Skip to main content

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Project description

CIRISPersist

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Status: 0.1.0 — Phase 1 lens-ready. The Phase 1 ingest pipeline is end-to-end testable and lands the lens cutover from accord_traces (per-thought row collapse) to trace_events + trace_llm_calls (per-broadcast event log) per FSD §3.5. Phase 2 (agent's audit_log + service_correlations) and Phase 3 (runtime state + memory graph + governance) reuse the same Backend trait without restructuring.

This crate is the operational form of the architectural collapse the Proof-of-Benefit Federation FSD §3.1 specifies: lens-side ingest+verify+scrub+store and agent-side audit-chain+TSDB+runtime persistence are the same job at different scales. We carve the work into three phases — each independently shippable, each gated on a measured operational reason — with a single crate API designed from Phase 1 to support all three without rewrites.

Reading order

If you have 5 minutes: MISSION.md and FSD/CIRIS_PERSIST.md §1, §2, §3.6.

If you have 20 minutes: the FSD top-to-bottom plus FSD/PLATFORM_ARCHITECTURE.md.

If you are integrating with the lens (Phase 1): the FSD §3 in full plus context/TRACE_WIRE_FORMAT.md and the tests/wire_format_fixtures.rs integration suite (real signed traces from agent release/2.7.8).

If you are planning Phase 2/3: the FSD §4–§5 plus context/agent_persistence_README.md.

Phases

Phase Surface Trigger
1 (0.1.0 — shipping) Lens trace ingest: trace_events, trace_llm_calls, accord_public_keys. Ed25519 verify, PII scrub, batch persist via TimescaleDB hypertables. Now.
2 Agent signed-events + TSDB: audit_log, audit_roots, audit_signing_keys, service_correlations. PyO3 from inside the agent process. When peer-to-peer trace replication is on the roadmap.
3 Agent runtime state, memory graph, governance: tasks, thoughts, graph_nodes, graph_edges, tickets, dsar_*, deferral_*, wa_cert, feedback_mappings, consolidation_locks, queue_status. When ≥30 days of Phase 2 stability + a named operational reason.

Out of scope: CIRISRegistry, CIRISPortal — external services with their own DBs and replication strategies.

Layout

.github/workflows/ci.yml      CI matrix (linux x86_64 + arm64, darwin-arm64,
                              ios device + sim, lint, license-audit, pyo3 wheel)
FSD/                          FSD + crate-recommendations + platform-architecture
MISSION.md                    Mission Driven Development alignment for this crate
context/                      Vendored upstream specs (PoB, wire format, accord,
                              agent persistence README, lens migration)
migrations/postgres/lens/     Phase 1 SQL — V001__trace_events.sql,
                              V002__audit_anchor_cols.sql
src/
├── schema/                   Wire-format types (no untyped Value in hot paths)
├── verify/                   Canonical bytes (Python-compat) + Ed25519 strict-verify
├── scrub/                    Scrubber trait + NullScrubber + CallbackScrubber
├── store/                    Backend trait + decompose + Postgres + memory impls
├── ingest.rs                 Pipeline orchestrator: parse → verify → scrub →
                              decompose → backend insert
├── journal.rs                redb append-only outage journal
├── queue.rs                  Bounded mpsc + single-consumer persister + 429 backpressure
├── server/                   axum HTTP listener (POST /api/v1/accord/events, /health)
└── ffi/pyo3.rs               PyO3 Engine class for FastAPI integration
tests/
├── fixtures/wire/2.7.0/      Real signed-trace fixtures from CIRISAgent release/2.7.8
└── wire_format_fixtures.rs   Integration tests against the fixtures
python/ciris_persist/         Python package (maturin abi3-py311 build)
pyproject.toml                maturin build config
deny.toml                     cargo-deny — license-deny enforcement (AGPL family +
                              MIT/Apache/BSD permissive)
Cargo.toml

Feature flags

Flag Phase Adds
postgres 1 tokio-postgres + deadpool-postgres + refinery migrations
server 1 axum HTTP listener for /api/v1/accord/events and /health
pyo3 1 Python bindings (FastAPI / agent in-process); implies postgres
sqlite 2 rusqlite backend (agent + iOS)
c-abi 2 C ABI for iOS client
peer-replicate 2 Reticulum gossip hook

