vacant.core¶
Shared primitives that every other module imports — types, constants, crypto, errors. Treat anything here as load-bearing for the public contract.
Shared, wire-stable core types.
These are the contract every downstream component (P1-P7) imports. They are deliberately small and frozen-where-possible so that signatures, hash chains, and equality semantics are unambiguous.
Cross-cutting design notes:
- All cryptographic payloads are hashed/signed over a canonical byte encoding defined here (not Pydantic's JSON output), so re-serialisation through different Pydantic versions cannot break verification.
Logbookis the only mutable type — append-only via.append().verify_*methods returnbooland never raise on a benign mismatch; callers that want exceptions on failure can wrap withassertor use theverify_or_raisehelper fromvacant.core.crypto.
module-attribute
¶
EMPTY_PREV_HASH: bytes = b'\x00' * HASH_DIGEST_BYTES
Sentinel prev_hash used by the genesis (first) LogEntry.
Bases: BaseModel
Numerical-sameness identity (Ricoeur idem) — wraps an Ed25519 pubkey.
A VacantId is the unchanging part of a vacant: the same bytes
always refer to the same vacant, across substrate changes,
rotations, graduation, and SUNK transitions. Equality and hashing
are derived from pubkey_bytes so VacantId is safe to use as a
dict key or set member.
Attributes:
| Name | Type | Description |
|---|---|---|
pubkey_bytes |
bytes
|
Raw 32-byte Ed25519 public key. Validated at
construction time; lengths other than
|
classmethod
¶
from_verify_key(vk: VerifyKey) -> VacantId
Construct a VacantId from a nacl.signing.VerifyKey.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
vk
|
VerifyKey
|
An Ed25519 verify key (pubkey side of a |
required |
Returns:
| Type | Description |
|---|---|
VacantId
|
A new |
VacantId
|
of |
Source code in src/vacant/core/types.py
Re-derive the VerifyKey for cryptographic verification.
Returns:
| Type | Description |
|---|---|
VerifyKey
|
The |
VerifyKey
|
|
VerifyKey
|
signature claimed to be from this vacant. |
Source code in src/vacant/core/types.py
Hex-encode the full 32-byte public key.
Returns:
| Type | Description |
|---|---|
str
|
64-character lowercase hex string. |
Hex prefix suitable for log lines / dashboards.
Returns:
| Type | Description |
|---|---|
str
|
The first 12 hex characters of |
str
|
never use as an equality key. |
Bases: BaseModel
A single signed line in a vacant's logbook (Ricoeur ipse).
Each entry carries a kind tag (e.g. "BIRTH", "SPAWN",
"REVIEW_EVENT"), a UTC timestamp, an arbitrary JSON-serialisable
payload, the BLAKE2b-256 hash of the previous entry, and an
Ed25519 signature over the canonical concatenation of the four.
The hash chain is what gives the logbook its tamper-evident
property; the signatures pin authorship.
Attributes:
| Name | Type | Description |
|---|---|---|
kind |
str
|
Non-empty event tag. |
ts |
datetime
|
UTC timestamp; tz-naive datetimes are coerced to UTC. |
payload |
dict[str, Any]
|
JSON-serialisable dict. Encoded canonically (sorted keys, no whitespace) before hashing. |
prev_hash |
bytes
|
32-byte BLAKE2b-256 of the previous entry's
|
signature |
bytes
|
Ed25519 signature over |
Canonical bytes that get signed and hashed.
Concatenates kind | ts (UTC ISO-8601) | canonical_json(payload)
| prev_hash, joined with the ASCII 0x1f separator.
signature itself is not part of the payload — it is the
output of signing it.
Returns:
| Type | Description |
|---|---|
bytes
|
The exact byte-string fed to |
Source code in src/vacant/core/types.py
BLAKE2b-256 over signing_payload().
Returns:
| Type | Description |
|---|---|
bytes
|
The 32-byte digest used as the next entry's |
Verify signature against pubkey.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
pubkey
|
VerifyKey
|
The Ed25519 verify-key the entry should have been
signed under (typically |
required |
Returns:
| Type | Description |
|---|---|
bool
|
|
bool
|
Never raises on signature mismatch — use |
bool
|
in |
Source code in src/vacant/core/types.py
Bases: BaseModel
Append-only signed history of a vacant's outward behaviour.
