From b5f96f0637bd6cd8e10d9b4655c7939b38516844 Mon Sep 17 00:00:00 2001 From: New1Direction <285551516+New1Direction@users.noreply.github.com> Date: Thu, 11 Jun 2026 17:44:57 -0700 Subject: [PATCH] chore: ignore fumadocs-site; drop stale ecosystem page fumadocs-site/ is its own deployed project (korgex-docs.pages.dev) and stays out of the korgex tree by design; the dated ecosystem-next HTML was a transient planning artifact. --- .gitignore | 4 + korg-ecosystem-next-2026-05-29.html | 372 ---------------------------- 2 files changed, 4 insertions(+), 372 deletions(-) delete mode 100644 korg-ecosystem-next-2026-05-29.html diff --git a/.gitignore b/.gitignore index 409a8dc..8dff8d7 100644 --- a/.gitignore +++ b/.gitignore @@ -65,3 +65,7 @@ ecosystem_audit_*.html # uv lock (dev convenience; project builds via setuptools/pip from pyproject) uv.lock + +# Fumadocs docs site — its own deployed project (korgex-docs.pages.dev), kept out +# of the korgex tree on purpose; deploy via wrangler from fumadocs-site/out +fumadocs-site/ diff --git a/korg-ecosystem-next-2026-05-29.html b/korg-ecosystem-next-2026-05-29.html deleted file mode 100644 index 5bd58c3..0000000 --- a/korg-ecosystem-next-2026-05-29.html +++ /dev/null @@ -1,372 +0,0 @@ - - - - - -Korg Ecosystem — Status Dossier & Next Moves - - - - - - -
-
- -
-
Korg Ecosystem · Status Dossier · 2026-05-29 · post korgex v0.4.0
-

Where we stand.And the moves that make the whole thing stronger.

-

The moat isn't an app — it's a verifiable cognitive audit ledger: crypto-signed, causally ordered, replayable, cross-vendor, in one inspectable artifact. korgex v0.4.0 just proved it's buildable. The question now: how do we carry that guarantee out of one app and into the substrate everything else depends on?

-
- -
-
◢ The one honest truth
-

The moat is real in exactly one place — korgex's Python hash-chain — and aspirational everywhere else. The Rust core that korgchat and the bridge actually write through still has no per-event chain. The guarantee is trapped inside an app instead of living in the substrate.

-
- - -
-
01 / THE FRACTURE
-

One layer is provable. The layer beneath it isn't.

-

korgex writes a tamper-evident, hash-chained journal. The Rust core it's supposed to define writes plain JSON. Until the chain lives below, the headline claim — "cryptographically-signed ledger" — is true only for the .ktrans envelope, not the events themselves.

-
-
-
korgex v0.4.0 · Python · src/korg_ledger.py
-

Tamper-evident ✓

-
- seq1·h:3b3c - seq2·h:3548 - seq3·h:75a6 - seq4·h:75da -
-

chain_hash / verify_chain + HMAC tamper-proof variant. korgex verify localizes any edit to a seq_id. Verified across 5 models / 3 vendors.

- -
-
-
-
-
Korg core · Rust · korg-registry/src/log.rs:275
-

Unchained ⚠

-
- evt·{json}··· - evt·{json}··· - evt·{json} -
-

EventMetadata has no prev_hash/entry_hash; spec §1.2 is PROPOSED, not frozen. Real HLC ordering & Ed25519 — but only the campaign envelope is signed, not the events. This is the weakest link in the moat.

-
-
-
- - -
-
02 / WHERE EACH PIECE STANDS
-

The scorecard

-

Six components, scored on maturity and — what actually matters — their role in the verifiable-cognition moat. Green = the guarantee is real here. Amber = it's claimed but not yet true at this layer. Red = absent.

