Skip to main content

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Project description

CIRISPersist

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Status: 0.1.0 — Phase 1 lens-ready. The Phase 1 ingest pipeline is end-to-end testable and lands the lens cutover from accord_traces (per-thought row collapse) to trace_events + trace_llm_calls (per-broadcast event log) per FSD §3.5. Phase 2 (agent's audit_log + service_correlations) and Phase 3 (runtime state + memory graph + governance) reuse the same Backend trait without restructuring.

This crate is the operational form of the architectural collapse the Proof-of-Benefit Federation FSD §3.1 specifies: lens-side ingest+verify+scrub+store and agent-side audit-chain+TSDB+runtime persistence are the same job at different scales. We carve the work into three phases — each independently shippable, each gated on a measured operational reason — with a single crate API designed from Phase 1 to support all three without rewrites.

Reading order

If you have 5 minutes: MISSION.md and FSD/CIRIS_PERSIST.md §1, §2, §3.6.

If you have 20 minutes: the FSD top-to-bottom plus FSD/PLATFORM_ARCHITECTURE.md.

If you are integrating with the lens (Phase 1): the FSD §3 in full plus context/TRACE_WIRE_FORMAT.md and the tests/wire_format_fixtures.rs integration suite (real signed traces from agent release/2.7.8).

If you are planning Phase 2/3: the FSD §4–§5 plus context/agent_persistence_README.md.

Phases

Phase Surface Trigger
1 (0.1.0 — shipping) Lens trace ingest: trace_events, trace_llm_calls, accord_public_keys. Ed25519 verify, PII scrub, batch persist via TimescaleDB hypertables. Now.
2 Agent signed-events + TSDB: audit_log, audit_roots, audit_signing_keys, service_correlations. PyO3 from inside the agent process. When peer-to-peer trace replication is on the roadmap.
3 Agent runtime state, memory graph, governance: tasks, thoughts, graph_nodes, graph_edges, tickets, dsar_*, deferral_*, wa_cert, feedback_mappings, consolidation_locks, queue_status. When ≥30 days of Phase 2 stability + a named operational reason.

Out of scope: CIRISRegistry, CIRISPortal — external services with their own DBs and replication strategies.

Layout

.github/workflows/ci.yml      CI matrix (linux x86_64 + arm64, darwin-arm64,
                              ios device + sim, lint, license-audit, pyo3 wheel)
FSD/                          FSD + crate-recommendations + platform-architecture
MISSION.md                    Mission Driven Development alignment for this crate
context/                      Vendored upstream specs (PoB, wire format, accord,
                              agent persistence README, lens migration)
migrations/postgres/lens/     Phase 1 SQL — V001__trace_events.sql,
                              V002__audit_anchor_cols.sql
src/
├── schema/                   Wire-format types (no untyped Value in hot paths)
├── verify/                   Canonical bytes (Python-compat) + Ed25519 strict-verify
├── scrub/                    Scrubber trait + NullScrubber + CallbackScrubber
├── store/                    Backend trait + decompose + Postgres + memory impls
├── ingest.rs                 Pipeline orchestrator: parse → verify → scrub →
                              decompose → backend insert
├── journal.rs                redb append-only outage journal
├── queue.rs                  Bounded mpsc + single-consumer persister + 429 backpressure
├── server/                   axum HTTP listener (POST /api/v1/accord/events, /health)
└── ffi/pyo3.rs               PyO3 Engine class for FastAPI integration
tests/
├── fixtures/wire/2.7.0/      Real signed-trace fixtures from CIRISAgent release/2.7.8
└── wire_format_fixtures.rs   Integration tests against the fixtures
python/ciris_persist/         Python package (maturin abi3-py311 build)
pyproject.toml                maturin build config
deny.toml                     cargo-deny — license-deny enforcement (AGPL family +
                              MIT/Apache/BSD permissive)
Cargo.toml

Feature flags

Flag Phase Adds
postgres 1 tokio-postgres + deadpool-postgres + refinery migrations
server 1 axum HTTP listener for /api/v1/accord/events and /health
pyo3 1 Python bindings (FastAPI / agent in-process); implies postgres
sqlite 2 rusqlite backend (agent + iOS)
c-abi 2 C ABI for iOS client
peer-replicate 2 Reticulum gossip hook