The logbook is the only mutable core type — it grows by
appending to entries. Existing entries are never edited; tampering
with one breaks both the signature and the hash chain to the next
entry. Use verify_chain (or the raising variant) to confirm an
incoming logbook is intact before consuming it.
Attributes:
| Name | Type | Description |
|---|---|---|
entries |
list[LogEntry]
|
Ordered list of |
Compute the hash that the next entry should use as prev_hash.
Returns:
| Type | Description |
|---|---|
bytes
|
|
bytes
|
|
Source code in src/vacant/core/types.py
append(kind: str, payload: dict[str, Any], signing_key: SigningKey, ts: datetime | None = None) -> LogEntry
Build, sign, and append a new entry.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
kind
|
str
|
Non-empty event tag (e.g. |
required |
payload
|
dict[str, Any]
|
JSON-serialisable dict; non-serialisable contents
raise |
required |
signing_key
|
SigningKey
|
The vacant's private Ed25519 key. The
resulting |
required |
ts
|
datetime | None
|
Optional explicit timestamp (coerced to UTC). Defaults
to |
None
|
Returns:
| Type | Description |
|---|---|
LogEntry
|
The newly-appended (signed) |
Source code in src/vacant/core/types.py
Verify every signature and that the hash chain is intact.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
pubkey
|
VerifyKey
|
The vacant's Ed25519 verify-key. Every entry must verify against this single key — keys do not rotate within a single logbook. |
required |
Returns:
| Type | Description |
|---|---|
bool
|
|
bool
|
previous entry's |
bool
|
the genesis), AND (2) every |
bool
|
returns |
Source code in src/vacant/core/types.py
Strict variant of verify_chain that names the failing entry.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
pubkey
|
VerifyKey
|
As for |
required |
Raises:
| Type | Description |
|---|---|
HashChainError
|
On the first broken hash link or invalid signature. The message includes the entry index and, for hash mismatches, the expected vs actual hash. |
Source code in src/vacant/core/types.py
Bases: BaseModel
Multi-substrate declaration (THEORY_V5 §2).
Lists which substrates a vacant is willing to be invoked under
(e.g. "anthropic:claude-sonnet-4-6", "openai:gpt-4o",
"client-inherited") plus an opaque policy dict the dispatcher
can use for substrate-specific gating. Substrate is a resource,
not the identity — switching substrates does not change
vacant_id.
Attributes:
| Name | Type | Description |
|---|---|---|
allowed_substrates |
list[str]
|
Non-empty substrate identifiers. Blank
strings raise |
policy |
dict[str, Any]
|
Free-form per-substrate config (rate limits, model overrides, …). |
Stable byte encoding for hashing into a CapabilityCard.
Returns:
| Type | Description |
|---|---|
bytes
|
Canonical JSON (sorted keys, no whitespace) of |
bytes
|
|
bytes
|
|
bytes
|
covered by the halo signature. |
Source code in src/vacant/core/types.py
Bases: BaseModel
System prompt + policy DSL + tool whitelist (Ricoeur character).
The bundle_hash is computed and self-validated at construction:
pass an empty bundle_hash and it gets filled in; pass a non-empty
one that doesn't match the content and TypeIntegrityError fires.
Downstream code that wants to detect "did the behaviour change
silently?" compares bundle_hash rather than serialising fields.
Attributes:
| Name | Type | Description |
|---|---|---|
system_prompt |
str
|
The prompt the substrate sees as its system message. |
policy_dsl |
str
|
Optional policy DSL string (P5 future). Empty by default. |
tool_whitelist |
list[str]
|
List of tool names the vacant is allowed to invoke. Hash is order-independent (sorted internally). |
bundle_hash |
bytes
|
BLAKE2b-256 over a canonical JSON of the three fields. Auto-computed when left empty. |
Bases: BaseModel
The halo — a vacant's self-published capability announcement.
Spec: THEORY_V5 §7.1. Each vacant carries its own halo; the
"Registry" is an aggregation/index over halos and is never a
routed-through component. Discovery hands a halo to the caller; the
caller then dispatches directly to endpoint.
Attributes:
| Name | Type | Description |
|---|---|---|
vacant_id |
VacantId
|
The vacant the halo is about. Anyone can mint a
card claiming to be |
capability_text |
str
|
Human-readable capability announcement (e.g. "I translate technical English to Traditional Chinese"). |
substrate_spec |
SubstrateSpec
|
Which substrates this vacant accepts. Covered by the signature. |
halo_version |
int
|
Monotonic counter for halo revisions. Must be
|
endpoint |
str | None
|
A2A endpoint URL for direct dispatch. |
signature |
bytes
|
Ed25519 signature over |
Canonical bytes that get signed.