-
- -
-
Korg core write✓ / verify✗
-
alpha · the substrate
-
IS the moat substrate — and currently its weakest link.
-
Real HLC ordering, append/rewind, Ed25519 at the .ktrans layer. But ledger events carry zero per-event integrity. The thing everyone writes through can't yet prove itself.
-
- -
-
korgex v0.4.0 chained ✓
-
beta · reference implementation
-
The working proof the moat is buildable.
-
Hash-chain + verify + HMAC, memory-drift, self-coding gates, 200 tests. Writes a chained LocalJournalClient journal. Gap: the chain is Python-side; korg_bridge to the Rust journal isn't built here.
-
- -
-
KorgChat writes, unchained
-
beta · primary consumer
-
Proves the ledger is usable for real conversation.
-
Every turn → seq_id + triggered_by via korg_bridge (real). But those events inherit the Rust core's missing chain — so a polished UI would ship over a guarantee that isn't true at its layer yet.
-
- -
-
thumper ledger: none
-
beta · highest-stakes producer
-
Sub-second self-healing — the action that most needs an audit trail.
-
Real native Bun runner, ratatui TUI, ACP server, self-healing recovery. Declares ledger_write in introspect (cli/introspect.rs:378) — but zero callables use it.
-
- -
-
korg-launch narrative
-
beta · the storefront
-
Must SELL verifiability — currently sells memory.
-
Polished static site (yvaehkorg.lol), launch runbook. Brand-new (2 commits). Leads with "recall" — the commodity — and buries the verifiable loop. No deployed demo, no evidence link.
-
- -
-
introspect@v1 frozen ✓
-
beta · the other open spec
-
Proof the team CAN ship a real cross-language spec.
-
Identical schema across Rust, Python (korgex), and more — recalled tool_name == MCP tool == CLI subcommand. The model for what the ledger format should become.
-
- -
-
- - -
-
03 / YOUR LEAN, STRESS-TESTED
-

thumper & korgchat — the honest verdict

-
-
◢ half-right, half a trap
-
Right instinct on thumper. Wrong reason. And korgchat is the weaker pick — for now.
-

The mistake would be "polish thumper's TUI" or "give korgchat a web/Tauri UI." Both are already real and good — and both are app polish that doesn't compound the moat. The leverage sits below both: freeze the chain into a spec, then push it into the Rust core. Do that and thumper-with-audit-trail and chained-korgchat both become easy. Skip it and you're decorating apps over a fractured substrate.

-
-
thumper → YES

but as a ledger producer: wire its self-healing loop to emit chained events. Second independent codebase proving the spec — and an audit trail for the highest-stakes autonomous action.

-
korgchat → LATER

already beta with real writes; its events are unchained today. Prettifying the client ships a nicer window onto an unverified record. Do it after the Rust journal carries the chain.

-
substrate → FIRST

extract the hash-chain into a frozen spec + conformance vectors, port it into the Rust core. Everything else is downstream of this.

-
-
-
- - -
-
04 / THE MOVES
-

Eight ideas, sequenced by leverage

-

Every move scored on one question: does it carry the verifiable-ledger guarantee outward into the shared substrate — or is it catch-up any competitor also ships? Ordered into waves; later waves depend on the keystone.

- -
Wave 1 · the keystone — turn a feature into a standard
- -
-
01

Extract the hash-chain into a frozen korg-ledger@v1 spec + reference verifier

-
Mmoat: highcore / x-cutting
-
Lift korgex's chain_hash / verify_chain / verify_dag into a tiny dependency-free spec module: frozen canonicalization (JCS), the prev_hash/entry_hash preimage, the HMAC tamper-proof variant, and a language-agnostic conformance vector file (golden JSONL + expected verify output). Promote spec §1.2 from PROPOSED to FROZEN. korgex then imports it instead of owning it.
-
Why it compounds: turns "korgex has a hash-chain" into "korg is the open standard for tamper-evident agent ledgers, and here's the test suite that proves any implementation conforms." This is the literal moat artifact.
-
- -
-
02

Bring the Rust core up to spec — prev_hash/entry_hash + verify in EventMetadata

-
Lmoat: highKorg core (Rust)
-
Add the chain fields to EventMetadata (log.rs:275) and implement chain-on-append + verify-on-load using the same canonicalization as the reference. Make CapabilityJournal::load() reject a tampered/reordered journal. Run the Wave-1 conformance vectors in CI.
-
Why it compounds: closes the most damaging credibility gap — the README claims a "cryptographically-signed ledger" the Rust events don't deliver. Makes the headline TRUE at the layer korgchat, the bridge, and thumper all depend on, and proves the spec is multi-language by construction.
-
depends on → #01 (verifies against the same definition)
-
- -
Wave 2 · collapse the divergent paths into one verified substrate
- -
-
03

Ship korg_bridge as a wheel; route korgchat + korgex through the chained Rust journal