Quickstart — lens FastAPI integration

import ciris_persist as cp

engine = cp.Engine(dsn="postgres://lens:lens@localhost:5432/cirislens")
engine.register_public_key(
    signature_key_id="agent-8a0b70302aae",
    public_key_b64="<base64-encoded 32-byte Ed25519 verifying key>",
    agent_id_hash="8a0b70302aaeb401...",
)

# In FastAPI handler:
summary = engine.receive_and_persist(request_body_bytes)
# → {"envelopes_processed": 1, "trace_events_inserted": 12, ...}

Quickstart — Rust standalone server (Phase 1.1 deployment shape)

use std::sync::Arc;
use ciris_persist::{
    server, spawn_persister, Journal,
    scrub::NullScrubber,
    store::PostgresBackend,
    verify::PythonJsonDumpsCanonicalizer,
};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let backend = Arc::new(PostgresBackend::connect(&std::env::var("CIRIS_DB_URL")?).await?);
    backend.run_migrations().await?;

    let journal = Arc::new(Journal::open("/var/lib/cirislens/journal.redb")?);
    let handle = spawn_persister(
        ciris_persist::DEFAULT_QUEUE_DEPTH,
        backend,
        Arc::new(PythonJsonDumpsCanonicalizer),
        Arc::new(NullScrubber),
        journal.clone(),
    );

    let app = server::router(server::AppState { handle, journal });
    let listener = tokio::net::TcpListener::bind("0.0.0.0:8080").await?;
    axum::serve(listener, app).await?;
    Ok(())
}

Mission Driven Development

Every component, every test, every PR cites against MISSION.md. The methodology is from ~/CIRISAgent/FSD/MISSION_DRIVEN_DEVELOPMENT.md. Three structural legs (LOGIC, SCHEMAS, PROTOCOLS) supporting one purposeful seat (MISSION = Accord Meta-Goal M-1).

Test coverage organized by mission category (MISSION.md §4):

Category Coverage
Schema parity Wire-format round-trips, real-fixture deserialization, dedup-key derivation
Verify rejection Schema version, attempt_index sign, signature mismatch, unknown key, malformed sig, wrong key
Canonicalization parity 14 byte-exact fixtures vs python json.dumps; JCS-divergence test
Idempotency Dedup tuple, repeat batches, intra-batch duplicates
Backpressure Full queue → 429 + Retry-After
Power-cycle resilience Journal append/replay survives reopen; halt-on-error preserves order
Backend parity Memory impl conformance suite (postgres conformance gated on CI DSN)

License

AGPL-3.0-or-later. CIRIS Accord canonical text at context/accord_1.2b.txt (v1.2-Beta, dated 2025-04-16, expires 2027-04-16 absent renewal).

License-locked mission preservation: anyone reasoning about whether a CIRIS-derived deployment preserves M-1 alignment can see and audit every line of the persistence path. Closed-source forks are forbidden by the license, which makes the federation primitive's audit story structurally enforceable, not merely socially expected.

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_x86_64.whl (6.5 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ x86-64

ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_aarch64.whl (6.4 MB view details)

Uploaded CPython 3.11+manylinux: glibc 2.34+ ARM64

ciris_persist-1.5.16-cp311-abi3-macosx_11_0_arm64.whl (6.0 MB view details)

Uploaded CPython 3.11+macOS 11.0+ ARM64

File details

Details for the file ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 9f64b476e8c56bd01f23bcaa0c7b371764287010187f310e8cfb543c64db7a4a
MD5 e98ef12273fe5b99dcf33cb4a45a7d80
BLAKE2b-256 7749d39bb0cd571e5e2cafcbc39e5ee62dfd02f6e76963249be92a7c2561fddd

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_x86_64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_aarch64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_aarch64.whl
Algorithm Hash digest
SHA256 87dab87107e2106689c40b085e605401c91705f5ac222bd5959d60748d0f8c00
MD5 cd2498ed7944c3a27f76030d7b7f3f7e
BLAKE2b-256 7893e6ffec08496c448ee25913facd26ed98126ec065d9b2c2b667a63710ec5d

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.16-cp311-abi3-manylinux_2_34_aarch64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-1.5.16-cp311-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for ciris_persist-1.5.16-cp311-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 cb16c50e98d88a638cd0d2da4991eb85688d03ab91ed054279b1797675d2c1dc
MD5 cf235dcb056a4ffcaef487a061dff2c8
BLAKE2b-256 4896b1e866d905a0f194d8b133f855d8649958936bcddd6d1e86e57002dbad4f

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-1.5.16-cp311-abi3-macosx_11_0_arm64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page