|
| 1 | +# CrossroadCode Stack Roadmap |
| 2 | + |
| 3 | +This roadmap spans RealAgentID, TrailStax, ragid_gate, and |
| 4 | +Ira-Digital-Blueprints. All four projects share a unified |
| 5 | +security architecture governed by the Cross-System Authorization |
| 6 | +Invariant documented in each repo's COMPLIANCE.md. |
| 7 | + |
| 8 | +--- |
| 9 | + |
| 10 | +## ragid_gate |
| 11 | + |
| 12 | +**Next — Rate Limiting** |
| 13 | +- Redis-based rate limiter per agent_id |
| 14 | +- X attempts per Y seconds before lockout |
| 15 | +- Lockout events logged to TrailStax |
| 16 | + |
| 17 | +**Then — Constant-Time Comparisons** |
| 18 | +- Extend hmac.compare_digest to all verification steps |
| 19 | +- Close timing attack surface |
| 20 | + |
| 21 | +--- |
| 22 | + |
| 23 | +## RealAgentID |
| 24 | + |
| 25 | +**Next — Agent Lineage Registry** |
| 26 | +- Full lineage array replacing single parent_agent_id |
| 27 | +- Generation limit enforcement |
| 28 | +- Spawn as a gated action |
| 29 | +- TTL cascade — entire tree expires with root |
| 30 | +- Permissions narrow down tree, never expand |
| 31 | + |
| 32 | +**Then — Clock Skew Hardening** |
| 33 | +- Server-side timestamp validation |
| 34 | +- NTP enforcement |
| 35 | +- Remove trust from claim's own issued_at |
| 36 | + |
| 37 | +--- |
| 38 | + |
| 39 | +## TrailStax |
| 40 | + |
| 41 | +**Next — TTL + Erasure Tombstones** |
| 42 | +- retain_until and erasure_eligible fields at write time |
| 43 | +- Automated purge job for eligible entries |
| 44 | +- Tombstone entries replace erased records |
| 45 | +- Chain integrity preserved through documented gaps |
| 46 | + |
| 47 | +**Then — Neo4j Integration** |
| 48 | +- Trail events ingested into Neo4j as graph |
| 49 | +- Agent nodes, spawn edges, gate interaction relationships |
| 50 | +- Orphan detection and permission creep queries |
| 51 | +- Behavioral anomaly detection across lineage trees |
| 52 | + |
| 53 | +--- |
| 54 | + |
| 55 | +## Ira-Digital-Blueprints |
| 56 | + |
| 57 | +**Core Objective** |
| 58 | +Securely structure verified agentic activity into trainable |
| 59 | +data chunks for org-specific LLM training pipelines. Only |
| 60 | +verified agents can produce data that enters the pipeline — |
| 61 | +enforced at the gate level, not by policy. |
| 62 | + |
| 63 | +**Next — Pipeline Scheduling** |
| 64 | +- is_off_peak() check before training jobs launch |
| 65 | +- CPU/memory threshold as secondary safety valve |
| 66 | +- training_execution as a gated action in ragid_gate |
| 67 | +- Off-peak enforcement at the identity layer |
| 68 | + |
| 69 | +**Then — Milestone-Driven Blueprinting** |
| 70 | +- On-demand optimization triggered by human or authorized agent |
| 71 | +- Ira reads Neo4j graph at trigger time |
| 72 | +- Produces blueprint + gap report for human review |
| 73 | +- Human approves before application |
| 74 | +- Each cycle is a discrete compliance artifact |
| 75 | + |
| 76 | +**Then — Blueprint Provenance Hardening** |
| 77 | +- Hash committed to TrailStax at generation time |
| 78 | +- Verification at application time |
| 79 | +- Mismatch results in deny and quarantine entry |
| 80 | + |
| 81 | +--- |
| 82 | + |
| 83 | +## Cross-Stack |
| 84 | + |
| 85 | +**Immediate — CRA_COMPLIANCE.md** |
| 86 | +- Map each component to specific CRA articles |
| 87 | +- Known limitations section |
| 88 | +- Continuous compliance positioning |
| 89 | +- September 2026 mandatory reporting context |
| 90 | + |
| 91 | +**Then — Neo4j as Unified Observability Layer** |
| 92 | +- Single queryable surface across all four projects |
| 93 | +- Security queries and architectural gap detection |
| 94 | +- Training data lineage mapping |
| 95 | +- Agentic behavioral intelligence |
| 96 | + |
| 97 | +**Then — reasoning.py** |
| 98 | +- Reasoning hop measurement across model providers |
| 99 | +- Dead end and confidence signal scoring |
| 100 | +- Neo4j as query surface across reasoning, |
| 101 | + lineage, and audit data simultaneously |
| 102 | + |
| 103 | +--- |
| 104 | + |
| 105 | +## Architectural Invariant |
| 106 | + |
| 107 | +A valid action across this stack must satisfy three |
| 108 | +independent conditions: |
| 109 | + |
| 110 | +1. Keypair Authenticity — the agent is who it claims to be |
| 111 | +2. Scope-Gate Binding — the credential is valid for this gate |
| 112 | +3. Blueprint Provenance Integrity — the artifact matches its |
| 113 | + TrailStax-committed hash |
| 114 | + |
| 115 | +Satisfaction of any one or two does not constitute |
| 116 | +authorization. |
0 commit comments