dearsky/wifi-densepose
1
0
Fork 0
Code Issues 20 Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity

Merge commit 'd803bfe2b1fe7f5e219e50ac20d6801a0a58ac75' as 'vendor/ruvector'

Browse Source
This commit is contained in:
ruv
2026-02-28 14:39:40 -05:00
parent 7885bf6278 d803bfe2b1
commit cd5943df23
7854 changed files with 3522914 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2883
vendor/ruvector/crates/rvf/Cargo.lock generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

63
vendor/ruvector/crates/rvf/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,63 @@
[workspace]
resolver = "2"
members = [
"rvf-types",
"rvf-wire",
"rvf-manifest",
"rvf-index",
"rvf-quant",
"rvf-crypto",
"rvf-runtime",
"rvf-kernel",
"rvf-wasm",
"rvf-solver-wasm",
"rvf-node",
"rvf-server",
"rvf-import",
"rvf-adapters/claude-flow",
"rvf-adapters/agentdb",
"rvf-adapters/ospipe",
"rvf-adapters/agentic-flow",
"rvf-adapters/rvlite",
"rvf-adapters/sona",
"rvf-launch",
"rvf-ebpf",
"rvf-cli",
"tests/rvf-integration",
"benches",
"rvf-federation",
]
[workspace.package]
version = "0.1.0"
edition = "2021"
rust-version = "1.87"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
authors = ["ruv.io", "RuVector Team"]
[workspace.dependencies]
# Internal
rvf-types = { path = "rvf-types" }
rvf-wire = { path = "rvf-wire" }
rvf-manifest = { path = "rvf-manifest" }
rvf-index = { path = "rvf-index" }
rvf-quant = { path = "rvf-quant" }
rvf-crypto = { path = "rvf-crypto" }
rvf-runtime = { path = "rvf-runtime" }
rvf-adapter-claude-flow = { path = "rvf-adapters/claude-flow" }
rvf-adapter-agentdb = { path = "rvf-adapters/agentdb" }
rvf-adapter-ospipe = { path = "rvf-adapters/ospipe" }
rvf-adapter-agentic-flow = { path = "rvf-adapters/agentic-flow" }
rvf-adapter-rvlite = { path = "rvf-adapters/rvlite" }
rvf-adapter-sona = { path = "rvf-adapters/sona" }
rvf-import = { path = "rvf-import" }
# External
serde = { version = "1", default-features = false, features = ["derive"] }
xxhash-rust = { version = "0.8", features = ["xxh3"] }
crc32c = "0.6"
sha3 = "0.10"
ed25519-dalek = "2"
rand = "0.8"
tempfile = "3"

1925
vendor/ruvector/crates/rvf/README.md vendored Normal file
View File

File diff suppressed because it is too large Load Diff

22
vendor/ruvector/crates/rvf/benches/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,22 @@
[package]
name = "rvf-benches"
version = "0.1.0"
edition = "2021"
publish = false
[[bench]]
name = "rvf_benchmarks"
harness = false
[dependencies]
rvf-types = { path = "../rvf-types", features = ["std"] }
rvf-wire = { path = "../rvf-wire" }
rvf-manifest = { path = "../rvf-manifest" }
rvf-index = { path = "../rvf-index", features = ["std"] }
rvf-quant = { path = "../rvf-quant", features = ["std"] }
rvf-crypto = { path = "../rvf-crypto", features = ["std"] }
rvf-runtime = { path = "../rvf-runtime", features = ["std"] }
criterion = { version = "0.5", features = ["html_reports"] }
rand = "0.8"
tempfile = "3"
ed25519-dalek = { version = "2", features = ["rand_core"] }

779
vendor/ruvector/crates/rvf/benches/benches/rvf_benchmarks.rs vendored Normal file
View File

@@ -0,0 +1,779 @@
//! Comprehensive benchmark suite for the RVF crate family.
//!
//! Measures throughput and latency for wire format, indexing, distance
//! computation, quantization, manifest, runtime, and crypto operations
//! against the acceptance targets in docs/research/rvf/benchmarks/.
use criterion::{black_box, criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
// ---------------------------------------------------------------------------
// Deterministic pseudo-random number generator (LCG)
// ---------------------------------------------------------------------------
struct Lcg {
state: u64,
}
impl Lcg {
fn new(seed: u64) -> Self {
Self { state: seed }
}
fn next_u64(&mut self) -> u64 {
self.state = self
.state
.wrapping_mul(6364136223846793005)
.wrapping_add(1442695040888963407);
self.state
}
fn next_f32(&mut self) -> f32 {
(self.next_u64() >> 33) as f32 / (1u64 << 31) as f32
}
fn next_f64(&mut self) -> f64 {
let v = (self.next_u64() >> 33) as f64 / (1u64 << 31) as f64;
v.clamp(0.001, 0.999)
}
}
fn make_random_vectors(n: usize, dim: usize, seed: u64) -> Vec<Vec<f32>> {
let mut rng = Lcg::new(seed);
(0..n)
.map(|_| (0..dim).map(|_| rng.next_f32() - 0.5).collect())
.collect()
}
fn make_random_bytes(size: usize, seed: u64) -> Vec<u8> {
let mut rng = Lcg::new(seed);
let mut buf = vec![0u8; size];
for chunk in buf.chunks_mut(8) {
let val = rng.next_u64();
let bytes = val.to_le_bytes();
let len = chunk.len().min(8);
chunk[..len].copy_from_slice(&bytes[..len]);
}
buf
}
// =========================================================================
// 1. Wire Format Benchmarks
// =========================================================================
fn wire_benchmarks(c: &mut Criterion) {
use rvf_types::{SegmentFlags, SegmentType};
use rvf_wire::hash::{compute_crc32c, compute_xxh3_128};
use rvf_wire::varint::{decode_varint, encode_varint, MAX_VARINT_LEN};
use rvf_wire::vec_seg_codec::{write_vec_block, VecBlock};
use rvf_wire::{find_latest_manifest, read_segment, write_segment};
let mut group = c.benchmark_group("wire");
// -- segment_write: 1000 vectors, 384-dim, fp16 (2 bytes each) --
let dim = 384usize;
let vec_count = 1000usize;
let bytes_per_vec = dim * 2; // fp16
let total_payload_size = vec_count * bytes_per_vec;
let payload = make_random_bytes(total_payload_size, 42);
group.throughput(Throughput::Bytes(total_payload_size as u64));
group.bench_function("segment_write_1k_384d_fp16", |b| {
b.iter(|| {
black_box(write_segment(
SegmentType::Vec as u8,
black_box(&payload),
SegmentFlags::empty(),
1,
));
})
});
// -- segment_read: parse a VEC_SEG --
let segment_bytes = write_segment(SegmentType::Vec as u8, &payload, SegmentFlags::empty(), 1);
group.throughput(Throughput::Bytes(segment_bytes.len() as u64));
group.bench_function("segment_read_1k_384d_fp16", |b| {
b.iter(|| {
black_box(read_segment(black_box(&segment_bytes)).unwrap());
})
});
// -- segment_hash: XXH3-128 of 1MB payload --
let one_mb = make_random_bytes(1_048_576, 100);
group.throughput(Throughput::Bytes(1_048_576));
group.bench_function("xxh3_128_1mb", |b| {
b.iter(|| {
black_box(compute_xxh3_128(black_box(&one_mb)));
})
});
// -- crc32c_compute: CRC32C of 1MB payload --
group.bench_function("crc32c_1mb", |b| {
b.iter(|| {
black_box(compute_crc32c(black_box(&one_mb)));
})
});
// -- varint_encode_decode: round-trip 10000 varints --
let mut rng = Lcg::new(77);
let varint_values: Vec<u64> = (0..10_000).map(|_| rng.next_u64()).collect();
group.throughput(Throughput::Elements(10_000));
group.bench_function("varint_round_trip_10k", |b| {
b.iter(|| {
let mut buf = [0u8; MAX_VARINT_LEN];
for &val in &varint_values {
let written = encode_varint(val, &mut buf);
let (decoded, _) = decode_varint(&buf[..written]).unwrap();
black_box(decoded);
}
})
});
// -- tail_scan: find manifest in a ~10MB file --
// Build a synthetic file with a manifest segment at the end.
let mut file_data = make_random_bytes(10 * 1024 * 1024 - 256, 200);
let manifest_payload = vec![0u8; 64];
let manifest_seg = write_segment(
SegmentType::Manifest as u8,
&manifest_payload,
SegmentFlags::empty(),
99,
);
file_data.extend_from_slice(&manifest_seg);
// Pad to 10MB
file_data.resize(10 * 1024 * 1024, 0);
group.throughput(Throughput::Bytes(file_data.len() as u64));
group.bench_function("tail_scan_10mb", |b| {
b.iter(|| {
let _ = black_box(find_latest_manifest(black_box(&file_data)));
})
});
// -- VEC_SEG block write: 1000 vectors, 384-dim f32 --
let dim_u16 = 384u16;
let count = 1000u32;
let mut vec_data = Vec::with_capacity(count as usize * dim_u16 as usize * 4);
let mut brng = Lcg::new(500);
for _ in 0..(count as usize * dim_u16 as usize) {
vec_data.extend_from_slice(&brng.next_f32().to_le_bytes());
}
let ids: Vec<u64> = (0..count as u64).collect();
let block = VecBlock {
vector_data: vec_data,
ids,
dim: dim_u16,
dtype: 0, // f32
tier: 0,
};
group.bench_function("vec_block_write_1k_384d", |b| {
b.iter(|| {
black_box(write_vec_block(black_box(&block)));
})
});
group.finish();
}
// =========================================================================
// 2. Index Benchmarks
// =========================================================================
fn index_benchmarks(c: &mut Criterion) {
use rvf_index::{
build_full_index, build_layer_a, build_layer_c, l2_distance, HnswConfig,
InMemoryVectorStore, ProgressiveIndex,
};
let mut group = c.benchmark_group("index");
group.sample_size(10); // HNSW builds are expensive
let dim = 384;
let config = HnswConfig {
m: 16,
m0: 32,
ef_construction: 200,
};
// -- hnsw_build_1k --
let vecs_1k = make_random_vectors(1000, dim, 42);
let store_1k = InMemoryVectorStore::new(vecs_1k.clone());
let mut rng_1k = Lcg::new(123);
let rng_vals_1k: Vec<f64> = (0..1000).map(|_| rng_1k.next_f64()).collect();
group.bench_function("hnsw_build_1k_384d", |b| {
b.iter(|| {
black_box(build_full_index(
&store_1k,
1000,
&config,
&rng_vals_1k,
&l2_distance,
));
})
});
// -- hnsw_build_10k --
let vecs_10k = make_random_vectors(10_000, dim, 99);
let store_10k = InMemoryVectorStore::new(vecs_10k.clone());
let mut rng_10k = Lcg::new(456);
let rng_vals_10k: Vec<f64> = (0..10_000).map(|_| rng_10k.next_f64()).collect();
group.bench_function("hnsw_build_10k_384d", |b| {
b.iter(|| {
black_box(build_full_index(
&store_10k,
10_000,
&config,
&rng_vals_10k,
&l2_distance,
));
})
});
// Pre-build graphs for search benchmarks
let graph_1k = build_full_index(&store_1k, 1000, &config, &rng_vals_1k, &l2_distance);
let graph_10k = build_full_index(&store_10k, 10_000, &config, &rng_vals_10k, &l2_distance);
// Generate query vectors
let queries = make_random_vectors(100, dim, 777);
// -- hnsw_search_1k --
group.bench_function("hnsw_search_1k_k10", |b| {
let mut qi = 0usize;
b.iter(|| {
let q = &queries[qi % queries.len()];
qi += 1;
black_box(graph_1k.search(q, 10, 100, &store_1k, &l2_distance));
})
});
// -- hnsw_search_10k --
group.bench_function("hnsw_search_10k_k10", |b| {
let mut qi = 0usize;
b.iter(|| {
let q = &queries[qi % queries.len()];
qi += 1;
black_box(graph_10k.search(q, 10, 100, &store_10k, &l2_distance));
})
});
// -- progressive_search_layer_a: search with only Layer A --
let centroids_count = 32usize;
let centroids: Vec<Vec<f32>> = make_random_vectors(centroids_count, dim, 333);
let assignments: Vec<u32> = (0..1000).map(|i| (i % centroids_count) as u32).collect();
let layer_a = build_layer_a(&graph_1k, &centroids, &assignments, 1000);
let prog_a = ProgressiveIndex {
layer_a: Some(layer_a),
layer_b: None,
layer_c: None,
};
group.bench_function("progressive_search_layer_a", |b| {
let mut qi = 0usize;
b.iter(|| {
let q = &queries[qi % queries.len()];
qi += 1;
black_box(prog_a.search(q, 10, 100, &store_1k));
})
});
// -- progressive_search_full: search with all layers (Layer C) --
let layer_c = build_layer_c(&graph_1k);
let centroids_full: Vec<Vec<f32>> = make_random_vectors(centroids_count, dim, 444);
let assignments_full: Vec<u32> = (0..1000).map(|i| (i % centroids_count) as u32).collect();
let layer_a_full = build_layer_a(&graph_1k, &centroids_full, &assignments_full, 1000);
let prog_full = ProgressiveIndex {
layer_a: Some(layer_a_full),
layer_b: None,
layer_c: Some(layer_c),
};
group.bench_function("progressive_search_full", |b| {
let mut qi = 0usize;
b.iter(|| {
let q = &queries[qi % queries.len()];
qi += 1;
black_box(prog_full.search(q, 10, 100, &store_1k));
})
});
group.finish();
}
// =========================================================================
// 3. Distance Benchmarks
// =========================================================================
fn distance_benchmarks(c: &mut Criterion) {
use rvf_index::{cosine_distance, dot_product, l2_distance};
let mut group = c.benchmark_group("distance");
for &dim in &[384usize, 768, 1536] {
let vecs = make_random_vectors(2, dim, dim as u64);
let a = &vecs[0];
let b = &vecs[1];
group.throughput(Throughput::Elements(dim as u64));
group.bench_with_input(
BenchmarkId::new("l2", dim),
&(a.clone(), b.clone()),
|bench, (a, b)| bench.iter(|| black_box(l2_distance(black_box(a), black_box(b)))),
);
if dim == 384 {
group.bench_with_input(
BenchmarkId::new("cosine", dim),
&(a.clone(), b.clone()),
|bench, (a, b)| {
bench.iter(|| black_box(cosine_distance(black_box(a), black_box(b))))
},
);
group.bench_with_input(
BenchmarkId::new("dot_product", dim),
&(a.clone(), b.clone()),
|bench, (a, b)| bench.iter(|| black_box(dot_product(black_box(a), black_box(b)))),
);
}
}
group.finish();
}
// =========================================================================
// 4. Quantization Benchmarks
// =========================================================================
fn quantization_benchmarks(c: &mut Criterion) {
use rvf_quant::{
encode_binary, hamming_distance, CountMinSketch, ProductQuantizer, ScalarQuantizer,
};
let mut group = c.benchmark_group("quant");
let dim = 384;
let vecs_1k = make_random_vectors(1000, dim, 55);
let vec_refs: Vec<&[f32]> = vecs_1k.iter().map(|v| v.as_slice()).collect();
// -- scalar_quant_encode: encode 1000 vectors --
let sq = ScalarQuantizer::train(&vec_refs);
group.throughput(Throughput::Elements(1000));
group.bench_function("scalar_quant_encode_1k", |b| {
b.iter(|| {
for v in &vecs_1k {
black_box(sq.encode_vec(black_box(v)));
}
})
});
// -- scalar_quant_distance: distance in quantized space (1000 pairs) --
let encoded: Vec<Vec<u8>> = vecs_1k.iter().map(|v| sq.encode_vec(v)).collect();
group.throughput(Throughput::Elements(1000));
group.bench_function("scalar_quant_distance_1k", |b| {
b.iter(|| {
for i in 0..1000 {
let j = (i + 1) % 1000;
black_box(sq.distance_l2_quantized(black_box(&encoded[i]), black_box(&encoded[j])));
}
})
});
// -- pq_encode: PQ encode 100 vectors --
// dim=384, m=48 gives sub_dim=8
let vecs_100 = make_random_vectors(100, dim, 66);
let pq_train_refs: Vec<&[f32]> = vecs_1k.iter().map(|v| v.as_slice()).collect();
let pq = ProductQuantizer::train(&pq_train_refs, 48, 256, 10);
group.throughput(Throughput::Elements(100));
group.bench_function("pq_encode_100", |b| {
b.iter(|| {
for v in &vecs_100 {
black_box(pq.encode_vec(black_box(v)));
}
})
});
// -- pq_adc_distance: ADC distance with precomputed tables --
let query = &vecs_1k[0];
let tables = pq.compute_distance_tables(query);
let pq_codes: Vec<Vec<u8>> = vecs_1k.iter().map(|v| pq.encode_vec(v)).collect();
group.throughput(Throughput::Elements(1000));
group.bench_function("pq_adc_distance_1k", |b| {
b.iter(|| {
for codes in &pq_codes {
black_box(ProductQuantizer::distance_adc(
black_box(&tables),
black_box(codes),
));
}
})
});
// -- binary_encode: binary quantize 1000 vectors --
group.throughput(Throughput::Elements(1000));
group.bench_function("binary_encode_1k", |b| {
b.iter(|| {
for v in &vecs_1k {
black_box(encode_binary(black_box(v)));
}
})
});
// -- hamming_distance: 1000 pairs --
let binary_codes: Vec<Vec<u8>> = vecs_1k.iter().map(|v| encode_binary(v)).collect();
group.throughput(Throughput::Elements(1000));
group.bench_function("hamming_distance_1k", |b| {
b.iter(|| {
for i in 0..1000 {
let j = (i + 1) % 1000;
black_box(hamming_distance(
black_box(&binary_codes[i]),
black_box(&binary_codes[j]),
));
}
})
});
// -- sketch_increment: Count-Min Sketch 10000 increments --
group.throughput(Throughput::Elements(10_000));
group.bench_function("sketch_increment_10k", |b| {
b.iter(|| {
let mut sketch = CountMinSketch::default_sketch();
for i in 0..10_000u64 {
sketch.increment(black_box(i));
}
black_box(&sketch);
})
});
// -- sketch_estimate: 10000 lookups --
let mut sketch = CountMinSketch::default_sketch();
for i in 0..10_000u64 {
sketch.increment(i);
}
group.throughput(Throughput::Elements(10_000));
group.bench_function("sketch_estimate_10k", |b| {
b.iter(|| {
for i in 0..10_000u64 {
black_box(sketch.estimate(black_box(i)));
}
})
});
group.finish();
}
// =========================================================================
// 5. Manifest Benchmarks
// =========================================================================
fn manifest_benchmarks(c: &mut Criterion) {
use rvf_manifest::{boot_phase1, read_level0, write_level0};
use rvf_types::{
CentroidPtr, EntrypointPtr, HotCachePtr, Level0Root, PrefetchMapPtr, QuantDictPtr,
TopLayerPtr, ROOT_MANIFEST_SIZE,
};
let mut group = c.benchmark_group("manifest");
// Build a representative Level 0 root
let mut root = Level0Root::zeroed();
root.version = 1;
root.flags = 0x0004;
root.l1_manifest_offset = 0x1_0000;
root.l1_manifest_length = 0x2000;
root.total_vector_count = 10_000_000;
root.dimension = 384;
root.base_dtype = 1;
root.profile_id = 2;
root.epoch = 42;
root.created_ns = 1_700_000_000_000_000_000;
root.modified_ns = 1_700_000_001_000_000_000;
root.entrypoint = EntrypointPtr {
seg_offset: 0x1000,
block_offset: 64,
count: 3,
};
root.toplayer = TopLayerPtr {
seg_offset: 0x2000,
block_offset: 128,
node_count: 500,
};
root.centroid = CentroidPtr {
seg_offset: 0x3000,
block_offset: 0,
count: 256,
};
root.quantdict = QuantDictPtr {
seg_offset: 0x4000,
block_offset: 0,
size: 8192,
};
root.hot_cache = HotCachePtr {
seg_offset: 0x5000,
block_offset: 0,
vector_count: 1000,
};
root.prefetch_map = PrefetchMapPtr {
offset: 0x6000,
entries: 200,
_pad: 0,
};
// -- level0_write --
group.throughput(Throughput::Bytes(ROOT_MANIFEST_SIZE as u64));
group.bench_function("level0_write", |b| {
b.iter(|| {
black_box(write_level0(black_box(&root)));
})
});
// -- level0_read --
let l0_bytes = write_level0(&root);
group.throughput(Throughput::Bytes(ROOT_MANIFEST_SIZE as u64));
group.bench_function("level0_read", |b| {
b.iter(|| {
black_box(read_level0(black_box(&l0_bytes)).unwrap());
})
});
// -- boot_phase1: progressive boot Phase 1 on a test file --
// Minimal file: padding + Level 0 at the tail
let mut file_data = vec![0u8; 16384];
let l0_written = write_level0(&root);
file_data.extend_from_slice(&l0_written);
group.bench_function("boot_phase1", |b| {
b.iter(|| {
black_box(boot_phase1(black_box(&file_data)).unwrap());
})
});
group.finish();
}
// =========================================================================
// 6. Runtime Benchmarks
// =========================================================================
fn runtime_benchmarks(c: &mut Criterion) {
use rvf_runtime::{QueryOptions, RvfOptions, RvfStore};
use tempfile::TempDir;
let mut group = c.benchmark_group("runtime");
group.sample_size(10); // File I/O is expensive
let dim = 384;
// -- store_create --
group.bench_function("store_create", |b| {
b.iter_with_setup(
|| {
let dir = TempDir::new().unwrap();
let path = dir.path().join("bench.rvf");
(dir, path)
},
|(_dir, path)| {
let options = RvfOptions {
dimension: dim as u16,
..Default::default()
};
let store = RvfStore::create(&path, options).unwrap();
store.close().unwrap();
},
);
});
// -- store_ingest_100 --
let vecs_100 = make_random_vectors(100, dim, 800);
group.bench_function("store_ingest_100", |b| {
b.iter_with_setup(
|| {
let dir = TempDir::new().unwrap();
let path = dir.path().join("ingest100.rvf");
let options = RvfOptions {
dimension: dim as u16,
..Default::default()
};
let store = RvfStore::create(&path, options).unwrap();
(dir, store)
},
|(_dir, mut store)| {
let vec_refs: Vec<&[f32]> = vecs_100.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = (0..100).collect();
store.ingest_batch(&vec_refs, &ids, None).unwrap();
store.close().unwrap();
},
);
});
// -- store_ingest_1000 --
let vecs_1000 = make_random_vectors(1000, dim, 900);
group.bench_function("store_ingest_1000", |b| {
b.iter_with_setup(
|| {
let dir = TempDir::new().unwrap();
let path = dir.path().join("ingest1k.rvf");
let options = RvfOptions {
dimension: dim as u16,
..Default::default()
};
let store = RvfStore::create(&path, options).unwrap();
(dir, store)
},
|(_dir, mut store)| {
let vec_refs: Vec<&[f32]> = vecs_1000.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = (0..1000).collect();
store.ingest_batch(&vec_refs, &ids, None).unwrap();
store.close().unwrap();
},
);
});
// -- store_query_100: query k=10 from 100-vector store --
let query_vecs = make_random_vectors(20, dim, 1000);
group.bench_function("store_query_100", |b| {
b.iter_with_setup(
|| {
let dir = TempDir::new().unwrap();
let path = dir.path().join("query100.rvf");
let options = RvfOptions {
dimension: dim as u16,
..Default::default()
};
let mut store = RvfStore::create(&path, options).unwrap();
let vec_refs: Vec<&[f32]> = vecs_100.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = (0..100).collect();
store.ingest_batch(&vec_refs, &ids, None).unwrap();
(dir, store)
},
|(_dir, store)| {
let opts = QueryOptions::default();
for q in &query_vecs {
black_box(store.query(q, 10, &opts).unwrap());
}
store.close().unwrap();
},
);
});
// -- store_query_1000: query k=10 from 1000-vector store --
group.bench_function("store_query_1000", |b| {
b.iter_with_setup(
|| {
let dir = TempDir::new().unwrap();
let path = dir.path().join("query1k.rvf");
let options = RvfOptions {
dimension: dim as u16,
..Default::default()
};
let mut store = RvfStore::create(&path, options).unwrap();
let vec_refs: Vec<&[f32]> = vecs_1000.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = (0..1000).collect();
store.ingest_batch(&vec_refs, &ids, None).unwrap();
(dir, store)
},
|(_dir, store)| {
let opts = QueryOptions::default();
for q in &query_vecs {
black_box(store.query(q, 10, &opts).unwrap());
}
store.close().unwrap();
},
);
});
group.finish();
}
// =========================================================================
// 7. Crypto Benchmarks
// =========================================================================
fn crypto_benchmarks(c: &mut Criterion) {
use ed25519_dalek::SigningKey;
use rand::rngs::OsRng;
use rvf_crypto::{shake256_256, sign_segment, verify_segment};
use rvf_types::SegmentHeader;
let mut group = c.benchmark_group("crypto");
// -- shake256_1kb --
let one_kb = make_random_bytes(1024, 300);
group.throughput(Throughput::Bytes(1024));
group.bench_function("shake256_1kb", |b| {
b.iter(|| {
black_box(shake256_256(black_box(&one_kb)));
})
});
// -- shake256_1mb --
let one_mb = make_random_bytes(1_048_576, 400);
group.throughput(Throughput::Bytes(1_048_576));
group.bench_function("shake256_1mb", |b| {
b.iter(|| {
black_box(shake256_256(black_box(&one_mb)));
})
});
// -- ed25519_sign --
let key = SigningKey::generate(&mut OsRng);
let header = SegmentHeader::new(0x01, 42);
let payload = make_random_bytes(4096, 500);
group.bench_function("ed25519_sign", |b| {
b.iter(|| {
black_box(sign_segment(
black_box(&header),
black_box(&payload),
black_box(&key),
));
})
});
// -- ed25519_verify --
let footer = sign_segment(&header, &payload, &key);
let pubkey = key.verifying_key();
group.bench_function("ed25519_verify", |b| {
b.iter(|| {
black_box(verify_segment(
black_box(&header),
black_box(&payload),
black_box(&footer),
black_box(&pubkey),
));
})
});
group.finish();
}
// =========================================================================
// Criterion Group and Main
// =========================================================================
criterion_group!(
benches,
wire_benchmarks,
index_benchmarks,
distance_benchmarks,
quantization_benchmarks,
manifest_benchmarks,
runtime_benchmarks,
crypto_benchmarks,
);
criterion_main!(benches);

1030
vendor/ruvector/crates/rvf/docs/adr/ADR-031-rvcow-branching-and-real-cognitive-containers.md vendored Normal file
View File

File diff suppressed because it is too large Load Diff

390
vendor/ruvector/crates/rvf/docs/security/RVCOW-SECURITY-AUDIT.md vendored Normal file
View File

@@ -0,0 +1,390 @@
# RVCOW Security Audit Report
| Field | Value |
|-------|-------|
| **Date** | 2026-02-14 |
| **Auditor** | Security Auditor Agent (Claude Opus 4.6) |
| **Scope** | RVCOW copy-on-write branching implementation per ADR-031 |
| **Status** | Complete |
| **Files Reviewed** | 17 source files across rvf-types, rvf-runtime, rvf-cli |
---
## Executive Summary
The RVCOW implementation is structurally sound with good defensive practices (compile-time size assertions, magic number validation, `repr(C)` layouts). However, the audit identified **2 Critical**, **6 High**, **5 Medium**, and **4 Low** severity findings. The Critical and High findings have been fixed in-place. Medium/Low findings are documented for future remediation.
### Findings Summary
| Severity | Count | Fixed |
|----------|-------|-------|
| Critical | 2 | 2 |
| High | 6 | 5 |
| Medium | 5 | 0 |
| Low | 4 | 0 |
| Info | 3 | 0 |
| **Total** | **20** | **7** |
---
## Critical Findings
### C-01: Non-Cryptographic Hash Used for Integrity Verification
**Severity**: Critical
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/store.rs:1239-1251`
**Status**: Documented (architectural issue requiring design decision)
**Description**: `simple_shake256_256` is a trivially reversible XOR-fold hash, not a cryptographic hash function. Despite its name suggesting SHAKE-256, it provides near-zero collision resistance and is trivially invertible. This function is used for:
- `parent_hash` in `FileIdentity` (lineage verification)
- `filter_hash` in `MembershipHeader` (filter integrity)
- COW witness event hashes (`parent_cluster_hash`, `new_cluster_hash`)
- Cluster deduplication in space-reclaim compaction
**Impact**: An attacker can craft colliding inputs that produce identical hashes, defeating:
1. Parent file provenance verification -- a different parent file could be substituted
2. Membership filter integrity -- a modified filter bitmap could pass hash checks
3. COW witness event auditing -- falsified cluster hashes in the audit trail
4. Space-reclaim compaction -- different data could match parent hashes, causing data loss
**Recommendation**: Replace `simple_shake256_256` with a real cryptographic hash. Options:
- Add `sha3` crate dependency (provides SHAKE-256) for ~20KB binary increase
- Use `blake3` for better performance with equivalent security
- At minimum, document this is a placeholder and add a `#[cfg(feature = "crypto")]` gate
**Note**: The function comment acknowledges this: "We use a simple non-cryptographic hash here since rvf-runtime doesn't depend on rvf-crypto." However, the security implications of this choice are severe for production use. All integrity guarantees documented in ADR-031 are void until this is addressed.
### C-02: KernelBinding from_bytes Does Not Validate Reserved/Padding Fields
**Severity**: Critical
**Location**: `/workspaces/ruvector/crates/rvf/rvf-types/src/kernel_binding.rs:61`
**Status**: **FIXED**
**Description**: `KernelBinding::from_bytes` accepted arbitrary data in `_pad0` and `_reserved` fields. ADR-031 specifies these MUST be zero. Non-zero reserved fields enable:
1. Data smuggling through the KernelBinding structure
2. Future format confusion if reserved fields gain meaning
3. Signature bypass if `signed_data` includes different reserved values
**Fix Applied**: Added `from_bytes_validated()` method that rejects non-zero `_pad0`, non-zero `_reserved`, and `binding_version == 0`. The original `from_bytes` is preserved for backward compatibility with a documentation note.
---
## High Findings
### H-01: Division by Zero in CowEngine with vectors_per_cluster=0
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow.rs:106,164`
**Status**: **FIXED**
**Description**: `CowEngine::read_vector` and `write_vector` compute `cluster_id = vector_id / vectors_per_cluster`. If `vectors_per_cluster` is 0, this causes a panic (integer division by zero). A malicious or corrupted `CowMapHeader` with `vectors_per_cluster=0` would crash the runtime.
**Fix Applied**: Added `assert!(vectors_per_cluster > 0)` to both `CowEngine::new()` and `CowEngine::from_parent()` constructors.
### H-02: Silent Write Drop on Out-of-Bounds Vector Offset
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow.rs:253-258`
**Status**: **FIXED**
**Description**: In `flush_writes`, when `end > cluster_data.len()`, the write was silently skipped (`if end <= cluster_data.len()`). This means data could be silently lost without any error indication, violating write durability guarantees.
**Impact**: An attacker or buggy caller could trigger silent data loss by crafting vector writes where `vector_offset_in_cluster + data.len()` exceeds cluster size.
**Fix Applied**: Changed the condition to return `Err(RvfError::Code(ErrorCode::ClusterNotFound))` when the write would exceed cluster bounds.
### H-03: CowMapHeader Deserialization Missing Critical Validations
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-types/src/cow_map.rs:97-124`
**Status**: **FIXED**
**Description**: `CowMapHeader::from_bytes` only validated the magic number. It did not validate:
- `map_format` is a known enum value (could be 0xFF)
- `cluster_size_bytes` is non-zero and a power of 2 (spec requirement for SIMD alignment)
- `vectors_per_cluster` is non-zero (prevents division by zero downstream)
**Fix Applied**: Added validation for all three fields, returning appropriate `RvfError` on invalid values.
### H-04: RefcountHeader Deserialization Missing Field Validation
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-types/src/refcount.rs:59-82`
**Status**: **FIXED**
**Description**: `RefcountHeader::from_bytes` did not validate:
- `refcount_width` must be 1, 2, or 4 (spec requirement)
- `_pad` must be zero (spec requirement)
- `_reserved` must be zero (spec requirement)
Invalid `refcount_width` could cause incorrect array indexing when reading the refcount array.
**Fix Applied**: Added validation for all three constraints.
### H-05: CowMap Deserialize Integer Overflow
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow_map.rs:93-94`
**Status**: **FIXED**
**Description**: `CowMap::deserialize` computed `expected_len = 5 + count * 9` without checked arithmetic. With a crafted `count` value near `usize::MAX / 9`, the multiplication could overflow, causing `expected_len` to wrap to a small value. This would pass the length check and then cause out-of-bounds reads in the deserialization loop.
**Fix Applied**: Replaced with `count.checked_mul(9).and_then(|v| v.checked_add(5))`, returning `CowMapCorrupt` on overflow.
### H-06: verify_attestation Does Not Verify manifest_root_hash
**Severity**: High
**Location**: `/workspaces/ruvector/crates/rvf/rvf-cli/src/cmd/verify_attestation.rs:49-66`
**Status**: Documented (requires architecture decision)
**Description**: The `verify_attestation` CLI command extracts and displays the `KernelBinding`, but does NOT actually verify that `manifest_root_hash` matches the current file's manifest. Per ADR-031 Section 7.5, the launcher verification sequence requires:
1. Compute SHAKE-256-256 of current Level0Root
2. Compare to `KernelBinding.manifest_root_hash`
3. Refuse to boot on mismatch
The current implementation skips steps 1-3, merely displaying the hash values. This completely defeats the anti-segment-swap protection that KernelBinding is designed to provide.
**Impact**: An attacker can take a signed kernel from file A, embed it into file B (different vectors, different manifest), and `verify-attestation` will report "valid" because it only checks magic bytes, not the binding.
**Recommendation**: Implement the full verification sequence. This requires either:
- Computing the real manifest hash (needs crypto dependency)
- At minimum, extracting the manifest and comparing hashes using available tools
---
## Medium Findings
### M-01: MembershipHeader Deserialization Does Not Validate Reserved Fields
**Severity**: Medium
**Location**: `/workspaces/ruvector/crates/rvf/rvf-types/src/membership.rs:126-171`
**Description**: `MembershipHeader::from_bytes` does not validate that `_reserved` and `_reserved2` are zero. While not as critical as KernelBinding (no signing is involved), non-zero reserved fields violate the spec and could cause future compatibility issues.
**Recommendation**: Add zero-check for `_reserved` and `_reserved2` fields.
### M-02: DeltaHeader Deserialization Does Not Validate Reserved Fields
**Severity**: Medium
**Location**: `/workspaces/ruvector/crates/rvf/rvf-types/src/delta.rs:88-119`
**Description**: `DeltaHeader::from_bytes` does not validate that `_pad` and `_reserved` are zero.
**Recommendation**: Add zero-check for both fields.
### M-03: Freeze CLI Bypasses Store API
**Severity**: Medium
**Location**: `/workspaces/ruvector/crates/rvf/rvf-cli/src/cmd/freeze.rs:43-54`
**Description**: The `freeze` CLI command opens the store, but then directly opens the file again and writes raw segment bytes, bypassing the `RvfStore::freeze()` API. This means:
1. The segment header hash is not computed/validated
2. The segment is not recorded in the manifest
3. The writer lock from `RvfStore::open()` is held while another file handle writes
**Impact**: The REFCOUNT_SEG written by the CLI is effectively invisible to the runtime -- it won't be in the manifest's segment directory. The store's freeze state is not actually recorded in any way the runtime can detect on next open.
**Recommendation**: Use `store.freeze()` instead of raw file writes, or update the manifest after writing the raw segment.
### M-04: Filter CLI Bypasses Store API
**Severity**: Medium
**Location**: `/workspaces/ruvector/crates/rvf/rvf-cli/src/cmd/filter.rs:97-109`
**Description**: Similar to M-03, the `filter` CLI command writes a raw MEMBERSHIP_SEG directly to the file, bypassing the store API. The segment is not recorded in the manifest.
**Recommendation**: Use the membership filter API in `RvfStore` instead of raw segment writes.
### M-05: No Parent Chain Depth Limit Enforced
**Severity**: Medium
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow.rs:137-140`
**Description**: ADR-031 Section 8.1 specifies a 64-level depth limit for parent chain traversal to prevent cycles and unbounded recursion. The current `CowEngine::read_cluster` follows `ParentRef` to the parent file, but there is no depth counter or cycle detection. A malicious chain of files referencing each other could cause stack overflow or infinite loops.
**Recommendation**: Add a depth counter to parent chain resolution. The `lineage_depth` field in `FileIdentity` should be checked against the 64-level limit.
---
## Low Findings
### L-01: generation_id Not Validated Monotonically
**Severity**: Low
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/membership.rs:133-135`
**Description**: `MembershipFilter::bump_generation()` increments `generation_id` by 1, but there is no validation on deserialization that the loaded generation matches or exceeds the manifest's generation. ADR-031 specifies that stale generation IDs (lower than manifest) should be rejected with `GenerationStale` error.
**Recommendation**: Add generation validation in `MembershipFilter::deserialize` that compares against the expected generation from the manifest.
### L-02: No Overflow Check on generation_id Increment
**Severity**: Low
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/membership.rs:134`
**Description**: `self.generation_id += 1` can overflow on `u32::MAX`. While unlikely in practice, this would cause the monotonicity invariant to be violated.
**Recommendation**: Use `checked_add` and return an error on overflow, or use `saturating_add`.
### L-03: Cluster ID Multiplication Overflow in Parent Read
**Severity**: Low
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow.rs:139`
**Description**: `let parent_offset = cluster_id as u64 * self.cluster_size as u64;` could theoretically overflow for very large cluster IDs combined with large cluster sizes, though this requires `cluster_id * cluster_size > u64::MAX` which is unlikely.
**Recommendation**: Use `checked_mul` for defense-in-depth.
### L-04: Bitmap Filter Allows Inconsistent member_count on Deserialization
**Severity**: Low
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/membership.rs:147-182`
**Description**: `MembershipFilter::deserialize` recomputes `member_count` from the bitmap bits (line 174) rather than trusting the header's `member_count`. This is actually good practice. However, if the header's `member_count` disagrees with the actual bit count, there is no warning or error. A crafted header could claim 0 members while the bitmap has all bits set.
**Recommendation**: Add a warning or optional validation that `header.member_count == computed_count`.
---
## Informational Findings
### I-01: simple_hash Duplicated in CLI
**Severity**: Info
**Location**: `/workspaces/ruvector/crates/rvf/rvf-cli/src/cmd/filter.rs:132-140`
**Description**: The `filter.rs` CLI command contains its own `simple_hash` function that is identical to `simple_shake256_256` in `store.rs`. This is a maintenance burden -- if one is updated, the other may be forgotten.
### I-02: KernelBinding Version 0 Used as "Not Present" Sentinel
**Severity**: Info
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/store.rs:773`
**Description**: `extract_kernel_binding` uses `binding_version == 0` to detect "no binding present" (line 773). This means version 0 can never be a valid binding version. This should be documented as a format invariant.
### I-03: Witness Event Hash Placeholder
**Severity**: Info
**Location**: `/workspaces/ruvector/crates/rvf/rvf-runtime/src/cow.rs:232`
**Description**: When emitting a `CLUSTER_COW` witness event, the `new_cluster_hash` is initially set to `[0u8; 32]` and updated later (line 270). If the update loop doesn't find the matching event (e.g., due to a logic bug), the witness event would contain an all-zeros hash. Consider using a sentinel value that is explicitly invalid (e.g., `[0xFF; 32]`).
---
## Security Checklist Results
### 1. KernelBinding Verification
- [x] **manifest_root_hash verified before kernel boot?** -- NO. `verify_attestation` CLI does not verify this (H-06). The runtime does not enforce this either.
- [x] **KernelBinding strippable without detection?** -- PARTIALLY. If the binding is removed, `extract_kernel_binding` returns `None` (backward-compatible). Signature verification would detect removal if signatures are present, but unsigned kernels have no protection.
- [x] **signed_data correctly constructed?** -- YES. `embed_kernel_with_binding` includes `KernelHeader || KernelBinding || cmdline || image` in the correct order per ADR-031.
- [x] **binding_version validated?** -- YES (after fix C-02). `from_bytes_validated` rejects version 0.
- [x] **Reserved fields checked?** -- YES (after fix C-02). `from_bytes_validated` rejects non-zero reserved.
### 2. COW Map Security
- [x] **Malicious redirect possible?** -- YES, because `simple_shake256_256` cannot verify integrity (C-01).
- [x] **cluster_id range validated?** -- YES. Out-of-bounds lookup returns `Unallocated`.
- [x] **Parent chain cycle prevention?** -- NO. No depth limit enforced (M-05).
- [x] **Offsets validated before dereferencing?** -- YES. File I/O will return errors on invalid offsets.
- [x] **Map deterministic?** -- YES. Flat array is inherently ordered by cluster_id.
### 3. Membership Filter Security
- [x] **Empty include filter blocks all access?** -- YES. Verified by test `include_mode_empty_is_empty_view`.
- [x] **generation_id validated monotonically?** -- NO. Not enforced at load time (L-01).
- [x] **Filter bitmap bounds checked?** -- YES. `bitmap_contains` checks `vector_id >= vector_count`.
- [x] **filter_hash verified on load?** -- NO. Depends on `simple_shake256_256` which is non-cryptographic (C-01).
### 4. Crash Recovery
- [x] **Double-root scheme implemented?** -- NOT YET. The runtime code does not implement the double-root scheme described in ADR-031 Section 8.3. Current implementation uses append-only manifests.
- [x] **Orphaned data accessible after failed writes?** -- NO. Orphaned appended data has no manifest reference and is invisible.
- [x] **Generation counters validated?** -- PARTIALLY. Increment works but no validation on load.
### 5. Input Validation
- [x] **Deserialization safe with arbitrary input?** -- YES (after fixes H-03, H-04, H-05). All headers validate magic, enum values, and bounds.
- [x] **Magic numbers checked?** -- YES. All four new headers check magic on deserialization.
- [x] **Sizes validated before allocation?** -- YES (after fix H-05). Checked arithmetic prevents overflow.
- [x] **Offset+length bounds checked?** -- YES. File I/O operations use `read_exact` which fails on short reads.
### 6. Integer Overflow
- [x] **cluster_id * cluster_size overflow?** -- LOW RISK. Uses `u64` arithmetic (L-03).
- [x] **vector_id / vectors_per_cluster panic on zero?** -- FIXED (H-01). Constructors now assert > 0.
- [x] **Capacity calculations safe?** -- YES (after fix H-05). Deserialization uses checked arithmetic.
### 7. Downgrade Prevention
- [x] **Signed kernel replaceable with unsigned?** -- YES. No enforcement prevents replacing a signed KERNEL_SEG with an unsigned one. ADR-031 Section 9 specifies signed-required downgrade prevention, but this is not implemented.
- [x] **Older api_version forceable?** -- YES. No version pinning in KernelBinding currently enforced.
- [x] **Filter mode switchable?** -- YES. No mechanism prevents changing filter_mode from Include to Exclude, which could expose all vectors in a branch.
---
## Threat Model Alignment
| ADR-031 Threat | Implementation Status | Assessment |
|----------------|----------------------|------------|
| Host compromise | VMM not implemented (launcher is stub) | NOT TESTABLE |
| Guest compromise | Kernel is stub; eBPF verifier not implemented | NOT TESTABLE |
| TEE integrity | Not implemented | NOT TESTABLE |
| Supply chain | Signatures supported in type system | PARTIAL |
| Replay attack | generation_id exists but not enforced | INCOMPLETE |
| Data swap | KernelBinding exists but verification not enforced | INCOMPLETE |
| Malicious alt kernel | Deterministic selection not implemented | NOT IMPLEMENTED |
| COW map poisoning | Deterministic map ordering: YES | PARTIAL (no hash verification) |
| Stale membership filter | generation_id exists but not enforced on load | INCOMPLETE |
---
## Positive Observations
1. **Compile-time size assertions** on all headers prevent ABI drift.
2. **Field offset tests** verify `repr(C)` layout matches spec.
3. **Magic number validation** on all `from_bytes` paths.
4. **Round-trip serialization tests** catch encoding bugs.
5. **Frozen snapshot enforcement** correctly prevents writes via `SnapshotFrozen` error.
6. **Write coalescing** correctly batches multiple writes to same cluster.
7. **Membership filter** correctly implements fail-safe (empty include = empty view).
8. **Bitmap bounds checking** prevents out-of-bounds bit access.
9. **Write buffer drain before freeze** prevents data loss.
10. **Checked arithmetic in scan_preservable_segments** prevents overflow on crafted payloads.
---
## Recommendations (Priority Order)
1. **P0**: Replace `simple_shake256_256` with a real cryptographic hash (blake3 or sha3 crate).
2. **P0**: Implement manifest_root_hash verification in `verify_attestation` and in the kernel boot path.
3. **P1**: Enforce parent chain depth limit (64 levels per ADR-031).
4. **P1**: Enforce generation_id monotonicity on membership filter and COW map load.
5. **P1**: Implement signed-required downgrade prevention per ADR-031 Section 9.
6. **P2**: Fix freeze/filter CLI commands to use the store API instead of raw segment writes.
7. **P2**: Add reserved field validation to MembershipHeader and DeltaHeader deserialization.
8. **P3**: Add overflow protection to generation_id increment.
9. **P3**: Add parent_hash/filter_hash consistency checks (once crypto hash is in place).
---
## Files Modified by This Audit
| File | Change |
|------|--------|
| `rvf-types/src/kernel_binding.rs` | Added `from_bytes_validated()` with reserved/pad/version checks |
| `rvf-types/src/cow_map.rs` | Added `map_format`, `cluster_size_bytes`, `vectors_per_cluster` validation |
| `rvf-types/src/refcount.rs` | Added `refcount_width`, `_pad`, `_reserved` validation |
| `rvf-runtime/src/cow.rs` | Added `vectors_per_cluster > 0` assertion; changed silent write drop to error |
| `rvf-runtime/src/cow_map.rs` | Added checked arithmetic for `count * 9` overflow |
## Test Results After Fixes
```
rvf-types: 122 passed, 0 failed
rvf-runtime: 65 passed, 0 failed
rvf-cli: 0 passed, 0 failed (no unit tests)
integration: 6 passed, 2 failed (pre-existing failures in cow_branching.rs)
```
The 2 integration test failures (`branch_inherits_vectors_via_query`, `branch_membership_filter_excludes_deleted`) are pre-existing and unrelated to this audit's changes -- they test branch+query integration that requires the membership filter to be wired into the query path, which is not yet implemented.

