backend — runtime, sentinel, AI adapters, connectors, safety

Add springtale-runtime crate: shared init, state, and operations layer used by both springtaled and the Tauri desktop app. Unifies connector registry, rule engine, AI adapter, sentinel, and canvas into one boot sequence.                                                                                                       springtale-sentinel (new):
    - Circuit breaker, rate limiter, toxic pair detection, dead man switch
    - Impact scoring, verdict system, audit trail with export
    - Store migrations (003_sentinel, 004_safety, 005_formations)
springtale-ai adapters:
    - Ollama, OpenAI, Anthropic typed API clients with rustls-tls
    - NL→Rule parser (prompt templates + rule generation)
    - Voice adapter stubs (STT/TTS traits)
    - Adapter factory with config-driven selection

  6 new connectors (Phase 2a chat + social):
    - connector-discord: gateway, 5 actions, message/reaction triggers
    - connector-slack: RTM gateway, 6 actions, message/reaction triggers
    - connector-irc: raw TCP gateway, 5 actions, message/join triggers
    - connector-nostr: relay gateway, 4 actions, note/DM triggers
    - connector-signal: signal-cli gateway, 3 actions, message triggers
    - connector-browser: headless browser, 5 actions (navigate/click/fill/extract/screenshot)
                                                            Connector factory system:
    - ConnectorFactory trait + inventory-based auto-registration
    - Factory modules for all 13 connectors (7 existing + 6 new)
springtale-bot extensions:
    - Cooperation framework (16 modules from COOPERATION.pdf)
    - Orchestrator with recursive pipelines, sub-agents, fuel system
    - AT Protocol bridge stub

  Safety & vault:
    - Duress passphrase, vault backup, panic wipe
    - HttpTransport with TLS server
    - Canvas typed block system
    - Heartbeat monitor
    - In-memory store backend for testing
    - Formations store + operations

  CLI + daemon API expansions:
    - 7 new CLI commands (vault, panic, travel, agent, memory, crypto, data)
    - 8 new API endpoints (canvas, formations, sessions, safety, config, SSE streams)
    - Runtime connector factory integration in springtaled boot

Author: radicalkjax

Cargo.lock

@@ -12,7 +12,9 @@ members = [
   # Phase 1b
   "crates/springtale-bot",
   # Phase 2a
-  # "crates/springtale-sentinel",
+  "crates/springtale-sentinel",
+  # Shared runtime
+  "crates/springtale-runtime",
   # Phase 1a connectors
   "connectors/connector-kick",
   "connectors/connector-presearch",
@@ -23,10 +25,26 @@ members = [
   "connectors/connector-http",
   # Phase 1b connectors
   "connectors/connector-telegram",
+  # Phase 2a connectors
+  "connectors/connector-nostr",
+  "connectors/connector-irc",
+  "connectors/connector-discord",
+  "connectors/connector-slack",
+  "connectors/connector-signal",
+  "connectors/connector-browser",
+  # connector-matrix: DEFERRED — matrix-sdk 0.16 requires rusqlite 0.37 which
+  # has CVE-2025-70873 (heap info disclosure). Our store uses rusqlite 0.39
+  # (patched). Downgrading would expose activist/survivor data to heap leaks.
+  # Waiting for matrix-sdk to update to rusqlite 0.39+.
   # Apps
   "apps/springtaled",
   "apps/springtale-cli",
 ]
+exclude = [
+  # Tauri desktop app has its own dependency tree (tauri 2.x crates).
+  # Excluded from workspace to avoid version conflicts.
+  "tauri/apps/desktop/src-tauri",
+]
 
 [workspace.package]
 edition = "2024"
@@ -38,6 +56,7 @@ repository = "https://github.com/ScopeCreep-zip/Springtale"
 # ── Async Runtime ──────────────────────────────────────────────────────────────
 tokio            = { version = "1",    features = ["full"] }
 tokio-util       = { version = "0.7",  features = ["codec"] }
+tokio-stream     = { version = "0.1", features = ["sync"] }
 async-trait      = "0.1"
 
 # ── Observability ──────────────────────────────────────────────────────────────
@@ -75,11 +94,13 @@ uuid             = { version = "1",    features = ["v4", "serde"] }
 