-
Mmoat: highcore / chat / korgex
-
Build the existing PyO3 korg-bridge crate into a wheel (maturin), then route both korgchat's record_* path and korgex's durability ladder through it. The bridge becomes the one in-process WAL that carries the chain natively — Python callers get the guarantee for free.
-
Why it compounds: today korgchat writes unchained and korgex re-implements the chain in Python — two symptoms of one fracture. A built wheel + chained journal collapses both into a single verified substrate. "Every korgchat turn is tamper-evident" becomes true without korgchat owning crypto.
-
depends on → #02
-
- -
Wave 3 · two independent producers prove the spec travels
- -
-
04

Give thumper real ledger_write — chained events for every heal loop

-
Lmoat: highthumper
-
Wire the self-healing recovery engine (bun/recovery.rs) and native runner to emit chained CapabilityEvents: every error caught, repair attempt, and exit code becomes a verifiable, causally-ordered entry. Each heal loop produces a replayable forensic trail.
-
Why it compounds: thumper's edge is sub-second self-healing — the exact high-stakes autonomous action that most needs a non-repudiable trail. Makes it the second independent codebase proving the spec works, and turns "closed-loop self-healing" into "self-healing you can cryptographically audit." No competitor has that.
-
- -
-
05

Wire memory recall into korgex's loop — drift reconciliation on the ledger

-
Mmoat: highkorgex
-
memory.py + memory_drift.py are built and korgex drift exists, but run_task() never recalls. Load anchored memories at task entry, check_drift() vs baselines, inject fresh facts as @memory, and route drifted items through a reconcile decision recorded as a chained event.
-
Why it compounds: activates the differentiator nobody else has — not "agent memory" (Mem0 owns that wedge) but auditable memory: every recalled fact carries a baseline hash, every staleness call is a signed entry. The agent's beliefs become verifiable, and their drift goes on the record.
-
- -
Wave 4 · turn the real moat into market-facing proof
- -
-
06

A live Ledger Explorer on the launch site — backed by real conformance vectors

-
Mmoat: highlaunch
-
Replace the conceptual 3D mesh with an interactive widget that loads the same golden conformance vectors, renders the causal DAG, and lets a visitor click "tamper" on any event to watch verify flag the break in real time — the exact output the real verifiers produce. (The demo at the top of this page is the seed of it.)
-
Why it compounds: the site leads with the commodity (recall) and makes claims with no evidence link. Wiring the explorer to real vectors converts "trust us, it's tamper-evident" into "tamper it yourself, here's the spec." Markets the moat, gives technical buyers the trust-but-verify artifact.
-
depends on → #01 (the vectors are the data source)
-
- -
-
07

Cross-vendor import adapters — replay Claude Code / Codex / Grok into one chained journal

-
Lmoat: highcore / adapters
-
Thin adapters ingest other vendors' session transcripts and re-emit them as korg-ledger@v1 chained events with reconstructed HLC ordering and triggered_by links. Output: one inspectable, verifiable artifact spanning vendors. Ships as a CLI subcommand and an MCP tool.
-
Why it compounds: "cross-vendor" is the wedge competitors structurally can't ship — their memory is their lock-in. Adapters make it a working feature, so korg becomes the neutral audit substrate under all of them, not another agent beside them. Also feeds recall/drift with real cross-tool history.
-
depends on → #01
-
- -
Wave 5 · narrative reinforcement (do last)
- -
-
08

Auto-trigger TDD self-healing on test-gate failure — recorded as a repair chain

-
Mmoat: mediumkorgex
-
self_healing.py exists but needs explicit invocation. On run_test_gate() red, auto-spawn a healing subagent with the failure log, bounded retry until red→green — each attempt and the final result a chained event.
-
Why it compounds: mirrors thumper's recovery loop in the Python agent and produces a verifiable red→green repair trail. Lower moat-fit — app-level reinforcement once the substrate is solid. Do it last.
-
-
- - -
-
05 / IF YOU DO ONE THING
-
-
◢ the single highest-leverage move
-

Freeze the chain into korg-ledger@v1 + conformance vectors → then implement it in the Rust core.

-

Everything in the thesis is downstream of this. The moat is "verifiable cognition as a shared open substrate" — but the verifiable part lives in one Python app, while the substrate it's meant to define has no per-event integrity at all. Freezing the definition + golden vectors turns a feature into a standard; porting it to Rust makes the headline claim finally true at the layer everything depends on. It unlocks chained korgchat (#3), thumper audit (#4), cross-vendor adapters (#7), and the launch explorer (#6) — all of which need a frozen format to emit to. M+L effort, not XL: the working logic already exists in korgex. This is extraction and porting against a test oracle, not invention.

-
-
- - - -
- - - -