18
vendor/ruvector/crates/rvf/rvf-adapters/agentdb/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,18 @@
[package]
name = "rvf-adapter-agentdb"
version = "0.1.0"
edition = "2021"
description = "AgentDB adapter for RuVector Format -- maps agent memory to RVF segments"
license = "MIT OR Apache-2.0"
[features]
default = ["std"]
std = []
[dependencies]
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-types = { path = "../../rvf-types", features = ["std"] }
rvf-index = { path = "../../rvf-index", features = ["std"] }
[dev-dependencies]
tempfile = "3"

323
vendor/ruvector/crates/rvf/rvf-adapters/agentdb/src/index_adapter.rs vendored Normal file
View File

@@ -0,0 +1,323 @@
//! Maps agentdb HNSW operations to RVF INDEX_SEG layers.
//!
//! Bridges agentdb's HNSW index lifecycle to the three-layer progressive
//! indexing model (Layer A / B / C) defined in `rvf-index`.
use std::collections::BTreeSet;
use rvf_index::builder::{build_full_index, build_layer_a, build_layer_b, build_layer_c};
use rvf_index::distance::{cosine_distance, l2_distance};
use rvf_index::hnsw::{HnswConfig, HnswGraph};
type DistanceFn = Box<dyn Fn(&[f32], &[f32]) -> f32>;
use rvf_index::layers::{IndexLayer, LayerA, LayerB, LayerC};
use rvf_index::progressive::ProgressiveIndex;
use rvf_index::traits::InMemoryVectorStore;
/// Configuration for the RVF index adapter.
#[derive(Clone, Debug)]
pub struct IndexAdapterConfig {
/// HNSW M parameter.
pub m: usize,
/// HNSW M0 (layer-0 neighbors).
pub m0: usize,
/// ef_construction beam width.
pub ef_construction: usize,
/// ef_search beam width for queries.
pub ef_search: usize,
/// Use cosine distance (default true for agentdb text embeddings).
pub use_cosine: bool,
/// Hot node fraction for Layer B (0.0 - 1.0).
pub hot_fraction: f32,
}
impl Default for IndexAdapterConfig {
fn default() -> Self {
Self {
m: 16,
m0: 32,
ef_construction: 200,
ef_search: 100,
use_cosine: true,
hot_fraction: 0.2,
}
}
}
/// Adapter that maps agentdb HNSW operations to RVF INDEX_SEG layers.
///
/// Manages the full HNSW graph and can extract progressive layers (A/B/C)
/// for serialization into INDEX_SEG segments.
pub struct RvfIndexAdapter {
config: IndexAdapterConfig,
graph: Option<HnswGraph>,
vectors: Vec<Vec<f32>>,
id_map: Vec<u64>,
progressive: ProgressiveIndex,
loaded_layers: Vec<IndexLayer>,
}
impl RvfIndexAdapter {
/// Create a new index adapter with the given configuration.
pub fn new(config: IndexAdapterConfig) -> Self {
Self {
config,
graph: None,
vectors: Vec::new(),
id_map: Vec::new(),
progressive: ProgressiveIndex::new(),
loaded_layers: Vec::new(),
}
}
/// Build the full HNSW index from a set of vectors and IDs.
///
/// This replaces any existing index.
pub fn build(&mut self, vectors: Vec<Vec<f32>>, ids: Vec<u64>) {
let n = vectors.len();
if n == 0 {
return;
}
let hnsw_config = HnswConfig {
m: self.config.m,
m0: self.config.m0,
ef_construction: self.config.ef_construction,
};
let store = InMemoryVectorStore::new(vectors.clone());
let distance_fn = self.distance_fn();
// Generate deterministic pseudo-random values for level selection.
let rng_values: Vec<f64> = (0..n)
.map(|i| {
let seed = (i as u64)
.wrapping_mul(6364136223846793005)
.wrapping_add(1442695040888963407);
let val = (seed >> 33) as f64 / (1u64 << 31) as f64;
val.clamp(0.001, 0.999)
})
.collect();
let graph = build_full_index(&store, n, &hnsw_config, &rng_values, &distance_fn);
self.vectors = vectors;
self.id_map = ids;
self.graph = Some(graph);
}
/// Extract Layer A (entry points + coarse routing) from the current graph.
pub fn extract_layer_a(&self) -> Option<LayerA> {
let graph = self.graph.as_ref()?;
let n = self.vectors.len();
// Simple centroid computation: split vectors into 2 partitions.
let mid = n / 2;
let dim = self.vectors.first().map_or(0, |v| v.len());
let centroid_0 = compute_centroid(&self.vectors[..mid], dim);
let centroid_1 = if mid < n {
compute_centroid(&self.vectors[mid..], dim)
} else {
centroid_0.clone()
};
let centroids = vec![centroid_0, centroid_1];
let assignments: Vec<u32> = (0..n).map(|i| if i < mid { 0 } else { 1 }).collect();
Some(build_layer_a(graph, &centroids, &assignments, n as u64))
}
/// Extract Layer B (hot region partial adjacency) from the current graph.
pub fn extract_layer_b(&self) -> Option<LayerB> {
let graph = self.graph.as_ref()?;
let n = self.vectors.len();
let hot_count = ((n as f32) * self.config.hot_fraction).ceil() as usize;
let hot_ids: BTreeSet<u64> = (0..hot_count as u64).collect();
Some(build_layer_b(graph, &hot_ids))
}
/// Extract Layer C (full adjacency) from the current graph.
pub fn extract_layer_c(&self) -> Option<LayerC> {
let graph = self.graph.as_ref()?;
Some(build_layer_c(graph))
}
/// Load progressive layers and configure the progressive index for search.
pub fn load_progressive(&mut self, layers: &[IndexLayer]) {
self.loaded_layers = layers.to_vec();
let mut idx = ProgressiveIndex::new();
for layer in layers {
match layer {
IndexLayer::A => {
idx.layer_a = self.extract_layer_a();
}
IndexLayer::B => {
idx.layer_b = self.extract_layer_b();
}
IndexLayer::C => {
idx.layer_c = self.extract_layer_c();
}
}
}
self.progressive = idx;
}
/// Search using the progressive index with whatever layers are loaded.
pub fn search(&self, query: &[f32], k: usize) -> Vec<(u64, f32)> {
let store = InMemoryVectorStore::new(self.vectors.clone());
let distance_fn = self.distance_fn();
self.progressive
.search_with_distance(query, k, self.config.ef_search, &store, &distance_fn)
}
/// Search using the full HNSW graph directly (bypasses progressive layers).
pub fn search_full(&self, query: &[f32], k: usize) -> Vec<(u64, f32)> {
let graph = match self.graph.as_ref() {
Some(g) => g,
None => return Vec::new(),
};
let store = InMemoryVectorStore::new(self.vectors.clone());
let distance_fn = self.distance_fn();
graph.search(query, k, self.config.ef_search, &store, &distance_fn)
}
/// Get the node count in the HNSW graph.
pub fn node_count(&self) -> usize {
self.graph.as_ref().map_or(0, |g| g.node_count())
}
/// Get the currently loaded layers.
pub fn loaded_layers(&self) -> &[IndexLayer] {
&self.loaded_layers
}
fn distance_fn(&self) -> DistanceFn {
if self.config.use_cosine {
Box::new(cosine_distance)
} else {
Box::new(l2_distance)
}
}
}
/// Compute the centroid of a set of vectors.
fn compute_centroid(vectors: &[Vec<f32>], dim: usize) -> Vec<f32> {
if vectors.is_empty() || dim == 0 {
return vec![0.0; dim];
}
let n = vectors.len() as f32;
let mut centroid = vec![0.0f32; dim];
for v in vectors {
for (i, &val) in v.iter().enumerate().take(dim) {
centroid[i] += val;
}
}
for c in &mut centroid {
*c /= n;
}
centroid
}
#[cfg(test)]
mod tests {
use super::*;
fn make_vectors(n: usize, dim: usize) -> (Vec<Vec<f32>>, Vec<u64>) {
let vecs: Vec<Vec<f32>> = (0..n)
.map(|i| (0..dim).map(|d| (i * dim + d) as f32).collect())
.collect();
let ids: Vec<u64> = (0..n as u64).collect();
(vecs, ids)
}
#[test]
fn build_and_search_full() {
let (vecs, ids) = make_vectors(100, 8);
let mut adapter = RvfIndexAdapter::new(IndexAdapterConfig {
use_cosine: false,
..Default::default()
});
adapter.build(vecs.clone(), ids);
assert_eq!(adapter.node_count(), 100);
let results = adapter.search_full(&vecs[50], 5);
assert!(!results.is_empty());
assert_eq!(results[0].0, 50);
}
#[test]
fn extract_layers() {
let (vecs, ids) = make_vectors(50, 4);
let mut adapter = RvfIndexAdapter::new(IndexAdapterConfig {
use_cosine: false,
..Default::default()
});
adapter.build(vecs, ids);
let layer_a = adapter.extract_layer_a();
assert!(layer_a.is_some());
let la = layer_a.unwrap();
assert!(!la.entry_points.is_empty());
assert_eq!(la.centroids.len(), 2);
let layer_b = adapter.extract_layer_b();
assert!(layer_b.is_some());
let layer_c = adapter.extract_layer_c();
assert!(layer_c.is_some());
}
#[test]
fn progressive_search_with_layers() {
let (vecs, ids) = make_vectors(100, 4);
let mut adapter = RvfIndexAdapter::new(IndexAdapterConfig {
use_cosine: false,
..Default::default()
});
adapter.build(vecs.clone(), ids);
// Load all three layers.
adapter.load_progressive(&[IndexLayer::A, IndexLayer::B, IndexLayer::C]);
let results = adapter.search(&vecs[25], 5);
assert!(!results.is_empty());
// With full Layer C, we should find the exact match.
assert_eq!(results[0].0, 25);
}
#[test]
fn progressive_layer_a_only() {
let (vecs, ids) = make_vectors(100, 4);
let mut adapter = RvfIndexAdapter::new(IndexAdapterConfig {
use_cosine: false,
..Default::default()
});
adapter.build(vecs.clone(), ids);
adapter.load_progressive(&[IndexLayer::A]);
let results = adapter.search(&vecs[10], 5);
// Layer A alone provides coarse results; we just verify non-empty.
assert!(!results.is_empty());
}
#[test]
fn empty_adapter() {
let adapter = RvfIndexAdapter::new(IndexAdapterConfig::default());
assert_eq!(adapter.node_count(), 0);
let results = adapter.search_full(&[0.0; 4], 5);
assert!(results.is_empty());
}
#[test]
fn compute_centroid_basic() {
let vecs = vec![
vec![1.0, 2.0, 3.0],
vec![3.0, 4.0, 5.0],
];
let centroid = compute_centroid(&vecs, 3);
assert_eq!(centroid, vec![2.0, 3.0, 4.0]);
}
}

18
vendor/ruvector/crates/rvf/rvf-adapters/agentdb/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,18 @@
//! AgentDB adapter for the RuVector Format (RVF).
//!
//! Maps agentdb's vector storage, HNSW index, and memory pattern APIs
//! onto the RVF segment model:
//!
//! - **VEC_SEG**: Raw vector data (episodes, state embeddings)
//! - **INDEX_SEG**: HNSW index layers (A/B/C progressive indexing)
//! - **META_SEG**: Memory pattern metadata (rewards, critiques, tags)
//!
//! Uses the RVText domain profile for text/embedding workloads.
pub mod index_adapter;
pub mod pattern_store;
pub mod vector_store;
pub use index_adapter::RvfIndexAdapter;
pub use pattern_store::{MemoryPattern, RvfPatternStore};
pub use vector_store::RvfVectorStore;

456
vendor/ruvector/crates/rvf/rvf-adapters/agentdb/src/pattern_store.rs vendored Normal file
View File

@@ -0,0 +1,456 @@
//! Memory pattern storage using RVF META_SEG.
//!
//! Stores agentdb memory patterns (task descriptions, rewards, critiques,
//! success flags) as metadata alongside their state-embedding vectors.
//! Patterns can be searched by similarity and filtered by reward threshold.
use std::collections::HashMap;
use std::path::Path;
use rvf_runtime::options::{MetadataEntry, MetadataValue};
use rvf_types::RvfError;
use crate::vector_store::{AgentDbMetric, RvfVectorStore, VectorStoreConfig};
/// A memory pattern stored in the agentdb reasoning bank.
#[derive(Clone, Debug)]
pub struct MemoryPattern {
/// Unique pattern identifier.
pub id: u64,
/// Task description that produced this pattern.
pub task: String,
/// Reward score (0.0 - 1.0) indicating quality.
pub reward: f32,
/// Whether the pattern was successful.
pub success: bool,
/// Self-critique / notes about the pattern.
pub critique: String,
/// State embedding vector for similarity search.
pub embedding: Vec<f32>,
}
/// Well-known metadata field IDs for pattern attributes.
mod field_ids {
pub const TASK: u16 = 0;
pub const REWARD: u16 = 1;
pub const SUCCESS: u16 = 2;
pub const CRITIQUE: u16 = 3;
}
/// RVF-backed memory pattern store for agentdb.
///
/// Stores patterns as vectors (embeddings) with metadata (task, reward,
/// critique, success flag). Supports similarity search with reward filtering.
pub struct RvfPatternStore {
vector_store: RvfVectorStore,
patterns: HashMap<u64, PatternMetadata>,
next_id: u64,
}
/// In-memory metadata for a pattern (kept alongside the RVF store).
#[derive(Clone, Debug)]
struct PatternMetadata {
task: String,
reward: f32,
success: bool,
critique: String,
}
impl RvfPatternStore {
/// Create a new pattern store at the given path.
pub fn create(path: &Path, dimension: u16) -> Result<Self, RvfError> {
let config = VectorStoreConfig {
dimension,
metric: AgentDbMetric::Cosine,
ef_search: 100,
};
let vector_store = RvfVectorStore::create(path, config)?;
Ok(Self {
vector_store,
patterns: HashMap::new(),
next_id: 1,
})
}
/// Open an existing pattern store.
pub fn open(path: &Path, dimension: u16) -> Result<Self, RvfError> {
let config = VectorStoreConfig {
dimension,
metric: AgentDbMetric::Cosine,
ef_search: 100,
};
let vector_store = RvfVectorStore::open(path, config)?;
Ok(Self {
vector_store,
patterns: HashMap::new(),
next_id: 1,
})
}
/// Store a memory pattern.
///
/// Returns the assigned pattern ID.
pub fn store_pattern(&mut self, pattern: MemoryPattern) -> Result<u64, RvfError> {
let id = if pattern.id > 0 {
pattern.id
} else {
let id = self.next_id;
self.next_id += 1;
id
};
// Ensure next_id stays ahead of manually assigned IDs.
if id >= self.next_id {
self.next_id = id + 1;
}
let metadata = vec![
MetadataEntry {
field_id: field_ids::TASK,
value: MetadataValue::String(pattern.task.clone()),
},
MetadataEntry {
field_id: field_ids::REWARD,
value: MetadataValue::F64(pattern.reward as f64),
},
MetadataEntry {
field_id: field_ids::SUCCESS,
value: MetadataValue::U64(if pattern.success { 1 } else { 0 }),
},
MetadataEntry {
field_id: field_ids::CRITIQUE,
value: MetadataValue::String(pattern.critique.clone()),
},
];
self.vector_store
.add_vectors(&[pattern.embedding.as_slice()], &[id], Some(&metadata))?;
self.patterns.insert(
id,
PatternMetadata {
task: pattern.task,
reward: pattern.reward,
success: pattern.success,
critique: pattern.critique,
},
);
Ok(id)
}
/// Search for patterns similar to the given embedding.
///
/// Returns `(pattern_id, distance)` pairs sorted by distance.
/// Optionally filter by minimum reward score.
pub fn search_patterns(
&self,
query_embedding: &[f32],
k: usize,
min_reward: Option<f32>,
) -> Result<Vec<PatternSearchResult>, RvfError> {
let search_k = if min_reward.is_some() { k * 3 } else { k };
let results = self.vector_store.search(query_embedding, search_k, None)?;
let mut filtered: Vec<PatternSearchResult> = results
.into_iter()
.filter_map(|r| {
let meta = self.patterns.get(&r.id)?;
if let Some(threshold) = min_reward {
if meta.reward < threshold {
return None;
}
}
Some(PatternSearchResult {
id: r.id,
distance: r.distance,
task: meta.task.clone(),
reward: meta.reward,
success: meta.success,
critique: meta.critique.clone(),
})
})
.collect();
filtered.truncate(k);
Ok(filtered)
}
/// Search for patterns that failed (success == false).
pub fn search_failures(
&self,
query_embedding: &[f32],
k: usize,
) -> Result<Vec<PatternSearchResult>, RvfError> {
let results = self.vector_store.search(query_embedding, k * 5, None)?;
let mut filtered: Vec<PatternSearchResult> = results
.into_iter()
.filter_map(|r| {
let meta = self.patterns.get(&r.id)?;
if meta.success {
return None;
}
Some(PatternSearchResult {
id: r.id,
distance: r.distance,
task: meta.task.clone(),
reward: meta.reward,
success: false,
critique: meta.critique.clone(),
})
})
.collect();
filtered.truncate(k);
Ok(filtered)
}
/// Delete a pattern by ID.
pub fn delete_pattern(&mut self, id: u64) -> Result<bool, RvfError> {
let deleted = self.vector_store.delete_vectors(&[id])?;
self.patterns.remove(&id);
Ok(deleted > 0)
}
/// Get pattern metadata by ID.
pub fn get_pattern(&self, id: u64) -> Option<PatternSearchResult> {
let meta = self.patterns.get(&id)?;
Some(PatternSearchResult {
id,
distance: 0.0,
task: meta.task.clone(),
reward: meta.reward,
success: meta.success,
critique: meta.critique.clone(),
})
}
/// Get aggregate statistics about stored patterns.
pub fn stats(&self) -> PatternStoreStats {
let total = self.patterns.len();
let successful = self.patterns.values().filter(|p| p.success).count();
let avg_reward = if total > 0 {
self.patterns.values().map(|p| p.reward as f64).sum::<f64>() / total as f64
} else {
0.0
};
PatternStoreStats {
total_patterns: total,
successful_patterns: successful,
failed_patterns: total - successful,
avg_reward,
vector_count: self.vector_store.len(),
}
}
/// Save the store to disk.
pub fn save(&mut self) -> Result<(), RvfError> {
self.vector_store.save()
}
/// Get the total number of patterns.
pub fn len(&self) -> usize {
self.patterns.len()
}
/// Returns true if no patterns are stored.
pub fn is_empty(&self) -> bool {
self.patterns.is_empty()
}
}
/// A pattern search result with full metadata.
#[derive(Clone, Debug)]
pub struct PatternSearchResult {
pub id: u64,
pub distance: f32,
pub task: String,
pub reward: f32,
pub success: bool,
pub critique: String,
}
/// Aggregate statistics for the pattern store.
#[derive(Clone, Debug)]
pub struct PatternStoreStats {
pub total_patterns: usize,
pub successful_patterns: usize,
pub failed_patterns: usize,
pub avg_reward: f64,
pub vector_count: u64,
}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn dummy_embedding(dim: usize, seed: u64) -> Vec<f32> {
let mut v = Vec::with_capacity(dim);
let mut x = seed;
for _ in 0..dim {
x = x.wrapping_mul(6364136223846793005).wrapping_add(1);
v.push(((x >> 33) as f32) / (u32::MAX as f32) - 0.5);
}
v
}
#[test]
fn store_and_search_patterns() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns.rvf");
let dim = 8;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
for i in 0..10u64 {
let pattern = MemoryPattern {
id: 0,
task: format!("task_{}", i),
reward: (i as f32) / 10.0,
success: i >= 5,
critique: format!("critique_{}", i),
embedding: dummy_embedding(dim, i),
};
store.store_pattern(pattern).unwrap();
}
assert_eq!(store.len(), 10);
let query = dummy_embedding(dim, 7);
let results = store.search_patterns(&query, 3, None).unwrap();
assert!(!results.is_empty());
assert!(results.len() <= 3);
}
#[test]
fn search_with_min_reward() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns_reward.rvf");
let dim = 8;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
for i in 0..10u64 {
let pattern = MemoryPattern {
id: 0,
task: format!("task_{}", i),
reward: (i as f32) / 10.0,
success: true,
critique: String::new(),
embedding: dummy_embedding(dim, i),
};
store.store_pattern(pattern).unwrap();
}
let query = dummy_embedding(dim, 5);
let results = store.search_patterns(&query, 10, Some(0.5)).unwrap();
assert!(results.iter().all(|r| r.reward >= 0.5));
}
#[test]
fn search_failures() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns_fail.rvf");
let dim = 8;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
for i in 0..10u64 {
let pattern = MemoryPattern {
id: 0,
task: format!("task_{}", i),
reward: 0.5,
success: i % 2 == 0,
critique: String::new(),
embedding: dummy_embedding(dim, i),
};
store.store_pattern(pattern).unwrap();
}
let query = dummy_embedding(dim, 3);
let results = store.search_failures(&query, 5).unwrap();
assert!(results.iter().all(|r| !r.success));
}
#[test]
fn delete_pattern() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns_del.rvf");
let dim = 4;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
let pattern = MemoryPattern {
id: 42,
task: "test".into(),
reward: 0.9,
success: true,
critique: "good".into(),
embedding: vec![1.0, 2.0, 3.0, 4.0],
};
store.store_pattern(pattern).unwrap();
assert_eq!(store.len(), 1);
let deleted = store.delete_pattern(42).unwrap();
assert!(deleted);
assert_eq!(store.len(), 0);
assert!(store.get_pattern(42).is_none());
}
#[test]
fn stats() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns_stats.rvf");
let dim = 4;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
for i in 0..5u64 {
let pattern = MemoryPattern {
id: 0,
task: format!("task_{}", i),
reward: (i as f32) * 0.2,
success: i >= 3,
critique: String::new(),
embedding: vec![i as f32; dim],
};
store.store_pattern(pattern).unwrap();
}
let stats = store.stats();
assert_eq!(stats.total_patterns, 5);
assert_eq!(stats.successful_patterns, 2);
assert_eq!(stats.failed_patterns, 3);
assert!(stats.avg_reward > 0.0);
}
#[test]
fn get_pattern_by_id() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("patterns_get.rvf");
let dim = 4;
let mut store = RvfPatternStore::create(&path, dim as u16).unwrap();
let pattern = MemoryPattern {
id: 100,
task: "find_bugs".into(),
reward: 0.85,
success: true,
critique: "good coverage".into(),
embedding: vec![1.0, 0.0, 0.0, 0.0],
};
store.store_pattern(pattern).unwrap();
let result = store.get_pattern(100).unwrap();
assert_eq!(result.task, "find_bugs");
assert_eq!(result.reward, 0.85);
assert!(result.success);
assert_eq!(result.critique, "good coverage");
assert!(store.get_pattern(999).is_none());
}
}

326
vendor/ruvector/crates/rvf/rvf-adapters/agentdb/src/vector_store.rs vendored Normal file
View File

@@ -0,0 +1,326 @@
//! RVF-backed vector store for agentdb.
//!
//! Wraps [`RvfStore`] to provide the vector CRUD operations that agentdb
//! expects: add, search, delete, get, save, and load.
use std::path::{Path, PathBuf};
use rvf_runtime::options::{
DistanceMetric, MetadataEntry, QueryOptions, RvfOptions, SearchResult,
};
use rvf_runtime::RvfStore;
use rvf_types::{ErrorCode, RvfError};
/// Distance metric selection matching agentdb's API.
#[derive(Clone, Copy, Debug, Default)]
pub enum AgentDbMetric {
#[default]
Cosine,
L2,
InnerProduct,
}
impl From<AgentDbMetric> for DistanceMetric {
fn from(m: AgentDbMetric) -> Self {
match m {
AgentDbMetric::Cosine => DistanceMetric::Cosine,
AgentDbMetric::L2 => DistanceMetric::L2,
AgentDbMetric::InnerProduct => DistanceMetric::InnerProduct,
}
}
}
/// Configuration for the RVF vector store.
#[derive(Clone, Debug)]
pub struct VectorStoreConfig {
/// Vector dimensionality.
pub dimension: u16,
/// Distance metric for similarity search.
pub metric: AgentDbMetric,
/// HNSW ef_search beam width for queries.
pub ef_search: u16,
}
impl Default for VectorStoreConfig {
fn default() -> Self {
Self {
dimension: 128,
metric: AgentDbMetric::Cosine,
ef_search: 100,
}
}
}
/// RVF-backed vector store that provides the agentdb vector storage interface.
///
/// Maps agentdb operations to RvfStore calls:
/// - `add_vectors` -> `ingest_batch`
/// - `search` -> `query`
/// - `delete_vectors` -> `delete`
/// - `get_vector` -> single-vector query
/// - `save` / `load` -> close / open
pub struct RvfVectorStore {
store: Option<RvfStore>,
path: PathBuf,
config: VectorStoreConfig,
}
impl RvfVectorStore {
/// Create a new RVF vector store at the given path.
pub fn create(path: &Path, config: VectorStoreConfig) -> Result<Self, RvfError> {
let rvf_opts = RvfOptions {
dimension: config.dimension,
metric: config.metric.into(),
profile: 1, // RVText profile
..Default::default()
};
let store = RvfStore::create(path, rvf_opts)?;
Ok(Self {
store: Some(store),
path: path.to_path_buf(),
config,
})
}
/// Open an existing RVF vector store.
pub fn open(path: &Path, config: VectorStoreConfig) -> Result<Self, RvfError> {
let store = RvfStore::open(path)?;
Ok(Self {
store: Some(store),
path: path.to_path_buf(),
config,
})
}
/// Add vectors with their IDs and optional metadata.
///
/// `vectors`: slice of float slices, one per vector.
/// `ids`: one ID per vector.
/// `metadata`: optional metadata entries (flat list, one entry per vector).
pub fn add_vectors(
&mut self,
vectors: &[&[f32]],
ids: &[u64],
metadata: Option<&[MetadataEntry]>,
) -> Result<u64, RvfError> {
let store = self.store.as_mut().ok_or(RvfError::Code(ErrorCode::InvalidManifest))?;
let result = store.ingest_batch(vectors, ids, metadata)?;
Ok(result.accepted)
}
/// Search for the k nearest neighbors of a query vector.
///
/// Returns results sorted by distance (ascending).
pub fn search(
&self,
query: &[f32],
k: usize,
ef_search: Option<u16>,
) -> Result<Vec<SearchResult>, RvfError> {
let store = self.store.as_ref().ok_or(RvfError::Code(ErrorCode::InvalidManifest))?;
let opts = QueryOptions {
ef_search: ef_search.unwrap_or(self.config.ef_search),
..Default::default()
};
store.query(query, k, &opts)
}
/// Delete vectors by their IDs.
pub fn delete_vectors(&mut self, ids: &[u64]) -> Result<u64, RvfError> {
let store = self.store.as_mut().ok_or(RvfError::Code(ErrorCode::InvalidManifest))?;
let result = store.delete(ids)?;
Ok(result.deleted)
}
/// Retrieve a single vector by ID.
///
/// Uses a zero-distance search trick: queries with each candidate until
/// the exact ID is found. For small stores this is acceptable; for large
/// stores the caller should maintain an ID index.
///
/// Returns `None` if the vector is not found or has been deleted.
pub fn get_vector(&self, id: u64) -> Option<SearchResult> {
let store = self.store.as_ref()?;
let status = store.status();
if status.total_vectors == 0 {
return None;
}
// Query a large k and find the matching ID in results.
// This is O(n) but correct. Production agentdb should cache vectors.
let dim = self.config.dimension as usize;
let zero_query = vec![0.0f32; dim];
let opts = QueryOptions {
ef_search: self.config.ef_search,
..Default::default()
};
let results = store.query(&zero_query, status.total_vectors as usize, &opts).ok()?;
results.into_iter().find(|r| r.id == id)
}
/// Save the store (flushes and closes the underlying RVF file).
pub fn save(&mut self) -> Result<(), RvfError> {
if let Some(store) = self.store.take() {
store.close()?;
}
Ok(())
}
/// Reload the store from disk.
pub fn load(&mut self) -> Result<(), RvfError> {
if self.store.is_some() {
return Ok(());
}
let store = RvfStore::open(&self.path)?;
self.store = Some(store);
Ok(())
}
/// Get the current vector count.
pub fn len(&self) -> u64 {
self.store.as_ref().map_or(0, |s| s.status().total_vectors)
}
/// Returns true if the store is empty.
pub fn is_empty(&self) -> bool {
self.len() == 0
}
/// Run compaction to reclaim space from deleted vectors.
pub fn compact(&mut self) -> Result<u64, RvfError> {
let store = self.store.as_mut().ok_or(RvfError::Code(ErrorCode::InvalidManifest))?;
let result = store.compact()?;
Ok(result.bytes_reclaimed)
}
/// Get the file path of the underlying RVF store.
pub fn path(&self) -> &Path {
&self.path
}
/// Get the store configuration.
pub fn config(&self) -> &VectorStoreConfig {
&self.config
}
}
#[cfg(test)]
mod tests {
use super::*;
use rvf_runtime::options::MetadataValue;
use tempfile::TempDir;
fn make_config(dim: u16) -> VectorStoreConfig {
VectorStoreConfig {
dimension: dim,
metric: AgentDbMetric::L2,
ef_search: 100,
}
}
#[test]
fn create_add_search() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("agentdb.rvf");
let mut store = RvfVectorStore::create(&path, make_config(4)).unwrap();
let v1 = [1.0f32, 0.0, 0.0, 0.0];
let v2 = [0.0f32, 1.0, 0.0, 0.0];
let v3 = [0.0f32, 0.0, 1.0, 0.0];
let accepted = store
.add_vectors(&[&v1, &v2, &v3], &[10, 20, 30], None)
.unwrap();
assert_eq!(accepted, 3);
let results = store.search(&[1.0, 0.0, 0.0, 0.0], 2, None).unwrap();
assert_eq!(results.len(), 2);
assert_eq!(results[0].id, 10);
assert!(results[0].distance < f32::EPSILON);
}
#[test]
fn delete_and_compact() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("agentdb_del.rvf");
let mut store = RvfVectorStore::create(&path, make_config(4)).unwrap();
let vecs: Vec<[f32; 4]> = (0..10).map(|i| [i as f32, 0.0, 0.0, 0.0]).collect();
let refs: Vec<&[f32]> = vecs.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = (0..10).collect();
store.add_vectors(&refs, &ids, None).unwrap();
let deleted = store.delete_vectors(&[0, 2, 4]).unwrap();
assert_eq!(deleted, 3);
assert_eq!(store.len(), 7);
let reclaimed = store.compact().unwrap();
assert!(reclaimed > 0);
assert_eq!(store.len(), 7);
}
#[test]
fn save_and_load() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("agentdb_persist.rvf");
let config = make_config(4);
{
let mut store = RvfVectorStore::create(&path, config.clone()).unwrap();
let v1 = [1.0f32, 2.0, 3.0, 4.0];
store.add_vectors(&[&v1], &[42], None).unwrap();
store.save().unwrap();
}
{
let store = RvfVectorStore::open(&path, config).unwrap();
assert_eq!(store.len(), 1);
let results = store.search(&[1.0, 2.0, 3.0, 4.0], 1, None).unwrap();
assert_eq!(results[0].id, 42);
}
}
#[test]
fn add_with_metadata() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("agentdb_meta.rvf");
let mut store = RvfVectorStore::create(&path, make_config(4)).unwrap();
let v1 = [1.0f32, 0.0, 0.0, 0.0];
let v2 = [0.0f32, 1.0, 0.0, 0.0];
let metadata = vec![
MetadataEntry {
field_id: 0,
value: MetadataValue::String("episode_a".into()),
},
MetadataEntry {
field_id: 0,
value: MetadataValue::String("episode_b".into()),
},
];
let accepted = store
.add_vectors(&[&v1, &v2], &[1, 2], Some(&metadata))
.unwrap();
assert_eq!(accepted, 2);
}
#[test]
fn empty_store() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("agentdb_empty.rvf");
let store = RvfVectorStore::create(&path, make_config(4)).unwrap();
assert!(store.is_empty());
assert_eq!(store.len(), 0);
let results = store.search(&[0.0, 0.0, 0.0, 0.0], 5, None).unwrap();
assert!(results.is_empty());
}
}