 # ── HTTP Server ────────────────────────────────────────────────────────────────
 axum             = { version = "0.8",  features = ["macros", "multipart"] }
+axum-server      = { version = "0.8",  features = ["tls-rustls"] }
 tower            = { version = "0.5", features = ["limit", "buffer"] }
-tower-http       = { version = "0.6",  features = ["cors", "trace", "auth", "limit", "timeout"] }
+tower-http       = { version = "0.6",  features = ["cors", "fs", "set-header", "trace", "auth", "limit", "timeout"] }
+rust-embed       = { version = "8", features = ["interpolate-folder-path"] }
 
 # ── HTTP Client ────────────────────────────────────────────────────────────────
-reqwest          = { version = "0.13", default-features = false, features = ["json", "rustls", "stream"] }
+reqwest          = { version = "0.13", default-features = false, features = ["json", "multipart", "rustls", "stream"] }
 
 # ── Database (local-first) ─────────────────────────────────────────────────────
 rusqlite         = { version = "0.39", features = ["bundled", "vtab"] }
@@ -116,9 +137,18 @@ futures-util      = { version = "0.3", features = ["sink"] }
 # ── Regex ──────────────────────────────────────────────────────────────────────
 regex            = "1"
 
+# ── TLS ────────────────────────────────────────────────────────────────────────
+rustls           = { version = "0.23", default-features = false, features = ["ring", "std"] }
+tokio-rustls     = "0.26"
+rustls-pemfile   = "2"
+rustls-pki-types = "1"
+
 # ── Config ─────────────────────────────────────────────────────────────────────
 figment          = { version = "0.10", features = ["toml", "env"] }
 
+# ── Compile-time Registration ─────────────────────────────────────────────────
+inventory        = "0.3"
+
 # ── Concurrency ────────────────────────────────────────────────────────────────
 dashmap          = "6"
 
@@ -143,4 +173,42 @@ springtale-store      = { path = "crates/springtale-store" }
 springtale-ai         = { path = "crates/springtale-ai" }
 springtale-bot        = { path = "crates/springtale-bot" }
 springtale-mcp        = { path = "crates/springtale-mcp" }
+springtale-sentinel   = { path = "crates/springtale-sentinel" }
+springtale-runtime    = { path = "crates/springtale-runtime" }
+connector-kick        = { path = "connectors/connector-kick" }
+connector-presearch   = { path = "connectors/connector-presearch" }
+connector-bluesky     = { path = "connectors/connector-bluesky" }
+connector-github      = { path = "connectors/connector-github" }
+connector-filesystem  = { path = "connectors/connector-filesystem" }
+connector-shell       = { path = "connectors/connector-shell" }
+connector-http        = { path = "connectors/connector-http" }
 connector-telegram    = { path = "connectors/connector-telegram" }
+connector-nostr       = { path = "connectors/connector-nostr" }
+connector-irc         = { path = "connectors/connector-irc" }
+connector-discord     = { path = "connectors/connector-discord" }
+connector-slack       = { path = "connectors/connector-slack" }
+connector-signal      = { path = "connectors/connector-signal" }
+connector-browser     = { path = "connectors/connector-browser" }
+
+# ── Nostr Protocol ─────────────────────────────────────────────────────────────
+nostr-sdk            = { version = "0.44", features = ["nip44", "nip59"] }
+
+# ── IRC Protocol ───────────────────────────────────────────────────────────────
+# Privacy: ctcp feature DISABLED to suppress all CTCP replies (VERSION, TIME, PING).
+# This prevents bot fingerprinting — empty VERSION is MORE identifiable than no response.
+irc                  = { version = "1.1", default-features = false, features = ["tls-rust", "toml_config"] }
+
+# ── Discord Protocol ──────────────────────────────────────────────────────────
+# Privacy: no MESSAGE_CONTENT intent by default. Slash commands preferred.
+twilight-gateway     = { version = "0.17", default-features = false, features = ["rustls-webpki-roots", "zstd"] }
+twilight-http        = { version = "0.17", default-features = false, features = ["rustls-webpki-roots"] }
+twilight-model       = "0.17"
+
+# ── Slack Protocol (Socket Mode) ──────────────────────────────────────────────
+# Socket Mode uses WebSocket — no public HTTP endpoint needed (local-first friendly).
+tokio-tungstenite    = { version = "0.26", default-features = false, features = ["connect", "rustls-tls-webpki-roots"] }
+
+# ── Browser Automation ────────────────────────────────────────────────────────
+# No TLS dependency — connects to pre-installed Chrome via DevTools Protocol.
+# Domain allow-list enforced per connector capability model.
+chromiumoxide        = { version = "0.9", default-features = false }

