Skip to main content

Unified Rust persistence for the CIRIS federation — signed events, time-series, runtime state.

Project description

CIRISPersist

One embeddable Rust crate behind every stateful surface a CIRIS federation node needs — the signed reasoning-trace log, the hash-chained audit log, the memory graph, time-series telemetry, secrets-at-rest, and federation trust state. Postgres or SQLite; in-process via PyO3 or over HTTP.

What it is

CIRISPersist is the lowest stateful substrate above CIRISVerify. An agent or lens node links it as a library — pip install ciris-persist — and gets every storage surface it needs from one versioned API instead of ~11 hand-rolled services. The backend is chosen at Engine construction by DSN scheme (postgres://… or sqlite://…); every method works on both.

Substrates

Substrate Backs
trace ingest signed reasoning-trace event log + LLM-call log
cirisaudit hash-chained, per-tenant signed audit log (RFC 6962 Merkle)
cirisgraph memory nodes + edges — absorbs MemoryService / ConfigService
telemetry metric writes + TSDB rollup
secrets federated SecretsService — AES-256-GCM at rest, hardware-backed master key
cirisnode CIRISNodeCore federation-consensus substrate
sequence / occurrence atomic per-identity counters + endpoint-liveness registry
lens substrates tasks, thoughts, correlations, tickets, deferral reports, WA certs, …

Honest read

  • Postgres + SQLite at 100% parity. Every PyO3 method works on both backends — including the observability read API and the lens-derived schemas — so sovereign-mode (Pi / iOS) deployments are not second-class.
  • In-process cohabitation. Engine is a process-singleton: a CIRIS 3.0 process hosting the agent + NodeCore + LensCore shares one runtime, one pool, one identity — see docs/COHABITATION.md.
  • Hardware-backed secrets. The secrets master key is derived — via CIRISVerify — from a seed sealed by the platform TPM / Keystore / Secure Enclave where one exists, with an honest software fallback where it does not.
  • Crypto goes through CIRISVerify. Persist never rolls its own — signing, verification, and key derivation route through ciris-verify-core / ciris-keyring.
  • Deliberately not: no embedded graph DB engine (Postgres / SQLite recursive CTEs instead); not a daemon (a library, not a service); horizontal sharding is out of scope.

Performance & SOTA

Measured by the in-repo criterion suite (benches/ — eleven harnesses run per commit and published to the trend dashboard). Representative current numbers:

  • AES-256-GCM (secrets-at-rest) — ~9.5 GiB/s, via CIRISVerify v2.8.0.
  • Analytics — V042 covering indexes turn the scoring ReadEngine queries into index-only scans; cross_agent_divergence ~−42% vs. a raw table scan.
  • next_sequence — a durable, async-safe atomic counter increment ~10 µs (the SQLite UPSERT itself ~2 µs; the rest is the async wrapper).
  • Cold start — open + full migration run ~12 ms.
Capability SOTA peers CIRISPersist
Embedded persistence ORMs — sqlx, Diesel; per-service DBs one API, Postgres + SQLite at 100% parity — at parity
Audit log Trillian, Rekor, AWS QLDB RFC 6962 Merkle + post-quantum-signed tree heads — ahead of typical
Crypto-at-rest ring, OpenSSL (~3–6 GiB/s AES-GCM) ~9.5 GiB/s AES-256-GCM via CIRISVerify — ahead
Post-quantum mostly classical hybrid Ed25519 + ML-DSA-65 throughout — ahead
Analytics DuckDB, ClickHouse (columnar) row store + query-shaped covering indexes ("poor-man's column store") — at parity for the fixed query set; ~2–5× behind a columnar engine on raw ad-hoc scan
Horizontal scale sharded DB services a library, not a service — behind (deployment shape, not algorithm)

Ahead on post-quantum crypto and the Merkle audit log; at parity on embedded persistence and on analytics for its closed query set; the one real "behind" — horizontal scale — is a library-vs-service choice, not an algorithm gap.

Quick start

import ciris_persist as cp

engine = cp.Engine(dsn="sqlite://./agent.db", signing_key_id="agent-ed25519")
engine.register_consumer("my-adapter", ["cirisgraph"])
summary = engine.receive_and_persist(request_body_bytes)

Docs

Doc What
MISSION.md Mission-Driven Development alignment (Accord Meta-Goal M-1)
FSD/CIRIS_PERSIST.md Full functional spec
docs/COHABITATION.md In-process cohabitation model
docs/THREAT_MODEL.md Threat model (AV-* attack vectors)
docs/PUBLIC_SCHEMA_CONTRACT.md Stable schema contract
CHANGELOG.md Per-release history

License

AGPL-3.0-or-later. The persistence path is auditable line-by-line by design: closed-source forks are forbidden, which makes the federation primitive's audit story structurally enforceable, not merely socially expected.

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_x86_64.whl (11.0 MB view details)

Uploaded CPython 3.10+manylinux: glibc 2.38+ x86-64

ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_aarch64.whl (10.3 MB view details)

Uploaded CPython 3.10+manylinux: glibc 2.38+ ARM64

ciris_persist-4.12.1-cp310-abi3-macosx_11_0_arm64.whl (8.2 MB view details)

Uploaded CPython 3.10+macOS 11.0+ ARM64

File details

Details for the file ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_x86_64.whl.

File metadata

File hashes

Hashes for ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_x86_64.whl
Algorithm Hash digest
SHA256 c1f463103b0c6ce1c34e647d5f2f121e6e1c3780128cc797d5c30cf0e051c025
MD5 45baad5d61fe84dfb77ac1ca1744002a
BLAKE2b-256 4970eceebae7687a4bdd33a94ee65c03af8ee8634e4ddfe4b7191c235f0479da

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_x86_64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_aarch64.whl.

File metadata

File hashes

Hashes for ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_aarch64.whl
Algorithm Hash digest
SHA256 4c63d9b608e14d5d694d5574c21bdab0584ba78f9b237043520eaca67aa8ec1c
MD5 c19a893dd9b5a8f68217b0e42aa4fd6e
BLAKE2b-256 2c1d445e617e21dc3cfd6e77ab84b2e3877f6c430f4cd50e83fbbd5d65313b36

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-4.12.1-cp310-abi3-manylinux_2_38_aarch64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciris_persist-4.12.1-cp310-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for ciris_persist-4.12.1-cp310-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 87406e1c228c1a23f81f1b70b1e59fc9d9bc0b2e67a428ad30e9c6ccca2548aa
MD5 efd3dd1976b056c4ce76d26789b6b5e3
BLAKE2b-256 8245e9725c7e9b57b6afa3f0636f95c03b8e4db3355e7ccbc9d77f88ff6d076d

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciris_persist-4.12.1-cp310-abi3-macosx_11_0_arm64.whl:

Publisher: ci.yml on CIRISAI/CIRISPersist

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page