd41b75d3d2db7521cd58bfc7b00a4f3c42d8249081adda
MD5 9dee3f0e7a8e76b7fc373e66b35388aa
BLAKE2b-256 d78e93dc21e3756efdedf8154e0ce1dace046544961026e8b9822fdbdfeeb336

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0-cp310-abi3-macosx_11_0_arm64.whl:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file calybris-0.5.0-cp310-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for calybris-0.5.0-cp310-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 5e9f4d81f9a7d47a368354be554e571049a9cff63c6ed9508cf6efd2b0244fe9
MD5 85650cbacd9eb8954e0cf96e86d37e2f
BLAKE2b-256 8d4f836c5c4fb885fe65fdacbfc131e5a2239007b5300e26fc46674f7a4adce2

See more details on using hashes here.

Provenance

The following attestation bundles were made for calybris-0.5.0-cp310-abi3-macosx_10_12_x86_64.whl:

Publisher: release.yml on emirhuseynrmx/calybris-core

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page