Cargo.toml

@@ -25,3 +25,4 @@ springtale-core = { workspace = true }
 springtale-crypto = { workspace = true }
 springtale-connector = { workspace = true }
 springtale-store = { workspace = true }
+springtale-runtime = { workspace = true }

apps/springtale-cli/Cargo.toml

@@ -40,6 +40,61 @@ pub enum Command {
     },
     /// Initialize Springtale (create data directory, vault, config).
     Init,
+    /// Emergency data destruction — overwrites vault + database with random bytes.
+    /// NO confirmation prompt. This is for emergencies (IPV, device seizure).
+    Panic,
+    /// Travel mode — encrypted backup + local wipe, or restore from backup.
+    Travel {
+        #[command(subcommand)]
+        action: TravelAction,
+    },
+    /// Vault management — duress passphrase setup.
+    Vault {
+        #[command(subcommand)]
+        action: VaultAction,
+    },
+    /// Bot memory inspection and maintenance.
+    Memory {
+        #[command(subcommand)]
+        action: MemoryAction,
+    },
+    /// Data export and purge.
+    Data {
+        #[command(subcommand)]
+        action: DataAction,
+    },
+    /// Agent configuration.
+    Agent {
+        #[command(subcommand)]
+        action: AgentAction,
+    },
+    /// Cryptographic operations.
+    Crypto {
+        #[command(subcommand)]
+        action: CryptoAction,
+    },
+}
+
+#[derive(Subcommand)]
+pub enum TravelAction {
+    /// Export encrypted backup and wipe local data.
+    Prepare {
+        /// Path to save the encrypted backup file.
+        #[arg(long)]
+        backup_to: std::path::PathBuf,
+    },
+    /// Restore data from an encrypted backup.
+    Restore {
+        /// Path to the encrypted backup file.
+        #[arg(long)]
+        from: std::path::PathBuf,
+    },
+}
+
+#[derive(Subcommand)]
+pub enum VaultAction {
+    /// Configure a duress passphrase (dual-region vault).
+    DuressSetup,
 }
 
 #[derive(Subcommand)]
@@ -87,10 +142,66 @@ pub enum RuleAction {
         /// Rule ID.
         id: String,
     },
+    /// Delete a rule by ID.
+    Delete {
+        /// Rule ID.
+        id: String,
+    },
+    /// Update a rule from a JSON or TOML file.
+    Update {
+        /// Rule ID to update.
+        id: String,
+        /// Path to the updated rule definition file.
+        file: std::path::PathBuf,
+    },
 }
 
 #[derive(Subcommand)]
 pub enum ServerAction {
     /// Start springtaled inline.
     Start,
 }
+
+#[derive(Subcommand)]
+pub enum MemoryAction {
+    /// Inspect bot memory — list sessions and entry counts.
+    Audit,
+    /// Force memory compaction — delete oldest entries beyond limit.
+    Compact {
+        /// Maximum entries per session (default: 100).
+        #[arg(long, default_value = "100")]
+        max_entries: usize,
+    },
+}
+
+#[derive(Subcommand)]
+pub enum DataAction {
+    /// Export all user data to a JSON file.
+    Export {
+        /// Output file path (default: stdout).
+        #[arg(long)]
+        output: Option<std::path::PathBuf>,
+        /// Encrypt the export file.
+        #[arg(long)]
+        encrypt: bool,
+    },
+    /// Delete all user data (rules, events, sessions, memory) without destroying the vault.
+    Purge,
+}
+
+#[derive(Subcommand)]
+pub enum AgentAction {
+    /// Set an agent's autonomy level (observe, suggest, act-with-approval, act-autonomously).
+    SetAutonomy {
+        /// Agent name.
+        name: String,
+        /// Autonomy level.
+        level: String,
+    },
+}
+
+#[derive(Subcommand)]
+pub enum CryptoAction {
+    /// Re-encrypt the vault with a new passphrase.
+    RotateVaultKey,
+}