Concatenates pubkey | capability_text | substrate_spec |
halo_version | endpoint, joined with 0x1f. signature
itself is not included.
Returns:
| Type | Description |
|---|---|
bytes
|
The exact byte-string fed to |
Source code in src/vacant/core/types.py
signed(signing_key: SigningKey) -> CapabilityCard
Return a copy of this card with signature filled in.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
signing_key
|
SigningKey
|
The vacant's private Ed25519 key. Must match
the public key embedded in |
required |
Returns:
| Type | Description |
|---|---|
CapabilityCard
|
A new |
CapabilityCard
|
|
Source code in src/vacant/core/types.py
Verify the signature against the embedded public key.
Returns:
| Type | Description |
|---|---|
bool
|
|
bool
|
Ed25519 signature over |
bool
|
|
bool
|
drafts) return |
Source code in src/vacant/core/types.py
Bases: StrEnum
The 6 lifecycle states a vacant can be in (CLAUDE.md §LOCAL).
LOCAL is the default for newly-spawned vacants; it is fully
runnable but never appears in the public registry index. The state
machine in vacant.runtime.state_machine defines the legal
transitions; predicates can_review / can_be_called /
is_runnable derive admission rules from the state.
Bases: BaseModel
The full 6-component vacant — identity through behaviour through halo.
ResidentForm is the in-memory representation of a vacant. P0
treats most of it as immutable; only runtime_state mutates as
the lifecycle progresses. P1 onward also append to logbook via
the explicit append() API.
Attributes:
| Name | Type | Description |
|---|---|---|
identity |
VacantId
|
|
logbook |
Logbook
|
Append-only signed history. |
behavior_bundle |
BehaviorBundle
|
System prompt + policy DSL + tool whitelist. |
substrate_spec |
SubstrateSpec
|
Allowed substrate set. |
runtime_state |
VacantState
|
One of |
capability_card |
CapabilityCard | None
|
The signed halo. |
parent_id |
VacantId | None
|
Lineage anchor (THEORY_V5 §4.3). |
Cross-component integrity check.
Verifies (1) the logbook hash chain + every signature against
identity.verify_key(), and (2) if a capability_card is
attached, that its vacant_id matches identity and its
signature verifies.
Returns:
| Type | Description |
|---|---|
bool
|
|
bool
|
any signature, hash link, or identity mismatch is found. |
bool
|
Never raises — callers that need exception semantics can |
bool
|
wrap with |
Source code in src/vacant/core/types.py
Numeric thresholds shared across components.
Every constant cites architecture/CONSTANTS.md plus the underlying spec
section. Adding a new constant here REQUIRES a matching row in CONSTANTS.md
(see architecture/decisions/D002_p0_bootstrap_constants.md for the P0
reconciliation between dispatch/P0_bootstrap.md and CONSTANTS.md).
module-attribute
¶
Demo-default heartbeat period for an Active vacant. CONSTANTS.md §Lifecycle / P1 §D2.
module-attribute
¶
Heartbeat period while in HIBERNATING (one minimal attestation per 24h). CONSTANTS.md §Lifecycle / P1 §D6 line 73.
module-attribute
¶
HEARTBEAT_DECAYED_PERIOD_S: Final[int] = HEARTBEAT_HIBERNATING_PERIOD_S
Back-compat alias for HEARTBEAT_HIBERNATING_PERIOD_S (kept since P0). The "(Sunk)" label in CONSTANTS.md was an artefact of an earlier pass; THEORY_V5 §4.2 splits SUNK out at 10 min. See D003.
module-attribute
¶
Sunk-state custody-attestation heartbeat period (10 min). CONSTANTS.md §Lifecycle / THEORY_V5 §4.2 / §3 line 340.
module-attribute
¶
Window in which a (vacant_id, request_id) tuple must dedupe. CONSTANTS.md §Lifecycle / P1 §3.2.
module-attribute
¶
Hibernating → Stale-flag transition threshold (no service >= 30 days). CONSTANTS.md §Lifecycle / D001.