20
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,20 @@
[package]
name = "rvf-adapter-agentic-flow"
version = "0.1.0"
edition = "2021"
description = "Agentic-flow swarm adapter for RuVector Format -- maps inter-agent memory, coordination state, and learning patterns to RVF segments"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
rust-version = "1.87"
[features]
default = ["std"]
std = []
[dependencies]
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-types = { path = "../../rvf-types", features = ["std"] }
rvf-crypto = { path = "../../rvf-crypto", features = ["std"] }
[dev-dependencies]
tempfile = "3"

148
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/src/config.rs vendored Normal file
View File

@@ -0,0 +1,148 @@
//! Configuration for the agentic-flow swarm adapter.
use std::path::PathBuf;
/// Configuration for the RVF-backed agentic-flow swarm store.
#[derive(Clone, Debug)]
pub struct AgenticFlowConfig {
/// Directory where RVF data files are stored.
pub data_dir: PathBuf,
/// Vector embedding dimension (must match embeddings used by agents).
pub dimension: u16,
/// Unique identifier for this agent.
pub agent_id: String,
/// Whether to log consensus events in a WITNESS_SEG audit trail.
pub enable_witness: bool,
/// Optional swarm group identifier for multi-swarm deployments.
pub swarm_id: Option<String>,
}
impl AgenticFlowConfig {
/// Create a new configuration with required parameters.
///
/// Uses sensible defaults: dimension=384, witness enabled, no swarm group.
pub fn new(data_dir: impl Into<PathBuf>, agent_id: impl Into<String>) -> Self {
Self {
data_dir: data_dir.into(),
dimension: 384,
agent_id: agent_id.into(),
enable_witness: true,
swarm_id: None,
}
}
/// Set the embedding dimension.
pub fn with_dimension(mut self, dimension: u16) -> Self {
self.dimension = dimension;
self
}
/// Enable or disable witness audit trails.
pub fn with_witness(mut self, enable: bool) -> Self {
self.enable_witness = enable;
self
}
/// Set the swarm group identifier.
pub fn with_swarm_id(mut self, swarm_id: impl Into<String>) -> Self {
self.swarm_id = Some(swarm_id.into());
self
}
/// Return the path to the main vector store RVF file.
pub fn store_path(&self) -> PathBuf {
self.data_dir.join("swarm.rvf")
}
/// Return the path to the witness chain file.
pub fn witness_path(&self) -> PathBuf {
self.data_dir.join("witness.bin")
}
/// Ensure the data directory exists.
pub fn ensure_dirs(&self) -> std::io::Result<()> {
std::fs::create_dir_all(&self.data_dir)
}
/// Validate the configuration.
pub fn validate(&self) -> Result<(), ConfigError> {
if self.dimension == 0 {
return Err(ConfigError::InvalidDimension);
}
if self.agent_id.is_empty() {
return Err(ConfigError::EmptyAgentId);
}
Ok(())
}
}
/// Errors specific to adapter configuration.
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum ConfigError {
/// Dimension must be > 0.
InvalidDimension,
/// Agent ID must not be empty.
EmptyAgentId,
}
impl std::fmt::Display for ConfigError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::InvalidDimension => write!(f, "vector dimension must be > 0"),
Self::EmptyAgentId => write!(f, "agent_id must not be empty"),
}
}
}
impl std::error::Error for ConfigError {}
#[cfg(test)]
mod tests {
use super::*;
use std::path::Path;
#[test]
fn config_defaults() {
let cfg = AgenticFlowConfig::new("/tmp/test", "agent-1");
assert_eq!(cfg.dimension, 384);
assert!(cfg.enable_witness);
assert!(cfg.swarm_id.is_none());
assert_eq!(cfg.agent_id, "agent-1");
}
#[test]
fn config_paths() {
let cfg = AgenticFlowConfig::new("/data/swarm", "a1");
assert_eq!(cfg.store_path(), Path::new("/data/swarm/swarm.rvf"));
assert_eq!(cfg.witness_path(), Path::new("/data/swarm/witness.bin"));
}
#[test]
fn validate_zero_dimension() {
let cfg = AgenticFlowConfig::new("/tmp", "a1").with_dimension(0);
assert_eq!(cfg.validate(), Err(ConfigError::InvalidDimension));
}
#[test]
fn validate_empty_agent_id() {
let cfg = AgenticFlowConfig::new("/tmp", "");
assert_eq!(cfg.validate(), Err(ConfigError::EmptyAgentId));
}
#[test]
fn validate_ok() {
let cfg = AgenticFlowConfig::new("/tmp", "agent-1").with_dimension(64);
assert!(cfg.validate().is_ok());
}
#[test]
fn builder_methods() {
let cfg = AgenticFlowConfig::new("/tmp", "a1")
.with_dimension(128)
.with_witness(false)
.with_swarm_id("swarm-alpha");
assert_eq!(cfg.dimension, 128);
assert!(!cfg.enable_witness);
assert_eq!(cfg.swarm_id.as_deref(), Some("swarm-alpha"));
}
}

283
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/src/coordination.rs vendored Normal file
View File

@@ -0,0 +1,283 @@
//! Swarm coordination state management.
//!
//! Tracks agent state changes and consensus votes in-memory, with the
//! coordination state serialized alongside the RVF store. State entries
//! and votes are appended chronologically for audit and replay.
/// A recorded agent state change.
#[derive(Clone, Debug, PartialEq)]
pub struct StateEntry {
/// The agent that produced this state change.
pub agent_id: String,
/// State key (e.g., "status", "role", "topology").
pub key: String,
/// State value (e.g., "active", "coordinator", "mesh").
pub value: String,
/// Timestamp in nanoseconds since the Unix epoch.
pub timestamp: u64,
}
/// A consensus vote cast by an agent.
#[derive(Clone, Debug, PartialEq)]
pub struct ConsensusVote {
/// The topic being voted on (e.g., "leader-election-42").
pub topic: String,
/// The agent casting the vote.
pub agent_id: String,
/// The vote (true = approve, false = reject).
pub vote: bool,
/// Timestamp in nanoseconds since the Unix epoch.
pub timestamp: u64,
}
/// Swarm coordination state tracker.
///
/// Maintains an in-memory log of agent state changes and consensus votes.
/// This state lives alongside the RVF store and is used for coordination
/// protocol decisions (leader election, topology changes, etc.).
pub struct SwarmCoordination {
states: Vec<StateEntry>,
votes: Vec<ConsensusVote>,
}
impl SwarmCoordination {
/// Create a new, empty coordination tracker.
pub fn new() -> Self {
Self {
states: Vec::new(),
votes: Vec::new(),
}
}
/// Record an agent state change.
pub fn record_state(
&mut self,
agent_id: &str,
state_key: &str,
state_value: &str,
) -> Result<(), CoordinationError> {
if agent_id.is_empty() {
return Err(CoordinationError::EmptyAgentId);
}
if state_key.is_empty() {
return Err(CoordinationError::EmptyKey);
}
self.states.push(StateEntry {
agent_id: agent_id.to_string(),
key: state_key.to_string(),
value: state_value.to_string(),
timestamp: now_ns(),
});
Ok(())
}
/// Get the state history for a specific agent.
pub fn get_agent_states(&self, agent_id: &str) -> Vec<StateEntry> {
self.states
.iter()
.filter(|s| s.agent_id == agent_id)
.cloned()
.collect()
}
/// Get all coordination state entries.
pub fn get_all_states(&self) -> Vec<StateEntry> {
self.states.clone()
}
/// Record a consensus vote for a topic.
pub fn record_consensus_vote(
&mut self,
topic: &str,
agent_id: &str,
vote: bool,
) -> Result<(), CoordinationError> {
if topic.is_empty() {
return Err(CoordinationError::EmptyTopic);
}
if agent_id.is_empty() {
return Err(CoordinationError::EmptyAgentId);
}
self.votes.push(ConsensusVote {
topic: topic.to_string(),
agent_id: agent_id.to_string(),
vote,
timestamp: now_ns(),
});
Ok(())
}
/// Get all votes for a specific topic.
pub fn get_votes(&self, topic: &str) -> Vec<ConsensusVote> {
self.votes
.iter()
.filter(|v| v.topic == topic)
.cloned()
.collect()
}
/// Get the total number of state entries.
pub fn state_count(&self) -> usize {
self.states.len()
}
/// Get the total number of votes.
pub fn vote_count(&self) -> usize {
self.votes.len()
}
}
impl Default for SwarmCoordination {
fn default() -> Self {
Self::new()
}
}
/// Errors from coordination operations.
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum CoordinationError {
/// Agent ID must not be empty.
EmptyAgentId,
/// State key must not be empty.
EmptyKey,
/// Topic must not be empty.
EmptyTopic,
}
impl std::fmt::Display for CoordinationError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::EmptyAgentId => write!(f, "agent_id must not be empty"),
Self::EmptyKey => write!(f, "state key must not be empty"),
Self::EmptyTopic => write!(f, "topic must not be empty"),
}
}
}
impl std::error::Error for CoordinationError {}
fn now_ns() -> u64 {
std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.map(|d| d.as_nanos() as u64)
.unwrap_or(0)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn record_and_get_states() {
let mut coord = SwarmCoordination::new();
coord.record_state("a1", "status", "active").unwrap();
coord.record_state("a2", "status", "idle").unwrap();
coord.record_state("a1", "role", "coordinator").unwrap();
let a1_states = coord.get_agent_states("a1");
assert_eq!(a1_states.len(), 2);
assert_eq!(a1_states[0].key, "status");
assert_eq!(a1_states[1].key, "role");
let a2_states = coord.get_agent_states("a2");
assert_eq!(a2_states.len(), 1);
}
#[test]
fn get_all_states() {
let mut coord = SwarmCoordination::new();
coord.record_state("a1", "k1", "v1").unwrap();
coord.record_state("a2", "k2", "v2").unwrap();
let all = coord.get_all_states();
assert_eq!(all.len(), 2);
}
#[test]
fn record_and_get_votes() {
let mut coord = SwarmCoordination::new();
coord
.record_consensus_vote("leader-election", "a1", true)
.unwrap();
coord
.record_consensus_vote("leader-election", "a2", false)
.unwrap();
coord
.record_consensus_vote("other-topic", "a1", true)
.unwrap();
let votes = coord.get_votes("leader-election");
assert_eq!(votes.len(), 2);
assert!(votes[0].vote);
assert!(!votes[1].vote);
let other = coord.get_votes("other-topic");
assert_eq!(other.len(), 1);
}
#[test]
fn empty_agent_id_rejected() {
let mut coord = SwarmCoordination::new();
assert_eq!(
coord.record_state("", "k", "v"),
Err(CoordinationError::EmptyAgentId)
);
assert_eq!(
coord.record_consensus_vote("topic", "", true),
Err(CoordinationError::EmptyAgentId)
);
}
#[test]
fn empty_key_rejected() {
let mut coord = SwarmCoordination::new();
assert_eq!(
coord.record_state("a1", "", "v"),
Err(CoordinationError::EmptyKey)
);
}
#[test]
fn empty_topic_rejected() {
let mut coord = SwarmCoordination::new();
assert_eq!(
coord.record_consensus_vote("", "a1", true),
Err(CoordinationError::EmptyTopic)
);
}
#[test]
fn counts() {
let mut coord = SwarmCoordination::new();
assert_eq!(coord.state_count(), 0);
assert_eq!(coord.vote_count(), 0);
coord.record_state("a1", "k", "v").unwrap();
coord.record_consensus_vote("t", "a1", true).unwrap();
assert_eq!(coord.state_count(), 1);
assert_eq!(coord.vote_count(), 1);
}
#[test]
fn no_states_for_unknown_agent() {
let coord = SwarmCoordination::new();
assert!(coord.get_agent_states("ghost").is_empty());
}
#[test]
fn no_votes_for_unknown_topic() {
let coord = SwarmCoordination::new();
assert!(coord.get_votes("nonexistent").is_empty());
}
#[test]
fn timestamps_are_monotonic() {
let mut coord = SwarmCoordination::new();
coord.record_state("a1", "k1", "v1").unwrap();
coord.record_state("a1", "k2", "v2").unwrap();
let states = coord.get_agent_states("a1");
assert!(states[0].timestamp <= states[1].timestamp);
}
}

301
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/src/learning.rs vendored Normal file
View File

@@ -0,0 +1,301 @@
//! Agent learning pattern management.
//!
//! Stores learned patterns as vectors with metadata (pattern type, description,
//! effectiveness score) in the RVF store. Patterns can be searched by embedding
//! similarity and ranked by their effectiveness scores.
use std::collections::HashMap;
/// A learning pattern search result.
#[derive(Clone, Debug)]
pub struct PatternResult {
/// Unique pattern identifier.
pub id: u64,
/// The cognitive pattern type (e.g., "convergent", "divergent", "lateral").
pub pattern_type: String,
/// Human-readable description of the pattern.
pub description: String,
/// Effectiveness score (0.0 - 1.0).
pub score: f32,
/// Distance from query embedding (only meaningful in search results).
pub distance: f32,
}
/// In-memory metadata for a stored pattern.
#[derive(Clone, Debug)]
struct PatternMeta {
pattern_type: String,
description: String,
score: f32,
}
/// Agent learning pattern store.
///
/// Wraps a vector store to provide pattern-specific operations: store, search,
/// update scores, and retrieve top patterns. Each pattern has a type, description,
/// effectiveness score, and an embedding vector for similarity search.
pub struct LearningPatternStore {
patterns: HashMap<u64, PatternMeta>,
/// Ordered list of (score, id) for efficient top-k retrieval.
score_index: Vec<(f32, u64)>,
next_id: u64,
}
impl LearningPatternStore {
/// Create a new, empty learning pattern store.
pub fn new() -> Self {
Self {
patterns: HashMap::new(),
score_index: Vec::new(),
next_id: 1,
}
}
/// Store a learned pattern.
///
/// The `embedding` is stored in the parent `RvfSwarmStore` via metadata;
/// this struct tracks the pattern metadata for filtering and ranking.
///
/// Returns the assigned pattern ID.
pub fn store_pattern(
&mut self,
pattern_type: &str,
description: &str,
score: f32,
) -> Result<u64, LearningError> {
if pattern_type.is_empty() {
return Err(LearningError::EmptyPatternType);
}
let clamped_score = score.clamp(0.0, 1.0);
let id = self.next_id;
self.next_id += 1;
self.patterns.insert(
id,
PatternMeta {
pattern_type: pattern_type.to_string(),
description: description.to_string(),
score: clamped_score,
},
);
self.score_index.push((clamped_score, id));
Ok(id)
}
/// Search patterns by returning those whose IDs are in the given candidate
/// set (from a vector similarity search), enriched with metadata.
pub fn enrich_results(
&self,
candidates: &[(u64, f32)],
k: usize,
) -> Vec<PatternResult> {
let mut results: Vec<PatternResult> = candidates
.iter()
.filter_map(|&(id, distance)| {
let meta = self.patterns.get(&id)?;
Some(PatternResult {
id,
pattern_type: meta.pattern_type.clone(),
description: meta.description.clone(),
score: meta.score,
distance,
})
})
.collect();
results.truncate(k);
results
}
/// Update the effectiveness score for a pattern.
pub fn update_score(&mut self, id: u64, new_score: f32) -> Result<(), LearningError> {
let meta = self
.patterns
.get_mut(&id)
.ok_or(LearningError::PatternNotFound(id))?;
let clamped = new_score.clamp(0.0, 1.0);
meta.score = clamped;
// Update the score index entry.
if let Some(entry) = self.score_index.iter_mut().find(|(_, eid)| *eid == id) {
entry.0 = clamped;
}
Ok(())
}
/// Get the top-k patterns by effectiveness score (highest first).
pub fn get_top_patterns(&self, k: usize) -> Vec<PatternResult> {
let mut sorted = self.score_index.clone();
sorted.sort_by(|a, b| b.0.partial_cmp(&a.0).unwrap_or(std::cmp::Ordering::Equal));
sorted.truncate(k);
sorted
.into_iter()
.filter_map(|(_, id)| {
let meta = self.patterns.get(&id)?;
Some(PatternResult {
id,
pattern_type: meta.pattern_type.clone(),
description: meta.description.clone(),
score: meta.score,
distance: 0.0,
})
})
.collect()
}
/// Get a pattern by ID.
pub fn get_pattern(&self, id: u64) -> Option<PatternResult> {
let meta = self.patterns.get(&id)?;
Some(PatternResult {
id,
pattern_type: meta.pattern_type.clone(),
description: meta.description.clone(),
score: meta.score,
distance: 0.0,
})
}
/// Get the total number of stored patterns.
pub fn len(&self) -> usize {
self.patterns.len()
}
/// Returns true if no patterns are stored.
pub fn is_empty(&self) -> bool {
self.patterns.is_empty()
}
}
impl Default for LearningPatternStore {
fn default() -> Self {
Self::new()
}
}
/// Errors from learning pattern operations.
#[derive(Clone, Debug, PartialEq)]
pub enum LearningError {
/// Pattern type must not be empty.
EmptyPatternType,
/// Pattern with the given ID was not found.
PatternNotFound(u64),
}
impl std::fmt::Display for LearningError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::EmptyPatternType => write!(f, "pattern_type must not be empty"),
Self::PatternNotFound(id) => write!(f, "pattern not found: {id}"),
}
}
}
impl std::error::Error for LearningError {}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn store_and_retrieve() {
let mut store = LearningPatternStore::new();
let id = store.store_pattern("convergent", "Use batched writes", 0.85).unwrap();
let p = store.get_pattern(id).unwrap();
assert_eq!(p.pattern_type, "convergent");
assert_eq!(p.description, "Use batched writes");
assert!((p.score - 0.85).abs() < f32::EPSILON);
}
#[test]
fn update_score() {
let mut store = LearningPatternStore::new();
let id = store.store_pattern("lateral", "Try alternative approach", 0.5).unwrap();
store.update_score(id, 0.95).unwrap();
let p = store.get_pattern(id).unwrap();
assert!((p.score - 0.95).abs() < f32::EPSILON);
}
#[test]
fn update_nonexistent_pattern() {
let mut store = LearningPatternStore::new();
assert_eq!(
store.update_score(999, 0.5),
Err(LearningError::PatternNotFound(999))
);
}
#[test]
fn top_patterns() {
let mut store = LearningPatternStore::new();
store.store_pattern("a", "low", 0.2).unwrap();
store.store_pattern("b", "mid", 0.5).unwrap();
store.store_pattern("c", "high", 0.9).unwrap();
store.store_pattern("d", "highest", 1.0).unwrap();
let top = store.get_top_patterns(2);
assert_eq!(top.len(), 2);
assert!((top[0].score - 1.0).abs() < f32::EPSILON);
assert!((top[1].score - 0.9).abs() < f32::EPSILON);
}
#[test]
fn score_clamping() {
let mut store = LearningPatternStore::new();
let id1 = store.store_pattern("a", "over", 1.5).unwrap();
let id2 = store.store_pattern("b", "under", -0.3).unwrap();
assert!((store.get_pattern(id1).unwrap().score - 1.0).abs() < f32::EPSILON);
assert!(store.get_pattern(id2).unwrap().score.abs() < f32::EPSILON);
}
#[test]
fn empty_pattern_type_rejected() {
let mut store = LearningPatternStore::new();
assert_eq!(
store.store_pattern("", "desc", 0.5),
Err(LearningError::EmptyPatternType)
);
}
#[test]
fn enrich_results() {
let mut store = LearningPatternStore::new();
let id1 = store.store_pattern("convergent", "desc1", 0.8).unwrap();
let id2 = store.store_pattern("divergent", "desc2", 0.6).unwrap();
let _id3 = store.store_pattern("lateral", "desc3", 0.4).unwrap();
let candidates = vec![(id1, 0.1), (id2, 0.3), (999, 0.5)];
let results = store.enrich_results(&candidates, 10);
// id 999 is filtered out (not in patterns map)
assert_eq!(results.len(), 2);
assert_eq!(results[0].id, id1);
assert_eq!(results[1].id, id2);
}
#[test]
fn len_and_is_empty() {
let mut store = LearningPatternStore::new();
assert!(store.is_empty());
assert_eq!(store.len(), 0);
store.store_pattern("a", "desc", 0.5).unwrap();
assert!(!store.is_empty());
assert_eq!(store.len(), 1);
}
#[test]
fn get_nonexistent_pattern() {
let store = LearningPatternStore::new();
assert!(store.get_pattern(42).is_none());
}
#[test]
fn top_patterns_empty_store() {
let store = LearningPatternStore::new();
assert!(store.get_top_patterns(5).is_empty());
}
}

53
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,53 @@
//! RVF adapter for agentic-flow swarm coordination.
//!
//! This crate bridges agentic-flow's swarm coordination primitives with the
//! RuVector Format (RVF) segment store, per ADR-029. It provides persistent
//! storage for inter-agent memory sharing, swarm coordination state, and
//! agent learning patterns.
//!
//! # Segment mapping
//!
//! - **VEC_SEG + META_SEG**: Shared memory entries (embeddings + key/value
//! metadata) for inter-agent memory sharing via the RVF streaming protocol.
//! - **META_SEG**: Swarm coordination state (agent states, topology changes).
//! - **SKETCH_SEG**: Agent learning patterns with effectiveness scores.
//! - **WITNESS_SEG**: Distributed consensus votes with signatures for
//! tamper-evident audit trails.
//!
//! # Usage
//!
//! ```rust,no_run
//! use rvf_adapter_agentic_flow::{AgenticFlowConfig, RvfSwarmStore};
//!
//! let config = AgenticFlowConfig::new("/tmp/swarm-data", "agent-001");
//! let mut store = RvfSwarmStore::create(config).unwrap();
//!
//! // Share a memory entry with other agents
//! let embedding = vec![0.1f32; 384];
//! store.share_memory("auth-pattern", "JWT with refresh tokens",
//! "patterns", &embedding).unwrap();
//!
//! // Search shared memories by embedding similarity
//! let results = store.search_shared(&embedding, 5);
//!
//! // Record coordination state
//! store.coordination().record_state("agent-001", "status", "active").unwrap();
//!
//! // Store a learning pattern
//! store.learning().store_pattern("convergent", "Use batched writes",
//! 0.92).unwrap();
//!
//! store.close().unwrap();
//! ```
pub mod config;
pub mod coordination;
pub mod learning;
pub mod swarm_store;
pub use config::{AgenticFlowConfig, ConfigError};
pub use coordination::{ConsensusVote, StateEntry, SwarmCoordination};
pub use learning::{LearningPatternStore, PatternResult};
pub use swarm_store::{
RvfSwarmStore, SharedMemoryEntry, SharedMemoryResult, SwarmStoreError,
};

587
vendor/ruvector/crates/rvf/rvf-adapters/agentic-flow/src/swarm_store.rs vendored Normal file
View File

@@ -0,0 +1,587 @@
//! `RvfSwarmStore` -- main API wrapping `RvfStore` for swarm operations.
//!
//! Maps agentic-flow's inter-agent memory sharing model onto the RVF
//! segment model:
//! - Embeddings are stored as vectors via `ingest_batch`
//! - Agent ID, key, value, and namespace are encoded as metadata fields
//! - Searches use `query` with optional namespace filtering
//! - Coordination state and learning patterns are managed by sub-stores
use std::collections::HashMap;
use rvf_runtime::options::{
DistanceMetric, MetadataEntry, MetadataValue, QueryOptions, RvfOptions,
};
use rvf_runtime::RvfStore;
use rvf_types::RvfError;
use crate::config::{AgenticFlowConfig, ConfigError};
use crate::coordination::SwarmCoordination;
use crate::learning::LearningPatternStore;
/// Metadata field IDs for shared memory entries.
const FIELD_AGENT_ID: u16 = 0;
const FIELD_KEY: u16 = 1;
const FIELD_VALUE: u16 = 2;
const FIELD_NAMESPACE: u16 = 3;
/// A search result from shared memory, enriched with agent metadata.
#[derive(Clone, Debug)]
pub struct SharedMemoryResult {
/// Vector ID in the underlying store.
pub id: u64,
/// Distance from the query embedding (lower = more similar).
pub distance: f32,
/// The agent that shared this memory.
pub agent_id: String,
/// The memory key.
pub key: String,
}
/// A full shared memory entry retrieved by ID.
#[derive(Clone, Debug)]
pub struct SharedMemoryEntry {
/// Vector ID in the underlying store.
pub id: u64,
/// The agent that shared this memory.
pub agent_id: String,
/// The memory key.
pub key: String,
/// The memory value.
pub value: String,
/// The namespace this entry belongs to.
pub namespace: String,
}
/// The RVF-backed swarm store for agentic-flow.
pub struct RvfSwarmStore {
store: RvfStore,
config: AgenticFlowConfig,
coordination: SwarmCoordination,
learning: LearningPatternStore,
/// Maps "agent_id/namespace/key" -> vector_id for fast lookup.
key_index: HashMap<String, u64>,
/// Maps vector_id -> SharedMemoryEntry for retrieval by ID.
entry_index: HashMap<u64, SharedMemoryEntry>,
/// Next vector ID to assign.
next_id: u64,
}
impl RvfSwarmStore {
/// Create a new swarm store, initializing the data directory and RVF file.
pub fn create(config: AgenticFlowConfig) -> Result<Self, SwarmStoreError> {
config.validate().map_err(SwarmStoreError::Config)?;
config
.ensure_dirs()
.map_err(|e| SwarmStoreError::Io(e.to_string()))?;
let rvf_options = RvfOptions {
dimension: config.dimension,
metric: DistanceMetric::Cosine,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), rvf_options)
.map_err(SwarmStoreError::Rvf)?;
Ok(Self {
store,
config,
coordination: SwarmCoordination::new(),
learning: LearningPatternStore::new(),
key_index: HashMap::new(),
entry_index: HashMap::new(),
next_id: 1,
})
}
/// Open an existing swarm store.
pub fn open(config: AgenticFlowConfig) -> Result<Self, SwarmStoreError> {
config.validate().map_err(SwarmStoreError::Config)?;
let store =
RvfStore::open(&config.store_path()).map_err(SwarmStoreError::Rvf)?;
// Rebuild next_id from the store status so new IDs don't collide.
let status = store.status();
let next_id = status.total_vectors + status.current_epoch as u64 + 1;
Ok(Self {
store,
config,
coordination: SwarmCoordination::new(),
learning: LearningPatternStore::new(),
key_index: HashMap::new(),
entry_index: HashMap::new(),
next_id,
})
}
/// Share a memory entry with other agents.
///
/// Stores the embedding vector with agent_id/key/value/namespace as
/// metadata fields. If an entry with the same agent_id/namespace/key
/// already exists, the old one is soft-deleted and replaced.
///
/// Returns the assigned vector ID.
pub fn share_memory(
&mut self,
key: &str,
value: &str,
namespace: &str,
embedding: &[f32],
) -> Result<u64, SwarmStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(SwarmStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
let compound_key = format!(
"{}/{}/{}",
self.config.agent_id, namespace, key
);
// Soft-delete existing entry with the same compound key.
if let Some(&old_id) = self.key_index.get(&compound_key) {
self.store.delete(&[old_id]).map_err(SwarmStoreError::Rvf)?;
self.entry_index.remove(&old_id);
}
let vector_id = self.next_id;
self.next_id += 1;
let metadata = vec![
MetadataEntry {
field_id: FIELD_AGENT_ID,
value: MetadataValue::String(self.config.agent_id.clone()),
},
MetadataEntry {
field_id: FIELD_KEY,
value: MetadataValue::String(key.to_string()),
},
MetadataEntry {
field_id: FIELD_VALUE,
value: MetadataValue::String(value.to_string()),
},
MetadataEntry {
field_id: FIELD_NAMESPACE,
value: MetadataValue::String(namespace.to_string()),
},
];
self.store
.ingest_batch(&[embedding], &[vector_id], Some(&metadata))
.map_err(SwarmStoreError::Rvf)?;
self.key_index.insert(compound_key, vector_id);
self.entry_index.insert(
vector_id,
SharedMemoryEntry {
id: vector_id,
agent_id: self.config.agent_id.clone(),
key: key.to_string(),
value: value.to_string(),
namespace: namespace.to_string(),
},
);
Ok(vector_id)
}
/// Search for shared memories similar to the given embedding.
///
/// Returns up to `k` results sorted by distance (closest first),
/// enriched with agent metadata from the in-memory index.
pub fn search_shared(
&self,
embedding: &[f32],
k: usize,
) -> Vec<SharedMemoryResult> {
let options = QueryOptions::default();
let results = match self.store.query(embedding, k, &options) {
Ok(r) => r,
Err(_) => return Vec::new(),
};
results
.into_iter()
.filter_map(|r| {
let entry = self.entry_index.get(&r.id)?;
Some(SharedMemoryResult {
id: r.id,
distance: r.distance,
agent_id: entry.agent_id.clone(),
key: entry.key.clone(),
})
})
.collect()
}
/// Retrieve a shared memory entry by its vector ID.
pub fn get_shared(&self, id: u64) -> Option<SharedMemoryEntry> {
self.entry_index.get(&id).cloned()
}
/// Delete shared memory entries by their vector IDs.
///
/// Returns the number of entries actually deleted.
pub fn delete_shared(&mut self, ids: &[u64]) -> Result<usize, SwarmStoreError> {
let existing: Vec<u64> = ids
.iter()
.filter(|id| self.entry_index.contains_key(id))
.copied()
.collect();
if existing.is_empty() {
return Ok(0);
}
self.store
.delete(&existing)
.map_err(SwarmStoreError::Rvf)?;
let mut removed = 0;
for &id in &existing {
if let Some(entry) = self.entry_index.remove(&id) {
let compound_key = format!(
"{}/{}/{}",
entry.agent_id, entry.namespace, entry.key
);
self.key_index.remove(&compound_key);
removed += 1;
}
}
Ok(removed)
}
/// Get a mutable reference to the coordination state tracker.
pub fn coordination(&mut self) -> &mut SwarmCoordination {
&mut self.coordination
}
/// Get an immutable reference to the coordination state tracker.
pub fn coordination_ref(&self) -> &SwarmCoordination {
&self.coordination
}
/// Get a mutable reference to the learning pattern store.
pub fn learning(&mut self) -> &mut LearningPatternStore {
&mut self.learning
}
/// Get an immutable reference to the learning pattern store.
pub fn learning_ref(&self) -> &LearningPatternStore {
&self.learning
}
/// Get the current store status.
pub fn status(&self) -> rvf_runtime::StoreStatus {
self.store.status()
}
/// Get the agent ID for this store.
pub fn agent_id(&self) -> &str {
&self.config.agent_id
}
/// Close the swarm store, releasing locks.
pub fn close(self) -> Result<(), SwarmStoreError> {
self.store.close().map_err(SwarmStoreError::Rvf)
}
}
/// Errors from swarm store operations.
#[derive(Debug)]
pub enum SwarmStoreError {
/// Underlying RVF store error.
Rvf(RvfError),
/// Configuration error.
Config(ConfigError),
/// I/O error.
Io(String),
/// Embedding dimension mismatch.
DimensionMismatch { expected: usize, got: usize },
}
impl std::fmt::Display for SwarmStoreError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF store error: {e}"),
Self::Config(e) => write!(f, "config error: {e}"),
Self::Io(msg) => write!(f, "I/O error: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
}
}
}
impl std::error::Error for SwarmStoreError {}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn test_config(dir: &std::path::Path) -> AgenticFlowConfig {
AgenticFlowConfig::new(dir, "test-agent").with_dimension(4)
}
fn make_embedding(seed: f32) -> Vec<f32> {
vec![seed, seed * 0.5, seed * 0.25, seed * 0.125]
}
#[test]
fn create_and_share() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let id = store
.share_memory("key1", "value1", "default", &make_embedding(1.0))
.unwrap();
assert!(id > 0);
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
#[test]
fn share_and_search() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
store
.share_memory("a", "val_a", "ns1", &[1.0, 0.0, 0.0, 0.0])
.unwrap();
store
.share_memory("b", "val_b", "ns1", &[0.0, 1.0, 0.0, 0.0])
.unwrap();
store
.share_memory("c", "val_c", "ns2", &[0.0, 0.0, 1.0, 0.0])
.unwrap();
let results = store.search_shared(&[1.0, 0.0, 0.0, 0.0], 3);
assert_eq!(results.len(), 3);
// Closest should be "a"
assert_eq!(results[0].key, "a");
store.close().unwrap();
}
#[test]
fn get_shared_by_id() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let id = store
.share_memory("mykey", "myval", "ns", &make_embedding(2.0))
.unwrap();
let entry = store.get_shared(id).unwrap();
assert_eq!(entry.key, "mykey");
assert_eq!(entry.value, "myval");
assert_eq!(entry.namespace, "ns");
assert_eq!(entry.agent_id, "test-agent");
assert!(store.get_shared(9999).is_none());
store.close().unwrap();
}
#[test]
fn delete_shared_entries() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let id1 = store
.share_memory("k1", "v1", "ns", &make_embedding(1.0))
.unwrap();
let id2 = store
.share_memory("k2", "v2", "ns", &make_embedding(2.0))
.unwrap();
let removed = store.delete_shared(&[id1]).unwrap();
assert_eq!(removed, 1);
assert!(store.get_shared(id1).is_none());
assert!(store.get_shared(id2).is_some());
store.close().unwrap();
}
#[test]
fn delete_nonexistent_ids() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let removed = store.delete_shared(&[999, 1000]).unwrap();
assert_eq!(removed, 0);
store.close().unwrap();
}
#[test]
fn replace_existing_key() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let id1 = store
.share_memory("k", "v1", "ns", &make_embedding(1.0))
.unwrap();
let id2 = store
.share_memory("k", "v2", "ns", &make_embedding(2.0))
.unwrap();
assert_ne!(id1, id2);
assert!(store.get_shared(id1).is_none());
let entry = store.get_shared(id2).unwrap();
assert_eq!(entry.value, "v2");
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
#[test]
fn dimension_mismatch() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let result = store.share_memory("k", "v", "ns", &[1.0, 2.0]);
assert!(result.is_err());
}
#[test]
fn coordination_state() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
store
.coordination()
.record_state("agent-1", "status", "active")
.unwrap();
store
.coordination()
.record_state("agent-2", "status", "idle")
.unwrap();
let states = store.coordination_ref().get_all_states();
assert_eq!(states.len(), 2);
store.close().unwrap();
}
#[test]
fn learning_patterns() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
let id = store
.learning()
.store_pattern("convergent", "Use batched writes", 0.85)
.unwrap();
let pattern = store.learning_ref().get_pattern(id).unwrap();
assert_eq!(pattern.pattern_type, "convergent");
assert!((pattern.score - 0.85).abs() < f32::EPSILON);
store.close().unwrap();
}
#[test]
fn open_existing_store() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
{
let mut store = RvfSwarmStore::create(config.clone()).unwrap();
store
.share_memory("k", "v", "ns", &make_embedding(1.0))
.unwrap();
store.close().unwrap();
}
{
let store = RvfSwarmStore::open(config).unwrap();
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
}
#[test]
fn agent_id_accessor() {
let dir = TempDir::new().unwrap();
let config = AgenticFlowConfig::new(dir.path(), "special-agent")
.with_dimension(4);
let store = RvfSwarmStore::create(config).unwrap();
assert_eq!(store.agent_id(), "special-agent");
store.close().unwrap();
}
#[test]
fn empty_store_search() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let store = RvfSwarmStore::create(config).unwrap();
let results = store.search_shared(&[1.0, 0.0, 0.0, 0.0], 5);
assert!(results.is_empty());
store.close().unwrap();
}
#[test]
fn consensus_votes() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfSwarmStore::create(config).unwrap();
store
.coordination()
.record_consensus_vote("leader-election", "a1", true)
.unwrap();
store
.coordination()
.record_consensus_vote("leader-election", "a2", false)
.unwrap();
let votes = store.coordination_ref().get_votes("leader-election");
assert_eq!(votes.len(), 2);
assert!(votes[0].vote);
assert!(!votes[1].vote);
store.close().unwrap();
}
#[test]
fn invalid_config_rejected() {
let dir = TempDir::new().unwrap();
// Zero dimension
let config = AgenticFlowConfig::new(dir.path(), "a1").with_dimension(0);
assert!(RvfSwarmStore::create(config).is_err());
// Empty agent_id
let config = AgenticFlowConfig::new(dir.path(), "").with_dimension(4);
assert!(RvfSwarmStore::create(config).is_err());
}
}

19
vendor/ruvector/crates/rvf/rvf-adapters/claude-flow/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,19 @@
[package]
name = "rvf-adapter-claude-flow"
version = "0.1.0"
edition = "2021"
description = "RVF adapter for claude-flow memory subsystem — stores memory entries as RVF files with WITNESS_SEG audit trails"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
[features]
default = ["std"]
std = []
[dependencies]
rvf-types = { path = "../../rvf-types", features = ["std"] }
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-crypto = { path = "../../rvf-crypto", features = ["std"] }
[dev-dependencies]
tempfile = "3"

124
vendor/ruvector/crates/rvf/rvf-adapters/claude-flow/src/config.rs vendored Normal file
View File