apps/springtale-cli/src/cli.rs

@@ -0,0 +1,17 @@
+use anyhow::Result;
+use springtale_store::backend::sqlite::SqliteBackend;
+
+use crate::cli::AgentAction;
+
+/// Handle agent subcommands.
+pub async fn run(action: AgentAction, store: &SqliteBackend) -> Result<()> {
+    match action {
+        AgentAction::SetAutonomy { name, level } => {
+            springtale_runtime::operations::agent::set_autonomy(store, &name, &level)
+                .await
+                .map_err(|e| anyhow::anyhow!("{e}"))?;
+            println!("Agent '{name}' autonomy set to: {level}");
+        }
+    }
+    Ok(())
+}

apps/springtale-cli/src/commands/agent.rs

@@ -1,10 +1,7 @@
 use anyhow::Result;
 use tabled::{Table, Tabled};
 
-use springtale_connector::ConnectorManifest;
 use springtale_store::backend::sqlite::SqliteBackend;
-use springtale_store::backend::trait_::StorageBackend;
-use springtale_store::schema::connectors::ConnectorRow;
 
 use crate::cli::ConnectorAction;
 use crate::output;
@@ -24,7 +21,10 @@ struct ConnectorTableRow {
 pub async fn run(action: ConnectorAction, store: &SqliteBackend, json: bool) -> Result<()> {
     match action {
         ConnectorAction::List => {
-            let connectors = store.list_connectors().await?;
+            let connectors =
+                springtale_runtime::operations::connectors::list_connectors_from_store(store)
+                    .await
+                    .map_err(|e| anyhow::anyhow!("{e}"))?;
 
             if json {
                 output::print_json(&connectors)?;
@@ -44,49 +44,42 @@ pub async fn run(action: ConnectorAction, store: &SqliteBackend, json: bool) ->
             }
         }
         ConnectorAction::Enable { name } => {
-            store.set_connector_enabled(&name, true).await?;
+            springtale_runtime::operations::connectors::enable_connector_in_store(store, &name)
+                .await
+                .map_err(|e| anyhow::anyhow!("{e}"))?;
             println!("Enabled connector: {name}");
         }
         ConnectorAction::Disable { name } => {
-            store.set_connector_enabled(&name, false).await?;
+            springtale_runtime::operations::connectors::disable_connector_in_store(store, &name)
+                .await
+                .map_err(|e| anyhow::anyhow!("{e}"))?;
             println!("Disabled connector: {name}");
         }
         ConnectorAction::Remove { name } => {
-            store.remove_connector(&name).await?;
+            springtale_runtime::operations::connectors::remove_connector_from_store(store, &name)
+                .await
+                .map_err(|e| anyhow::anyhow!("{e}"))?;
             println!("Removed connector: {name}");
         }
         ConnectorAction::Install { path } => {
             let contents = std::fs::read_to_string(&path).map_err(|e| {
                 anyhow::anyhow!("failed to read manifest at {}: {e}", path.display())
             })?;
-            let manifest: ConnectorManifest = toml::from_str(&contents)
+            let manifest: springtale_connector::ConnectorManifest = toml::from_str(&contents)
                 .map_err(|e| anyhow::anyhow!("failed to parse manifest TOML: {e}"))?;
 
-            // Validate manifest structure
-            springtale_connector::manifest::verify::verify_manifest(&manifest)
-                .map_err(|e| anyhow::anyhow!("manifest validation failed: {e}"))?;
-
             if manifest.signature.is_some() {
                 println!(
                     "  Note: manifest has signature — verification requires author key registry (Phase 2)"
                 );
             }
 
-            let manifest_json = serde_json::to_string(&manifest)
-                .map_err(|e| anyhow::anyhow!("failed to serialize manifest to JSON: {e}"))?;
-
-            let row = ConnectorRow {
-                name: manifest.name.clone(),
-                version: manifest.version.clone(),
-                author: manifest.author.clone(),
-                description: manifest.description.clone(),
-                manifest_json,
-                enabled: true,
-                installed_at: chrono::Utc::now(),
-            };
-
-            store.register_connector(&row).await?;
-            println!("Installed connector: {}", manifest.name);
+            let name = springtale_runtime::operations::connectors::install_connector_to_store(
+                store, manifest,
+            )
+            .await
+            .map_err(|e| anyhow::anyhow!("{e}"))?;
+            println!("Installed connector: {name}");
         }
     }
     Ok(())