Skip to main content

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Project description

CIRISPersist

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Status: 0.1.0 — Phase 1 lens-ready. The Phase 1 ingest pipeline is end-to-end testable and lands the lens cutover from accord_traces (per-thought row collapse) to trace_events + trace_llm_calls (per-broadcast event log) per FSD §3.5. Phase 2 (agent's audit_log + service_correlations) and Phase 3 (runtime state + memory graph + governance) reuse the same Backend trait without restructuring.

This crate is the operational form of the architectural collapse the Proof-of-Benefit Federation FSD §3.1 specifies: lens-side ingest+verify+scrub+store and agent-side audit-chain+TSDB+runtime persistence are the same job at different scales. We carve the work into three phases — each independently shippable, each gated on a measured operational reason — with a single crate API designed from Phase 1 to support all three without rewrites.

Reading order

If you have 5 minutes: MISSION.md and FSD/CIRIS_PERSIST.md §1, §2, §3.6.

If you have 20 minutes: the FSD top-to-bottom plus FSD/PLATFORM_ARCHITECTURE.md.

If you are integrating with the lens (Phase 1): the FSD §3 in full plus context/TRACE_WIRE_FORMAT.md and the tests/wire_format_fixtures.rs integration suite (real signed traces from agent release/2.7.8).

If you are planning Phase 2/3: the FSD §4–§5 plus context/agent_persistence_README.md.

Phases

Phase Surface Trigger
1 (0.1.0 — shipping) Lens trace ingest: trace_events, trace_llm_calls, accord_public_keys. Ed25519 verify, PII scrub, batch persist via TimescaleDB hypertables. Now.
2 Agent signed-events + TSDB: audit_log, audit_roots, audit_signing_keys, service_correlations. PyO3 from inside the agent process. When peer-to-peer trace replication is on the roadmap.
3 Agent runtime state, memory graph, governance: tasks, thoughts, graph_nodes, graph_edges, tickets, dsar_*, deferral_*, wa_cert, feedback_mappings, consolidation_locks, queue_status. When ≥30 days of Phase 2 stability + a named operational reason.

Out of scope: CIRISRegistry, CIRISPortal — external services with their own DBs and replication strategies.

Layout

.github/workflows/ci.yml      CI matrix (linux x86_64 + arm64, darwin-arm64,
                              ios device + sim, lint, license-audit, pyo3 wheel)
FSD/                          FSD + crate-recommendations + platform-architecture
MISSION.md                    Mission Driven Development alignment for this crate
context/                      Vendored upstream specs (PoB, wire format, accord,
                              agent persistence README, lens migration)
migrations/postgres/lens/     Phase 1 SQL — V001__trace_events.sql,
                              V002__audit_anchor_cols.sql
src/
├── schema/                   Wire-format types (no untyped Value in hot paths)
├── verify/                   Canonical bytes (Python-compat) + Ed25519 strict-verify
├── scrub/                    Scrubber trait + NullScrubber + CallbackScrubber
├── store/                    Backend trait + decompose + Postgres + memory impls
├── ingest.rs                 Pipeline orchestrator: parse → verify → scrub →
                              decompose → backend insert
├── journal.rs                redb append-only outage journal
├── queue.rs                  Bounded mpsc + single-consumer persister + 429 backpressure
├── server/                   axum HTTP listener (POST /api/v1/accord/events, /health)
└── ffi/pyo3.rs               PyO3 Engine class for FastAPI integration
tests/
├── fixtures/wire/2.7.0/      Real signed-trace fixtures from CIRISAgent release/2.7.8
└── wire_format_fixtures.rs   Integration tests against the fixtures
python/ciris_persist/         Python package (maturin abi3-py311 build)
pyproject.toml                maturin build config
deny.toml                     cargo-deny — license-deny enforcement (AGPL family +
                              MIT/Apache/BSD permissive)
Cargo.toml

Feature flags

Flag Phase Adds
postgres 1 tokio-postgres + deadpool-postgres + refinery migrations
server 1 axum HTTP listener for /api/v1/accord/events and /health
pyo3 1 Python bindings (FastAPI / agent in-process); implies postgres
sqlite 2 rusqlite backend (agent + iOS)
c-abi 2 C ABI for iOS client
peer-replicate 2 Reticulum gossip hook