@@ -0,0 +1,124 @@
//! Configuration for the claude-flow memory adapter.
use std::path::PathBuf;
use rvf_runtime::options::DistanceMetric;
/// Configuration for the RVF-backed claude-flow memory store.
#[derive(Clone, Debug)]
pub struct ClaudeFlowConfig {
/// Directory where RVF data files are stored.
pub data_dir: PathBuf,
/// Vector embedding dimension (must match the embeddings used by claude-flow).
pub dimension: u16,
/// Distance metric for similarity search.
pub metric: DistanceMetric,
/// Whether to record witness entries for audit trails.
pub enable_witness: bool,
}
impl ClaudeFlowConfig {
/// Create a new configuration with required parameters.
pub fn new(data_dir: impl Into<PathBuf>, dimension: u16) -> Self {
Self {
data_dir: data_dir.into(),
dimension,
metric: DistanceMetric::Cosine,
enable_witness: true,
}
}
/// Set the distance metric.
pub fn with_metric(mut self, metric: DistanceMetric) -> Self {
self.metric = metric;
self
}
/// Enable or disable witness audit trails.
pub fn with_witness(mut self, enable: bool) -> Self {
self.enable_witness = enable;
self
}
/// Return the path to the main vector store RVF file.
pub fn store_path(&self) -> PathBuf {
self.data_dir.join("memory.rvf")
}
/// Return the path to the witness chain file.
pub fn witness_path(&self) -> PathBuf {
self.data_dir.join("witness.bin")
}
/// Ensure the data directory exists.
pub fn ensure_dirs(&self) -> std::io::Result<()> {
std::fs::create_dir_all(&self.data_dir)
}
/// Validate the configuration.
pub fn validate(&self) -> Result<(), ConfigError> {
if self.dimension == 0 {
return Err(ConfigError::InvalidDimension);
}
Ok(())
}
}
/// Errors specific to adapter configuration.
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum ConfigError {
/// Dimension must be > 0.
InvalidDimension,
}
impl std::fmt::Display for ConfigError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::InvalidDimension => write!(f, "vector dimension must be > 0"),
}
}
}
impl std::error::Error for ConfigError {}
#[cfg(test)]
mod tests {
use super::*;
use std::path::Path;
#[test]
fn config_defaults() {
let cfg = ClaudeFlowConfig::new("/tmp/test", 384);
assert_eq!(cfg.dimension, 384);
assert_eq!(cfg.metric, DistanceMetric::Cosine);
assert!(cfg.enable_witness);
}
#[test]
fn config_paths() {
let cfg = ClaudeFlowConfig::new("/data/memory", 128);
assert_eq!(cfg.store_path(), Path::new("/data/memory/memory.rvf"));
assert_eq!(cfg.witness_path(), Path::new("/data/memory/witness.bin"));
}
#[test]
fn validate_zero_dimension() {
let cfg = ClaudeFlowConfig::new("/tmp", 0);
assert_eq!(cfg.validate(), Err(ConfigError::InvalidDimension));
}
#[test]
fn validate_ok() {
let cfg = ClaudeFlowConfig::new("/tmp", 64);
assert!(cfg.validate().is_ok());
}
#[test]
fn builder_methods() {
let cfg = ClaudeFlowConfig::new("/tmp", 256)
.with_metric(DistanceMetric::L2)
.with_witness(false);
assert_eq!(cfg.metric, DistanceMetric::L2);
assert!(!cfg.enable_witness);
}
}

48
vendor/ruvector/crates/rvf/rvf-adapters/claude-flow/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,48 @@
//! RVF adapter for the claude-flow memory subsystem.
//!
//! This crate bridges claude-flow's key/value/embedding memory model
//! with the RuVector Format (RVF) segment store. Memory entries are
//! persisted as RVF files with the RVText profile, and every mutation
//! is recorded in a WITNESS_SEG audit trail for tamper-evident logging.
//!
//! # Architecture
//!
//! - **`RvfMemoryStore`**: Main API wrapping `RvfStore` for
//! store/search/retrieve/delete operations on memory entries.
//! - **`WitnessChain`**: Persistent, append-only audit log using
//! `rvf_crypto::witness` chains (SHAKE-256 linked).
//! - **`ClaudeFlowConfig`**: Configuration for data directory, embedding
//! dimension, distance metric, and witness toggle.
//!
//! # Usage
//!
//! ```rust,no_run
//! use rvf_adapter_claude_flow::{ClaudeFlowConfig, RvfMemoryStore};
//!
//! let config = ClaudeFlowConfig::new("/tmp/claude-flow-memory", 384);
//! let mut store = RvfMemoryStore::create(config).unwrap();
//!
//! // Store a memory entry with its embedding
//! let embedding = vec![0.1f32; 384];
//! store.store_memory("auth-pattern", "JWT with refresh tokens",
//! "patterns", &["auth".into()], &embedding).unwrap();
//!
//! // Search by embedding similarity
//! let results = store.search_memory(&embedding, 5, Some("patterns"), None).unwrap();
//!
//! // Retrieve by key
//! let id = store.retrieve_memory("auth-pattern", "patterns");
//!
//! // Delete
//! store.delete_memory("auth-pattern", "patterns").unwrap();
//!
//! store.close().unwrap();
//! ```
pub mod config;
pub mod memory_store;
pub mod witness;
pub use config::ClaudeFlowConfig;
pub use memory_store::{MemoryEntry, MemoryStoreError, RvfMemoryStore};
pub use witness::{WitnessChain, WitnessError};

445
vendor/ruvector/crates/rvf/rvf-adapters/claude-flow/src/memory_store.rs vendored Normal file
View File

@@ -0,0 +1,445 @@
//! `RvfMemoryStore` — wraps `RvfStore` for claude-flow memory operations.
//!
//! Maps claude-flow's key/value/namespace/tags/embedding model onto the
//! RVF segment model:
//! - Embeddings are stored as vectors via `ingest_batch`
//! - Keys and namespaces are encoded as metadata (META_SEG fields)
//! - Searches use `query` with optional namespace filtering
//! - Deletes use soft-delete with witness recording
use std::collections::HashMap;
use rvf_runtime::filter::{FilterExpr, FilterValue};
use rvf_runtime::options::{MetadataEntry, MetadataValue, QueryOptions, RvfOptions};
use rvf_runtime::{RvfStore, SearchResult};
use rvf_types::RvfError;
use crate::config::ClaudeFlowConfig;
use crate::witness::WitnessChain;
/// Metadata field IDs for claude-flow memory entries.
const FIELD_KEY: u16 = 0;
const FIELD_NAMESPACE: u16 = 1;
const FIELD_TAGS: u16 = 2;
/// A memory entry returned from retrieval or search.
#[derive(Clone, Debug)]
pub struct MemoryEntry {
/// The memory key.
pub key: String,
/// The namespace this entry belongs to.
pub namespace: String,
/// Tags associated with this entry.
pub tags: Vec<String>,
/// The vector ID in the underlying store.
pub vector_id: u64,
/// Distance from query (only meaningful for search results).
pub distance: f32,
}
/// The RVF-backed memory store for claude-flow.
pub struct RvfMemoryStore {
store: RvfStore,
witness: Option<WitnessChain>,
config: ClaudeFlowConfig,
/// Maps "namespace/key" -> vector_id for fast lookup.
key_index: HashMap<String, u64>,
/// Next vector ID to assign.
next_id: u64,
}
impl RvfMemoryStore {
/// Create a new memory store, initializing the data directory and RVF file.
pub fn create(config: ClaudeFlowConfig) -> Result<Self, MemoryStoreError> {
config.validate().map_err(MemoryStoreError::Config)?;
config.ensure_dirs().map_err(|e| MemoryStoreError::Io(e.to_string()))?;
let rvf_options = RvfOptions {
dimension: config.dimension,
metric: config.metric,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), rvf_options)
.map_err(MemoryStoreError::Rvf)?;
let witness = if config.enable_witness {
Some(WitnessChain::create(&config.witness_path())
.map_err(MemoryStoreError::Witness)?)
} else {
None
};
Ok(Self {
store,
witness,
config,
key_index: HashMap::new(),
next_id: 1,
})
}
/// Open an existing memory store.
pub fn open(config: ClaudeFlowConfig) -> Result<Self, MemoryStoreError> {
config.validate().map_err(MemoryStoreError::Config)?;
let store = RvfStore::open(&config.store_path())
.map_err(MemoryStoreError::Rvf)?;
let witness = if config.enable_witness {
Some(WitnessChain::open_or_create(&config.witness_path())
.map_err(MemoryStoreError::Witness)?)
} else {
None
};
// Rebuild the key_index from the store status.
// Since RvfStore doesn't expose metadata iteration, we start fresh.
// Existing vectors remain searchable by embedding; key lookup is
// rebuilt as entries are re-stored.
let status = store.status();
let next_id = status.total_vectors + status.current_epoch as u64 + 1;
Ok(Self {
store,
witness,
config,
key_index: HashMap::new(),
next_id,
})
}
/// Store a memory entry with its embedding vector.
///
/// If an entry with the same key and namespace already exists, the old
/// one is soft-deleted and replaced.
pub fn store_memory(
&mut self,
key: &str,
_value: &str,
namespace: &str,
tags: &[String],
embedding: &[f32],
) -> Result<u64, MemoryStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(MemoryStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
// If key already exists in this namespace, soft-delete the old entry.
let compound_key = format!("{namespace}/{key}");
if let Some(&old_id) = self.key_index.get(&compound_key) {
self.store.delete(&[old_id]).map_err(MemoryStoreError::Rvf)?;
}
let vector_id = self.next_id;
self.next_id += 1;
// Encode tags as a comma-separated string for metadata storage.
let tags_str = tags.join(",");
let metadata = vec![
MetadataEntry { field_id: FIELD_KEY, value: MetadataValue::String(key.to_string()) },
MetadataEntry { field_id: FIELD_NAMESPACE, value: MetadataValue::String(namespace.to_string()) },
MetadataEntry { field_id: FIELD_TAGS, value: MetadataValue::String(tags_str) },
];
self.store
.ingest_batch(&[embedding], &[vector_id], Some(&metadata))
.map_err(MemoryStoreError::Rvf)?;
self.key_index.insert(compound_key, vector_id);
if let Some(ref mut w) = self.witness {
let _ = w.record_store(key, namespace);
}
Ok(vector_id)
}
/// Search memory by embedding vector, optionally filtering by namespace.
pub fn search_memory(
&mut self,
query_embedding: &[f32],
k: usize,
namespace: Option<&str>,
_threshold: Option<f32>,
) -> Result<Vec<SearchResult>, MemoryStoreError> {
if query_embedding.len() != self.config.dimension as usize {
return Err(MemoryStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: query_embedding.len(),
});
}
let filter = namespace.map(|ns| {
FilterExpr::Eq(FIELD_NAMESPACE, FilterValue::String(ns.to_string()))
});
let options = QueryOptions {
filter,
..Default::default()
};
let results = self.store.query(query_embedding, k, &options)
.map_err(MemoryStoreError::Rvf)?;
if let Some(ref mut w) = self.witness {
let ns = namespace.unwrap_or("*");
let _ = w.record_search(ns, k);
}
Ok(results)
}
/// Retrieve a memory entry by key and namespace.
///
/// Returns the vector ID if found (the entry can then be used with
/// the underlying store for further operations).
pub fn retrieve_memory(
&self,
key: &str,
namespace: &str,
) -> Option<u64> {
let compound_key = format!("{namespace}/{key}");
self.key_index.get(&compound_key).copied()
}
/// Soft-delete a memory entry by key and namespace.
pub fn delete_memory(
&mut self,
key: &str,
namespace: &str,
) -> Result<bool, MemoryStoreError> {
let compound_key = format!("{namespace}/{key}");
if let Some(vector_id) = self.key_index.remove(&compound_key) {
self.store.delete(&[vector_id]).map_err(MemoryStoreError::Rvf)?;
if let Some(ref mut w) = self.witness {
let _ = w.record_delete(key, namespace);
}
Ok(true)
} else {
Ok(false)
}
}
/// Run compaction on the underlying store.
pub fn compact(&mut self) -> Result<(), MemoryStoreError> {
self.store.compact().map_err(MemoryStoreError::Rvf)?;
if let Some(ref mut w) = self.witness {
let _ = w.record_compact();
}
Ok(())
}
/// Get the current store status.
pub fn status(&self) -> rvf_runtime::StoreStatus {
self.store.status()
}
/// Return a reference to the witness chain (if enabled).
pub fn witness(&self) -> Option<&WitnessChain> {
self.witness.as_ref()
}
/// Close the memory store, releasing locks.
pub fn close(self) -> Result<(), MemoryStoreError> {
self.store.close().map_err(MemoryStoreError::Rvf)
}
}
/// Errors from memory store operations.
#[derive(Debug)]
pub enum MemoryStoreError {
/// Underlying RVF store error.
Rvf(RvfError),
/// Witness chain error.
Witness(crate::witness::WitnessError),
/// Configuration error.
Config(crate::config::ConfigError),
/// I/O error.
Io(String),
/// Embedding dimension mismatch.
DimensionMismatch { expected: usize, got: usize },
}
impl std::fmt::Display for MemoryStoreError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF store error: {e}"),
Self::Witness(e) => write!(f, "witness error: {e}"),
Self::Config(e) => write!(f, "config error: {e}"),
Self::Io(msg) => write!(f, "I/O error: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
}
}
}
impl std::error::Error for MemoryStoreError {}
#[cfg(test)]
mod tests {
use super::*;
use std::path::Path;
use tempfile::TempDir;
fn test_config(dir: &Path) -> ClaudeFlowConfig {
ClaudeFlowConfig::new(dir, 4)
}
fn make_embedding(seed: f32) -> Vec<f32> {
vec![seed, seed * 0.5, seed * 0.25, seed * 0.125]
}
#[test]
fn create_and_store() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
let id = store.store_memory(
"key1", "value1", "default", &["tag1".into(), "tag2".into()],
&make_embedding(1.0),
).unwrap();
assert!(id > 0);
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
#[test]
fn store_and_search() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
store.store_memory("a", "val_a", "ns1", &[], &[1.0, 0.0, 0.0, 0.0]).unwrap();
store.store_memory("b", "val_b", "ns1", &[], &[0.0, 1.0, 0.0, 0.0]).unwrap();
store.store_memory("c", "val_c", "ns2", &[], &[0.0, 0.0, 1.0, 0.0]).unwrap();
// Search all namespaces
let results = store.search_memory(&[1.0, 0.0, 0.0, 0.0], 3, None, None).unwrap();
assert_eq!(results.len(), 3);
// Search filtered by namespace
let results = store.search_memory(&[1.0, 0.0, 0.0, 0.0], 3, Some("ns1"), None).unwrap();
assert_eq!(results.len(), 2);
store.close().unwrap();
}
#[test]
fn retrieve_by_key() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
let id = store.store_memory("mykey", "myval", "ns", &[], &make_embedding(2.0)).unwrap();
assert_eq!(store.retrieve_memory("mykey", "ns"), Some(id));
assert_eq!(store.retrieve_memory("missing", "ns"), None);
assert_eq!(store.retrieve_memory("mykey", "other_ns"), None);
store.close().unwrap();
}
#[test]
fn delete_memory() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
store.store_memory("k", "v", "ns", &[], &make_embedding(3.0)).unwrap();
assert!(store.delete_memory("k", "ns").unwrap());
assert!(!store.delete_memory("k", "ns").unwrap()); // already deleted
assert_eq!(store.retrieve_memory("k", "ns"), None);
store.close().unwrap();
}
#[test]
fn replace_existing_key() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
let id1 = store.store_memory("k", "v1", "ns", &[], &make_embedding(1.0)).unwrap();
let id2 = store.store_memory("k", "v2", "ns", &[], &make_embedding(2.0)).unwrap();
// New ID should be different (old was soft-deleted)
assert_ne!(id1, id2);
assert_eq!(store.retrieve_memory("k", "ns"), Some(id2));
// Only one live vector
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
#[test]
fn dimension_mismatch() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
let result = store.store_memory("k", "v", "ns", &[], &[1.0, 2.0]); // dim=2 vs config dim=4
assert!(result.is_err());
}
#[test]
fn witness_audit_trail() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
store.store_memory("a", "v", "ns", &[], &make_embedding(1.0)).unwrap();
store.search_memory(&make_embedding(1.0), 1, None, None).unwrap();
store.delete_memory("a", "ns").unwrap();
let witness = store.witness().unwrap();
assert_eq!(witness.len(), 3); // store + search + delete
assert_eq!(witness.verify().unwrap(), 3);
store.close().unwrap();
}
#[test]
fn compact_works() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = RvfMemoryStore::create(config).unwrap();
store.store_memory("a", "v", "ns", &[], &make_embedding(1.0)).unwrap();
store.store_memory("b", "v", "ns", &[], &make_embedding(2.0)).unwrap();
store.delete_memory("a", "ns").unwrap();
store.compact().unwrap();
let status = store.status();
assert_eq!(status.total_vectors, 1);
store.close().unwrap();
}
#[test]
fn no_witness_when_disabled() {
let dir = TempDir::new().unwrap();
let config = ClaudeFlowConfig::new(dir.path(), 4).with_witness(false);
let store = RvfMemoryStore::create(config).unwrap();
assert!(store.witness().is_none());
store.close().unwrap();
}
}

292
vendor/ruvector/crates/rvf/rvf-adapters/claude-flow/src/witness.rs vendored Normal file
View File

@@ -0,0 +1,292 @@
//! Audit trail using WITNESS_SEG for claude-flow memory operations.
//!
//! Wraps `rvf_crypto::witness` to provide a persistent, append-only
//! witness chain that records every memory store/delete/search action.
use std::fs::{File, OpenOptions};
use std::io::{Read, Write};
use std::path::{Path, PathBuf};
use rvf_crypto::witness::{WitnessEntry, create_witness_chain, verify_witness_chain};
use rvf_crypto::shake256_256;
/// Witness type constants for claude-flow actions.
pub const WITNESS_STORE: u8 = 0x01;
pub const WITNESS_DELETE: u8 = 0x02;
pub const WITNESS_SEARCH: u8 = 0x03;
pub const WITNESS_COMPACT: u8 = 0x04;
/// Persistent witness chain that records memory operations.
pub struct WitnessChain {
path: PathBuf,
/// Cached chain bytes (in-memory mirror of the file).
chain_data: Vec<u8>,
/// Number of entries in the chain.
entry_count: usize,
}
impl WitnessChain {
/// Create a new (empty) witness chain file at the given path.
pub fn create(path: &Path) -> Result<Self, WitnessError> {
File::create(path).map_err(|e| WitnessError::Io(e.to_string()))?;
Ok(Self {
path: path.to_path_buf(),
chain_data: Vec::new(),
entry_count: 0,
})
}
/// Open an existing witness chain file, verifying its integrity.
pub fn open(path: &Path) -> Result<Self, WitnessError> {
let mut file = File::open(path).map_err(|e| WitnessError::Io(e.to_string()))?;
let mut data = Vec::new();
file.read_to_end(&mut data).map_err(|e| WitnessError::Io(e.to_string()))?;
if data.is_empty() {
return Ok(Self {
path: path.to_path_buf(),
chain_data: Vec::new(),
entry_count: 0,
});
}
let entries = verify_witness_chain(&data)
.map_err(|_| WitnessError::ChainCorrupted)?;
Ok(Self {
path: path.to_path_buf(),
chain_data: data,
entry_count: entries.len(),
})
}
/// Open an existing chain or create a new one.
pub fn open_or_create(path: &Path) -> Result<Self, WitnessError> {
if path.exists() {
Self::open(path)
} else {
Self::create(path)
}
}
/// Record a memory store action.
pub fn record_store(&mut self, key: &str, namespace: &str) -> Result<(), WitnessError> {
let mut hasher_input = Vec::new();
hasher_input.extend_from_slice(b"store:");
hasher_input.extend_from_slice(namespace.as_bytes());
hasher_input.push(b'/');
hasher_input.extend_from_slice(key.as_bytes());
self.append_entry(&hasher_input, WITNESS_STORE)
}
/// Record a memory delete action.
pub fn record_delete(&mut self, key: &str, namespace: &str) -> Result<(), WitnessError> {
let mut hasher_input = Vec::new();
hasher_input.extend_from_slice(b"delete:");
hasher_input.extend_from_slice(namespace.as_bytes());
hasher_input.push(b'/');
hasher_input.extend_from_slice(key.as_bytes());
self.append_entry(&hasher_input, WITNESS_DELETE)
}
/// Record a search action.
pub fn record_search(&mut self, namespace: &str, k: usize) -> Result<(), WitnessError> {
let mut hasher_input = Vec::new();
hasher_input.extend_from_slice(b"search:");
hasher_input.extend_from_slice(namespace.as_bytes());
hasher_input.push(b':');
hasher_input.extend_from_slice(k.to_string().as_bytes());
self.append_entry(&hasher_input, WITNESS_SEARCH)
}
/// Record a compaction action.
pub fn record_compact(&mut self) -> Result<(), WitnessError> {
self.append_entry(b"compact", WITNESS_COMPACT)
}
/// Verify the entire chain is intact.
pub fn verify(&self) -> Result<usize, WitnessError> {
if self.chain_data.is_empty() {
return Ok(0);
}
let entries = verify_witness_chain(&self.chain_data)
.map_err(|_| WitnessError::ChainCorrupted)?;
Ok(entries.len())
}
/// Return the number of entries in the chain.
pub fn len(&self) -> usize {
self.entry_count
}
/// Return whether the chain is empty.
pub fn is_empty(&self) -> bool {
self.entry_count == 0
}
// ── Internal ──────────────────────────────────────────────────────
fn append_entry(&mut self, action_data: &[u8], witness_type: u8) -> Result<(), WitnessError> {
let action_hash = shake256_256(action_data);
let timestamp_ns = now_ns();
let entry = WitnessEntry {
prev_hash: [0u8; 32], // create_witness_chain will set this
action_hash,
timestamp_ns,
witness_type,
};
// Rebuild the entire chain with the new entry appended.
// This is correct because create_witness_chain re-links prev_hash.
let mut all_entries = if self.chain_data.is_empty() {
Vec::new()
} else {
verify_witness_chain(&self.chain_data)
.map_err(|_| WitnessError::ChainCorrupted)?
};
all_entries.push(entry);
let new_chain = create_witness_chain(&all_entries);
// Persist atomically: write to temp then rename.
let tmp_path = self.path.with_extension("bin.tmp");
{
let mut f = OpenOptions::new()
.write(true)
.create(true)
.truncate(true)
.open(&tmp_path)
.map_err(|e| WitnessError::Io(e.to_string()))?;
f.write_all(&new_chain).map_err(|e| WitnessError::Io(e.to_string()))?;
f.sync_all().map_err(|e| WitnessError::Io(e.to_string()))?;
}
std::fs::rename(&tmp_path, &self.path).map_err(|e| WitnessError::Io(e.to_string()))?;
self.chain_data = new_chain;
self.entry_count = all_entries.len();
Ok(())
}
}
/// Errors from witness chain operations.
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum WitnessError {
/// I/O error (stringified for Clone/Eq compatibility).
Io(String),
/// Chain integrity verification failed.
ChainCorrupted,
}
impl std::fmt::Display for WitnessError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Io(msg) => write!(f, "witness I/O error: {msg}"),
Self::ChainCorrupted => write!(f, "witness chain integrity check failed"),
}
}
}
impl std::error::Error for WitnessError {}
fn now_ns() -> u64 {
std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.map(|d| d.as_nanos() as u64)
.unwrap_or(0)
}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
#[test]
fn create_and_open_empty() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
let chain = WitnessChain::create(&path).unwrap();
assert_eq!(chain.len(), 0);
assert!(chain.is_empty());
let reopened = WitnessChain::open(&path).unwrap();
assert_eq!(reopened.len(), 0);
}
#[test]
fn record_and_verify() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
let mut chain = WitnessChain::create(&path).unwrap();
chain.record_store("key1", "default").unwrap();
chain.record_search("default", 5).unwrap();
chain.record_delete("key1", "default").unwrap();
assert_eq!(chain.len(), 3);
let count = chain.verify().unwrap();
assert_eq!(count, 3);
}
#[test]
fn persistence_across_reopen() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
{
let mut chain = WitnessChain::create(&path).unwrap();
chain.record_store("a", "ns").unwrap();
chain.record_store("b", "ns").unwrap();
}
let chain = WitnessChain::open(&path).unwrap();
assert_eq!(chain.len(), 2);
assert_eq!(chain.verify().unwrap(), 2);
}
#[test]
fn tampered_chain_detected() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
{
let mut chain = WitnessChain::create(&path).unwrap();
chain.record_store("x", "ns").unwrap();
chain.record_store("y", "ns").unwrap();
}
// Tamper with the file
let mut data = std::fs::read(&path).unwrap();
if data.len() > 40 {
data[40] ^= 0xFF;
}
std::fs::write(&path, &data).unwrap();
let result = WitnessChain::open(&path);
assert!(result.is_err() || result.unwrap().verify().is_err());
}
#[test]
fn open_or_create_new() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
let chain = WitnessChain::open_or_create(&path).unwrap();
assert!(chain.is_empty());
}
#[test]
fn open_or_create_existing() {
let dir = TempDir::new().unwrap();
let path = dir.path().join("witness.bin");
{
let mut chain = WitnessChain::create(&path).unwrap();
chain.record_compact().unwrap();
}
let chain = WitnessChain::open_or_create(&path).unwrap();
assert_eq!(chain.len(), 1);
}
}

18
vendor/ruvector/crates/rvf/rvf-adapters/ospipe/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,18 @@
[package]
name = "rvf-adapter-ospipe"
version = "0.1.0"
edition = "2021"
description = "OSpipe adapter for RuVector Format -- maps observation state vectors to RVF with META_SEG"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
[features]
default = ["std"]
std = []
[dependencies]
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-types = { path = "../../rvf-types", features = ["std"] }
[dev-dependencies]
tempfile = "3"

17
vendor/ruvector/crates/rvf/rvf-adapters/ospipe/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,17 @@
//! OSpipe adapter for the RuVector Format (RVF).
//!
//! Maps OSpipe's observation-state pipeline onto the RVF segment model:
//!
//! - **VEC_SEG**: State vector embeddings (screen, audio, UI observations)
//! - **META_SEG**: Observation metadata (app name, content type, timestamps)
//! - **JOURNAL_SEG**: Deletion records for expired observations
//!
//! The adapter bridges OSpipe's `StoredEmbedding` / `CapturedFrame` world
//! (UUID ids, chrono timestamps, JSON metadata) to RVF's u64-id,
//! field-based metadata model.
pub mod observation_store;
pub mod pipeline;
pub use observation_store::{ObservationMeta, RvfObservationStore};
pub use pipeline::{PipelineConfig, RvfPipelineAdapter};

636
vendor/ruvector/crates/rvf/rvf-adapters/ospipe/src/observation_store.rs vendored Normal file
View File

@@ -0,0 +1,636 @@
//! RVF-backed observation store for OSpipe state vectors.
//!
//! Maps OSpipe observation embeddings into RVF segments with metadata
//! stored via field IDs in META_SEG entries.
//!
//! # Field layout
//!
//! | field_id | type | description |
//! |----------|--------|------------------------|
//! | 0 | String | content_type |
//! | 1 | String | app_name |
//! | 2 | U64 | timestamp_secs (epoch) |
//! | 3 | U64 | monitor_id |
use std::path::PathBuf;
use rvf_runtime::filter::FilterExpr;
use rvf_runtime::options::{
DistanceMetric, MetadataEntry, MetadataValue, QueryOptions, RvfOptions,
};
use rvf_runtime::{IngestResult, RvfStore, SearchResult, StoreStatus};
use rvf_types::RvfError;
/// Well-known metadata field IDs for OSpipe observations.
pub mod fields {
/// Content type (ocr, transcription, ui_event).
pub const CONTENT_TYPE: u16 = 0;
/// Application name.
pub const APP_NAME: u16 = 1;
/// Observation timestamp as seconds since UNIX epoch.
pub const TIMESTAMP_SECS: u16 = 2;
/// Monitor index.
pub const MONITOR_ID: u16 = 3;
}
/// Metadata for an observation to be recorded.
#[derive(Clone, Debug)]
pub struct ObservationMeta {
/// Content type label (e.g. "ocr", "transcription", "ui_event").
pub content_type: String,
/// Application name, if known.
pub app_name: Option<String>,
/// Observation timestamp as seconds since UNIX epoch.
pub timestamp_secs: u64,
/// Monitor index, if applicable.
pub monitor_id: Option<u32>,
}
impl ObservationMeta {
/// Convert to RVF metadata entries for a single vector.
fn to_entries(&self) -> Vec<MetadataEntry> {
let mut entries = Vec::with_capacity(4);
entries.push(MetadataEntry {
field_id: fields::CONTENT_TYPE,
value: MetadataValue::String(self.content_type.clone()),
});
if let Some(ref app) = self.app_name {
entries.push(MetadataEntry {
field_id: fields::APP_NAME,
value: MetadataValue::String(app.clone()),
});
}
entries.push(MetadataEntry {
field_id: fields::TIMESTAMP_SECS,
value: MetadataValue::U64(self.timestamp_secs),
});
if let Some(monitor) = self.monitor_id {
entries.push(MetadataEntry {
field_id: fields::MONITOR_ID,
value: MetadataValue::U64(monitor as u64),
});
}
entries
}
}
/// Configuration for the observation store.
#[derive(Clone, Debug)]
pub struct ObservationStoreConfig {
/// Directory for RVF data files.
pub data_dir: PathBuf,
/// Vector embedding dimension.
pub dimension: u16,
/// Distance metric (defaults to Cosine for OSpipe embeddings).
pub metric: DistanceMetric,
}
impl ObservationStoreConfig {
/// Create with required parameters, using Cosine metric by default.
pub fn new(data_dir: impl Into<PathBuf>, dimension: u16) -> Self {
Self {
data_dir: data_dir.into(),
dimension,
metric: DistanceMetric::Cosine,
}
}
/// Set the distance metric.
pub fn with_metric(mut self, metric: DistanceMetric) -> Self {
self.metric = metric;
self
}
fn store_path(&self) -> PathBuf {
self.data_dir.join("observations.rvf")
}
}
/// RVF-backed observation store for OSpipe.
///
/// Wraps an `RvfStore` and provides observation-oriented APIs:
/// - `record_observation` -- ingest a state vector with metadata
/// - `query_similar_states` -- k-NN search over observation vectors
/// - `get_state_history` -- filtered query by time range
/// - `compact_history` -- reclaim dead space from deleted observations
pub struct RvfObservationStore {
store: RvfStore,
#[allow(dead_code)]
config: ObservationStoreConfig,
next_id: u64,
}
impl RvfObservationStore {
/// Create a new observation store, creating the RVF file.
pub fn create(config: ObservationStoreConfig) -> Result<Self, OspipeAdapterError> {
if config.dimension == 0 {
return Err(OspipeAdapterError::InvalidDimension);
}
std::fs::create_dir_all(&config.data_dir)
.map_err(|e| OspipeAdapterError::Io(e.to_string()))?;
let options = RvfOptions {
dimension: config.dimension,
metric: config.metric,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), options)
.map_err(OspipeAdapterError::Rvf)?;
Ok(Self {
store,
config,
next_id: 1,
})
}
/// Open an existing observation store.
pub fn open(config: ObservationStoreConfig) -> Result<Self, OspipeAdapterError> {
let store = RvfStore::open(&config.store_path())
.map_err(OspipeAdapterError::Rvf)?;
let status = store.status();
let next_id = status.total_vectors + status.current_epoch as u64 + 1;
Ok(Self {
store,
config,
next_id,
})
}
/// Open an existing store in read-only mode.
pub fn open_readonly(config: ObservationStoreConfig) -> Result<Self, OspipeAdapterError> {
let store = RvfStore::open_readonly(&config.store_path())
.map_err(OspipeAdapterError::Rvf)?;
Ok(Self {
store,
config,
next_id: 0,
})
}
/// Record a single observation with its state vector and metadata.
///
/// Returns the assigned vector ID and the ingest result.
pub fn record_observation(
&mut self,
state_vector: &[f32],
meta: &ObservationMeta,
) -> Result<(u64, IngestResult), OspipeAdapterError> {
let id = self.next_id;
self.next_id += 1;
let entries = meta.to_entries();
let result = self.store.ingest_batch(
&[state_vector],
&[id],
Some(&entries),
).map_err(OspipeAdapterError::Rvf)?;
Ok((id, result))
}
/// Record a batch of observations.
///
/// `vectors` and `metas` must have the same length.
/// Returns the assigned IDs and the ingest result.
pub fn record_batch(
&mut self,
vectors: &[&[f32]],
metas: &[ObservationMeta],
) -> Result<(Vec<u64>, IngestResult), OspipeAdapterError> {
if vectors.len() != metas.len() {
return Err(OspipeAdapterError::LengthMismatch {
vectors: vectors.len(),
metas: metas.len(),
});
}
let start_id = self.next_id;
let ids: Vec<u64> = (start_id..start_id + vectors.len() as u64).collect();
self.next_id = start_id + vectors.len() as u64;
// Flatten metadata entries: each vector gets its own entries.
// RvfStore expects entries_per_id to be uniform, so we pad to
// a consistent entry count per vector.
let entries_per_vec: Vec<Vec<MetadataEntry>> =
metas.iter().map(|m| m.to_entries()).collect();
let max_entries = entries_per_vec.iter().map(|e| e.len()).max().unwrap_or(0);
let mut flat_entries = Vec::with_capacity(vectors.len() * max_entries);
for vec_entries in &entries_per_vec {
for entry in vec_entries {
flat_entries.push(entry.clone());
}
// Pad with dummy entries so every vector has the same count.
for _ in vec_entries.len()..max_entries {
flat_entries.push(MetadataEntry {
field_id: u16::MAX,
value: MetadataValue::U64(0),
});
}
}
let result = self.store.ingest_batch(
vectors,
&ids,
if flat_entries.is_empty() { None } else { Some(&flat_entries) },
).map_err(OspipeAdapterError::Rvf)?;
Ok((ids, result))
}
/// Query for the k most similar observation states.
pub fn query_similar_states(
&self,
state_vector: &[f32],
k: usize,
) -> Result<Vec<SearchResult>, OspipeAdapterError> {
self.store
.query(state_vector, k, &QueryOptions::default())
.map_err(OspipeAdapterError::Rvf)
}
/// Query with a metadata filter expression.
pub fn query_filtered(
&self,
state_vector: &[f32],
k: usize,
filter: FilterExpr,
) -> Result<Vec<SearchResult>, OspipeAdapterError> {
let opts = QueryOptions {
filter: Some(filter),
..Default::default()
};
self.store
.query(state_vector, k, &opts)
.map_err(OspipeAdapterError::Rvf)
}
/// Query for observations within a time range.
///
/// `start_secs` and `end_secs` are UNIX epoch seconds. The query
/// vector is used for similarity ranking among the time-filtered results.
pub fn get_state_history(
&self,
state_vector: &[f32],
k: usize,
start_secs: u64,
end_secs: u64,
) -> Result<Vec<SearchResult>, OspipeAdapterError> {
use rvf_runtime::filter::FilterValue;
let filter = FilterExpr::And(vec![
FilterExpr::Ge(fields::TIMESTAMP_SECS, FilterValue::U64(start_secs)),
FilterExpr::Le(fields::TIMESTAMP_SECS, FilterValue::U64(end_secs)),
]);
self.query_filtered(state_vector, k, filter)
}
/// Run compaction to reclaim space from deleted observations.
pub fn compact_history(&mut self) -> Result<rvf_runtime::CompactionResult, OspipeAdapterError> {
self.store.compact().map_err(OspipeAdapterError::Rvf)
}
/// Delete observations by their IDs.
pub fn delete_observations(
&mut self,
ids: &[u64],
) -> Result<rvf_runtime::DeleteResult, OspipeAdapterError> {
self.store.delete(ids).map_err(OspipeAdapterError::Rvf)
}
/// Delete observations matching a filter expression.
pub fn delete_by_filter(
&mut self,
filter: &FilterExpr,
) -> Result<rvf_runtime::DeleteResult, OspipeAdapterError> {
self.store.delete_by_filter(filter).map_err(OspipeAdapterError::Rvf)
}
/// Get the current store status.
pub fn status(&self) -> StoreStatus {
self.store.status()
}
/// Close the store, releasing locks.
pub fn close(self) -> Result<(), OspipeAdapterError> {
self.store.close().map_err(OspipeAdapterError::Rvf)
}
}
/// Errors produced by the OSpipe adapter.
#[derive(Clone, Debug)]
pub enum OspipeAdapterError {
/// Underlying RVF error.
Rvf(RvfError),
/// IO error (directory creation, etc.).
Io(String),
/// Vector dimension must be > 0.
InvalidDimension,
/// Batch vectors and metadata have different lengths.
LengthMismatch { vectors: usize, metas: usize },
}
impl std::fmt::Display for OspipeAdapterError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF error: {e}"),
Self::Io(msg) => write!(f, "IO error: {msg}"),
Self::InvalidDimension => write!(f, "vector dimension must be > 0"),
Self::LengthMismatch { vectors, metas } => {
write!(f, "vectors ({vectors}) and metas ({metas}) length mismatch")
}
}
}
}
impl std::error::Error for OspipeAdapterError {}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn make_vector(dim: usize, seed: u64) -> Vec<f32> {
let mut v = Vec::with_capacity(dim);
let mut x = seed;
for _ in 0..dim {
x = x.wrapping_mul(6364136223846793005).wrapping_add(1442695040888963407);
v.push(((x >> 33) as f32) / (u32::MAX as f32) - 0.5);
}
v
}
fn now_secs() -> u64 {
std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.map(|d| d.as_secs())
.unwrap_or(0)
}
#[test]
fn create_and_record_observation() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 64);
let mut store = RvfObservationStore::create(config).unwrap();
let vec = make_vector(64, 42);
let meta = ObservationMeta {
content_type: "ocr".into(),
app_name: Some("VSCode".into()),
timestamp_secs: now_secs(),
monitor_id: Some(0),
};
let (id, result) = store.record_observation(&vec, &meta).unwrap();
assert_eq!(id, 1);
assert_eq!(result.accepted, 1);
assert_eq!(result.rejected, 0);
store.close().unwrap();
}
#[test]
fn query_similar_states() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 32);
let mut store = RvfObservationStore::create(config).unwrap();
// Insert 10 observations.
for i in 0..10u64 {
let vec = make_vector(32, i);
let meta = ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: now_secs() + i,
monitor_id: None,
};
store.record_observation(&vec, &meta).unwrap();
}
let query = make_vector(32, 5);
let results = store.query_similar_states(&query, 3).unwrap();
assert_eq!(results.len(), 3);
// Closest should be the same vector (id 6, since first id is 1).
assert_eq!(results[0].id, 6);
assert!(results[0].distance < 1e-5);
// Results are sorted by distance ascending.
for i in 1..results.len() {
assert!(results[i].distance >= results[i - 1].distance);
}
store.close().unwrap();
}
#[test]
fn get_state_history_filters_by_time() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 16);
let mut store = RvfObservationStore::create(config).unwrap();
let base_time = 1_700_000_000u64;
// Insert observations at different times.
for i in 0..5u64 {
let vec = make_vector(16, i);
let meta = ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: base_time + i * 100,
monitor_id: None,
};
store.record_observation(&vec, &meta).unwrap();
}
// Query for observations in the range [base+100, base+300].
let query = make_vector(16, 0);
let results = store
.get_state_history(&query, 10, base_time + 100, base_time + 300)
.unwrap();
// Should get ids 2, 3, 4 (timestamps base+100, base+200, base+300).
assert_eq!(results.len(), 3);
let ids: Vec<u64> = results.iter().map(|r| r.id).collect();
assert!(ids.contains(&2));
assert!(ids.contains(&3));
assert!(ids.contains(&4));
store.close().unwrap();
}
#[test]
fn record_batch_and_query() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 16);
let mut store = RvfObservationStore::create(config).unwrap();
let vecs: Vec<Vec<f32>> = (0..5).map(|i| make_vector(16, i)).collect();
let vec_refs: Vec<&[f32]> = vecs.iter().map(|v| v.as_slice()).collect();
let metas: Vec<ObservationMeta> = (0..5)
.map(|i| ObservationMeta {
content_type: if i % 2 == 0 { "ocr" } else { "transcription" }.into(),
app_name: Some("TestApp".into()),
timestamp_secs: now_secs() + i,
monitor_id: None,
})
.collect();
let (ids, result) = store.record_batch(&vec_refs, &metas).unwrap();
assert_eq!(ids.len(), 5);
assert_eq!(result.accepted, 5);
let query = make_vector(16, 2);
let results = store.query_similar_states(&query, 1).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].id, 3); // id starts at 1, so seed=2 -> id=3
store.close().unwrap();
}
#[test]
fn delete_and_compact() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 8);
let mut store = RvfObservationStore::create(config).unwrap();
// Insert 4 observations.
for i in 0..4u64 {
let vec = make_vector(8, i);
let meta = ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: now_secs(),
monitor_id: None,
};
store.record_observation(&vec, &meta).unwrap();
}
let status = store.status();
assert_eq!(status.total_vectors, 4);
// Delete 2 observations.
let del = store.delete_observations(&[1, 3]).unwrap();
assert_eq!(del.deleted, 2);
let status = store.status();
assert_eq!(status.total_vectors, 2);
// Compact.
let compact = store.compact_history().unwrap();
assert_eq!(compact.segments_compacted, 2);
// Verify remaining vectors are queryable.
let query = make_vector(8, 1); // seed=1 -> was id=2
let results = store.query_similar_states(&query, 10).unwrap();
assert_eq!(results.len(), 2);
let ids: Vec<u64> = results.iter().map(|r| r.id).collect();
assert!(ids.contains(&2));
assert!(ids.contains(&4));
store.close().unwrap();
}
#[test]
fn open_existing_store() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 16);
// Create and populate.
{
let mut store = RvfObservationStore::create(config.clone()).unwrap();
let vec = make_vector(16, 99);
let meta = ObservationMeta {
content_type: "transcription".into(),
app_name: Some("Zoom".into()),
timestamp_secs: now_secs(),
monitor_id: None,
};
store.record_observation(&vec, &meta).unwrap();
store.close().unwrap();
}
// Reopen.
{
let store = RvfObservationStore::open(config).unwrap();
let query = make_vector(16, 99);
let results = store.query_similar_states(&query, 1).unwrap();
assert_eq!(results.len(), 1);
assert!(results[0].distance < 1e-5);
store.close().unwrap();
}
}
#[test]
fn readonly_mode() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 8);
{
let mut store = RvfObservationStore::create(config.clone()).unwrap();
let vec = make_vector(8, 0);
let meta = ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: now_secs(),
monitor_id: None,
};
store.record_observation(&vec, &meta).unwrap();
store.close().unwrap();
}
let store = RvfObservationStore::open_readonly(config).unwrap();
let status = store.status();
assert!(status.read_only);
assert_eq!(status.total_vectors, 1);
}
#[test]
fn invalid_dimension_rejected() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 0);
let result = RvfObservationStore::create(config);
assert!(result.is_err());
}
#[test]
fn batch_length_mismatch_rejected() {
let dir = TempDir::new().unwrap();
let config = ObservationStoreConfig::new(dir.path(), 8);
let mut store = RvfObservationStore::create(config).unwrap();
let vecs = [make_vector(8, 0)];
let vec_refs: Vec<&[f32]> = vecs.iter().map(|v| v.as_slice()).collect();
let metas = vec![
ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: 0,
monitor_id: None,
},
ObservationMeta {
content_type: "ocr".into(),
app_name: None,
timestamp_secs: 0,
monitor_id: None,
},
];
let result = store.record_batch(&vec_refs, &metas);
assert!(result.is_err());
store.close().unwrap();
}
}