module-attribute
¶
Sunk → Archived transition threshold (180 days post-Sunk). CONSTANTS.md §Lifecycle / THEORY_V5 §3 line 318.
module-attribute
¶
Warmup-ceremony observation window after Stale → Active. CONSTANTS.md §Lifecycle / P1 §3.3.1 line 191.
module-attribute
¶
Number of valid heartbeats required during warmup. CONSTANTS.md §Lifecycle / P1 §3.3.1 line 205.
module-attribute
¶
Mahalanobis threshold on STYLO Vec16 used as drift trigger. CONSTANTS.md §Lifecycle / THEORY_V5 §3 line 152. Heuristic, not a p-value.
module-attribute
¶
Initial value of CapabilityCard.halo_version when first published.
dispatch/P0_bootstrap.md §4.
module-attribute
¶
Output size of vacant.core.crypto.hash_blake2b in bytes.
module-attribute
¶
Length of a raw Ed25519 public key (NaCl encoding).
module-attribute
¶
Length of a raw Ed25519 signature.
module-attribute
¶
Default validity window for a PeerAttestation (issued_at + 30d).
CONSTANTS.md §Identity / P2 §4.
module-attribute
¶
Default minimum number of valid peer attestations required to promote
an L2Identity to L3Identity. CONSTANTS.md §Identity / P2 §2.
module-attribute
¶
MVP attestation root set: 2-of-5. CONSTANTS.md §Identity / T4_attestation_bootstrap.
module-attribute
¶
Long-term target attestation root set: 3-of-9. CONSTANTS.md §Identity / T4_attestation_bootstrap.
module-attribute
¶
Multiplier on the per-history-entry forgery cost (P2 §3 / D004 §A). Tests vary this to verify cost increases monotonically with false-claim weight.
module-attribute
¶
Hourly Merkle epoch sealing cadence. CONSTANTS.md §Registry / P4 §3.
module-attribute
¶
Read pagination caps for /v1/event_log/{vid} (P4 §3.2).
module-attribute
¶
Rule-based anomaly thresholds (P4 §3.2 anomaly table). Surfaced as
signals; the engine raises a triggered flag rather than auto-blocking.
module-attribute
¶
Default SQLAlchemy async URL for in-memory testing. D006 §B.
module-attribute
¶
REPUTATION_DIMS: Final[tuple[str, ...]] = ('factual', 'logical', 'relevance', 'honesty', 'adoption')
Five reputation dimensions. P3 §3.2 / D008 §A.
module-attribute
¶
BETA_BASE_PRIORS: Final[dict[str, tuple[float, float]]] = {'factual': (1.0, 1.0), 'logical': (1.0, 1.0), 'relevance': (1.0, 1.0), 'honesty': (2.0, 1.0), 'adoption': (1.0, 3.0)}
Base Beta priors per dimension. P3 §3.2 / D008 §A.
CONSTANTS.md previously listed (1.5, 1.0) for F/L/R; that was the worked example's L1-attestation-applied value being mistakenly imported as the base. The L1 +0.5alpha boost is applied separately in cold_start.py so the bonus is auditable rather than baked in.
module-attribute
¶
DIM_HALF_LIFE_DAYS: Final[dict[str, int]] = {'factual': 90, 'logical': 180, 'relevance': 60, 'honesty': 30, 'adoption': 90}
Per-dimension half-life. P3 §3.2 / CONSTANTS.md §Reputation.
module-attribute
¶
SOURCE_BASE_WEIGHTS: Final[dict[str, float]] = {'ground_truth': 1.0, 'caller_review': 0.6, 'peer_review': 0.4, 'self_eval': 0.05, 'adoption_event': 0.3, 'redteam_probe': 0.8}
Per-source base weights. P3 §3.4 table 1 / CONSTANTS.md §Reputation.
module-attribute
¶
Same-base-model peer review discount; >5 reviews/30d → heavier discount. P3 §3.4.1.
module-attribute
¶
Reviewer credibility floor; even low-rep reviewers count for at least 0.3. P3 §3.4.2.
module-attribute
¶
Per-repeat-review novelty decay. P3 §3.4.3.
module-attribute
¶
Collusion graph thresholds. P3 §3.4.4.
module-attribute
¶
UCB exploration coefficients. P3 §3.7.
module-attribute
¶
Sample-size thresholds for stable scoring + UI display. P3 §3.7-§3.8.