Quickstart — lens FastAPI integration

import ciris_persist as cp

engine = cp.Engine(dsn="postgres://lens:lens@localhost:5432/cirislens")
engine.register_public_key(
    signature_key_id="agent-8a0b70302aae",
    public_key_b64="<base64-encoded 32-byte Ed25519 verifying key>",
    agent_id_hash="8a0b70302aaeb401...",
)

# In FastAPI handler:
summary = engine.receive_and_persist(request_body_bytes)
# → {"envelopes_processed": 1, "trace_events_inserted": 12, ...}

Quickstart — Rust standalone server (Phase 1.1 deployment shape)

use std::sync::Arc;
use ciris_persist::{
    server, spawn_persister, Journal,
    scrub::NullScrubber,
    store::PostgresBackend,
    verify::PythonJsonDumpsCanonicalizer,
};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let backend = Arc::new(PostgresBackend::connect(&std::env::var("CIRIS_DB_URL")?).await?);
    backend.run_migrations().await?;

    let journal = Arc::new(Journal::open("/var/lib/cirislens/journal.redb")?);
    let handle = spawn_persister(
        ciris_persist::DEFAULT_QUEUE_DEPTH,
        backend,
        Arc::new(PythonJsonDumpsCanonicalizer),
        Arc::new(NullScrubber),
        journal.clone(),
    );

    let app = server::router(server::AppState { handle, journal });
    let listener = tokio::net::TcpListener::bind("0.0.0.0:8080").await?;
    axum::serve(listener, app).await?;
    Ok(())
}

Mission Driven Development

Every component, every test, every PR cites against MISSION.md. The methodology is from ~/CIRISAgent/FSD/MISSION_DRIVEN_DEVELOPMENT.md. Three structural legs (LOGIC, SCHEMAS, PROTOCOLS) supporting one purposeful seat (MISSION = Accord Meta-Goal M-1).

Test coverage organized by mission category (MISSION.md §4):

Category Coverage
Schema parity Wire-format round-trips, real-fixture deserialization, dedup-key derivation
Verify rejection Schema version, attempt_index sign, signature mismatch, unknown key, malformed sig, wrong key
Canonicalization parity 14 byte-exact fixtures vs python json.dumps; JCS-divergence test
Idempotency Dedup tuple, repeat batches, intra-batch duplicates
Backpressure Full queue → 429 + Retry-After
Power-cycle resilience Journal append/replay survives reopen; halt-on-error preserves order
Backend parity Memory impl conformance suite (postgres conformance gated on CI DSN)

License

AGPL-3.0-or-later. CIRIS Accord canonical text at context/accord_1.2b.txt (v1.2-Beta, dated 2025-04-16, expires 2027-04-16 absent renewal).

License-locked mission preservation: anyone reasoning about whether a CIRIS-derived deployment preserves M-1 alignment can see and audit every line of the persistence path. Closed-source forks are forbidden by the license, which makes the federation primitive's audit story structurally enforceable, not merely socially expected.

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_x86_64.whl (6.4 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ x86-64

ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_aarch64.whl (6.2 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ ARM64

ciris_persist-1.5.13-cp311-abi3-macosx_11_0_arm64.whl (5.8 MB view details)

Uploaded CPython 3.11+macOS 11.0+ ARM64

File details

Details for the file ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 7ac682e0748081ccbfd8d0255c7bfb55638eb879d718546f9b4d27024f343945
MD5 20e6b719d1b66f362ea4de09878005eb
BLAKE2b-256 b0e892f21534a082c1fd3d131259dac7e6bf3dc6d524234538efc0b26775775d

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_x86_64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_aarch64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_aarch64.whl
Algorithm Hash digest
SHA256 144d3cb7ca2ecca5da2e6071027de9b1151492005cbbc1750835c582484d5603
MD5 7871262b1cae73e6e9b6b0eaf7153051
BLAKE2b-256 3047d32b63a1f14f325f3ce68215a01071282aa552038de37e444cf9b779a9f6

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.13-cp311-abi3-manylinux_2_34_aarch64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.13-cp311-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.13-cp311-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 63f2c6c95540ae182326d52dac1e2faa9f9cfb747e549b7b253dec8eadf44fa9
MD5 fc919304c45af1e778af64d7cd510c4f
BLAKE2b-256 88151809d7d5c88e1dc449b8aa294e3c421ef676c8ced298376bad848560ce4b

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.13-cp311-abi3-macosx_11_0_arm64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page