267
vendor/ruvector/crates/rvf/rvf-adapters/ospipe/src/pipeline.rs vendored Normal file
View File

@@ -0,0 +1,267 @@
//! Pipeline integration helpers for OSpipe.
//!
//! Provides [`RvfPipelineAdapter`] which wraps [`RvfObservationStore`] and
//! exposes a simplified interface for OSpipe's ingestion pipeline to push
//! captured frames directly into the RVF store.
use std::path::PathBuf;
use rvf_runtime::options::DistanceMetric;
use crate::observation_store::{
ObservationMeta, ObservationStoreConfig, OspipeAdapterError, RvfObservationStore,
};
/// Configuration for the pipeline adapter.
#[derive(Clone, Debug)]
pub struct PipelineConfig {
/// Directory for RVF data files.
pub data_dir: PathBuf,
/// Vector embedding dimension.
pub dimension: u16,
/// Distance metric for similarity search.
pub metric: DistanceMetric,
/// Automatically compact when dead-space ratio exceeds this threshold.
pub auto_compact_threshold: f64,
}
impl PipelineConfig {
/// Create a new pipeline config with required parameters.
pub fn new(data_dir: impl Into<PathBuf>, dimension: u16) -> Self {
Self {
data_dir: data_dir.into(),
dimension,
metric: DistanceMetric::Cosine,
auto_compact_threshold: 0.3,
}
}
}
/// High-level adapter that OSpipe's ingestion pipeline can use to persist
/// observation vectors into an RVF store.
///
/// Handles store lifecycle, auto-compaction, and provides convenience
/// methods that accept OSpipe-domain types directly.
pub struct RvfPipelineAdapter {
store: RvfObservationStore,
config: PipelineConfig,
ingest_count: u64,
}
impl RvfPipelineAdapter {
/// Create a new pipeline adapter, creating the underlying RVF file.
pub fn create(config: PipelineConfig) -> Result<Self, OspipeAdapterError> {
let store_config = ObservationStoreConfig {
data_dir: config.data_dir.clone(),
dimension: config.dimension,
metric: config.metric,
};
let store = RvfObservationStore::create(store_config)?;
Ok(Self {
store,
config,
ingest_count: 0,
})
}
/// Open an existing pipeline adapter.
pub fn open(config: PipelineConfig) -> Result<Self, OspipeAdapterError> {
let store_config = ObservationStoreConfig {
data_dir: config.data_dir.clone(),
dimension: config.dimension,
metric: config.metric,
};
let store = RvfObservationStore::open(store_config)?;
Ok(Self {
store,
config,
ingest_count: 0,
})
}
/// Ingest a single observation from the pipeline.
///
/// This is the primary entry point for OSpipe's ingestion pipeline.
/// After ingestion, may trigger auto-compaction if the dead-space
/// ratio exceeds the configured threshold.
pub fn ingest(
&mut self,
embedding: &[f32],
content_type: &str,
app_name: Option<&str>,
timestamp_secs: u64,
monitor_id: Option<u32>,
) -> Result<u64, OspipeAdapterError> {
let meta = ObservationMeta {
content_type: content_type.to_string(),
app_name: app_name.map(|s| s.to_string()),
timestamp_secs,
monitor_id,
};
let (id, _result) = self.store.record_observation(embedding, &meta)?;
self.ingest_count += 1;
self.maybe_compact()?;
Ok(id)
}
/// Search for similar observations.
pub fn search(
&self,
query: &[f32],
k: usize,
) -> Result<Vec<rvf_runtime::SearchResult>, OspipeAdapterError> {
self.store.query_similar_states(query, k)
}
/// Search for observations within a time window.
pub fn search_time_range(
&self,
query: &[f32],
k: usize,
start_secs: u64,
end_secs: u64,
) -> Result<Vec<rvf_runtime::SearchResult>, OspipeAdapterError> {
self.store.get_state_history(query, k, start_secs, end_secs)
}
/// Expire observations older than the given timestamp.
///
/// Scans for observations with timestamps before `before_secs` and
/// soft-deletes them. Returns the number of observations deleted.
pub fn expire_before(
&mut self,
before_secs: u64,
) -> Result<u64, OspipeAdapterError> {
use rvf_runtime::filter::{FilterExpr, FilterValue};
let filter = FilterExpr::Lt(
crate::observation_store::fields::TIMESTAMP_SECS,
FilterValue::U64(before_secs),
);
let result = self.store.delete_by_filter(&filter)?;
Ok(result.deleted)
}
/// Force a compaction cycle.
pub fn compact(&mut self) -> Result<rvf_runtime::CompactionResult, OspipeAdapterError> {
self.store.compact_history()
}
/// Get the total number of live observations.
pub fn observation_count(&self) -> u64 {
self.store.status().total_vectors
}
/// Close the adapter and release resources.
pub fn close(self) -> Result<(), OspipeAdapterError> {
self.store.close()
}
/// Check if auto-compaction should run, and run it if so.
fn maybe_compact(&mut self) -> Result<(), OspipeAdapterError> {
let status = self.store.status();
if status.dead_space_ratio > self.config.auto_compact_threshold {
self.store.compact_history()?;
}
Ok(())
}
}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn make_vector(dim: usize, seed: u64) -> Vec<f32> {
let mut v = Vec::with_capacity(dim);
let mut x = seed;
for _ in 0..dim {
x = x.wrapping_mul(6364136223846793005).wrapping_add(1442695040888963407);
v.push(((x >> 33) as f32) / (u32::MAX as f32) - 0.5);
}
v
}
fn now_secs() -> u64 {
std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.map(|d| d.as_secs())
.unwrap_or(0)
}
#[test]
fn pipeline_ingest_and_search() {
let dir = TempDir::new().unwrap();
let config = PipelineConfig::new(dir.path(), 32);
let mut adapter = RvfPipelineAdapter::create(config).unwrap();
let ts = now_secs();
for i in 0..5u64 {
let vec = make_vector(32, i);
adapter
.ingest(&vec, "ocr", Some("VSCode"), ts + i, Some(0))
.unwrap();
}
assert_eq!(adapter.observation_count(), 5);
let query = make_vector(32, 2);
let results = adapter.search(&query, 2).unwrap();
assert_eq!(results.len(), 2);
assert_eq!(results[0].id, 3); // seed=2 -> id=3 (1-indexed)
adapter.close().unwrap();
}
#[test]
fn pipeline_time_range_search() {
let dir = TempDir::new().unwrap();
let config = PipelineConfig::new(dir.path(), 16);
let mut adapter = RvfPipelineAdapter::create(config).unwrap();
let base = 1_700_000_000u64;
for i in 0..4u64 {
let vec = make_vector(16, i);
adapter
.ingest(&vec, "transcription", None, base + i * 3600, None)
.unwrap();
}
let query = make_vector(16, 0);
let results = adapter
.search_time_range(&query, 10, base + 3600, base + 7200)
.unwrap();
// Should get observations at base+3600 (id=2) and base+7200 (id=3).
assert_eq!(results.len(), 2);
}
#[test]
fn pipeline_open_existing() {
let dir = TempDir::new().unwrap();
let config = PipelineConfig::new(dir.path(), 16);
{
let mut adapter = RvfPipelineAdapter::create(config.clone()).unwrap();
let vec = make_vector(16, 0);
adapter.ingest(&vec, "ocr", None, now_secs(), None).unwrap();
adapter.close().unwrap();
}
{
let adapter = RvfPipelineAdapter::open(config).unwrap();
assert_eq!(adapter.observation_count(), 1);
adapter.close().unwrap();
}
}
}

19
vendor/ruvector/crates/rvf/rvf-adapters/rvlite/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,19 @@
[package]
name = "rvf-adapter-rvlite"
version = "0.1.0"
edition = "2021"
description = "Lightweight embedded vector store adapter for RuVector Format -- minimal API over RVF Core Profile"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
rust-version = "1.87"
[features]
default = ["std"]
std = []
[dependencies]
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-types = { path = "../../rvf-types", features = ["std"] }
[dev-dependencies]
tempfile = "3"

484
vendor/ruvector/crates/rvf/rvf-adapters/rvlite/src/collection.rs vendored Normal file
View File

@@ -0,0 +1,484 @@
//! The main rvlite collection API.
//!
//! [`RvliteCollection`] provides a minimal, ergonomic interface for
//! embedded vector storage. No metadata, no filters, no namespaces --
//! just vectors with IDs.
use std::path::Path;
use rvf_runtime::options::{QueryOptions, RvfOptions};
use rvf_runtime::store::RvfStore;
use crate::config::RvliteConfig;
use crate::error::{Result, RvliteError};
/// A single search result: vector ID and distance from the query.
#[derive(Clone, Debug, PartialEq)]
pub struct Match {
/// The vector's unique identifier.
pub id: u64,
/// Distance from the query vector (lower = more similar).
pub distance: f32,
}
/// Statistics returned by the [`RvliteCollection::compact`] operation.
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct CompactStats {
/// Number of segments that were compacted.
pub segments_compacted: u32,
/// Total bytes of dead space reclaimed.
pub bytes_reclaimed: u64,
}
/// A lightweight embedded vector collection wrapping [`RvfStore`].
pub struct RvliteCollection {
store: RvfStore,
dimension: u16,
}
impl RvliteCollection {
/// Create a new collection at the configured path (file must not exist).
pub fn create(config: RvliteConfig) -> Result<Self> {
let options = RvfOptions {
dimension: config.dimension,
metric: config.metric.into(),
profile: 1, // Core profile
..Default::default()
};
let store = RvfStore::create(&config.path, options)?;
Ok(Self {
store,
dimension: config.dimension,
})
}
/// Open an existing collection (file must exist with a valid RVF manifest).
pub fn open(path: impl AsRef<Path>) -> Result<Self> {
let store = RvfStore::open(path.as_ref())?;
// The dimension is stored in the manifest and recovered on boot,
// so we query it via a probe against the store.
let dim = Self::probe_dimension(&store);
Ok(Self {
store,
dimension: dim,
})
}
/// Add a single vector with the given ID. Errors on dimension mismatch.
pub fn add(&mut self, id: u64, vector: &[f32]) -> Result<()> {
self.check_dimension(vector.len())?;
self.store.ingest_batch(&[vector], &[id], None)?;
Ok(())
}
/// Add multiple vectors in a single batch. Returns count added.
pub fn add_batch(&mut self, ids: &[u64], vectors: &[&[f32]]) -> Result<usize> {
if ids.len() != vectors.len() {
return Err(RvliteError::Io(
"ids and vectors must have the same length".into(),
));
}
let result = self.store.ingest_batch(vectors, ids, None)?;
Ok(result.accepted as usize)
}
/// Find the `k` nearest neighbors, sorted by distance (closest first).
pub fn search(&self, vector: &[f32], k: usize) -> Vec<Match> {
if vector.len() != self.dimension as usize {
return Vec::new();
}
let query_opts = QueryOptions::default();
match self.store.query(vector, k, &query_opts) {
Ok(results) => results
.into_iter()
.map(|r| Match {
id: r.id,
distance: r.distance,
})
.collect(),
Err(_) => Vec::new(),
}
}
/// Remove a single vector by ID. Returns whether it existed.
pub fn remove(&mut self, id: u64) -> Result<bool> {
let result = self.store.delete(&[id])?;
Ok(result.deleted > 0)
}
/// Remove multiple vectors by ID. Returns count actually removed.
pub fn remove_batch(&mut self, ids: &[u64]) -> Result<usize> {
let result = self.store.delete(ids)?;
Ok(result.deleted as usize)
}
/// Check whether a vector with the given ID exists (soft-deleted = absent).
pub fn contains(&self, id: u64) -> bool {
let total = self.store.status().total_vectors as usize;
if total == 0 {
return false;
}
// Brute-force scan via query; acceptable for rvlite's small collections.
let zero_vec = vec![0.0f32; self.dimension as usize];
match self.store.query(&zero_vec, total, &QueryOptions::default()) {
Ok(results) => results.iter().any(|r| r.id == id),
Err(_) => false,
}
}
/// Return the number of live (non-deleted) vectors in the collection.
pub fn len(&self) -> usize {
self.store.status().total_vectors as usize
}
/// Return `true` if the collection has no live vectors.
pub fn is_empty(&self) -> bool {
self.len() == 0
}
/// Compact the collection, reclaiming space from deleted vectors.
pub fn compact(&mut self) -> Result<CompactStats> {
let result = self.store.compact()?;
Ok(CompactStats {
segments_compacted: result.segments_compacted,
bytes_reclaimed: result.bytes_reclaimed,
})
}
/// Flush all pending writes and close the collection, consuming the handle.
pub fn close(self) -> Result<()> {
self.store.close()?;
Ok(())
}
/// Return the configured vector dimension.
pub fn dimension(&self) -> u16 {
self.dimension
}
// ---- Internal helpers ------------------------------------------------
/// Validate that a vector length matches the collection dimension.
fn check_dimension(&self, len: usize) -> Result<()> {
if len != self.dimension as usize {
return Err(RvliteError::DimensionMismatch {
expected: self.dimension,
got: len,
});
}
Ok(())
}
/// Probe the dimension of an opened store by trying queries with
/// increasing dimensions until one succeeds.
///
/// RvfStore stores the dimension internally but does not expose it
/// directly. When there are vectors present, a query with the wrong
/// dimension returns `DimensionMismatch`, so we try dimensions
/// 1..=4096 until one succeeds. For empty stores we return 0 as a
/// sentinel.
fn probe_dimension(store: &RvfStore) -> u16 {
if store.status().total_vectors == 0 {
return 0;
}
let opts = QueryOptions::default();
for dim in 1u16..=4096 {
let probe = vec![0.0f32; dim as usize];
if store.query(&probe, 1, &opts).is_ok() {
return dim;
}
}
0
}
}
#[cfg(test)]
mod tests {
use super::*;
use crate::config::{RvliteConfig, RvliteMetric};
use tempfile::TempDir;
fn temp_path(dir: &TempDir, name: &str) -> std::path::PathBuf {
dir.path().join(name)
}
#[test]
fn create_add_search() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "basic.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
assert!(col.is_empty());
assert_eq!(col.len(), 0);
col.add(1, &[1.0, 0.0, 0.0, 0.0]).unwrap();
col.add(2, &[0.0, 1.0, 0.0, 0.0]).unwrap();
col.add(3, &[0.0, 0.0, 1.0, 0.0]).unwrap();
assert_eq!(col.len(), 3);
assert!(!col.is_empty());
let results = col.search(&[1.0, 0.0, 0.0, 0.0], 2);
assert_eq!(results.len(), 2);
assert_eq!(results[0].id, 1);
assert!(results[0].distance < f32::EPSILON);
col.close().unwrap();
}
#[test]
fn batch_add_and_search() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "batch.rvf"), 3).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
let ids = vec![10, 20, 30];
let v1 = [1.0, 0.0, 0.0];
let v2 = [0.0, 1.0, 0.0];
let v3 = [0.0, 0.0, 1.0];
let vecs: Vec<&[f32]> = vec![&v1, &v2, &v3];
let count = col.add_batch(&ids, &vecs).unwrap();
assert_eq!(count, 3);
assert_eq!(col.len(), 3);
let results = col.search(&[0.0, 1.0, 0.0], 1);
assert_eq!(results.len(), 1);
assert_eq!(results[0].id, 20);
col.close().unwrap();
}
#[test]
fn remove_and_verify() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "remove.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
col.add(1, &[1.0, 0.0, 0.0, 0.0]).unwrap();
col.add(2, &[0.0, 1.0, 0.0, 0.0]).unwrap();
col.add(3, &[0.0, 0.0, 1.0, 0.0]).unwrap();
assert_eq!(col.len(), 3);
assert!(col.contains(2));
let removed = col.remove(2).unwrap();
assert!(removed);
assert_eq!(col.len(), 2);
assert!(!col.contains(2));
// Removing again returns false
let removed_again = col.remove(2).unwrap();
assert!(!removed_again);
col.close().unwrap();
}
#[test]
fn remove_batch_and_verify() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "rm_batch.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
for i in 0..5u64 {
col.add(i, &[i as f32, 0.0, 0.0, 0.0]).unwrap();
}
let count = col.remove_batch(&[1, 3, 99]).unwrap();
// 99 never existed, so only 2 are removed
assert_eq!(count, 2);
assert_eq!(col.len(), 3);
col.close().unwrap();
}
#[test]
fn dimension_mismatch_error() {
let dir = TempDir::new().unwrap();
let config = RvliteConfig::new(temp_path(&dir, "dim.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
// Wrong dimension: 3 instead of 4
let result = col.add(1, &[1.0, 0.0, 0.0]);
assert!(result.is_err());
match result.unwrap_err() {
RvliteError::DimensionMismatch { expected, got } => {
assert_eq!(expected, 4);
assert_eq!(got, 3);
}
other => panic!("expected DimensionMismatch, got: {other}"),
}
col.close().unwrap();
}
#[test]
fn empty_collection_edge_cases() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "empty.rvf"), 4).with_metric(RvliteMetric::L2);
let col = RvliteCollection::create(config).unwrap();
assert!(col.is_empty());
assert_eq!(col.len(), 0);
assert!(!col.contains(1));
let results = col.search(&[1.0, 0.0, 0.0, 0.0], 10);
assert!(results.is_empty());
col.close().unwrap();
}
#[test]
fn search_returns_empty_on_wrong_dimension() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "dim_search.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
col.add(1, &[1.0, 0.0, 0.0, 0.0]).unwrap();
// Search with wrong dimension returns empty (graceful degradation)
let results = col.search(&[1.0, 0.0], 10);
assert!(results.is_empty());
col.close().unwrap();
}
#[test]
fn open_existing_collection() {
let dir = TempDir::new().unwrap();
let path = temp_path(&dir, "reopen.rvf");
let config = RvliteConfig::new(path.clone(), 4).with_metric(RvliteMetric::L2);
{
let mut col = RvliteCollection::create(config).unwrap();
col.add(1, &[1.0, 0.0, 0.0, 0.0]).unwrap();
col.add(2, &[0.0, 1.0, 0.0, 0.0]).unwrap();
col.close().unwrap();
}
{
let col = RvliteCollection::open(&path).unwrap();
assert_eq!(col.len(), 2);
assert_eq!(col.dimension(), 4);
let results = col.search(&[1.0, 0.0, 0.0, 0.0], 2);
assert_eq!(results.len(), 2);
assert_eq!(results[0].id, 1);
col.close().unwrap();
}
}
#[test]
fn compact_and_verify() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "compact.rvf"), 4).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
for i in 0..10u64 {
col.add(i, &[i as f32, 0.0, 0.0, 0.0]).unwrap();
}
col.remove_batch(&[0, 2, 4, 6, 8]).unwrap();
assert_eq!(col.len(), 5);
let stats = col.compact().unwrap();
assert_eq!(stats.segments_compacted, 5);
assert!(stats.bytes_reclaimed > 0);
// Verify remaining vectors are intact after compaction
assert_eq!(col.len(), 5);
assert!(col.contains(1));
assert!(col.contains(3));
assert!(!col.contains(0));
col.close().unwrap();
}
#[test]
fn len_is_empty_contains() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "accessors.rvf"), 2).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
assert_eq!(col.len(), 0);
assert!(col.is_empty());
assert!(!col.contains(42));
col.add(42, &[1.0, 2.0]).unwrap();
assert_eq!(col.len(), 1);
assert!(!col.is_empty());
assert!(col.contains(42));
assert!(!col.contains(99));
col.close().unwrap();
}
#[test]
fn cosine_metric() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "cosine.rvf"), 3).with_metric(RvliteMetric::Cosine);
let mut col = RvliteCollection::create(config).unwrap();
col.add(1, &[1.0, 0.0, 0.0]).unwrap();
col.add(2, &[0.0, 1.0, 0.0]).unwrap();
col.add(3, &[1.0, 1.0, 0.0]).unwrap();
// Query for [1, 0, 0] -- id=1 should be closest (exact match)
let results = col.search(&[1.0, 0.0, 0.0], 3);
assert_eq!(results.len(), 3);
assert_eq!(results[0].id, 1);
assert!(results[0].distance < f32::EPSILON);
col.close().unwrap();
}
#[test]
fn dimension_accessor() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "dim_acc.rvf"), 256).with_metric(RvliteMetric::L2);
let col = RvliteCollection::create(config).unwrap();
assert_eq!(col.dimension(), 256);
col.close().unwrap();
}
#[test]
fn batch_length_mismatch() {
let dir = TempDir::new().unwrap();
let config =
RvliteConfig::new(temp_path(&dir, "mismatch.rvf"), 2).with_metric(RvliteMetric::L2);
let mut col = RvliteCollection::create(config).unwrap();
let ids = vec![1, 2, 3];
let v1 = [1.0, 0.0];
let v2 = [0.0, 1.0];
let vecs: Vec<&[f32]> = vec![&v1, &v2]; // 2 vectors but 3 ids
let result = col.add_batch(&ids, &vecs);
assert!(result.is_err());
col.close().unwrap();
}
}

111
vendor/ruvector/crates/rvf/rvf-adapters/rvlite/src/config.rs vendored Normal file
View File

@@ -0,0 +1,111 @@
//! Configuration for rvlite collections.
//!
//! Provides [`RvliteConfig`] with sensible defaults for lightweight,
//! resource-constrained environments.
use std::path::PathBuf;
use rvf_runtime::options::DistanceMetric;
/// Distance metric for rvlite similarity search.
///
/// Maps directly to the underlying `DistanceMetric` in rvf-runtime.
#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
pub enum RvliteMetric {
/// Squared Euclidean distance.
L2,
/// Cosine distance (1 - cosine_similarity).
#[default]
Cosine,
/// Inner (dot) product distance (negated).
InnerProduct,
}
impl From<RvliteMetric> for DistanceMetric {
fn from(m: RvliteMetric) -> Self {
match m {
RvliteMetric::L2 => DistanceMetric::L2,
RvliteMetric::Cosine => DistanceMetric::Cosine,
RvliteMetric::InnerProduct => DistanceMetric::InnerProduct,
}
}
}
/// Configuration for creating a new rvlite collection.
#[derive(Clone, Debug)]
pub struct RvliteConfig {
/// File path for the RVF file.
pub path: PathBuf,
/// Vector dimensionality (required, must be > 0).
pub dimension: u16,
/// Distance metric for similarity search.
pub metric: RvliteMetric,
/// Optional capacity hint for pre-allocation.
pub max_elements: Option<usize>,
}
impl RvliteConfig {
/// Create a new config with the required fields and sensible defaults.
///
/// The metric defaults to `Cosine` and `max_elements` is `None`.
pub fn new(path: impl Into<PathBuf>, dimension: u16) -> Self {
Self {
path: path.into(),
dimension,
metric: RvliteMetric::default(),
max_elements: None,
}
}
/// Set the distance metric.
pub fn with_metric(mut self, metric: RvliteMetric) -> Self {
self.metric = metric;
self
}
/// Set the capacity hint.
pub fn with_max_elements(mut self, max: usize) -> Self {
self.max_elements = Some(max);
self
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn default_metric_is_cosine() {
assert_eq!(RvliteMetric::default(), RvliteMetric::Cosine);
}
#[test]
fn config_new_defaults() {
let cfg = RvliteConfig::new("/tmp/test.rvf", 128);
assert_eq!(cfg.dimension, 128);
assert_eq!(cfg.metric, RvliteMetric::Cosine);
assert!(cfg.max_elements.is_none());
}
#[test]
fn config_builder_methods() {
let cfg = RvliteConfig::new("/tmp/test.rvf", 64)
.with_metric(RvliteMetric::L2)
.with_max_elements(1000);
assert_eq!(cfg.metric, RvliteMetric::L2);
assert_eq!(cfg.max_elements, Some(1000));
}
#[test]
fn metric_conversion() {
assert_eq!(DistanceMetric::from(RvliteMetric::L2), DistanceMetric::L2);
assert_eq!(
DistanceMetric::from(RvliteMetric::Cosine),
DistanceMetric::Cosine
);
assert_eq!(
DistanceMetric::from(RvliteMetric::InnerProduct),
DistanceMetric::InnerProduct
);
}
}

99
vendor/ruvector/crates/rvf/rvf-adapters/rvlite/src/error.rs vendored Normal file
View File

@@ -0,0 +1,99 @@
//! Error types for the rvlite adapter.
//!
//! Provides a lightweight error enum that wraps `RvfError` and I/O errors,
//! plus a dimension-mismatch variant for early validation.
use core::fmt;
use rvf_types::RvfError;
/// Errors that can occur in rvlite operations.
#[derive(Debug)]
pub enum RvliteError {
/// An error originating from the RVF runtime or types layer.
Rvf(RvfError),
/// An I/O error described by a message string.
Io(String),
/// The supplied vector has the wrong number of dimensions.
DimensionMismatch {
/// The dimension the collection was created with.
expected: u16,
/// The dimension of the vector that was supplied.
got: usize,
},
}
impl fmt::Display for RvliteError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Self::Rvf(e) => write!(f, "rvf: {e}"),
Self::Io(msg) => write!(f, "io: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
}
}
}
impl From<RvfError> for RvliteError {
fn from(e: RvfError) -> Self {
Self::Rvf(e)
}
}
impl From<std::io::Error> for RvliteError {
fn from(e: std::io::Error) -> Self {
Self::Io(e.to_string())
}
}
/// Convenience alias used throughout the rvlite crate.
pub type Result<T> = std::result::Result<T, RvliteError>;
#[cfg(test)]
mod tests {
use super::*;
use rvf_types::ErrorCode;
#[test]
fn display_rvf_variant() {
let err = RvliteError::Rvf(RvfError::Code(ErrorCode::DimensionMismatch));
let msg = format!("{err}");
assert!(msg.contains("rvf:"));
}
#[test]
fn display_io_variant() {
let err = RvliteError::Io("file not found".into());
let msg = format!("{err}");
assert!(msg.contains("io: file not found"));
}
#[test]
fn display_dimension_mismatch() {
let err = RvliteError::DimensionMismatch {
expected: 128,
got: 64,
};
let msg = format!("{err}");
assert!(msg.contains("expected 128"));
assert!(msg.contains("got 64"));
}
#[test]
fn from_rvf_error() {
let rvf = RvfError::Code(ErrorCode::FsyncFailed);
let err: RvliteError = rvf.into();
matches!(err, RvliteError::Rvf(_));
}
#[test]
fn from_io_error() {
let io_err = std::io::Error::new(std::io::ErrorKind::NotFound, "gone");
let err: RvliteError = io_err.into();
match err {
RvliteError::Io(msg) => assert!(msg.contains("gone")),
_ => panic!("expected Io variant"),
}
}
}

41
vendor/ruvector/crates/rvf/rvf-adapters/rvlite/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,41 @@
//! Lightweight embedded vector store adapter for the RuVector Format (RVF).
//!
//! **rvlite** provides a minimal, ergonomic API for embedded vector storage
//! using the RVF Core Profile. It is designed for resource-constrained
//! environments (WASM, edge, embedded) where a full-featured vector
//! database is unnecessary.
//!
//! # Design philosophy
//!
//! - **Simple**: No metadata, no filters, no namespaces. Just vectors with IDs.
//! - **Small**: Minimal dependency surface; only `rvf-runtime` and `rvf-types`.
//! - **Safe**: Dimension validation, proper error handling, no panics.
//!
//! # Quick start
//!
//! ```no_run
//! use rvf_adapter_rvlite::{RvliteCollection, RvliteConfig, RvliteMetric};
//!
//! let config = RvliteConfig::new("/tmp/my_vectors.rvf", 128)
//! .with_metric(RvliteMetric::Cosine);
//!
//! let mut col = RvliteCollection::create(config).unwrap();
//!
//! col.add(1, &vec![0.1; 128]).unwrap();
//! col.add(2, &vec![0.2; 128]).unwrap();
//!
//! let results = col.search(&vec![0.1; 128], 5);
//! for m in &results {
//! println!("id={} distance={:.4}", m.id, m.distance);
//! }
//!
//! col.close().unwrap();
//! ```
pub mod collection;
pub mod config;
pub mod error;
pub use collection::{CompactStats, Match, RvliteCollection};
pub use config::{RvliteConfig, RvliteMetric};
pub use error::{Result, RvliteError};

19
vendor/ruvector/crates/rvf/rvf-adapters/sona/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,19 @@
[package]
name = "rvf-adapter-sona"
version = "0.1.0"
edition = "2021"
description = "SONA adapter for RuVector Format -- stores learning trajectories, neural patterns, and experience replay buffers as RVF segments"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
rust-version = "1.87"
[features]
default = ["std"]
std = []
[dependencies]
rvf-runtime = { path = "../../rvf-runtime", features = ["std"] }
rvf-types = { path = "../../rvf-types", features = ["std"] }
[dev-dependencies]
tempfile = "3"

142
vendor/ruvector/crates/rvf/rvf-adapters/sona/src/config.rs vendored Normal file
View File

@@ -0,0 +1,142 @@
//! Configuration for the SONA adapter.
use std::path::PathBuf;
/// Configuration for the RVF-backed SONA stores.
#[derive(Clone, Debug)]
pub struct SonaConfig {
/// Directory where RVF data files are stored.
pub data_dir: PathBuf,
/// Vector embedding dimension (must match SONA's embedding size).
pub dimension: u16,
/// Maximum number of experiences in the replay buffer.
pub replay_capacity: usize,
/// Number of recent trajectory steps to retain in the window.
pub trajectory_window: usize,
}
impl SonaConfig {
/// Create a new configuration with required parameters and sensible defaults.
pub fn new(data_dir: impl Into<PathBuf>, dimension: u16) -> Self {
Self {
data_dir: data_dir.into(),
dimension,
replay_capacity: 10_000,
trajectory_window: 100,
}
}
/// Set the replay buffer capacity.
pub fn with_replay_capacity(mut self, capacity: usize) -> Self {
self.replay_capacity = capacity;
self
}
/// Set the trajectory window size.
pub fn with_trajectory_window(mut self, window: usize) -> Self {
self.trajectory_window = window;
self
}
/// Return the path to the shared RVF store file.
pub fn store_path(&self) -> PathBuf {
self.data_dir.join("sona.rvf")
}
/// Ensure the data directory exists.
pub fn ensure_dirs(&self) -> std::io::Result<()> {
std::fs::create_dir_all(&self.data_dir)
}
/// Validate the configuration.
pub fn validate(&self) -> Result<(), ConfigError> {
if self.dimension == 0 {
return Err(ConfigError::InvalidDimension);
}
if self.replay_capacity == 0 {
return Err(ConfigError::InvalidReplayCapacity);
}
if self.trajectory_window == 0 {
return Err(ConfigError::InvalidTrajectoryWindow);
}
Ok(())
}
}
/// Errors specific to adapter configuration.
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum ConfigError {
/// Dimension must be > 0.
InvalidDimension,
/// Replay capacity must be > 0.
InvalidReplayCapacity,
/// Trajectory window must be > 0.
InvalidTrajectoryWindow,
}
impl std::fmt::Display for ConfigError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::InvalidDimension => write!(f, "vector dimension must be > 0"),
Self::InvalidReplayCapacity => write!(f, "replay capacity must be > 0"),
Self::InvalidTrajectoryWindow => write!(f, "trajectory window must be > 0"),
}
}
}
impl std::error::Error for ConfigError {}
#[cfg(test)]
mod tests {
use super::*;
use std::path::Path;
#[test]
fn config_defaults() {
let cfg = SonaConfig::new("/tmp/test", 256);
assert_eq!(cfg.dimension, 256);
assert_eq!(cfg.replay_capacity, 10_000);
assert_eq!(cfg.trajectory_window, 100);
}
#[test]
fn config_store_path() {
let cfg = SonaConfig::new("/data/sona", 128);
assert_eq!(cfg.store_path(), Path::new("/data/sona/sona.rvf"));
}
#[test]
fn validate_zero_dimension() {
let cfg = SonaConfig::new("/tmp", 0);
assert_eq!(cfg.validate(), Err(ConfigError::InvalidDimension));
}
#[test]
fn validate_zero_replay_capacity() {
let mut cfg = SonaConfig::new("/tmp", 64);
cfg.replay_capacity = 0;
assert_eq!(cfg.validate(), Err(ConfigError::InvalidReplayCapacity));
}
#[test]
fn validate_zero_trajectory_window() {
let mut cfg = SonaConfig::new("/tmp", 64);
cfg.trajectory_window = 0;
assert_eq!(cfg.validate(), Err(ConfigError::InvalidTrajectoryWindow));
}
#[test]
fn validate_ok() {
let cfg = SonaConfig::new("/tmp", 64);
assert!(cfg.validate().is_ok());
}
#[test]
fn builder_methods() {
let cfg = SonaConfig::new("/tmp", 256)
.with_replay_capacity(5000)
.with_trajectory_window(50);
assert_eq!(cfg.replay_capacity, 5000);
assert_eq!(cfg.trajectory_window, 50);
}
}

397
vendor/ruvector/crates/rvf/rvf-adapters/sona/src/experience.rs vendored Normal file
View File

