Compute Substrate Vertical Slice - Implementation Status
Created: 2026-02-10
Last Updated: 2026-02-10
PR: #1148 (E1-E7, A1-A4, B1, C1-C3 complete)
Overview
This document tracks the implementation of compute substrate foundations as part of the ICN vertical slice initiative. The goal is to establish the types and interfaces needed for the complete loop:
Identity → Standing → Governance → Allocations → Workloads → Receipts → Audit → Future Constraints
Completed Work
E-Track: Execution Layer (COMPLETE ✅)
| ID | Issue | Title | Status | Key Changes |
|---|---|---|---|---|
| E1 | #1128 | Workload Manifest Schema | ✅ Done | inputs_hash, policy_hash, determinism_class, privacy_class on ComputeTask |
| E2 | #1129 | Execution Receipt Completion | ✅ Done | ArtifactPointer, VerificationResult, SettlementHook types |
| E3 | #1130 | Deterministic vs Advisory | ✅ Done | Advisory tasks cannot mutate ledger state |
| E4 | #1131 | Storage Specification | ✅ Done | StorageClass, DataLocality enums in icn-kernel-api |
| E5 | #1132 | Cell Operator Boundary | ✅ Done | cell_operator() method, single-operator-per-cell docs |
| E6 | #1133 | Individual Node Ownership | ✅ Done | OperatorMode enum (Organization/Individual) |
| E7 | #1134 | Commons Compute Governance | ✅ Done | CharterPriority, CommonsPoolPolicy |
A-Track: Architecture (Kernel/App Separation) (COMPLETE ✅)
| ID | Issue | Title | Status | Key Changes |
|---|---|---|---|---|
| A1 | #1135 | State Generalization | ✅ Done | state.rs with Log/Blob/KV service traits, ReplicationPolicy |
| A2 | #1136 | Governance Extraction | ✅ Done | Handler infra in apps/governance, executor traits in icn-kernel-api |
| A3 | #1137 | Membership Consolidation | ✅ Done | Federation nesting, treasury DID derivation, unified status |
| A4 | #1138 | Kernel Cleanup | ✅ Audited | 17 init files identified, kernel_surface.toml updated |
B-Track: Business Layer (B1 COMPLETE ✅)
| ID | Issue | Title | Status | Key Changes |
|---|---|---|---|---|
| B1 | #1139 | Treasury Integration | ✅ Done | CreateTreasury message, auto-DID, ledger wiring, disbursement |
| B2 | #1140 | Asset Type Definitions | 🚧 Pending | Blocked on CanonicalReceipt intervention |
| B3 | #1141 | Receipt Workflows | 🚧 Pending | Blocked on CanonicalReceipt + SettlementIntent |
C-Track: Connectivity/Operations (COMPLETE ✅)
| ID | Issue | Title | Status |
|---|---|---|---|
| C1 | #1142 | Backup Validation | ✅ Audited |
| C2 | #1143 | Health Check Suite | ✅ Done |
| C3 | #1144 | NAT Traversal | ✅ Done |
D-Track: Demo/Integration
| ID | Issue | Title | Status |
|---|---|---|---|
| D1 | #1145 | E2E Integration Tests | 🚧 Pending |
| D2 | #1147 | Tool Library Demo | 🚧 Pending |
⚠️ Required Architectural Interventions
Before B2/B3, these consolidations must happen:
INT-1: CanonicalReceipt Trait (CRITICAL)
Receipt types proliferating independently risks parallel audit systems.
pub trait CanonicalReceipt {
fn receipt_id(&self) -> ReceiptId;
fn scope(&self) -> ScopeLevel;
fn created_at(&self) -> u64;
fn subject_hash(&self) -> ContentHash;
fn parent_receipts(&self) -> Vec<ReceiptId>;
fn verify(&self) -> Result<()>;
}
All receipts (Decision, Allocation, Execution) implement this trait.