Quickstart — lens FastAPI integration

import ciris_persist as cp

engine = cp.Engine(dsn="postgres://lens:lens@localhost:5432/cirislens")
engine.register_public_key(
    signature_key_id="agent-8a0b70302aae",
    public_key_b64="<base64-encoded 32-byte Ed25519 verifying key>",
    agent_id_hash="8a0b70302aaeb401...",
)

# In FastAPI handler:
summary = engine.receive_and_persist(request_body_bytes)
# → {"envelopes_processed": 1, "trace_events_inserted": 12, ...}

Quickstart — Rust standalone server (Phase 1.1 deployment shape)

use std::sync::Arc;
use ciris_persist::{
    server, spawn_persister, Journal,
    scrub::NullScrubber,
    store::PostgresBackend,
    verify::PythonJsonDumpsCanonicalizer,
};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let backend = Arc::new(PostgresBackend::connect(&std::env::var("CIRIS_DB_URL")?).await?);
    backend.run_migrations().await?;

    let journal = Arc::new(Journal::open("/var/lib/cirislens/journal.redb")?);
    let handle = spawn_persister(
        ciris_persist::DEFAULT_QUEUE_DEPTH,
        backend,
        Arc::new(PythonJsonDumpsCanonicalizer),
        Arc::new(NullScrubber),
        journal.clone(),
    );

    let app = server::router(server::AppState { handle, journal });
    let listener = tokio::net::TcpListener::bind("0.0.0.0:8080").await?;
    axum::serve(listener, app).await?;
    Ok(())
}

Mission Driven Development

Every component, every test, every PR cites against MISSION.md. The methodology is from ~/CIRISAgent/FSD/MISSION_DRIVEN_DEVELOPMENT.md. Three structural legs (LOGIC, SCHEMAS, PROTOCOLS) supporting one purposeful seat (MISSION = Accord Meta-Goal M-1).

Test coverage organized by mission category (MISSION.md §4):

Category Coverage
Schema parity Wire-format round-trips, real-fixture deserialization, dedup-key derivation
Verify rejection Schema version, attempt_index sign, signature mismatch, unknown key, malformed sig, wrong key
Canonicalization parity 14 byte-exact fixtures vs python json.dumps; JCS-divergence test
Idempotency Dedup tuple, repeat batches, intra-batch duplicates
Backpressure Full queue → 429 + Retry-After
Power-cycle resilience Journal append/replay survives reopen; halt-on-error preserves order
Backend parity Memory impl conformance suite (postgres conformance gated on CI DSN)

License

AGPL-3.0-or-later. CIRIS Accord canonical text at context/accord_1.2b.txt (v1.2-Beta, dated 2025-04-16, expires 2027-04-16 absent renewal).

License-locked mission preservation: anyone reasoning about whether a CIRIS-derived deployment preserves M-1 alignment can see and audit every line of the persistence path. Closed-source forks are forbidden by the license, which makes the federation primitive's audit story structurally enforceable, not merely socially expected.

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_x86_64.whl (6.2 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ x86-64

ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_aarch64.whl (6.0 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ ARM64

ciris_persist-1.5.11-cp311-abi3-macosx_11_0_arm64.whl (5.6 MB view details)

Uploaded CPython 3.11+macOS 11.0+ ARM64

File details

Details for the file ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 8c17c1bbcbfc59d15496081be54704656b840887e9282b4684cb953a975afd9f
MD5 c8c8cda64ed5b2308617d23e229baf30
BLAKE2b-256 ecba1f5aa8bbc7c23e50e738c3778e3b69ce7ce4a29d324ef0c9f33a3f4b2c07

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_x86_64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_aarch64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_aarch64.whl
Algorithm Hash digest
SHA256 8f766b0f9b8751e4f6b76e612dcbf784dcc3943092f51f61ee190426e28ea039
MD5 926c43f4707f124b5effce1949814950
BLAKE2b-256 c4a20bb6c4a1261befaa71b991b392728561fe90b0e6aeda5a5ab2bc08191991

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.11-cp311-abi3-manylinux_2_34_aarch64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.11-cp311-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.11-cp311-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 e5e612b446c3713b9757908e2b3d7c884b27a6066d3e42a9ec8e684dbc98b7be
MD5 90f7d9da80d6992596cab90d2c3066d8
BLAKE2b-256 4c3511ff7d6fd0098c22b61108c42bd761ea0acee2c6d49e5624dc990d21048b

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.11-cp311-abi3-macosx_11_0_arm64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page