@@ -0,0 +1,397 @@
//! `ExperienceReplayBuffer` — circular buffer of experiences stored
//! as RVF vectors in the shared SONA store.
//!
//! Each experience captures a (state, action, reward, next_state) tuple.
//! State and next_state embeddings are concatenated into a single vector
//! of double the configured dimension. The action and reward are stored
//! as metadata. A type marker of "experience" distinguishes these
//! entries from trajectory and pattern data.
use std::collections::VecDeque;
use rvf_runtime::options::{MetadataEntry, MetadataValue, QueryOptions, RvfOptions};
use rvf_runtime::RvfStore;
use rvf_types::RvfError;
use crate::config::SonaConfig;
/// Metadata field IDs (shared across all SONA stores).
const FIELD_STEP_ID: u16 = 0;
const FIELD_ACTION: u16 = 1;
const FIELD_REWARD: u16 = 2;
const FIELD_CATEGORY: u16 = 3;
const FIELD_TYPE: u16 = 4;
/// Type marker for experience entries.
const TYPE_EXPERIENCE: &str = "experience";
/// A single experience returned from retrieval or sampling.
#[derive(Clone, Debug)]
pub struct Experience {
/// Internal vector ID in the RVF store.
pub id: u64,
/// The action taken.
pub action: String,
/// The reward received.
pub reward: f64,
/// Distance from query (only meaningful for prioritized sampling).
pub distance: f32,
}
/// Circular buffer of experiences stored as RVF vectors.
pub struct ExperienceReplayBuffer {
store: RvfStore,
config: SonaConfig,
/// Ordered record of experience vector IDs (oldest first).
experience_ids: VecDeque<u64>,
/// Parallel metadata: (action, reward).
experience_meta: VecDeque<(String, f64)>,
/// Next vector ID to assign.
next_id: u64,
}
impl ExperienceReplayBuffer {
/// Create a new experience replay buffer.
pub fn create(config: SonaConfig) -> Result<Self, ExperienceStoreError> {
config.validate().map_err(ExperienceStoreError::Config)?;
config.ensure_dirs().map_err(|e| ExperienceStoreError::Io(e.to_string()))?;
let rvf_options = RvfOptions {
dimension: config.dimension,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), rvf_options)
.map_err(ExperienceStoreError::Rvf)?;
Ok(Self {
store,
config,
experience_ids: VecDeque::new(),
experience_meta: VecDeque::new(),
next_id: 1,
})
}
/// Add an experience to the buffer.
///
/// If the buffer is at capacity, the oldest experience is evicted.
/// The `state_embedding` is used as the stored vector (for similarity
/// search); `next_state_embedding` is currently not stored as a
/// separate vector but could be added via metadata extension.
///
/// Returns the internal vector ID.
pub fn push(
&mut self,
state_embedding: &[f32],
action: &str,
reward: f64,
_next_state_embedding: &[f32],
) -> Result<u64, ExperienceStoreError> {
if state_embedding.len() != self.config.dimension as usize {
return Err(ExperienceStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: state_embedding.len(),
});
}
// Evict oldest if at capacity.
if self.experience_ids.len() >= self.config.replay_capacity {
if let Some(old_id) = self.experience_ids.pop_front() {
self.experience_meta.pop_front();
self.store.delete(&[old_id]).map_err(ExperienceStoreError::Rvf)?;
}
}
let vector_id = self.next_id;
self.next_id += 1;
let metadata = vec![
MetadataEntry { field_id: FIELD_STEP_ID, value: MetadataValue::U64(vector_id) },
MetadataEntry { field_id: FIELD_ACTION, value: MetadataValue::String(action.to_string()) },
MetadataEntry { field_id: FIELD_REWARD, value: MetadataValue::F64(reward) },
MetadataEntry { field_id: FIELD_CATEGORY, value: MetadataValue::String(String::new()) },
MetadataEntry { field_id: FIELD_TYPE, value: MetadataValue::String(TYPE_EXPERIENCE.to_string()) },
];
self.store
.ingest_batch(&[state_embedding], &[vector_id], Some(&metadata))
.map_err(ExperienceStoreError::Rvf)?;
self.experience_ids.push_back(vector_id);
self.experience_meta.push_back((action.to_string(), reward));
Ok(vector_id)
}
/// Sample `n` experiences uniformly from the buffer.
///
/// Uses a deterministic stride-based selection: picks experiences
/// evenly spaced across the buffer. Returns fewer than `n` if the
/// buffer contains fewer experiences.
pub fn sample(&self, n: usize) -> Vec<Experience> {
let len = self.experience_ids.len();
if len == 0 || n == 0 {
return Vec::new();
}
let count = n.min(len);
let step = if count >= len { 1 } else { len / count };
let mut results = Vec::with_capacity(count);
let mut idx = 0;
while results.len() < count && idx < len {
let vid = self.experience_ids[idx];
let (action, reward) = &self.experience_meta[idx];
results.push(Experience {
id: vid,
action: action.clone(),
reward: *reward,
distance: 0.0,
});
idx += step;
}
// If stride skipped some, fill from the end.
if results.len() < count {
let mut back_idx = len - 1;
while results.len() < count {
let vid = self.experience_ids[back_idx];
if !results.iter().any(|e| e.id == vid) {
let (action, reward) = &self.experience_meta[back_idx];
results.push(Experience {
id: vid,
action: action.clone(),
reward: *reward,
distance: 0.0,
});
}
if back_idx == 0 {
break;
}
back_idx -= 1;
}
}
results
}
/// Sample `n` experiences prioritized by similarity to the given embedding.
///
/// Finds the `n` nearest-neighbor experiences by vector distance.
pub fn sample_prioritized(
&mut self,
n: usize,
embedding: &[f32],
) -> Result<Vec<Experience>, ExperienceStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(ExperienceStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
let results = self.store
.query(embedding, n, &QueryOptions::default())
.map_err(ExperienceStoreError::Rvf)?;
Ok(self.enrich_results(&results))
}
/// Return the number of experiences in the buffer.
pub fn len(&self) -> usize {
self.experience_ids.len()
}
/// Return whether the buffer is empty.
pub fn is_empty(&self) -> bool {
self.experience_ids.is_empty()
}
/// Return whether the buffer has reached its capacity.
pub fn is_full(&self) -> bool {
self.experience_ids.len() >= self.config.replay_capacity
}
/// Close the store, releasing locks.
pub fn close(self) -> Result<(), ExperienceStoreError> {
self.store.close().map_err(ExperienceStoreError::Rvf)
}
// ── Internal ──────────────────────────────────────────────────────
fn enrich_results(&self, results: &[rvf_runtime::SearchResult]) -> Vec<Experience> {
results
.iter()
.map(|r| {
let meta = self.experience_ids.iter()
.zip(self.experience_meta.iter())
.find(|(&vid, _)| vid == r.id)
.map(|(_, m)| m);
match meta {
Some((action, reward)) => Experience {
id: r.id,
action: action.clone(),
reward: *reward,
distance: r.distance,
},
None => Experience {
id: r.id,
action: String::new(),
reward: 0.0,
distance: r.distance,
},
}
})
.collect()
}
}
/// Errors from experience replay buffer operations.
#[derive(Debug)]
pub enum ExperienceStoreError {
/// Underlying RVF store error.
Rvf(RvfError),
/// Configuration error.
Config(crate::config::ConfigError),
/// I/O error.
Io(String),
/// Embedding dimension mismatch.
DimensionMismatch { expected: usize, got: usize },
}
impl std::fmt::Display for ExperienceStoreError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF store error: {e}"),
Self::Config(e) => write!(f, "config error: {e}"),
Self::Io(msg) => write!(f, "I/O error: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
}
}
}
impl std::error::Error for ExperienceStoreError {}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn test_config(dir: &std::path::Path) -> SonaConfig {
SonaConfig::new(dir, 4).with_replay_capacity(5)
}
fn make_embedding(seed: f32) -> Vec<f32> {
vec![seed, seed * 0.5, seed * 0.25, seed * 0.125]
}
#[test]
fn push_and_sample() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
buf.push(&make_embedding(1.0), "explore", 0.5, &make_embedding(1.1)).unwrap();
buf.push(&make_embedding(2.0), "exploit", 0.8, &make_embedding(2.1)).unwrap();
buf.push(&make_embedding(3.0), "explore", 0.3, &make_embedding(3.1)).unwrap();
assert_eq!(buf.len(), 3);
assert!(!buf.is_full());
let samples = buf.sample(2);
assert_eq!(samples.len(), 2);
buf.close().unwrap();
}
#[test]
fn buffer_capacity_eviction() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path()); // capacity = 5
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
for i in 0..7 {
buf.push(&make_embedding(i as f32 + 0.1), &format!("act{i}"), i as f64 * 0.1, &make_embedding(0.0)).unwrap();
}
assert_eq!(buf.len(), 5);
assert!(buf.is_full());
// The oldest two (act0, act1) should have been evicted.
let all = buf.sample(5);
assert_eq!(all.len(), 5);
assert!(all.iter().all(|e| e.action != "act0" && e.action != "act1"));
buf.close().unwrap();
}
#[test]
fn sample_prioritized() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
buf.push(&[1.0, 0.0, 0.0, 0.0], "a", 0.1, &[0.0; 4]).unwrap();
buf.push(&[0.0, 1.0, 0.0, 0.0], "b", 0.2, &[0.0; 4]).unwrap();
buf.push(&[0.9, 0.1, 0.0, 0.0], "c", 0.3, &[0.0; 4]).unwrap();
let results = buf.sample_prioritized(2, &[1.0, 0.0, 0.0, 0.0]).unwrap();
assert_eq!(results.len(), 2);
assert!(results[0].distance <= results[1].distance);
buf.close().unwrap();
}
#[test]
fn empty_buffer_operations() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
assert!(buf.is_empty());
assert!(!buf.is_full());
assert_eq!(buf.len(), 0);
let samples = buf.sample(5);
assert!(samples.is_empty());
let results = buf.sample_prioritized(5, &make_embedding(1.0)).unwrap();
assert!(results.is_empty());
buf.close().unwrap();
}
#[test]
fn sample_more_than_available() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
buf.push(&make_embedding(1.0), "a", 0.1, &make_embedding(0.0)).unwrap();
buf.push(&make_embedding(2.0), "b", 0.2, &make_embedding(0.0)).unwrap();
let samples = buf.sample(10);
assert_eq!(samples.len(), 2);
buf.close().unwrap();
}
#[test]
fn dimension_mismatch() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut buf = ExperienceReplayBuffer::create(config).unwrap();
let result = buf.push(&[1.0, 2.0], "a", 0.1, &[1.0, 2.0]);
assert!(result.is_err());
let result = buf.sample_prioritized(5, &[1.0, 2.0]);
assert!(result.is_err());
buf.close().unwrap();
}
}

44
vendor/ruvector/crates/rvf/rvf-adapters/sona/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,44 @@
//! RVF adapter for SONA (Self-Optimizing Neural Architecture).
//!
//! This crate bridges SONA's learning trajectory tracking, pattern
//! recognition, and experience replay with the RuVector Format (RVF)
//! segment store per ADR-029. All three data types share a single
//! underlying RVF file, distinguished by a type marker in metadata
//! field 4.
//!
//! # Architecture
//!
//! - **`TrajectoryStore`**: Records and queries sequences of state
//! embeddings that form a learning trajectory.
//! - **`ExperienceReplayBuffer`**: Circular buffer of (state, action,
//! reward, next_state) tuples for off-policy training.
//! - **`NeuralPatternStore`**: Stores recognized neural patterns with
//! confidence scores, searchable by category or embedding similarity.
//! - **`SonaConfig`**: Configuration for data directory, dimension,
//! replay capacity, and trajectory window size.
//!
//! # Usage
//!
//! ```rust,no_run
//! use rvf_adapter_sona::{SonaConfig, TrajectoryStore, ExperienceReplayBuffer, NeuralPatternStore};
//!
//! let config = SonaConfig::new("/tmp/sona-data", 256);
//! let mut trajectory = TrajectoryStore::create(config.clone()).unwrap();
//!
//! let embedding = vec![0.1f32; 256];
//! trajectory.record_step(1, &embedding, "explore", 0.5).unwrap();
//!
//! let recent = trajectory.get_recent(10);
//! let similar = trajectory.search_similar_states(&embedding, 5).unwrap();
//! trajectory.close().unwrap();
//! ```
pub mod config;
pub mod experience;
pub mod pattern;
pub mod trajectory;
pub use config::{ConfigError, SonaConfig};
pub use experience::{Experience, ExperienceReplayBuffer};
pub use pattern::{NeuralPattern, NeuralPatternStore};
pub use trajectory::{TrajectoryStep, TrajectoryStore};

423
vendor/ruvector/crates/rvf/rvf-adapters/sona/src/pattern.rs vendored Normal file
View File

@@ -0,0 +1,423 @@
//! `NeuralPatternStore` — stores recognized neural patterns as RVF
//! vectors with confidence scores and categories.
//!
//! Patterns can be searched by embedding similarity, filtered by
//! category, or ranked by confidence. A type marker of "pattern"
//! distinguishes these entries from trajectory and experience data.
use std::collections::HashMap;
use rvf_runtime::options::{MetadataEntry, MetadataValue, QueryOptions, RvfOptions};
use rvf_runtime::RvfStore;
use rvf_types::RvfError;
use crate::config::SonaConfig;
/// Metadata field IDs (shared across all SONA stores).
const FIELD_STEP_ID: u16 = 0;
const FIELD_NAME: u16 = 1;
const FIELD_CONFIDENCE: u16 = 2;
const FIELD_CATEGORY: u16 = 3;
const FIELD_TYPE: u16 = 4;
/// Type marker for pattern entries.
const TYPE_PATTERN: &str = "pattern";
/// A recognized neural pattern returned from retrieval or search.
#[derive(Clone, Debug)]
pub struct NeuralPattern {
/// Internal vector ID in the RVF store.
pub id: u64,
/// Human-readable pattern name.
pub name: String,
/// Category this pattern belongs to.
pub category: String,
/// Confidence score (0.0 to 1.0).
pub confidence: f64,
/// Distance from query (only meaningful for search results).
pub distance: f32,
}
/// Stores recognized neural patterns as RVF vectors.
pub struct NeuralPatternStore {
store: RvfStore,
config: SonaConfig,
/// In-memory index of pattern metadata keyed by vector ID.
patterns: HashMap<u64, PatternMeta>,
/// In-memory index of category -> vector IDs.
category_index: HashMap<String, Vec<u64>>,
/// Next vector ID to assign.
next_id: u64,
}
/// In-memory metadata for a pattern.
#[derive(Clone, Debug)]
struct PatternMeta {
name: String,
category: String,
confidence: f64,
}
impl NeuralPatternStore {
/// Create a new neural pattern store.
pub fn create(config: SonaConfig) -> Result<Self, PatternStoreError> {
config.validate().map_err(PatternStoreError::Config)?;
config.ensure_dirs().map_err(|e| PatternStoreError::Io(e.to_string()))?;
let rvf_options = RvfOptions {
dimension: config.dimension,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), rvf_options)
.map_err(PatternStoreError::Rvf)?;
Ok(Self {
store,
config,
patterns: HashMap::new(),
category_index: HashMap::new(),
next_id: 1,
})
}
/// Store a new neural pattern.
///
/// Returns the internal vector ID assigned to this pattern.
pub fn store_pattern(
&mut self,
name: &str,
category: &str,
embedding: &[f32],
confidence: f64,
) -> Result<u64, PatternStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(PatternStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
let vector_id = self.next_id;
self.next_id += 1;
let metadata = vec![
MetadataEntry { field_id: FIELD_STEP_ID, value: MetadataValue::U64(vector_id) },
MetadataEntry { field_id: FIELD_NAME, value: MetadataValue::String(name.to_string()) },
MetadataEntry { field_id: FIELD_CONFIDENCE, value: MetadataValue::F64(confidence) },
MetadataEntry { field_id: FIELD_CATEGORY, value: MetadataValue::String(category.to_string()) },
MetadataEntry { field_id: FIELD_TYPE, value: MetadataValue::String(TYPE_PATTERN.to_string()) },
];
self.store
.ingest_batch(&[embedding], &[vector_id], Some(&metadata))
.map_err(PatternStoreError::Rvf)?;
let meta = PatternMeta {
name: name.to_string(),
category: category.to_string(),
confidence,
};
self.patterns.insert(vector_id, meta);
self.category_index
.entry(category.to_string())
.or_default()
.push(vector_id);
Ok(vector_id)
}
/// Search for patterns whose embeddings are most similar to the given embedding.
pub fn search_patterns(
&mut self,
embedding: &[f32],
k: usize,
) -> Result<Vec<NeuralPattern>, PatternStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(PatternStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
let results = self.store
.query(embedding, k, &QueryOptions::default())
.map_err(PatternStoreError::Rvf)?;
Ok(self.enrich_results(&results))
}
/// Get all patterns in a given category.
pub fn get_by_category(&self, category: &str) -> Vec<NeuralPattern> {
let ids = match self.category_index.get(category) {
Some(ids) => ids,
None => return Vec::new(),
};
ids.iter()
.filter_map(|&vid| {
self.patterns.get(&vid).map(|meta| NeuralPattern {
id: vid,
name: meta.name.clone(),
category: meta.category.clone(),
confidence: meta.confidence,
distance: 0.0,
})
})
.collect()
}
/// Update the confidence score for a pattern by its vector ID.
pub fn update_confidence(&mut self, id: u64, confidence: f64) -> Result<(), PatternStoreError> {
match self.patterns.get_mut(&id) {
Some(meta) => {
meta.confidence = confidence;
Ok(())
}
None => Err(PatternStoreError::PatternNotFound(id)),
}
}
/// Get the top `k` patterns ranked by confidence (highest first).
pub fn get_top_patterns(&self, k: usize) -> Vec<NeuralPattern> {
let mut all: Vec<_> = self.patterns.iter()
.map(|(&vid, meta)| NeuralPattern {
id: vid,
name: meta.name.clone(),
category: meta.category.clone(),
confidence: meta.confidence,
distance: 0.0,
})
.collect();
all.sort_by(|a, b| {
b.confidence.partial_cmp(&a.confidence).unwrap_or(std::cmp::Ordering::Equal)
});
all.truncate(k);
all
}
/// Return the total number of stored patterns.
pub fn len(&self) -> usize {
self.patterns.len()
}
/// Return whether the store has no patterns.
pub fn is_empty(&self) -> bool {
self.patterns.is_empty()
}
/// Close the store, releasing locks.
pub fn close(self) -> Result<(), PatternStoreError> {
self.store.close().map_err(PatternStoreError::Rvf)
}
// ── Internal ──────────────────────────────────────────────────────
fn enrich_results(&self, results: &[rvf_runtime::SearchResult]) -> Vec<NeuralPattern> {
results
.iter()
.map(|r| {
match self.patterns.get(&r.id) {
Some(meta) => NeuralPattern {
id: r.id,
name: meta.name.clone(),
category: meta.category.clone(),
confidence: meta.confidence,
distance: r.distance,
},
None => NeuralPattern {
id: r.id,
name: String::new(),
category: String::new(),
confidence: 0.0,
distance: r.distance,
},
}
})
.collect()
}
}
/// Errors from neural pattern store operations.
#[derive(Debug)]
pub enum PatternStoreError {
/// Underlying RVF store error.
Rvf(RvfError),
/// Configuration error.
Config(crate::config::ConfigError),
/// I/O error.
Io(String),
/// Embedding dimension mismatch.
DimensionMismatch { expected: usize, got: usize },
/// Pattern not found for the given ID.
PatternNotFound(u64),
}
impl std::fmt::Display for PatternStoreError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF store error: {e}"),
Self::Config(e) => write!(f, "config error: {e}"),
Self::Io(msg) => write!(f, "I/O error: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
Self::PatternNotFound(id) => write!(f, "pattern not found: {id}"),
}
}
}
impl std::error::Error for PatternStoreError {}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn test_config(dir: &std::path::Path) -> SonaConfig {
SonaConfig::new(dir, 4)
}
fn make_embedding(seed: f32) -> Vec<f32> {
vec![seed, seed * 0.5, seed * 0.25, seed * 0.125]
}
#[test]
fn store_and_search_patterns() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
store.store_pattern("convergent", "thinking", &[1.0, 0.0, 0.0, 0.0], 0.9).unwrap();
store.store_pattern("divergent", "thinking", &[0.0, 1.0, 0.0, 0.0], 0.7).unwrap();
store.store_pattern("lateral", "creative", &[0.0, 0.0, 1.0, 0.0], 0.8).unwrap();
let results = store.search_patterns(&[1.0, 0.0, 0.0, 0.0], 2).unwrap();
assert_eq!(results.len(), 2);
assert!(results[0].distance <= results[1].distance);
store.close().unwrap();
}
#[test]
fn get_by_category() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
store.store_pattern("p1", "alpha", &make_embedding(1.0), 0.9).unwrap();
store.store_pattern("p2", "beta", &make_embedding(2.0), 0.7).unwrap();
store.store_pattern("p3", "alpha", &make_embedding(3.0), 0.8).unwrap();
let alpha = store.get_by_category("alpha");
assert_eq!(alpha.len(), 2);
assert!(alpha.iter().all(|p| p.category == "alpha"));
let beta = store.get_by_category("beta");
assert_eq!(beta.len(), 1);
assert_eq!(beta[0].name, "p2");
let empty = store.get_by_category("nonexistent");
assert!(empty.is_empty());
store.close().unwrap();
}
#[test]
fn update_confidence() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
let id = store.store_pattern("p1", "cat", &make_embedding(1.0), 0.5).unwrap();
store.update_confidence(id, 0.95).unwrap();
let top = store.get_top_patterns(1);
assert_eq!(top.len(), 1);
assert!((top[0].confidence - 0.95).abs() < f64::EPSILON);
store.close().unwrap();
}
#[test]
fn update_confidence_not_found() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
let result = store.update_confidence(999, 0.5);
assert!(result.is_err());
store.close().unwrap();
}
#[test]
fn get_top_patterns() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
store.store_pattern("low", "cat", &make_embedding(1.0), 0.3).unwrap();
store.store_pattern("high", "cat", &make_embedding(2.0), 0.9).unwrap();
store.store_pattern("mid", "cat", &make_embedding(3.0), 0.6).unwrap();
let top = store.get_top_patterns(2);
assert_eq!(top.len(), 2);
assert_eq!(top[0].name, "high");
assert_eq!(top[1].name, "mid");
store.close().unwrap();
}
#[test]
fn get_top_more_than_available() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
store.store_pattern("only", "cat", &make_embedding(1.0), 0.5).unwrap();
let top = store.get_top_patterns(10);
assert_eq!(top.len(), 1);
store.close().unwrap();
}
#[test]
fn empty_store_operations() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
assert!(store.is_empty());
assert_eq!(store.len(), 0);
let results = store.search_patterns(&make_embedding(1.0), 5).unwrap();
assert!(results.is_empty());
let by_cat = store.get_by_category("anything");
assert!(by_cat.is_empty());
let top = store.get_top_patterns(5);
assert!(top.is_empty());
store.close().unwrap();
}
#[test]
fn dimension_mismatch() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = NeuralPatternStore::create(config).unwrap();
let result = store.store_pattern("p", "c", &[1.0, 2.0], 0.5);
assert!(result.is_err());
let result = store.search_patterns(&[1.0, 2.0], 5);
assert!(result.is_err());
store.close().unwrap();
}
}

422
vendor/ruvector/crates/rvf/rvf-adapters/sona/src/trajectory.rs vendored Normal file
View File

@@ -0,0 +1,422 @@
//! `TrajectoryStore` — stores learning trajectories as sequences of
//! state embeddings in the shared SONA RVF file.
//!
//! Each trajectory step records a state embedding, the action taken,
//! the reward received, and a monotonically increasing step ID. Steps
//! are stored as RVF vectors with metadata fields encoding the step
//! details and a type marker of "trajectory".
use std::collections::VecDeque;
use rvf_runtime::options::{MetadataEntry, MetadataValue, QueryOptions, RvfOptions};
use rvf_runtime::{RvfStore, SearchResult};
use rvf_types::RvfError;
use crate::config::SonaConfig;
/// Metadata field IDs (shared across all SONA stores).
const FIELD_STEP_ID: u16 = 0;
const FIELD_ACTION: u16 = 1;
const FIELD_REWARD: u16 = 2;
const FIELD_CATEGORY: u16 = 3;
const FIELD_TYPE: u16 = 4;
/// Type marker for trajectory entries.
const TYPE_TRAJECTORY: &str = "trajectory";
/// A single trajectory step returned from retrieval or search.
#[derive(Clone, Debug)]
pub struct TrajectoryStep {
/// Internal vector ID in the RVF store.
pub id: u64,
/// The step identifier within the trajectory.
pub step_id: u64,
/// The action taken at this step.
pub action: String,
/// The reward received at this step.
pub reward: f64,
/// Distance from query (only meaningful for search results).
pub distance: f32,
}
/// Stores learning trajectories as sequences of state embeddings.
pub struct TrajectoryStore {
store: RvfStore,
config: SonaConfig,
/// In-memory ordered record of trajectory step vector IDs, newest last.
step_ids: VecDeque<u64>,
/// Parallel deque of step metadata for fast retrieval.
step_meta: VecDeque<(u64, String, f64)>, // (step_id, action, reward)
/// Next vector ID to assign.
next_id: u64,
}
impl TrajectoryStore {
/// Create a new trajectory store, initializing the data directory and RVF file.
pub fn create(config: SonaConfig) -> Result<Self, SonaStoreError> {
config.validate().map_err(SonaStoreError::Config)?;
config.ensure_dirs().map_err(|e| SonaStoreError::Io(e.to_string()))?;
let rvf_options = RvfOptions {
dimension: config.dimension,
..Default::default()
};
let store = RvfStore::create(&config.store_path(), rvf_options)
.map_err(SonaStoreError::Rvf)?;
Ok(Self {
store,
config,
step_ids: VecDeque::new(),
step_meta: VecDeque::new(),
next_id: 1,
})
}
/// Record a single trajectory step.
///
/// Returns the internal vector ID assigned to this step.
pub fn record_step(
&mut self,
step_id: u64,
state_embedding: &[f32],
action: &str,
reward: f64,
) -> Result<u64, SonaStoreError> {
if state_embedding.len() != self.config.dimension as usize {
return Err(SonaStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: state_embedding.len(),
});
}
let vector_id = self.next_id;
self.next_id += 1;
let metadata = vec![
MetadataEntry { field_id: FIELD_STEP_ID, value: MetadataValue::U64(step_id) },
MetadataEntry { field_id: FIELD_ACTION, value: MetadataValue::String(action.to_string()) },
MetadataEntry { field_id: FIELD_REWARD, value: MetadataValue::F64(reward) },
MetadataEntry { field_id: FIELD_CATEGORY, value: MetadataValue::String(String::new()) },
MetadataEntry { field_id: FIELD_TYPE, value: MetadataValue::String(TYPE_TRAJECTORY.to_string()) },
];
self.store
.ingest_batch(&[state_embedding], &[vector_id], Some(&metadata))
.map_err(SonaStoreError::Rvf)?;
self.step_ids.push_back(vector_id);
self.step_meta.push_back((step_id, action.to_string(), reward));
// Trim to trajectory window size.
while self.step_ids.len() > self.config.trajectory_window {
self.step_ids.pop_front();
self.step_meta.pop_front();
}
Ok(vector_id)
}
/// Get the `n` most recent trajectory steps.
///
/// Returns fewer than `n` if fewer steps are available.
pub fn get_recent(&self, n: usize) -> Vec<TrajectoryStep> {
let len = self.step_ids.len();
let start = len.saturating_sub(n);
self.step_ids
.iter()
.zip(self.step_meta.iter())
.skip(start)
.map(|(&vid, (step_id, action, reward))| TrajectoryStep {
id: vid,
step_id: *step_id,
action: action.clone(),
reward: *reward,
distance: 0.0,
})
.collect()
}
/// Search for trajectory steps whose state embeddings are most
/// similar to the given embedding.
pub fn search_similar_states(
&mut self,
embedding: &[f32],
k: usize,
) -> Result<Vec<TrajectoryStep>, SonaStoreError> {
if embedding.len() != self.config.dimension as usize {
return Err(SonaStoreError::DimensionMismatch {
expected: self.config.dimension as usize,
got: embedding.len(),
});
}
let results = self.store
.query(embedding, k, &QueryOptions::default())
.map_err(SonaStoreError::Rvf)?;
Ok(self.enrich_results(&results))
}
/// Get all steps in the current trajectory window.
pub fn get_trajectory_window(&self) -> Vec<TrajectoryStep> {
self.get_recent(self.config.trajectory_window)
}
/// Prune old trajectory data, keeping only the most recent `keep_last_n` steps.
///
/// Returns the number of steps deleted.
pub fn clear_old(&mut self, keep_last_n: usize) -> Result<usize, SonaStoreError> {
let len = self.step_ids.len();
if len <= keep_last_n {
return Ok(0);
}
let to_remove = len - keep_last_n;
let mut ids_to_delete = Vec::with_capacity(to_remove);
for _ in 0..to_remove {
if let Some(vid) = self.step_ids.pop_front() {
ids_to_delete.push(vid);
self.step_meta.pop_front();
}
}
if !ids_to_delete.is_empty() {
self.store.delete(&ids_to_delete).map_err(SonaStoreError::Rvf)?;
}
Ok(ids_to_delete.len())
}
/// Return the number of steps in the current in-memory window.
pub fn len(&self) -> usize {
self.step_ids.len()
}
/// Return whether the store has no steps in the window.
pub fn is_empty(&self) -> bool {
self.step_ids.is_empty()
}
/// Close the store, releasing locks.
pub fn close(self) -> Result<(), SonaStoreError> {
self.store.close().map_err(SonaStoreError::Rvf)
}
// ── Internal ──────────────────────────────────────────────────────
/// Enrich raw search results with step metadata from the in-memory index.
fn enrich_results(&self, results: &[SearchResult]) -> Vec<TrajectoryStep> {
results
.iter()
.map(|r| {
let meta = self.step_ids.iter()
.zip(self.step_meta.iter())
.find(|(&vid, _)| vid == r.id)
.map(|(_, m)| m);
match meta {
Some((step_id, action, reward)) => TrajectoryStep {
id: r.id,
step_id: *step_id,
action: action.clone(),
reward: *reward,
distance: r.distance,
},
None => TrajectoryStep {
id: r.id,
step_id: 0,
action: String::new(),
reward: 0.0,
distance: r.distance,
},
}
})
.collect()
}
}
/// Errors from SONA store operations.
#[derive(Debug)]
pub enum SonaStoreError {
/// Underlying RVF store error.
Rvf(RvfError),
/// Configuration error.
Config(crate::config::ConfigError),
/// I/O error.
Io(String),
/// Embedding dimension mismatch.
DimensionMismatch { expected: usize, got: usize },
}
impl std::fmt::Display for SonaStoreError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Rvf(e) => write!(f, "RVF store error: {e}"),
Self::Config(e) => write!(f, "config error: {e}"),
Self::Io(msg) => write!(f, "I/O error: {msg}"),
Self::DimensionMismatch { expected, got } => {
write!(f, "dimension mismatch: expected {expected}, got {got}")
}
}
}
}
impl std::error::Error for SonaStoreError {}
#[cfg(test)]
mod tests {
use super::*;
use tempfile::TempDir;
fn test_config(dir: &std::path::Path) -> SonaConfig {
SonaConfig::new(dir, 4).with_trajectory_window(5)
}
fn make_embedding(seed: f32) -> Vec<f32> {
vec![seed, seed * 0.5, seed * 0.25, seed * 0.125]
}
#[test]
fn record_and_get_recent() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
store.record_step(1, &make_embedding(1.0), "explore", 0.5).unwrap();
store.record_step(2, &make_embedding(2.0), "exploit", 0.8).unwrap();
store.record_step(3, &make_embedding(3.0), "explore", 0.3).unwrap();
let recent = store.get_recent(2);
assert_eq!(recent.len(), 2);
assert_eq!(recent[0].step_id, 2);
assert_eq!(recent[1].step_id, 3);
assert_eq!(recent[1].action, "explore");
store.close().unwrap();
}
#[test]
fn get_recent_more_than_available() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
store.record_step(1, &make_embedding(1.0), "a", 0.1).unwrap();
let recent = store.get_recent(10);
assert_eq!(recent.len(), 1);
assert_eq!(recent[0].step_id, 1);
store.close().unwrap();
}
#[test]
fn trajectory_window_trimming() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path()); // window = 5
let mut store = TrajectoryStore::create(config).unwrap();
for i in 0..8 {
store.record_step(i, &make_embedding(i as f32 + 0.1), "act", 0.1).unwrap();
}
assert_eq!(store.len(), 5);
let window = store.get_trajectory_window();
assert_eq!(window.len(), 5);
// Should have steps 3..7
assert_eq!(window[0].step_id, 3);
assert_eq!(window[4].step_id, 7);
store.close().unwrap();
}
#[test]
fn search_similar_states() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
store.record_step(1, &[1.0, 0.0, 0.0, 0.0], "a", 0.1).unwrap();
store.record_step(2, &[0.0, 1.0, 0.0, 0.0], "b", 0.2).unwrap();
store.record_step(3, &[0.9, 0.1, 0.0, 0.0], "c", 0.3).unwrap();
let results = store.search_similar_states(&[1.0, 0.0, 0.0, 0.0], 2).unwrap();
assert_eq!(results.len(), 2);
// Closest to [1,0,0,0] should be step 1 or step 3
assert!(results[0].distance <= results[1].distance);
store.close().unwrap();
}
#[test]
fn clear_old_steps() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
for i in 0..5 {
store.record_step(i, &make_embedding(i as f32 + 0.1), "act", 0.1).unwrap();
}
let removed = store.clear_old(2).unwrap();
assert_eq!(removed, 3);
assert_eq!(store.len(), 2);
let remaining = store.get_recent(10);
assert_eq!(remaining.len(), 2);
assert_eq!(remaining[0].step_id, 3);
assert_eq!(remaining[1].step_id, 4);
store.close().unwrap();
}
#[test]
fn clear_old_no_op_when_within_limit() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
store.record_step(1, &make_embedding(1.0), "a", 0.1).unwrap();
let removed = store.clear_old(10).unwrap();
assert_eq!(removed, 0);
assert_eq!(store.len(), 1);
store.close().unwrap();
}
#[test]
fn empty_store_operations() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
assert!(store.is_empty());
assert_eq!(store.len(), 0);
assert!(store.get_recent(5).is_empty());
assert!(store.get_trajectory_window().is_empty());
let results = store.search_similar_states(&make_embedding(1.0), 5).unwrap();
assert!(results.is_empty());
store.close().unwrap();
}
#[test]
fn dimension_mismatch() {
let dir = TempDir::new().unwrap();
let config = test_config(dir.path());
let mut store = TrajectoryStore::create(config).unwrap();
let result = store.record_step(1, &[1.0, 2.0], "a", 0.1);
assert!(result.is_err());
let result = store.search_similar_states(&[1.0, 2.0], 5);
assert!(result.is_err());
store.close().unwrap();
}
}

36
vendor/ruvector/crates/rvf/rvf-cli/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,36 @@
[package]
name = "rvf-cli"
version = "0.1.0"
edition = "2021"
description = "Unified CLI for RuVector Format vector stores"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["command-line-utilities", "database-implementations"]
keywords = ["rvf", "vector", "database", "cli", "cognitive-container"]
rust-version = "1.87"
[[bin]]
name = "rvf"
path = "src/main.rs"
[dependencies]
rvf-runtime = { version = "0.2.0", path = "../rvf-runtime" }
rvf-types = { version = "0.2.0", path = "../rvf-types", features = ["std"] }
rvf-wire = { version = "0.1.0", path = "../rvf-wire" }
rvf-manifest = { version = "0.1.0", path = "../rvf-manifest" }
rvf-crypto = { version = "0.2.0", path = "../rvf-crypto" }
rvf-server = { version = "0.1.0", path = "../rvf-server", optional = true }
clap = { version = "4", features = ["derive"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
tokio = { version = "1", features = ["rt-multi-thread", "macros"], optional = true }
rvf-launch = { version = "0.1.0", path = "../rvf-launch", optional = true }
ctrlc = { version = "3", optional = true }
[features]
default = []
serve = ["dep:rvf-server", "dep:tokio"]
launch = ["dep:rvf-launch", "dep:ctrlc"]