INT-2: SettlementIntent Pattern (CRITICAL)
- Rename
SettlementHook→SettlementIntent(declarative) - LedgerOracle consumes intent (executes)
- Execution NEVER directly mutates ledger
INT-3: Governance Firewall Enforcement
apps/governance may:
- ✅ Produce receipts
- ✅ Emit policy deltas
- ✅ Call executors via trait
apps/governance may NOT:
- ❌ Import ledger internals
- ❌ Mutate ledger state directly
- ❌ Bypass ProposalExecutor boundary
New Types Added
icn-kernel-api/src/storage.rs (E4)
/// Three-tier storage classification
pub enum StorageClass {
Canonical, // Immutable: ledger, governance, trust
ServiceState, // Mutable: app state, calendars, schedules
Blobs, // Content-addressed: documents, media
}
/// Data locality constraints
pub enum DataLocality {
CellLocal, // Must stay in originating cell
CoopReplicated, // Replicated across coop nodes
FederationMirrored, // Cross-entity interoperability
CommonsPublic, // Public indices, shared libraries
}
icn-kernel-api/src/state.rs (A1)
/// Replication policy for storage
pub enum ReplicationPolicy {
LocalOnly,
ClusterStrong,
FederationEventual,
Archive,
Scoped { scope: ScopeLevel, factor: u8 },
}
/// Service traits for generic state access
pub trait LogService { ... }
pub trait BlobService { ... }
pub trait KvService { ... }
icn-compute/src/types.rs (E1)
/// Determinism classification for workloads
pub enum DeterminismClass {
Canonical, // Must be deterministic; outputs become constraints
Advisory, // Can be probabilistic; outputs are suggestions
}
/// Privacy classification for workload data
pub enum PrivacyClass {
Public, // Open data
Member, // Coop members only
NeedToKnow, // Selective disclosure via ZK
}
icn-compute/src/receipt.rs (E2)
/// Artifact pointer for execution outputs
pub struct ArtifactPointer {
pub artifact_type: ArtifactType,
pub content_hash: ContentHash,
pub storage_scope: ScopeLevel,
}
/// Verification result for execution
pub enum VerificationResult {
Pending,
Passed { witnesses: Vec<String> },
Failed { reason: String, evidence: ContentHash },
Disputed { dispute_id: DisputeId },
}
/// Settlement hook for ledger integration
pub struct SettlementHook {
pub ledger_entry_type: String,
pub amount: u64,
pub currency: String,
pub from_account: String,
pub to_account: String,
}
Dependency Graph
E1 (Manifest) ─┐
E2 (Receipt) ─┼─→ E6 (Individual Node) ─┐
E3 (Determinism)─┤ ├─→ D1 (E2E Tests) ─→ D2 (Demo)
E4 (Storage) ─┤ │
E5 (Cell Op) ─┘ │
│
A1 (State Gen) ─→ A2 (Gov Extract) ─→ A3 (Membership) ─┤
│
A4 (Cleanup) ─────────────────────────────────────────┤
│
C1 (Backup) ─→ C2 (Health) ──────────────────────────┤
C3 (NAT) ─────────────────────────────────────────────┤
│
B1 (Treasury) ─┐ │
B2 (Assets) ─┼─→ B3 (Receipts) ─────────────────────┘
Sprint Plan
Sprint 1: Parallel Foundations (3-4 days)
All tasks can run simultaneously - no dependencies between them.
| Task | Issue | Effort | Key Implementation |
|---|---|---|---|
| E6 | #1133 | 1-2d | OperatorMode enum, personal node config |
| E7 | #1134 | 2d | Cost validation in scheduler, charter priorities |
| C2 | #1143 | 1d | Enhanced /v1/health, K8s probes, icnctl preflight |
| C3 | #1144 | 2-3d | STUN client, TURN fallback, NAT config section |
Sprint 2: Governance & Membership (4-5 days)
Sequential chain - must complete in order.
| Task | Issue | Effort | Depends On | Key Implementation |
|---|---|---|---|---|
| A2 | #1136 | 3-4d | A1 ✅ | Extract GovernanceActor to apps/governance/ |
| A3 | #1137 | 3-4d | A2 | Merge entity/coop/community to apps/membership/ |
| B1 | #1139 | 2d | A3 | Auto-create treasury on coop formation |
Sprint 3: Economics & Assets (3-4 days)
| Task | Issue | Effort | Depends On | Key Implementation |
|---|---|---|---|---|
| B2 | #1140 | 2d | B1 | AssetType enum, AssetMetadata in ledger |
| B3 | #1141 | 2d | A2, B1, E2 ✅ | AllocationReceipt with provenance chain |
Sprint 4: Integration & Demo (3-4 days)
| Task | Issue | Effort | Depends On | Key Implementation |
|---|---|---|---|---|
| D1 | #1145 | 2d | A3, B1, B2 | vertical_slice_integration.rs - full scenario |
| D2 | #1146 | 1-2d | D1 | Demo script, icnctl demo run tool-library |
How to Continue
- Pick an unblocked task from Sprint 1 (all parallel) or check dependencies
- Check the GitHub issue for full context
- Run tests after implementation:
cd icn RUSTC_WRAPPER="" cargo test -p <crate-name> RUSTC_WRAPPER="" cargo clippy -p <crate-name> -- -D warnings - Update this doc when completing work
- Create PR following ICN conventions (see
.github/copilot-instructions.md)
Related Documents
- Compute Substrate Design - Original architecture
- ARCHITECTURE.md - System overview
- kernel_surface.toml - Kernel boundary tracking
- AGENTS.md - Agent operating instructions