module-attribute
¶
COLD_START_FLOORS_BY_LEVEL: Final[dict[str, float]] = {'L0': 0.0, 'L1': 0.05, 'L2': 0.1, 'L3': 0.15}
Cold-start UCB floor by attestation level. P3 §3.7.
module-attribute
¶
Reference stake amount (USDC equivalent) for stake-bonus normalisation. P3 §3.7.
module-attribute
¶
Cold-start alpha boosts for L1 attestation (per F/L/R dim) and L3 vouch (per voucher, applied to H). P3 §3.8.
module-attribute
¶
Minimum fraction of traffic reserved for new vacants. P3 §3.7 line 343.
module-attribute
¶
Cross-dimension correlation alert (anti-Goodhart). P3 §3.6 line 290.
module-attribute
¶
Maximum portability bonus added to UCB call_score for vacants serving multiple substrates. P3-derived; CONSTANTS.md §Reputation.
module-attribute
¶
Per-target review rate limit. CONSTANTS.md §Review limits / P1 line 259.
P3 aggregator enforces this in record_review to mitigate sniping
(Padv-P3 finding D010 §1).
module-attribute
¶
Per-reviewer per-capability-domain review rate limit. CONSTANTS.md §Review limits / P1 line 260.
module-attribute
¶
Per-(target, answer) Bloom-filter TTL on peer reviewer side. CONSTANTS.md §Review limits / P1 line 249.
module-attribute
¶
Cumulative STYLO-distance window for the cumulative drift detector
(Padv-P3 finding D010 §2). Sum of per-epoch drifts over a rolling
window of CUMULATIVE_DRIFT_WINDOW_EPOCHS; trips when the sum exceeds
STYLO_DRIFT_THRESHOLD * CUMULATIVE_DRIFT_THRESHOLD_MULTIPLIER.
module-attribute
¶
How long a vacant must be idle before being eligible to peer-review new vacants. Cold-start §3.6 hook.
module-attribute
¶
Same-controller detection thresholds. T5 §3.3 / D008 §C.
module-attribute
¶
Minimum residual weight a same-* signal can leave a review with.
Same- detection is cost-raising, not preventing* (CLAUDE.md §Load-bearing
theory decisions / D015). Even a maximum-strength signal (strength=1.0)
must not zero a reviewer's contribution — that would convert detection
into a unilateral mute. This floor ensures discount_from_signals(...)
returns at least SAME_SIGNAL_DISCOUNT_FLOOR when any signal fires, so
suspected colluders still get downweighted but are never silenced.
CONSTANTS.md §Reputation / D015.
module-attribute
¶
A2A metadata key under which Vacant envelope fields are mounted (P6 §3.2).
module-attribute
¶
Default A2A call timeout in seconds. P6 §3.4 server.json default.
module-attribute
¶
Default registry cache TTL for MCP adapter. P6 §3.4.
module-attribute
¶
Per-parent graduation rate limit over a 24h sliding window.
CONSTANTS.md §Composite / D012 §A. Defaults to 3 to mirror P1's
per-target review limit pattern; tunable per CompositeRuntime for
demo orchestration.
module-attribute
¶
Maximum tolerated same_* signal strength on the parent->child pair
during graduation. Above this the graduation is blocked regardless of
parent consent. CONSTANTS.md §Composite / D012 §B.
Pure crypto primitives used across the vacant stack.
Pure functions, no module-level mutable state, no global RNG. Ed25519 via
PyNaCl is the canonical implementation (CLAUDE.md §Tech stack). BLAKE2b-256
is the canonical hash (matches LogEntry.prev_hash and CapabilityCard
signing payloads).
Detached Ed25519 signature over msg (returns 64 raw bytes).
Source code in src/vacant/core/crypto.py
True iff sig is a valid Ed25519 signature over msg for pubkey.
Returns False on any malformed input rather than raising; callers that
want to surface tampering as an exception should raise
SignatureVerificationError themselves on the False branch.
Source code in src/vacant/core/crypto.py
Like verify but raises SignatureVerificationError on failure.
Inverse of hex_encode. Raises CryptoError on malformed input.
Construct a VerifyKey from raw 32-byte public-key material.
Source code in src/vacant/core/crypto.py
Base error hierarchy for shared core types and crypto primitives.
Bases: Exception
Base class for all errors raised from vacant.core.
Bases: CryptoError
A signature did not verify against the supplied public key + message.