290
vendor/ruvector/crates/rvf/rvf-cli/README.md vendored Normal file
View File

@@ -0,0 +1,290 @@
# rvf — RuVector Format CLI
Standalone command-line tool for creating, inspecting, querying, and managing RVF vector stores. Runs on Windows, macOS, and Linux with zero runtime dependencies.
## Install
### Pre-built binaries (recommended)
Download from [GitHub Releases](https://github.com/ruvnet/ruvector/releases):
```bash
# macOS (Apple Silicon)
curl -L -o rvf https://github.com/ruvnet/ruvector/releases/latest/download/rvf-darwin-arm64
chmod +x rvf && sudo mv rvf /usr/local/bin/
# macOS (Intel)
curl -L -o rvf https://github.com/ruvnet/ruvector/releases/latest/download/rvf-darwin-x64
chmod +x rvf && sudo mv rvf /usr/local/bin/
# Linux x64
curl -L -o rvf https://github.com/ruvnet/ruvector/releases/latest/download/rvf-linux-x64
chmod +x rvf && sudo mv rvf /usr/local/bin/
# Linux ARM64
curl -L -o rvf https://github.com/ruvnet/ruvector/releases/latest/download/rvf-linux-arm64
chmod +x rvf && sudo mv rvf /usr/local/bin/
```
**Windows (PowerShell):**
```powershell
Invoke-WebRequest -Uri https://github.com/ruvnet/ruvector/releases/latest/download/rvf-windows-x64.exe -OutFile rvf.exe
```
### Build from source
Requires [Rust](https://rustup.rs):
```bash
cargo install --git https://github.com/ruvnet/ruvector.git rvf-cli
```
Or clone and build:
```bash
git clone https://github.com/ruvnet/ruvector.git
cd ruvector
cargo build -p rvf-cli --release
# Binary: target/release/rvf (or rvf.exe on Windows)
```
## Quick start
```bash
# Create a 128-dimensional vector store with cosine distance
rvf create mydb.rvf --dimension 128 --metric cosine
# Ingest vectors from JSON
rvf ingest mydb.rvf --input vectors.json
# Search for nearest neighbors
rvf query mydb.rvf --vector "0.1,0.2,0.3,..." --k 10
# Check store status
rvf status mydb.rvf
```
## Running the examples
The repo includes 48 pre-built `.rvf` example stores in `examples/rvf/output/`. Use the CLI to inspect, query, and manipulate them:
```bash
# List all example stores
ls examples/rvf/output/*.rvf
# Inspect a store
rvf status examples/rvf/output/basic_store.rvf
rvf inspect examples/rvf/output/basic_store.rvf
# Query the semantic search example (500 vectors, 384 dimensions)
rvf status examples/rvf/output/semantic_search.rvf
rvf inspect examples/rvf/output/semantic_search.rvf --json
# Inspect the RAG pipeline store
rvf status examples/rvf/output/rag_pipeline.rvf
# Look at COW lineage (parent -> child)
rvf inspect examples/rvf/output/lineage_parent.rvf
rvf inspect examples/rvf/output/lineage_child.rvf
# Check financial signals store
rvf status examples/rvf/output/financial_signals.rvf
# View the compacted store
rvf status examples/rvf/output/compacted.rvf
# Inspect agent memory store
rvf inspect examples/rvf/output/agent_memory.rvf
# View all stores at once (JSON)
for f in examples/rvf/output/*.rvf; do
echo "--- $(basename $f) ---"
rvf status "$f" 2>/dev/null
done
```
### Available example stores
| Store | Vectors | Dim | Description |
|-------|---------|-----|-------------|
| `basic_store.rvf` | 100 | 384 | Basic vector store |
| `semantic_search.rvf` | 500 | 384 | Semantic search embeddings |
| `rag_pipeline.rvf` | 300 | 256 | RAG pipeline embeddings |
| `embedding_cache.rvf` | 500 | 384 | Embedding cache |
| `filtered_search.rvf` | 200 | 256 | Filtered search with metadata |
| `financial_signals.rvf` | 100 | 512 | Financial signal vectors |
| `recommendation.rvf` | 100 | 256 | Recommendation engine |
| `medical_imaging.rvf` | 100 | 768 | Medical imaging features |
| `multimodal_fusion.rvf` | 100 | 2048 | Multimodal fusion vectors |
| `legal_discovery.rvf` | 100 | 768 | Legal document embeddings |
| `progressive_index.rvf` | 1000 | 384 | Progressive HNSW index |
| `quantization.rvf` | 1000 | 384 | Quantized vectors |
| `swarm_knowledge.rvf` | 100 | 128 | Swarm intelligence KB |
| `agent_memory.rvf` | 50 | 128 | Agent conversation memory |
| `experience_replay.rvf` | 50 | 64 | RL experience replay buffer |
| `lineage_parent.rvf` | — | — | COW parent (lineage demo) |
| `lineage_child.rvf` | — | — | COW child (lineage demo) |
| `compacted.rvf` | — | — | Post-compaction store |
## Commands
### create
Create a new empty RVF store.
```bash
rvf create store.rvf --dimension 128 --metric cosine
rvf create store.rvf -d 384 -m l2 --profile 1 --json
```
Options:
- `-d, --dimension` — Vector dimensionality (required)
- `-m, --metric` — Distance metric: `l2`, `ip` (inner product), `cosine` (default: `l2`)
- `-p, --profile` — Hardware profile 0-3 (default: `0`)
- `--json` — Output as JSON
### ingest
Import vectors from a JSON file.
```bash
rvf ingest store.rvf --input data.json
rvf ingest store.rvf -i data.json --batch-size 500 --json
```
Input JSON format:
```json
[
{"id": 1, "vector": [0.1, 0.2, 0.3, ...]},
{"id": 2, "vector": [0.4, 0.5, 0.6, ...]}
]
```
### query
Search for k nearest neighbors.
```bash
rvf query store.rvf --vector "1.0,0.0,0.5,0.3" --k 10
rvf query store.rvf -v "0.5,0.5,0.0,0.0" -k 5 --json
```
With filters:
```bash
rvf query store.rvf -v "1.0,0.0" -k 10 \
--filter '{"eq":{"field":0,"value":{"string":"category_a"}}}'
```
### delete
Delete vectors by ID or filter.
```bash
rvf delete store.rvf --ids 1,2,3
rvf delete store.rvf --filter '{"gt":{"field":0,"value":{"u64":100}}}'
```
### status
Show store status.
```bash
rvf status store.rvf
rvf status store.rvf --json
```
### inspect
Inspect store segments and lineage.
```bash
rvf inspect store.rvf
rvf inspect store.rvf --json
```
### compact
Reclaim dead space from deleted vectors.
```bash
rvf compact store.rvf
rvf compact store.rvf --strip-unknown --json
```
### derive
Create a derived child store (COW branching).
```bash
rvf derive parent.rvf child.rvf --derivation-type clone
rvf derive parent.rvf child.rvf -t snapshot --json
```
Derivation types: `clone`, `filter`, `merge`, `quantize`, `reindex`, `transform`, `snapshot`
### freeze
Snapshot-freeze the current state.
```bash
rvf freeze store.rvf
```
### verify-witness
Verify the tamper-evident witness chain.
```bash
rvf verify-witness store.rvf
```
### verify-attestation
Verify kernel binding and attestation.
```bash
rvf verify-attestation store.rvf
```
### serve
Start an HTTP server (requires `serve` feature).
```bash
cargo build -p rvf-cli --features serve
rvf serve store.rvf --port 8080
```
### launch
Boot an RVF file in a QEMU microVM (requires `launch` feature).
```bash
cargo build -p rvf-cli --features launch
rvf launch store.rvf --port 8080 --memory-mb 256
```
## JSON output
All commands support `--json` for machine-readable output:
```bash
rvf status store.rvf --json | jq '.total_vectors'
rvf query store.rvf -v "1,0,0,0" -k 5 --json | jq '.results[].id'
```
## Platform scripts
Platform-specific quickstart scripts are in `examples/rvf/scripts/`:
```bash
# Linux / macOS
bash examples/rvf/scripts/rvf-quickstart.sh
# Windows PowerShell
.\examples\rvf\scripts\rvf-quickstart.ps1
```
## License
MIT OR Apache-2.0

72
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/compact.rs vendored Normal file
View File

@@ -0,0 +1,72 @@
//! `rvf compact` -- Compact store to reclaim dead space.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct CompactArgs {
/// Path to the RVF store
path: String,
/// Strip unknown segment types (segments not recognized by this version)
#[arg(long)]
strip_unknown: bool,
/// Output as JSON
#[arg(long)]
json: bool,
}
pub fn run(args: CompactArgs) -> Result<(), Box<dyn std::error::Error>> {
if args.strip_unknown {
eprintln!(
"Warning: --strip-unknown will remove segment types not recognized by this version."
);
eprintln!(" This may discard data written by newer tools.");
}
let mut store = RvfStore::open(Path::new(&args.path)).map_err(map_rvf_err)?;
let status_before = store.status();
let result = store.compact().map_err(map_rvf_err)?;
let status_after = store.status();
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"segments_compacted": result.segments_compacted,
"bytes_reclaimed": result.bytes_reclaimed,
"epoch": result.epoch,
"vectors_before": status_before.total_vectors,
"vectors_after": status_after.total_vectors,
"file_size_before": status_before.file_size,
"file_size_after": status_after.file_size,
"strip_unknown": args.strip_unknown,
}));
} else {
println!("Compaction complete:");
crate::output::print_kv(
"Segments compacted:",
&result.segments_compacted.to_string(),
);
crate::output::print_kv("Bytes reclaimed:", &result.bytes_reclaimed.to_string());
crate::output::print_kv("Epoch:", &result.epoch.to_string());
crate::output::print_kv("Vectors before:", &status_before.total_vectors.to_string());
crate::output::print_kv("Vectors after:", &status_after.total_vectors.to_string());
crate::output::print_kv(
"File size before:",
&format!("{} bytes", status_before.file_size),
);
crate::output::print_kv(
"File size after:",
&format!("{} bytes", status_after.file_size),
);
if args.strip_unknown {
crate::output::print_kv("Strip unknown:", "yes");
}
}
Ok(())
}

71
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/create.rs vendored Normal file
View File

@@ -0,0 +1,71 @@
//! `rvf create` -- Create a new empty RVF store.
use clap::Args;
use std::path::Path;
use rvf_runtime::options::DistanceMetric;
use rvf_runtime::{RvfOptions, RvfStore};
use super::map_rvf_err;
#[derive(Args)]
pub struct CreateArgs {
/// Path for the new RVF store file
path: String,
/// Vector dimensionality
#[arg(short, long)]
dimension: u32,
/// Distance metric: l2, ip, cosine
#[arg(short, long, default_value = "l2")]
metric: String,
/// Hardware profile: 0-3
#[arg(short, long, default_value = "0")]
profile: u8,
/// Output as JSON
#[arg(long)]
json: bool,
}
pub fn run(args: CreateArgs) -> Result<(), Box<dyn std::error::Error>> {
if args.dimension == 0 || args.dimension > u16::MAX as u32 {
return Err(format!(
"Dimension must be between 1 and {} (got {})",
u16::MAX,
args.dimension
)
.into());
}
let metric = match args.metric.as_str() {
"l2" | "L2" => DistanceMetric::L2,
"ip" | "inner_product" => DistanceMetric::InnerProduct,
"cosine" => DistanceMetric::Cosine,
other => return Err(format!("Unknown metric: {other}").into()),
};
let opts = RvfOptions {
dimension: args.dimension as u16,
metric,
profile: args.profile,
..Default::default()
};
let store = RvfStore::create(Path::new(&args.path), opts).map_err(map_rvf_err)?;
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "created",
"path": args.path,
"dimension": args.dimension,
"metric": args.metric,
"profile": args.profile,
}));
} else {
println!("Created RVF store: {}", args.path);
crate::output::print_kv("Dimension:", &args.dimension.to_string());
crate::output::print_kv("Metric:", &args.metric);
crate::output::print_kv("Profile:", &args.profile.to_string());
}
Ok(())
}

61
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/delete.rs vendored Normal file
View File

@@ -0,0 +1,61 @@
//! `rvf delete` -- Delete vectors by ID or filter.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct DeleteArgs {
/// Path to the RVF store
path: String,
/// Comma-separated vector IDs to delete (e.g. "1,2,3")
#[arg(long)]
ids: Option<String>,
/// Filter expression as JSON (e.g. '{"gt":{"field":0,"value":{"u64":10}}}')
#[arg(long)]
filter: Option<String>,
/// Output as JSON
#[arg(long)]
json: bool,
}
pub fn run(args: DeleteArgs) -> Result<(), Box<dyn std::error::Error>> {
if args.ids.is_none() && args.filter.is_none() {
return Err("must specify --ids or --filter".into());
}
let mut store = RvfStore::open(Path::new(&args.path)).map_err(map_rvf_err)?;
let result = if let Some(ids_str) = &args.ids {
let ids: Vec<u64> = ids_str
.split(',')
.map(|s| {
s.trim()
.parse::<u64>()
.map_err(|e| format!("Invalid ID '{s}': {e}"))
})
.collect::<Result<Vec<_>, _>>()?;
store.delete(&ids).map_err(map_rvf_err)?
} else {
let filter_str = args.filter.as_ref().unwrap();
let filter_expr = super::query::parse_filter_json(filter_str)?;
store.delete_by_filter(&filter_expr).map_err(map_rvf_err)?
};
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"deleted": result.deleted,
"epoch": result.epoch,
}));
} else {
println!("Delete complete:");
crate::output::print_kv("Deleted:", &result.deleted.to_string());
crate::output::print_kv("Epoch:", &result.epoch.to_string());
}
Ok(())
}

70
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/derive.rs vendored Normal file
View File

@@ -0,0 +1,70 @@
//! `rvf derive` -- Derive a child store from a parent.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use rvf_types::DerivationType;
use super::map_rvf_err;
#[derive(Args)]
pub struct DeriveArgs {
/// Path to the parent RVF store
parent: String,
/// Path for the new child RVF store
child: String,
/// Derivation type: clone, filter, merge, quantize, reindex, transform, snapshot
#[arg(short = 't', long, default_value = "clone")]
derivation_type: String,
/// Output as JSON
#[arg(long)]
json: bool,
}
fn parse_derivation_type(s: &str) -> Result<DerivationType, Box<dyn std::error::Error>> {
match s.to_lowercase().as_str() {
"clone" => Ok(DerivationType::Clone),
"filter" => Ok(DerivationType::Filter),
"merge" => Ok(DerivationType::Merge),
"quantize" => Ok(DerivationType::Quantize),
"reindex" => Ok(DerivationType::Reindex),
"transform" => Ok(DerivationType::Transform),
"snapshot" => Ok(DerivationType::Snapshot),
other => Err(format!("Unknown derivation type: {other}").into()),
}
}
pub fn run(args: DeriveArgs) -> Result<(), Box<dyn std::error::Error>> {
let dt = parse_derivation_type(&args.derivation_type)?;
let parent = RvfStore::open_readonly(Path::new(&args.parent)).map_err(map_rvf_err)?;
let child = parent
.derive(Path::new(&args.child), dt, None)
.map_err(map_rvf_err)?;
let child_identity = *child.file_identity();
child.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "derived",
"parent": args.parent,
"child": args.child,
"derivation_type": args.derivation_type,
"child_file_id": crate::output::hex(&child_identity.file_id),
"parent_file_id": crate::output::hex(&child_identity.parent_id),
"lineage_depth": child_identity.lineage_depth,
}));
} else {
println!("Derived child store: {}", args.child);
crate::output::print_kv("Parent:", &args.parent);
crate::output::print_kv("Type:", &args.derivation_type);
crate::output::print_kv(
"Child file ID:",
&crate::output::hex(&child_identity.file_id),
);
crate::output::print_kv("Lineage depth:", &child_identity.lineage_depth.to_string());
}
Ok(())
}

68
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/embed_ebpf.rs vendored Normal file
View File

@@ -0,0 +1,68 @@
//! `rvf embed-ebpf` -- Compile and embed an eBPF program into an RVF file.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct EmbedEbpfArgs {
/// Path to the RVF store
pub file: String,
/// Path to the eBPF program (compiled .o or raw bytecode)
#[arg(long)]
pub program: String,
/// eBPF program type: xdp, socket_filter, tc_classifier
#[arg(long, default_value = "xdp")]
pub program_type: String,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
fn parse_program_type(s: &str) -> Result<u8, Box<dyn std::error::Error>> {
match s.to_lowercase().as_str() {
"xdp" => Ok(2),
"socket_filter" | "socket-filter" => Ok(1),
"tc_classifier" | "tc-classifier" | "tc" => Ok(3),
other => Err(format!("Unknown eBPF program type: {other}").into()),
}
}
pub fn run(args: EmbedEbpfArgs) -> Result<(), Box<dyn std::error::Error>> {
let program_type = parse_program_type(&args.program_type)?;
let bytecode = std::fs::read(&args.program)
.map_err(|e| format!("Failed to read eBPF program '{}': {}", args.program, e))?;
let mut store = RvfStore::open(Path::new(&args.file)).map_err(map_rvf_err)?;
let seg_id = store
.embed_ebpf(
program_type,
0, // attach_type
0, // max_dimension (auto)
&bytecode,
None, // no BTF
)
.map_err(map_rvf_err)?;
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "embedded",
"segment_id": seg_id,
"program_type": args.program_type,
"bytecode_size": bytecode.len(),
}));
} else {
println!("eBPF program embedded successfully:");
crate::output::print_kv("Segment ID:", &seg_id.to_string());
crate::output::print_kv("Program type:", &args.program_type);
crate::output::print_kv("Bytecode size:", &format!("{} bytes", bytecode.len()));
}
Ok(())
}

77
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/embed_kernel.rs vendored Normal file
View File

@@ -0,0 +1,77 @@
//! `rvf embed-kernel` -- Embed a kernel image into an RVF file.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct EmbedKernelArgs {
/// Path to the RVF store
pub file: String,
/// Target architecture: x86_64, aarch64
#[arg(long, default_value = "x86_64")]
pub arch: String,
/// Use prebuilt kernel image instead of building
#[arg(long)]
pub prebuilt: bool,
/// Path to kernel image file (bzImage or similar)
#[arg(long)]
pub image_path: Option<String>,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
fn parse_arch(s: &str) -> Result<u8, Box<dyn std::error::Error>> {
match s.to_lowercase().as_str() {
"x86_64" | "x86-64" | "amd64" => Ok(1),
"aarch64" | "arm64" => Ok(2),
"riscv64" => Ok(3),
other => Err(format!("Unknown architecture: {other}").into()),
}
}
pub fn run(args: EmbedKernelArgs) -> Result<(), Box<dyn std::error::Error>> {
let arch = parse_arch(&args.arch)?;
let image_path = args
.image_path
.as_deref()
.ok_or("No kernel image path provided. Use --image-path <path> or --prebuilt")?;
let kernel_image = std::fs::read(image_path)
.map_err(|e| format!("Failed to read kernel image '{}': {}", image_path, e))?;
let mut store = RvfStore::open(Path::new(&args.file)).map_err(map_rvf_err)?;
let seg_id = store
.embed_kernel(
arch,
0, // kernel_type: unikernel
0x01, // kernel_flags: KERNEL_FLAG_SIGNED placeholder
&kernel_image,
8080,
None,
)
.map_err(map_rvf_err)?;
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "embedded",
"segment_id": seg_id,
"arch": args.arch,
"image_size": kernel_image.len(),
}));
} else {
println!("Kernel embedded successfully:");
crate::output::print_kv("Segment ID:", &seg_id.to_string());
crate::output::print_kv("Architecture:", &args.arch);
crate::output::print_kv("Image size:", &format!("{} bytes", kernel_image.len()));
}
Ok(())
}

162
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/filter.rs vendored Normal file
View File

@@ -0,0 +1,162 @@
//! `rvf filter` -- Create a MEMBERSHIP_SEG with include/exclude filter.
use clap::Args;
use std::io::{BufWriter, Seek, SeekFrom, Write};
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct FilterArgs {
/// Path to the RVF store
pub file: String,
/// Comma-separated list of vector IDs to include
#[arg(long, value_delimiter = ',')]
pub include_ids: Option<Vec<u64>>,
/// Comma-separated list of vector IDs to exclude
#[arg(long, value_delimiter = ',')]
pub exclude_ids: Option<Vec<u64>>,
/// Output path (if different from input, creates a derived file)
#[arg(short, long)]
pub output: Option<String>,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
/// MEMBERSHIP_SEG magic: "RVMB"
const MEMBERSHIP_MAGIC: u32 = 0x5256_4D42;
pub fn run(args: FilterArgs) -> Result<(), Box<dyn std::error::Error>> {
let (filter_mode, ids) = match (&args.include_ids, &args.exclude_ids) {
(Some(inc), None) => (0u8, inc.clone()), // include mode
(None, Some(exc)) => (1u8, exc.clone()), // exclude mode
(Some(_), Some(_)) => {
return Err("Cannot specify both --include-ids and --exclude-ids".into());
}
(None, None) => {
return Err("Must specify either --include-ids or --exclude-ids".into());
}
};
let target_path = args.output.as_deref().unwrap_or(&args.file);
// If output is different, derive first
if target_path != args.file {
let parent = RvfStore::open_readonly(Path::new(&args.file)).map_err(map_rvf_err)?;
let child = parent
.derive(
Path::new(target_path),
rvf_types::DerivationType::Filter,
None,
)
.map_err(map_rvf_err)?;
child.close().map_err(map_rvf_err)?;
}
let store = RvfStore::open(Path::new(target_path)).map_err(map_rvf_err)?;
// Build a simple bitmap filter
let max_id = ids.iter().copied().max().unwrap_or(0);
let bitmap_bytes = (max_id / 8 + 1) as usize;
let mut bitmap = vec![0u8; bitmap_bytes];
for &id in &ids {
let byte_idx = (id / 8) as usize;
let bit_idx = (id % 8) as u8;
if byte_idx < bitmap.len() {
bitmap[byte_idx] |= 1 << bit_idx;
}
}
// Build the 96-byte MembershipHeader
let mut header = [0u8; 96];
header[0..4].copy_from_slice(&MEMBERSHIP_MAGIC.to_le_bytes());
header[4..6].copy_from_slice(&1u16.to_le_bytes()); // version
header[6] = 0; // filter_type: bitmap
header[7] = filter_mode;
// vector_count: use max_id+1 as approximation
header[8..16].copy_from_slice(&(max_id + 1).to_le_bytes());
// member_count
header[16..24].copy_from_slice(&(ids.len() as u64).to_le_bytes());
// filter_offset: will be 96 (right after header)
header[24..32].copy_from_slice(&96u64.to_le_bytes());
// filter_size
header[32..36].copy_from_slice(&(bitmap.len() as u32).to_le_bytes());
// generation_id
header[36..40].copy_from_slice(&1u32.to_le_bytes());
// filter_hash: simple hash of bitmap data
let filter_hash = simple_hash(&bitmap);
header[40..72].copy_from_slice(&filter_hash);
// bloom_offset, bloom_size, reserved: all zero (already zeroed)
// Write the MEMBERSHIP_SEG (0x22) as a raw segment
let membership_seg_type = 0x22u8;
let payload = [header.as_slice(), bitmap.as_slice()].concat();
// Write raw segment to end of file
let file = std::fs::OpenOptions::new()
.read(true)
.write(true)
.open(target_path)?;
let mut writer = BufWriter::new(&file);
writer.seek(SeekFrom::End(0))?;
// Write segment header (64 bytes)
let seg_header = build_segment_header(1, membership_seg_type, payload.len() as u64);
writer.write_all(&seg_header)?;
writer.write_all(&payload)?;
writer.flush()?;
file.sync_all()?;
drop(writer);
drop(file);
store.close().map_err(map_rvf_err)?;
let mode_str = if filter_mode == 0 {
"include"
} else {
"exclude"
};
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "filtered",
"mode": mode_str,
"ids_count": ids.len(),
"target": target_path,
}));
} else {
println!("Membership filter created:");
crate::output::print_kv("Mode:", mode_str);
crate::output::print_kv("IDs:", &ids.len().to_string());
crate::output::print_kv("Target:", target_path);
}
Ok(())
}
fn simple_hash(data: &[u8]) -> [u8; 32] {
let mut out = [0u8; 32];
for (i, &b) in data.iter().enumerate() {
out[i % 32] = out[i % 32].wrapping_add(b);
let j = (i + 13) % 32;
out[j] = out[j].wrapping_add(out[i % 32].rotate_left(3));
}
out
}
fn build_segment_header(seg_id: u64, seg_type: u8, payload_len: u64) -> Vec<u8> {
let mut hdr = vec![0u8; 64];
// magic: RVFS = 0x5256_4653
hdr[0..4].copy_from_slice(&0x5256_4653u32.to_le_bytes());
// version
hdr[4] = 1;
// seg_type
hdr[5] = seg_type;
// flags (2 bytes) - zero
// seg_id (8 bytes at offset 0x08)
hdr[0x08..0x10].copy_from_slice(&seg_id.to_le_bytes());
// payload_length (8 bytes at offset 0x10)
hdr[0x10..0x18].copy_from_slice(&payload_len.to_le_bytes());
hdr
}

85
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/freeze.rs vendored Normal file
View File

@@ -0,0 +1,85 @@
//! `rvf freeze` -- Snapshot-freeze the current state of an RVF store.
use clap::Args;
use std::io::{BufWriter, Seek, SeekFrom, Write};
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct FreezeArgs {
/// Path to the RVF store
pub file: String,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
/// REFCOUNT_SEG magic: "RVRC"
const REFCOUNT_MAGIC: u32 = 0x5256_5243;
pub fn run(args: FreezeArgs) -> Result<(), Box<dyn std::error::Error>> {
let store = RvfStore::open(Path::new(&args.file)).map_err(map_rvf_err)?;
let status = store.status();
let snapshot_epoch = status.current_epoch + 1;
// Build a 32-byte RefcountHeader with snapshot_epoch set
let mut header = [0u8; 32];
header[0..4].copy_from_slice(&REFCOUNT_MAGIC.to_le_bytes());
header[4..6].copy_from_slice(&1u16.to_le_bytes()); // version
header[6] = 1; // refcount_width: 1 byte per entry
// cluster_count: 0 (no clusters tracked yet)
// max_refcount: 0
// array_offset: 0 (no array)
// snapshot_epoch
header[0x18..0x1C].copy_from_slice(&snapshot_epoch.to_le_bytes());
// Write a REFCOUNT_SEG (0x21) with the frozen epoch
let seg_type = 0x21u8; // Refcount
let payload = header;
let file = std::fs::OpenOptions::new()
.read(true)
.write(true)
.open(&args.file)?;
let mut writer = BufWriter::new(&file);
writer.seek(SeekFrom::End(0))?;
let seg_header = build_segment_header(1, seg_type, payload.len() as u64);
writer.write_all(&seg_header)?;
writer.write_all(&payload)?;
writer.flush()?;
file.sync_all()?;
drop(writer);
drop(file);
// Emit a witness event for the snapshot
// (witness writing would go through the store's witness path when available)
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "frozen",
"snapshot_epoch": snapshot_epoch,
}));
} else {
println!("Store frozen:");
crate::output::print_kv("Snapshot epoch:", &snapshot_epoch.to_string());
println!(" All further writes will create a new derived generation.");
}
Ok(())
}
fn build_segment_header(seg_id: u64, seg_type: u8, payload_len: u64) -> Vec<u8> {
let mut hdr = vec![0u8; 64];
hdr[0..4].copy_from_slice(&0x5256_4653u32.to_le_bytes());
hdr[4] = 1;
hdr[5] = seg_type;
hdr[0x08..0x10].copy_from_slice(&seg_id.to_le_bytes());
hdr[0x10..0x18].copy_from_slice(&payload_len.to_le_bytes());
hdr
}

85
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/ingest.rs vendored Normal file
View File

@@ -0,0 +1,85 @@
//! `rvf ingest` -- Ingest vectors from a JSON file.
use clap::Args;
use serde::Deserialize;
use std::fs;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct IngestArgs {
/// Path to the RVF store
path: String,
/// Path to the JSON input file (array of {id, vector} objects)
#[arg(short, long)]
input: String,
/// Batch size for ingestion
#[arg(short, long, default_value = "1000")]
batch_size: usize,
/// Output as JSON
#[arg(long)]
json: bool,
}
#[derive(Deserialize)]
struct VectorRecord {
id: u64,
vector: Vec<f32>,
}
pub fn run(args: IngestArgs) -> Result<(), Box<dyn std::error::Error>> {
let json_str = fs::read_to_string(&args.input)?;
let records: Vec<VectorRecord> = serde_json::from_str(&json_str)?;
if records.is_empty() {
if args.json {
crate::output::print_json(&serde_json::json!({
"accepted": 0,
"rejected": 0,
"epoch": 0,
}));
} else {
println!("No records to ingest.");
}
return Ok(());
}
let mut store = RvfStore::open(Path::new(&args.path)).map_err(map_rvf_err)?;
let batch_size = args.batch_size.max(1);
let mut total_accepted = 0u64;
let mut total_rejected = 0u64;
let mut last_epoch = 0u32;
for chunk in records.chunks(batch_size) {
let vec_data: Vec<Vec<f32>> = chunk.iter().map(|r| r.vector.clone()).collect();
let vec_refs: Vec<&[f32]> = vec_data.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = chunk.iter().map(|r| r.id).collect();
let result = store
.ingest_batch(&vec_refs, &ids, None)
.map_err(map_rvf_err)?;
total_accepted += result.accepted;
total_rejected += result.rejected;
last_epoch = result.epoch;
}
store.close().map_err(map_rvf_err)?;
if args.json {
crate::output::print_json(&serde_json::json!({
"accepted": total_accepted,
"rejected": total_rejected,
"epoch": last_epoch,
}));
} else {
println!("Ingestion complete:");
crate::output::print_kv("Accepted:", &total_accepted.to_string());
crate::output::print_kv("Rejected:", &total_rejected.to_string());
crate::output::print_kv("Epoch:", &last_epoch.to_string());
}
Ok(())
}

109
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/inspect.rs vendored Normal file
View File

@@ -0,0 +1,109 @@
//! `rvf inspect` -- Inspect segments and lineage.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use rvf_types::SegmentType;
use super::map_rvf_err;
#[derive(Args)]
pub struct InspectArgs {
/// Path to the RVF store
path: String,
/// Output as JSON
#[arg(long)]
json: bool,
}
fn segment_type_name(seg_type: u8) -> &'static str {
match seg_type {
t if t == SegmentType::Vec as u8 => "Vec",
t if t == SegmentType::Index as u8 => "Index",
t if t == SegmentType::Overlay as u8 => "Overlay",
t if t == SegmentType::Journal as u8 => "Journal",
t if t == SegmentType::Manifest as u8 => "Manifest",
t if t == SegmentType::Quant as u8 => "Quant",
t if t == SegmentType::Meta as u8 => "Meta",
t if t == SegmentType::Hot as u8 => "Hot",
t if t == SegmentType::Sketch as u8 => "Sketch",
t if t == SegmentType::Witness as u8 => "Witness",
t if t == SegmentType::Profile as u8 => "Profile",
t if t == SegmentType::Crypto as u8 => "Crypto",
t if t == SegmentType::MetaIdx as u8 => "MetaIdx",
t if t == SegmentType::Kernel as u8 => "Kernel",
t if t == SegmentType::Ebpf as u8 => "Ebpf",
t if t == SegmentType::CowMap as u8 => "CowMap",
t if t == SegmentType::Refcount as u8 => "Refcount",
t if t == SegmentType::Membership as u8 => "Membership",
t if t == SegmentType::Delta as u8 => "Delta",
_ => "Unknown",
}
}
pub fn run(args: InspectArgs) -> Result<(), Box<dyn std::error::Error>> {
let store = RvfStore::open_readonly(Path::new(&args.path)).map_err(map_rvf_err)?;
let seg_dir = store.segment_dir();
let dimension = store.dimension();
let identity = store.file_identity();
let status = store.status();
if args.json {
let segments: Vec<serde_json::Value> = seg_dir
.iter()
.map(|&(seg_id, offset, payload_len, seg_type)| {
serde_json::json!({
"seg_id": seg_id,
"offset": offset,
"payload_length": payload_len,
"seg_type": seg_type,
"seg_type_name": segment_type_name(seg_type),
})
})
.collect();
crate::output::print_json(&serde_json::json!({
"path": args.path,
"dimension": dimension,
"epoch": status.current_epoch,
"total_vectors": status.total_vectors,
"total_segments": status.total_segments,
"file_size": status.file_size,
"segments": segments,
"lineage": {
"file_id": crate::output::hex(&identity.file_id),
"parent_id": crate::output::hex(&identity.parent_id),
"parent_hash": crate::output::hex(&identity.parent_hash),
"lineage_depth": identity.lineage_depth,
"is_root": identity.is_root(),
},
}));
} else {
println!("RVF Store: {}", args.path);
crate::output::print_kv("Dimension:", &dimension.to_string());
crate::output::print_kv("Epoch:", &status.current_epoch.to_string());
crate::output::print_kv("Vectors:", &status.total_vectors.to_string());
crate::output::print_kv("File size:", &format!("{} bytes", status.file_size));
println!();
println!("Segments ({}):", seg_dir.len());
for &(seg_id, offset, payload_len, seg_type) in seg_dir {
println!(
" seg_id={:<4} type={:<10} offset={:<10} payload={} bytes",
seg_id,
segment_type_name(seg_type),
offset,
payload_len,
);
}
println!();
println!("Lineage:");
crate::output::print_kv("File ID:", &crate::output::hex(&identity.file_id));
crate::output::print_kv("Parent ID:", &crate::output::hex(&identity.parent_id));
crate::output::print_kv("Lineage depth:", &identity.lineage_depth.to_string());
crate::output::print_kv("Is root:", &identity.is_root().to_string());
}
Ok(())
}

111
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/launch.rs vendored Normal file
View File

@@ -0,0 +1,111 @@
//! `rvf launch` -- Boot RVF in QEMU microVM.
use clap::Args;
#[derive(Args)]
pub struct LaunchArgs {
/// Path to the RVF store
pub file: String,
/// API port to forward from the microVM
#[arg(short, long, default_value = "8080")]
pub port: u16,
/// Memory allocation in MB
#[arg(short, long, default_value = "128")]
pub memory_mb: u32,
/// Number of virtual CPUs
#[arg(long, default_value = "1")]
pub vcpus: u32,
/// SSH port to forward (optional)
#[arg(long)]
pub ssh_port: Option<u16>,
/// Disable KVM acceleration (use TCG instead)
#[arg(long)]
pub no_kvm: bool,
/// Override QEMU binary path
#[arg(long)]
pub qemu_binary: Option<String>,
/// Override kernel image path (skip extraction from RVF)
#[arg(long)]
pub kernel: Option<String>,
/// Override initramfs path
#[arg(long)]
pub initramfs: Option<String>,
/// Extra arguments to pass to QEMU
#[arg(long, num_args = 1..)]
pub qemu_args: Vec<String>,
}
#[cfg(feature = "launch")]
pub fn run(args: LaunchArgs) -> Result<(), Box<dyn std::error::Error>> {
use std::path::PathBuf;
use std::time::Duration;
let config = rvf_launch::LaunchConfig {
rvf_path: PathBuf::from(&args.file),
memory_mb: args.memory_mb,
vcpus: args.vcpus,
api_port: args.port,
ssh_port: args.ssh_port,
enable_kvm: !args.no_kvm,
qemu_binary: args.qemu_binary.map(PathBuf::from),
extra_args: args.qemu_args,
kernel_path: args.kernel.map(PathBuf::from),
initramfs_path: args.initramfs.map(PathBuf::from),
};
eprintln!("Launching microVM from {}...", args.file);
eprintln!(" Memory: {} MiB", config.memory_mb);
eprintln!(" vCPUs: {}", config.vcpus);
eprintln!(" API port: {}", config.api_port);
if let Some(ssh) = config.ssh_port {
eprintln!(" SSH port: {}", ssh);
}
eprintln!(
" KVM: {}",
if config.enable_kvm {
"enabled (if available)"
} else {
"disabled"
}
);
let mut vm = rvf_launch::Launcher::launch(&config)?;
eprintln!("MicroVM started (PID {})", vm.pid());
eprintln!("Waiting for VM to become ready (timeout: 30s)...");
match vm.wait_ready(Duration::from_secs(30)) {
Ok(()) => {
eprintln!("VM ready.");
eprintln!(" API: http://127.0.0.1:{}", args.port);
}
Err(e) => {
eprintln!("Warning: VM did not become ready: {e}");
eprintln!("The VM may still be booting. Check the console output.");
}
}
eprintln!("Press Ctrl+C to stop the VM.");
// Wait for Ctrl+C
let (tx, rx) = std::sync::mpsc::channel();
ctrlc::set_handler(move || {
let _ = tx.send(());
})
.map_err(|e| format!("failed to set Ctrl+C handler: {e}"))?;
rx.recv()
.map_err(|e| format!("signal channel error: {e}"))?;
eprintln!("\nShutting down VM...");
vm.shutdown()?;
eprintln!("VM stopped.");
Ok(())
}
#[cfg(not(feature = "launch"))]
pub fn run(_args: LaunchArgs) -> Result<(), Box<dyn std::error::Error>> {
Err("QEMU launcher requires the 'launch' feature. \
Rebuild with: cargo build -p rvf-cli --features launch"
.into())
}

25
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/mod.rs vendored Normal file
View File

@@ -0,0 +1,25 @@
pub mod compact;
pub mod create;
pub mod delete;
pub mod derive;
pub mod embed_ebpf;
pub mod embed_kernel;
pub mod filter;
pub mod freeze;
pub mod ingest;
pub mod inspect;
pub mod launch;
pub mod query;
pub mod rebuild_refcounts;
pub mod serve;
pub mod status;
pub mod verify_attestation;
pub mod verify_witness;
/// Convert an RvfError into a boxed std::error::Error.
///
/// RvfError implements Display but not std::error::Error (it is no_std),
/// so we wrap it in a std::io::Error for CLI error propagation.
pub fn map_rvf_err(e: rvf_types::RvfError) -> Box<dyn std::error::Error> {
Box::new(std::io::Error::other(format!("{e}")))
}

208
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/query.rs vendored Normal file
View File

@@ -0,0 +1,208 @@
//! `rvf query` -- Query nearest neighbors.
use clap::Args;
use std::path::Path;
use rvf_runtime::filter::FilterExpr;
use rvf_runtime::{QueryOptions, RvfStore};
use super::map_rvf_err;
#[derive(Args)]
pub struct QueryArgs {
/// Path to the RVF store
path: String,
/// Query vector as comma-separated floats (e.g. "1.0,0.0,0.5")
#[arg(short, long)]
vector: String,
/// Number of nearest neighbors to return
#[arg(short, long, default_value = "10")]
k: usize,
/// Optional filter as JSON (e.g. '{"eq":{"field":0,"value":{"u64":10}}}')
#[arg(short, long)]
filter: Option<String>,
/// Output as JSON
#[arg(long)]
json: bool,
}
pub fn run(args: QueryArgs) -> Result<(), Box<dyn std::error::Error>> {
let vector: Vec<f32> = args
.vector
.split(',')
.map(|s| {
s.trim()
.parse::<f32>()
.map_err(|e| format!("Invalid vector component '{s}': {e}"))
})
.collect::<Result<Vec<_>, _>>()?;
let filter = match &args.filter {
Some(f) => Some(parse_filter_json(f)?),
None => None,
};
let query_opts = QueryOptions {
filter,
..Default::default()
};
let store = RvfStore::open_readonly(Path::new(&args.path)).map_err(map_rvf_err)?;
let results = store
.query(&vector, args.k, &query_opts)
.map_err(map_rvf_err)?;
if args.json {
let json_results: Vec<serde_json::Value> = results
.iter()
.map(|r| {
serde_json::json!({
"id": r.id,
"distance": r.distance,
})
})
.collect();
crate::output::print_json(&serde_json::json!({
"results": json_results,
"count": results.len(),
}));
} else {
println!("Query results ({} neighbors):", results.len());
for (i, r) in results.iter().enumerate() {
println!(" [{i}] id={} distance={:.6}", r.id, r.distance);
}
}
Ok(())
}
/// Parse a JSON string into a FilterExpr.
///
/// Supported format:
/// {"eq": {"field": 0, "value": {"u64": 42}}}
/// {"ne": {"field": 0, "value": {"string": "cat_a"}}}
/// {"gt": {"field": 1, "value": {"f64": 3.14}}}
/// {"lt": {"field": 1, "value": {"i64": -5}}}
/// {"ge": {"field": 1, "value": {"u64": 100}}}
/// {"le": {"field": 1, "value": {"u64": 100}}}
/// {"and": [<expr>, <expr>, ...]}
/// {"or": [<expr>, <expr>, ...]}
/// {"not": <expr>}
pub fn parse_filter_json(json_str: &str) -> Result<FilterExpr, Box<dyn std::error::Error>> {
let v: serde_json::Value = serde_json::from_str(json_str)?;
parse_filter_value(&v)
}
fn parse_filter_value(v: &serde_json::Value) -> Result<FilterExpr, Box<dyn std::error::Error>> {
let obj = v.as_object().ok_or("filter must be a JSON object")?;
if let Some(inner) = obj.get("eq") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Eq(field, val));
}
if let Some(inner) = obj.get("ne") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Ne(field, val));
}
if let Some(inner) = obj.get("lt") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Lt(field, val));
}
if let Some(inner) = obj.get("le") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Le(field, val));
}
if let Some(inner) = obj.get("gt") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Gt(field, val));
}
if let Some(inner) = obj.get("ge") {
let (field, val) = parse_field_value(inner)?;
return Ok(FilterExpr::Ge(field, val));
}
if let Some(inner) = obj.get("and") {
let arr = inner.as_array().ok_or("'and' value must be an array")?;
let exprs: Result<Vec<_>, _> = arr.iter().map(parse_filter_value).collect();
return Ok(FilterExpr::And(exprs?));
}
if let Some(inner) = obj.get("or") {
let arr = inner.as_array().ok_or("'or' value must be an array")?;
let exprs: Result<Vec<_>, _> = arr.iter().map(parse_filter_value).collect();
return Ok(FilterExpr::Or(exprs?));
}
if let Some(inner) = obj.get("not") {
let expr = parse_filter_value(inner)?;
return Ok(FilterExpr::Not(Box::new(expr)));
}
Err("unrecognized filter operator; expected: eq, ne, lt, le, gt, ge, and, or, not".into())
}
fn parse_field_value(
v: &serde_json::Value,
) -> Result<(u16, rvf_runtime::filter::FilterValue), Box<dyn std::error::Error>> {
let obj = v
.as_object()
.ok_or("comparison must be a JSON object with 'field' and 'value'")?;
let field = obj
.get("field")
.and_then(|f| f.as_u64())
.ok_or("missing or invalid 'field' (must be u16)")? as u16;
let value_obj = obj.get("value").ok_or("missing 'value' in comparison")?;
let filter_val = parse_filter_val(value_obj)?;
Ok((field, filter_val))
}
fn parse_filter_val(
v: &serde_json::Value,
) -> Result<rvf_runtime::filter::FilterValue, Box<dyn std::error::Error>> {
use rvf_runtime::filter::FilterValue;
if let Some(obj) = v.as_object() {
if let Some(val) = obj.get("u64") {
return Ok(FilterValue::U64(
val.as_u64().ok_or("u64 value must be a number")?,
));
}
if let Some(val) = obj.get("i64") {
return Ok(FilterValue::I64(
val.as_i64().ok_or("i64 value must be a number")?,
));
}
if let Some(val) = obj.get("f64") {
return Ok(FilterValue::F64(
val.as_f64().ok_or("f64 value must be a number")?,
));
}
if let Some(val) = obj.get("string") {
return Ok(FilterValue::String(
val.as_str()
.ok_or("string value must be a string")?
.to_string(),
));
}
if let Some(val) = obj.get("bool") {
return Ok(FilterValue::Bool(
val.as_bool().ok_or("bool value must be a boolean")?,
));
}
}
// Fallback: infer type from JSON value directly
if let Some(n) = v.as_u64() {
return Ok(FilterValue::U64(n));
}
if let Some(n) = v.as_i64() {
return Ok(FilterValue::I64(n));
}
if let Some(n) = v.as_f64() {
return Ok(FilterValue::F64(n));
}
if let Some(s) = v.as_str() {
return Ok(FilterValue::String(s.to_string()));
}
if let Some(b) = v.as_bool() {
return Ok(FilterValue::Bool(b));
}
Err("cannot parse filter value; expected {\"u64\": N}, {\"string\": \"...\"}, etc.".into())
}

161
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/rebuild_refcounts.rs vendored Normal file
View File

@@ -0,0 +1,161 @@
//! `rvf rebuild-refcounts` -- Recompute REFCOUNT_SEG from COW map chain.
use clap::Args;
use std::io::{BufReader, BufWriter, Read, Seek, SeekFrom, Write};
use std::path::Path;
use rvf_runtime::RvfStore;
use rvf_types::{SEGMENT_HEADER_SIZE, SEGMENT_MAGIC};
use super::map_rvf_err;
#[derive(Args)]
pub struct RebuildRefcountsArgs {
/// Path to the RVF store
pub file: String,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
/// COW_MAP_SEG magic: "RVCM"
const COW_MAP_MAGIC: u32 = 0x5256_434D;
/// REFCOUNT_SEG magic: "RVRC"
const REFCOUNT_MAGIC: u32 = 0x5256_5243;
/// COW_MAP_SEG type
const COW_MAP_TYPE: u8 = 0x20;
pub fn run(args: RebuildRefcountsArgs) -> Result<(), Box<dyn std::error::Error>> {
let store = RvfStore::open_readonly(Path::new(&args.file)).map_err(map_rvf_err)?;
// Read the raw file to scan for COW map segments
let file = std::fs::File::open(&args.file)?;
let mut reader = BufReader::new(file);
reader.seek(SeekFrom::Start(0))?;
let mut raw_bytes = Vec::new();
reader.read_to_end(&mut raw_bytes)?;
let magic_bytes = SEGMENT_MAGIC.to_le_bytes();
let mut cluster_count = 0u32;
let mut local_cluster_count = 0u32;
// Scan for COW_MAP_SEG entries
let mut i = 0usize;
while i + SEGMENT_HEADER_SIZE <= raw_bytes.len() {
if raw_bytes[i..i + 4] == magic_bytes && raw_bytes[i + 5] == COW_MAP_TYPE {
let payload_len = u64::from_le_bytes([
raw_bytes[i + 0x10],
raw_bytes[i + 0x11],
raw_bytes[i + 0x12],
raw_bytes[i + 0x13],
raw_bytes[i + 0x14],
raw_bytes[i + 0x15],
raw_bytes[i + 0x16],
raw_bytes[i + 0x17],
]);
let payload_start = i + SEGMENT_HEADER_SIZE;
let payload_end = payload_start + payload_len as usize;
if payload_end <= raw_bytes.len() && payload_len >= 64 {
// Read CowMapHeader fields
let cow_magic = u32::from_le_bytes([
raw_bytes[payload_start],
raw_bytes[payload_start + 1],
raw_bytes[payload_start + 2],
raw_bytes[payload_start + 3],
]);
if cow_magic == COW_MAP_MAGIC {
cluster_count = u32::from_le_bytes([
raw_bytes[payload_start + 0x48],
raw_bytes[payload_start + 0x49],
raw_bytes[payload_start + 0x4A],
raw_bytes[payload_start + 0x4B],
]);
local_cluster_count = u32::from_le_bytes([
raw_bytes[payload_start + 0x4C],
raw_bytes[payload_start + 0x4D],
raw_bytes[payload_start + 0x4E],
raw_bytes[payload_start + 0x4F],
]);
}
}
let advance = SEGMENT_HEADER_SIZE + payload_len as usize;
if advance > 0 && i.checked_add(advance).is_some() {
i += advance;
} else {
i += 1;
}
} else {
i += 1;
}
}
drop(store);
if cluster_count == 0 {
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "no_cow_map",
"message": "No COW map found; nothing to rebuild",
}));
} else {
println!("No COW map found in file. Nothing to rebuild.");
}
return Ok(());
}
// Build refcount array: 1 byte per cluster, all set to 1 (base reference)
let refcount_array = vec![1u8; cluster_count as usize];
// Build 32-byte RefcountHeader
let mut header = [0u8; 32];
header[0..4].copy_from_slice(&REFCOUNT_MAGIC.to_le_bytes());
header[4..6].copy_from_slice(&1u16.to_le_bytes()); // version
header[6] = 1; // refcount_width: 1 byte
header[8..12].copy_from_slice(&cluster_count.to_le_bytes());
header[12..16].copy_from_slice(&1u32.to_le_bytes()); // max_refcount
header[16..24].copy_from_slice(&32u64.to_le_bytes()); // array_offset (after header)
// snapshot_epoch: 0 (mutable)
// reserved: 0
let payload = [header.as_slice(), refcount_array.as_slice()].concat();
// Write REFCOUNT_SEG to end of file
let file = std::fs::OpenOptions::new()
.read(true)
.write(true)
.open(&args.file)?;
let mut writer = BufWriter::new(&file);
writer.seek(SeekFrom::End(0))?;
let seg_header = build_segment_header(1, 0x21, payload.len() as u64);
writer.write_all(&seg_header)?;
writer.write_all(&payload)?;
writer.flush()?;
file.sync_all()?;
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "rebuilt",
"cluster_count": cluster_count,
"local_clusters": local_cluster_count,
}));
} else {
println!("Refcounts rebuilt:");
crate::output::print_kv("Cluster count:", &cluster_count.to_string());
crate::output::print_kv("Local clusters:", &local_cluster_count.to_string());
}
Ok(())
}
fn build_segment_header(seg_id: u64, seg_type: u8, payload_len: u64) -> Vec<u8> {
let mut hdr = vec![0u8; 64];
hdr[0..4].copy_from_slice(&0x5256_4653u32.to_le_bytes());
hdr[4] = 1;
hdr[5] = seg_type;
hdr[0x08..0x10].copy_from_slice(&seg_id.to_le_bytes());
hdr[0x10..0x18].copy_from_slice(&payload_len.to_le_bytes());
hdr
}

39
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/serve.rs vendored Normal file
View File

@@ -0,0 +1,39 @@
//! `rvf serve` -- Start HTTP/TCP server for an RVF store.
use clap::Args;
#[derive(Args)]
pub struct ServeArgs {
/// Path to the RVF store
pub path: String,
/// HTTP server port
#[arg(short, long, default_value = "8080")]
pub port: u16,
/// TCP streaming port (defaults to HTTP port + 1000)
#[arg(long)]
pub tcp_port: Option<u16>,
}
pub fn run(args: ServeArgs) -> Result<(), Box<dyn std::error::Error>> {
#[cfg(feature = "serve")]
{
let rt = tokio::runtime::Runtime::new()?;
rt.block_on(async {
let config = rvf_server::ServerConfig {
http_port: args.port,
tcp_port: args.tcp_port.unwrap_or(args.port + 1000),
data_path: std::path::PathBuf::from(&args.path),
dimension: 0, // auto-detect from file
};
rvf_server::run(config).await
})
}
#[cfg(not(feature = "serve"))]
{
let _ = args;
eprintln!(
"The 'serve' feature is not enabled. Rebuild with: cargo build -p rvf-cli --features serve"
);
Ok(())
}
}

46
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/status.rs vendored Normal file
View File

@@ -0,0 +1,46 @@
//! `rvf status` -- Show store status.
use clap::Args;
use std::path::Path;
use rvf_runtime::RvfStore;
use super::map_rvf_err;
#[derive(Args)]
pub struct StatusArgs {
/// Path to the RVF store
path: String,
/// Output as JSON
#[arg(long)]
json: bool,
}
pub fn run(args: StatusArgs) -> Result<(), Box<dyn std::error::Error>> {
let store = RvfStore::open_readonly(Path::new(&args.path)).map_err(map_rvf_err)?;
let status = store.status();
if args.json {
crate::output::print_json(&serde_json::json!({
"total_vectors": status.total_vectors,
"total_segments": status.total_segments,
"file_size": status.file_size,
"epoch": status.current_epoch,
"profile_id": status.profile_id,
"dead_space_ratio": status.dead_space_ratio,
"read_only": status.read_only,
}));
} else {
println!("RVF Store: {}", args.path);
crate::output::print_kv("Vectors:", &status.total_vectors.to_string());
crate::output::print_kv("Segments:", &status.total_segments.to_string());
crate::output::print_kv("File size:", &format!("{} bytes", status.file_size));
crate::output::print_kv("Epoch:", &status.current_epoch.to_string());
crate::output::print_kv("Profile:", &status.profile_id.to_string());
crate::output::print_kv(
"Dead space:",
&format!("{:.1}%", status.dead_space_ratio * 100.0),
);
}
Ok(())
}

267
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/verify_attestation.rs vendored Normal file
View File

@@ -0,0 +1,267 @@
//! `rvf verify-attestation` -- Verify KernelBinding and attestation.
//!
//! Validates the KERNEL_SEG header magic, computes the SHAKE-256-256
//! hash of the kernel image and compares it against the hash stored
//! in the header, inspects the KernelBinding, and scans for any
//! WITNESS_SEG payloads that contain attestation witness chains.
use clap::Args;
use std::io::{BufReader, Read};
use std::path::Path;
use rvf_crypto::{shake256_256, verify_attestation_witness_payload};
use rvf_runtime::RvfStore;
use rvf_types::kernel::KERNEL_MAGIC;
use rvf_types::{SegmentType, SEGMENT_HEADER_SIZE, SEGMENT_MAGIC};
use super::map_rvf_err;
#[derive(Args)]
pub struct VerifyAttestationArgs {
/// Path to the RVF store
pub file: String,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
/// Scan raw file bytes for WITNESS_SEG payloads that look like attestation
/// witness payloads (first 4 bytes decode to a chain_entry_count > 0).
fn find_attestation_witness_payloads(raw: &[u8]) -> Vec<Vec<u8>> {
let magic_bytes = SEGMENT_MAGIC.to_le_bytes();
let mut results = Vec::new();
let mut i = 0usize;
while i + SEGMENT_HEADER_SIZE <= raw.len() {
if raw[i..i + 4] == magic_bytes {
let seg_type = raw[i + 5];
let payload_len = u64::from_le_bytes([
raw[i + 0x10],
raw[i + 0x11],
raw[i + 0x12],
raw[i + 0x13],
raw[i + 0x14],
raw[i + 0x15],
raw[i + 0x16],
raw[i + 0x17],
]) as usize;
let payload_start = i + SEGMENT_HEADER_SIZE;
let payload_end = payload_start + payload_len;
if seg_type == SegmentType::Witness as u8
&& payload_end <= raw.len()
&& payload_len >= 4
{
let payload = &raw[payload_start..payload_end];
// Attestation witness payloads start with a u32 count + offset
// table. A plain witness chain (raw entries) would have bytes
// that decode to a much larger count value, so this heuristic
// is reasonable. We attempt full verification below anyway.
let count =
u32::from_le_bytes([payload[0], payload[1], payload[2], payload[3]]) as usize;
// A plausible attestation payload: count fits in the payload
// with offset table + chain entries + at least some records.
let min_size = 4 + count * 8 + count * 73;
if count > 0 && count < 10_000 && payload_len >= min_size {
results.push(payload.to_vec());
}
}
let advance = SEGMENT_HEADER_SIZE + payload_len;
if advance > 0 && i.checked_add(advance).is_some() {
i += advance;
} else {
i += 1;
}
} else {
i += 1;
}
}
results
}
pub fn run(args: VerifyAttestationArgs) -> Result<(), Box<dyn std::error::Error>> {
let store = RvfStore::open_readonly(Path::new(&args.file)).map_err(map_rvf_err)?;
let kernel_data = store.extract_kernel().map_err(map_rvf_err)?;
// Also scan for attestation witness payloads in the file.
let raw_bytes = {
let file = std::fs::File::open(&args.file)?;
let mut reader = BufReader::new(file);
let mut buf = Vec::new();
reader.read_to_end(&mut buf)?;
buf
};
let att_payloads = find_attestation_witness_payloads(&raw_bytes);
match kernel_data {
None => {
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "no_kernel",
"message": "No KERNEL_SEG found in file",
"attestation_witnesses": att_payloads.len(),
}));
} else {
println!("No KERNEL_SEG found in file.");
if !att_payloads.is_empty() {
println!();
println!(
" Found {} attestation witness payload(s) -- see verify-witness.",
att_payloads.len()
);
}
}
}
Some((header_bytes, image_bytes)) => {
// -- 1. Verify kernel header magic -----------------------------------
let magic = u32::from_le_bytes([
header_bytes[0],
header_bytes[1],
header_bytes[2],
header_bytes[3],
]);
let magic_valid = magic == KERNEL_MAGIC;
// -- 2. Verify image hash --------------------------------------------
// The header stores the SHAKE-256-256 hash of the image at offset
// 0x30..0x50 (32 bytes).
let stored_image_hash = &header_bytes[0x30..0x50];
let computed_image_hash = shake256_256(&image_bytes);
let image_hash_valid = stored_image_hash == computed_image_hash.as_slice();
let stored_hash_hex = crate::output::hex(stored_image_hash);
let computed_hash_hex = crate::output::hex(&computed_image_hash);
// -- 3. Check KernelBinding (128 bytes after 128-byte header) --------
let has_binding = image_bytes.len() >= 128;
let mut binding_valid = false;
let mut manifest_hash_hex = String::new();
let mut policy_hash_hex = String::new();
if has_binding {
let binding_bytes = &image_bytes[..128];
manifest_hash_hex = crate::output::hex(&binding_bytes[0..32]);
policy_hash_hex = crate::output::hex(&binding_bytes[32..64]);
let binding_version = u16::from_le_bytes([binding_bytes[64], binding_bytes[65]]);
binding_valid = binding_version > 0;
}
// -- 4. Verify arch --------------------------------------------------
let arch = header_bytes[0x06];
let arch_name = match arch {
1 => "x86_64",
2 => "aarch64",
3 => "riscv64",
_ => "unknown",
};
// -- 5. Verify attestation witness payloads --------------------------
let mut att_verified: usize = 0;
let mut att_entries_total: usize = 0;
let mut att_errors: Vec<String> = Vec::new();
for (idx, payload) in att_payloads.iter().enumerate() {
match verify_attestation_witness_payload(payload) {
Ok(entries) => {
att_verified += 1;
att_entries_total += entries.len();
}
Err(e) => {
att_errors.push(format!("Attestation witness #{}: {}", idx, e));
}
}
}
// -- 6. Overall status -----------------------------------------------
let overall_valid = magic_valid && image_hash_valid && att_errors.is_empty();
if args.json {
crate::output::print_json(&serde_json::json!({
"status": if overall_valid { "valid" } else { "invalid" },
"magic_valid": magic_valid,
"arch": arch_name,
"image_hash_valid": image_hash_valid,
"stored_image_hash": stored_hash_hex,
"computed_image_hash": computed_hash_hex,
"has_kernel_binding": binding_valid,
"manifest_root_hash": if binding_valid { &manifest_hash_hex } else { "" },
"policy_hash": if binding_valid { &policy_hash_hex } else { "" },
"image_size": image_bytes.len(),
"attestation_witnesses": att_payloads.len(),
"attestation_verified": att_verified,
"attestation_entries": att_entries_total,
"attestation_errors": att_errors,
}));
} else {
println!("Attestation verification:");
crate::output::print_kv("Magic valid:", &magic_valid.to_string());
crate::output::print_kv("Architecture:", arch_name);
crate::output::print_kv("Image size:", &format!("{} bytes", image_bytes.len()));
println!();
// Image hash verification output.
crate::output::print_kv("Stored image hash:", &stored_hash_hex);
crate::output::print_kv("Computed image hash:", &computed_hash_hex);
if image_hash_valid {
println!(" Image hash: MATCH");
} else {
println!(" Image hash: MISMATCH -- image may be tampered!");
}
if binding_valid {
println!();
println!(" KernelBinding present:");
crate::output::print_kv("Manifest hash:", &manifest_hash_hex);
crate::output::print_kv("Policy hash:", &policy_hash_hex);
} else {
println!();
println!(" No KernelBinding found (legacy format or unsigned stub).");
}
if !att_payloads.is_empty() {
println!();
crate::output::print_kv(
"Attestation witnesses:",
&format!(
"{} payload(s), {} verified, {} entries",
att_payloads.len(),
att_verified,
att_entries_total
),
);
if !att_errors.is_empty() {
println!(" WARNING: attestation witness errors:");
for err in &att_errors {
println!(" - {}", err);
}
}
}
println!();
if overall_valid {
println!(" Attestation verification PASSED.");
} else {
let mut reasons = Vec::new();
if !magic_valid {
reasons.push("invalid magic");
}
if !image_hash_valid {
reasons.push("image hash mismatch");
}
if !att_errors.is_empty() {
reasons.push("attestation witness error(s)");
}
println!(" Attestation verification FAILED: {}", reasons.join(", "));
}
}
}
}
Ok(())
}

258
vendor/ruvector/crates/rvf/rvf-cli/src/cmd/verify_witness.rs vendored Normal file
View File

@@ -0,0 +1,258 @@
//! `rvf verify-witness` -- Verify all witness events in chain.
//!
//! Scans the RVF file for WITNESS_SEG segments, extracts the payload
//! bytes, and runs `rvf_crypto::verify_witness_chain()` to validate
//! the full SHAKE-256 hash chain. Reports entry count, chain
//! validity, first/last timestamps, and any chain breaks.
use clap::Args;
use std::io::{BufReader, Read};
use rvf_crypto::witness::{verify_witness_chain, WitnessEntry};
use rvf_types::{SegmentType, SEGMENT_HEADER_SIZE, SEGMENT_MAGIC};
#[derive(Args)]
pub struct VerifyWitnessArgs {
/// Path to the RVF store
pub file: String,
/// Output as JSON
#[arg(long)]
pub json: bool,
}
/// Result of verifying one witness segment's chain.
struct ChainResult {
/// Number of entries decoded from this segment.
entry_count: usize,
/// Whether the hash chain is intact.
chain_valid: bool,
/// Decoded entries (empty when chain_valid == false).
entries: Vec<WitnessEntry>,
/// Human-readable error, if any.
error: Option<String>,
}
/// Extract all WITNESS_SEG payloads from the raw file bytes.
///
/// Returns a vec of `(segment_offset, payload_bytes)`.
fn extract_witness_payloads(raw: &[u8]) -> Vec<(usize, Vec<u8>)> {
let magic_bytes = SEGMENT_MAGIC.to_le_bytes();
let mut results = Vec::new();
let mut i = 0usize;
while i + SEGMENT_HEADER_SIZE <= raw.len() {
if raw[i..i + 4] == magic_bytes {
let seg_type = raw[i + 5];
let payload_len = u64::from_le_bytes([
raw[i + 0x10],
raw[i + 0x11],
raw[i + 0x12],
raw[i + 0x13],
raw[i + 0x14],
raw[i + 0x15],
raw[i + 0x16],
raw[i + 0x17],
]) as usize;
let payload_start = i + SEGMENT_HEADER_SIZE;
let payload_end = payload_start + payload_len;
if seg_type == SegmentType::Witness as u8 && payload_end <= raw.len() {
let payload = raw[payload_start..payload_end].to_vec();
results.push((i, payload));
}
// Advance past this segment.
let advance = SEGMENT_HEADER_SIZE + payload_len;
if advance > 0 && i.checked_add(advance).is_some() {
i += advance;
} else {
i += 1;
}
} else {
i += 1;
}
}
results
}
/// Verify a single witness payload through the crypto chain.
fn verify_payload(payload: &[u8]) -> ChainResult {
if payload.is_empty() {
return ChainResult {
entry_count: 0,
chain_valid: true,
entries: Vec::new(),
error: None,
};
}
match verify_witness_chain(payload) {
Ok(entries) => ChainResult {
entry_count: entries.len(),
chain_valid: true,
entries,
error: None,
},
Err(e) => {
// Try to estimate how many entries were in the payload
// (73 bytes per entry).
let estimated = payload.len() / 73;
ChainResult {
entry_count: estimated,
chain_valid: false,
entries: Vec::new(),
error: Some(format!("{e}")),
}
}
}
}
/// Format a nanosecond timestamp as a human-readable UTC string.
fn format_timestamp_ns(ns: u64) -> String {
if ns == 0 {
return "0 (genesis)".to_string();
}
let secs = ns / 1_000_000_000;
let sub_ns = ns % 1_000_000_000;
format!("{secs}.{sub_ns:09}s (unix epoch)")
}
/// Map witness_type byte to a name.
fn witness_type_name(wt: u8) -> &'static str {
match wt {
0x01 => "PROVENANCE",
0x02 => "COMPUTATION",
0x03 => "PLATFORM_ATTESTATION",
0x04 => "KEY_BINDING",
0x05 => "DATA_PROVENANCE",
_ => "UNKNOWN",
}
}
pub fn run(args: VerifyWitnessArgs) -> Result<(), Box<dyn std::error::Error>> {
// Read the entire file into memory for segment scanning.
let file = std::fs::File::open(&args.file)?;
let mut reader = BufReader::new(file);
let mut raw_bytes = Vec::new();
reader.read_to_end(&mut raw_bytes)?;
let payloads = extract_witness_payloads(&raw_bytes);
if payloads.is_empty() {
if args.json {
crate::output::print_json(&serde_json::json!({
"status": "no_witnesses",
"witness_segments": 0,
"total_entries": 0,
}));
} else {
println!("No witness segments found in file.");
}
return Ok(());
}
// Verify each witness segment's chain.
let mut total_entries: usize = 0;
let mut total_valid_chains: usize = 0;
let mut all_entries: Vec<WitnessEntry> = Vec::new();
let mut chain_results: Vec<serde_json::Value> = Vec::new();
let mut chain_breaks: Vec<String> = Vec::new();
for (idx, (seg_offset, payload)) in payloads.iter().enumerate() {
let result = verify_payload(payload);
total_entries += result.entry_count;
if result.chain_valid {
total_valid_chains += 1;
all_entries.extend(result.entries.iter().cloned());
} else {
chain_breaks.push(format!(
"Segment #{} at offset 0x{:X}: {}",
idx,
seg_offset,
result.error.as_deref().unwrap_or("unknown error"),
));
}
if args.json {
let first_ts = result.entries.first().map(|e| e.timestamp_ns).unwrap_or(0);
let last_ts = result.entries.last().map(|e| e.timestamp_ns).unwrap_or(0);
chain_results.push(serde_json::json!({
"segment_index": idx,
"segment_offset": format!("0x{:X}", seg_offset),
"entry_count": result.entry_count,
"chain_valid": result.chain_valid,
"first_timestamp_ns": first_ts,
"last_timestamp_ns": last_ts,
"error": result.error,
}));
}
}
let first_ts = all_entries.first().map(|e| e.timestamp_ns).unwrap_or(0);
let last_ts = all_entries.last().map(|e| e.timestamp_ns).unwrap_or(0);
let all_valid = total_valid_chains == payloads.len();
if args.json {
crate::output::print_json(&serde_json::json!({
"status": if all_valid { "valid" } else { "invalid" },
"witness_segments": payloads.len(),
"valid_chains": total_valid_chains,
"total_entries": total_entries,
"first_timestamp_ns": first_ts,
"last_timestamp_ns": last_ts,
"chain_breaks": chain_breaks,
"segments": chain_results,
}));
} else {
println!("Witness chain verification (cryptographic):");
println!();
crate::output::print_kv("Witness segments:", &payloads.len().to_string());
crate::output::print_kv(
"Valid chains:",
&format!("{}/{}", total_valid_chains, payloads.len()),
);
crate::output::print_kv("Total entries:", &total_entries.to_string());
if !all_entries.is_empty() {
println!();
crate::output::print_kv("First timestamp:", &format_timestamp_ns(first_ts));
crate::output::print_kv("Last timestamp:", &format_timestamp_ns(last_ts));
// Show witness type distribution.
let mut type_counts = std::collections::HashMap::new();
for entry in &all_entries {
*type_counts.entry(entry.witness_type).or_insert(0u64) += 1;
}
println!();
println!(" Entry types:");
let mut types: Vec<_> = type_counts.iter().collect();
types.sort_by_key(|(k, _)| **k);
for (wt, count) in types {
println!(
" 0x{:02X} ({:20}): {}",
wt,
witness_type_name(*wt),
count
);
}
}
println!();
if all_valid {
println!(" All witness hash chains verified successfully.");
} else {
println!(
" WARNING: {} chain(s) failed verification:",
chain_breaks.len()
);
for brk in &chain_breaks {
println!(" - {}", brk);
}
}
}
Ok(())
}

77
vendor/ruvector/crates/rvf/rvf-cli/src/main.rs vendored Normal file
View File

@@ -0,0 +1,77 @@
use clap::{Parser, Subcommand};
use std::process;
mod cmd;
mod output;
#[derive(Parser)]
#[command(name = "rvf", version, about = "RuVector Format CLI")]
struct Cli {
#[command(subcommand)]
command: Commands,
}
#[derive(Subcommand)]
enum Commands {
/// Create a new empty RVF store
Create(cmd::create::CreateArgs),
/// Ingest vectors from a JSON file
Ingest(cmd::ingest::IngestArgs),
/// Query nearest neighbors
Query(cmd::query::QueryArgs),
/// Delete vectors by ID or filter
Delete(cmd::delete::DeleteArgs),
/// Show store status
Status(cmd::status::StatusArgs),
/// Inspect segments and lineage
Inspect(cmd::inspect::InspectArgs),
/// Compact to reclaim dead space
Compact(cmd::compact::CompactArgs),
/// Derive a child store from a parent
Derive(cmd::derive::DeriveArgs),
/// Start HTTP server (requires 'serve' feature)
Serve(cmd::serve::ServeArgs),
/// Boot RVF in QEMU microVM
Launch(cmd::launch::LaunchArgs),
/// Embed a kernel image into an RVF file
EmbedKernel(cmd::embed_kernel::EmbedKernelArgs),
/// Embed an eBPF program into an RVF file
EmbedEbpf(cmd::embed_ebpf::EmbedEbpfArgs),
/// Create a membership filter for shared HNSW
Filter(cmd::filter::FilterArgs),
/// Snapshot-freeze the current state
Freeze(cmd::freeze::FreezeArgs),
/// Verify all witness events in chain
VerifyWitness(cmd::verify_witness::VerifyWitnessArgs),
/// Verify KernelBinding and attestation
VerifyAttestation(cmd::verify_attestation::VerifyAttestationArgs),
/// Rebuild REFCOUNT_SEG from COW map chain
RebuildRefcounts(cmd::rebuild_refcounts::RebuildRefcountsArgs),
}
fn main() {
let cli = Cli::parse();
let result = match cli.command {
Commands::Create(args) => cmd::create::run(args),
Commands::Ingest(args) => cmd::ingest::run(args),
Commands::Query(args) => cmd::query::run(args),
Commands::Delete(args) => cmd::delete::run(args),
Commands::Status(args) => cmd::status::run(args),
Commands::Inspect(args) => cmd::inspect::run(args),
Commands::Compact(args) => cmd::compact::run(args),
Commands::Derive(args) => cmd::derive::run(args),
Commands::Serve(args) => cmd::serve::run(args),
Commands::Launch(args) => cmd::launch::run(args),
Commands::EmbedKernel(args) => cmd::embed_kernel::run(args),
Commands::EmbedEbpf(args) => cmd::embed_ebpf::run(args),
Commands::Filter(args) => cmd::filter::run(args),
Commands::Freeze(args) => cmd::freeze::run(args),
Commands::VerifyWitness(args) => cmd::verify_witness::run(args),
Commands::VerifyAttestation(args) => cmd::verify_attestation::run(args),
Commands::RebuildRefcounts(args) => cmd::rebuild_refcounts::run(args),
};
if let Err(e) = result {
eprintln!("error: {e}");
process::exit(1);
}
}

21
vendor/ruvector/crates/rvf/rvf-cli/src/output.rs vendored Normal file
View File

@@ -0,0 +1,21 @@
//! Shared output formatting helpers.
use serde::Serialize;
/// Print a value as pretty-printed JSON.
pub fn print_json<T: Serialize>(value: &T) {
println!(
"{}",
serde_json::to_string_pretty(value).unwrap_or_default()
);
}
/// Print a key-value pair with aligned formatting.
pub fn print_kv(key: &str, value: &str) {
println!(" {:<20} {}", key, value);
}
/// Format a byte array as a hex string.
pub fn hex(bytes: &[u8]) -> String {
bytes.iter().map(|b| format!("{b:02x}")).collect()
}

25
vendor/ruvector/crates/rvf/rvf-crypto/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,25 @@
[package]
name = "rvf-crypto"
version = "0.2.0"
edition = "2021"
description = "RuVector Format cryptographic primitives -- SHA-3 hashing and Ed25519 signing"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["cryptography", "authentication"]
keywords = ["vector", "crypto", "sha3", "ed25519", "rvf"]
rust-version = "1.87"
[features]
default = ["std", "ed25519"]
std = ["sha3/std"]
ed25519 = ["dep:ed25519-dalek"]
[dependencies]
rvf-types = { version = "0.2.0", path = "../rvf-types" }
sha3 = { version = "0.10", default-features = false }
ed25519-dalek = { version = "2", features = ["rand_core"], optional = true }
[dev-dependencies]
rand = "0.8"

90
vendor/ruvector/crates/rvf/rvf-crypto/README.md vendored Normal file
View File

@@ -0,0 +1,90 @@
# rvf-crypto
[![Crates.io](https://img.shields.io/crates/v/rvf-crypto.svg)](https://crates.io/crates/rvf-crypto)
[![License: MIT OR Apache-2.0](https://img.shields.io/badge/License-MIT%20OR%20Apache--2.0-blue.svg)](https://opensource.org/licenses/MIT)
**Tamper-proof hashing and signing for every RVF segment -- SHA-3 digests, Ed25519 signatures, and lineage witness chains.**
```toml
rvf-crypto = "0.1"
```
Every operation on an RVF file gets recorded in a cryptographic witness chain. `rvf-crypto` provides the primitives that make this possible: SHA-3 (SHAKE-256) content hashing for segment identity, Ed25519 digital signatures for provenance, and lineage verification functions that ensure no record in the chain has been altered. If you are building tools that read, write, or transform `.rvf` files, this crate handles all the cryptography so you do not have to.
| | rvf-crypto | Manual hashing + signing | No integrity checks |
|---|---|---|---|
| **Segment identity** | SHAKE-256-256 content-addressable IDs | Roll your own digest scheme | Rely on filenames |
| **Provenance** | Ed25519 signatures on every segment | Integrate a signing library yourself | Trust the source blindly |
| **Lineage verification** | One function call validates an entire chain | Write chain-walking logic from scratch | No verification possible |
| **no_std / WASM** | Hashing works without std; signing is feature-gated | Varies by library | N/A |
## Quick Start
```rust
use rvf_crypto::lineage::{lineage_record_to_bytes, lineage_record_from_bytes, verify_lineage_chain};
use rvf_types::{LineageRecord, DerivationType, FileIdentity};
// Serialize a lineage record to a fixed 128-byte array
let record = LineageRecord::new(
[1u8; 16], [2u8; 16], [3u8; 32],
DerivationType::Filter, 5, 1_700_000_000_000_000_000,
"filtered by category",
);
let bytes = lineage_record_to_bytes(&record);
let decoded = lineage_record_from_bytes(&bytes).unwrap();
assert_eq!(decoded.description_str(), "filtered by category");
// Verify a parent-child lineage chain
let root = FileIdentity::new_root([1u8; 16]);
let root_hash = [0xAAu8; 32];
let child = FileIdentity {
file_id: [2u8; 16],
parent_id: [1u8; 16],
parent_hash: root_hash,
lineage_depth: 1,
};
verify_lineage_chain(&[(root, root_hash), (child, [0xBBu8; 32])]).unwrap();
```
## Key Features
| Feature | What It Does | Why It Matters |
|---|---|---|
| **SHA-3 (SHAKE-256)** | Content-addressable hashing for segment identifiers | Every segment gets a unique, collision-resistant ID |
| **Ed25519 signing** | Segment-level digital signatures via `ed25519-dalek` | Proves who created or modified a segment |
| **Lineage witness chains** | Cryptographic chain linking parent and child segments | Detects tampering anywhere in the derivation history |
| **Record serialization** | Fixed 128-byte binary codec for `LineageRecord` | Compact, deterministic encoding for witness entries |
| **Manifest hashing** | SHAKE-256-256 over 4096-byte manifests | Anchors `FileIdentity` parent references to real data |
| **Chain verification** | `verify_lineage_chain()` validates root-to-leaf integrity | One call proves the entire history is intact |
## Feature Flags
| Flag | Default | What It Enables |
|---|---|---|
| `std` | Yes | Standard library support |
| `ed25519` | Yes | Ed25519 signing via `ed25519-dalek` |
For `no_std` or WASM targets that only need hashing and witness chains (no signing), disable defaults:
```toml
[dependencies]
rvf-crypto = { version = "0.1", default-features = false }
```
## API Reference
| Function | Description |
|---|---|
| `lineage_record_to_bytes(record)` | Serialize a `LineageRecord` to a fixed 128-byte array |
| `lineage_record_from_bytes(bytes)` | Deserialize a `LineageRecord` from 128 bytes |
| `lineage_witness_entry(record, prev_hash)` | Create a `WitnessEntry` (type `0x09`) for a derivation event |
| `compute_manifest_hash(manifest)` | SHAKE-256-256 digest over a 4096-byte manifest |
| `verify_lineage_chain(chain)` | Validate parent-child integrity from root to leaf |
## License
MIT OR Apache-2.0
---
Part of [RuVector](https://github.com/ruvnet/ruvector) -- the self-learning vector database.

839
vendor/ruvector/crates/rvf/rvf-crypto/src/attestation.rs vendored Normal file
View File

@@ -0,0 +1,839 @@
//! Confidential Core attestation module.
//!
//! Provides encoding/decoding of attestation records for WITNESS_SEG,
//! attestation-aware witness chain extensions, key-binding helpers for
//! CRYPTO_SEG, and a trait for pluggable platform-specific verification.
use alloc::vec::Vec;
use rvf_types::{AttestationHeader, AttestationWitnessType, ErrorCode, RvfError, TeePlatform};
use crate::hash::shake256_256;
use crate::witness::{create_witness_chain, verify_witness_chain, WitnessEntry};
// ---------------------------------------------------------------------------
// 1. AttestationHeader Codec
// ---------------------------------------------------------------------------
/// Size of a serialized `AttestationHeader` on the wire.
const ATTESTATION_HEADER_SIZE: usize = 112;
/// Size of one serialized witness entry (must match witness module).
const WITNESS_ENTRY_SIZE: usize = 73;
/// Encode an `AttestationHeader` to its 112-byte wire representation.
pub fn encode_attestation_header(header: &AttestationHeader) -> [u8; ATTESTATION_HEADER_SIZE] {
let mut buf = [0u8; ATTESTATION_HEADER_SIZE];
buf[0x00] = header.platform;
buf[0x01] = header.attestation_type;
buf[0x02..0x04].copy_from_slice(&header.quote_length.to_le_bytes());
buf[0x04..0x08].copy_from_slice(&header.reserved_0.to_le_bytes());
buf[0x08..0x28].copy_from_slice(&header.measurement);
buf[0x28..0x48].copy_from_slice(&header.signer_id);
buf[0x48..0x50].copy_from_slice(&header.timestamp_ns.to_le_bytes());
buf[0x50..0x60].copy_from_slice(&header.nonce);
buf[0x60..0x62].copy_from_slice(&header.svn.to_le_bytes());
buf[0x62..0x64].copy_from_slice(&header.sig_algo.to_le_bytes());
buf[0x64] = header.flags;
buf[0x65..0x68].copy_from_slice(&header.reserved_1);
buf[0x68..0x70].copy_from_slice(&header.report_data_len.to_le_bytes());
buf
}
/// Decode an `AttestationHeader` from wire bytes.
///
/// Returns `ErrorCode::TruncatedSegment` if `data.len() < 112`.
pub fn decode_attestation_header(data: &[u8]) -> Result<AttestationHeader, RvfError> {
if data.len() < ATTESTATION_HEADER_SIZE {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let platform = data[0x00];
let attestation_type = data[0x01];
let quote_length = u16::from_le_bytes([data[0x02], data[0x03]]);
let reserved_0 = u32::from_le_bytes(data[0x04..0x08].try_into().unwrap());
let mut measurement = [0u8; 32];
measurement.copy_from_slice(&data[0x08..0x28]);
let mut signer_id = [0u8; 32];
signer_id.copy_from_slice(&data[0x28..0x48]);
let timestamp_ns = u64::from_le_bytes(data[0x48..0x50].try_into().unwrap());
let mut nonce = [0u8; 16];
nonce.copy_from_slice(&data[0x50..0x60]);
let svn = u16::from_le_bytes([data[0x60], data[0x61]]);
let sig_algo = u16::from_le_bytes([data[0x62], data[0x63]]);
let flags = data[0x64];
let mut reserved_1 = [0u8; 3];
reserved_1.copy_from_slice(&data[0x65..0x68]);
let report_data_len = u64::from_le_bytes(data[0x68..0x70].try_into().unwrap());
Ok(AttestationHeader {
platform,
attestation_type,
quote_length,
reserved_0,
measurement,
signer_id,
timestamp_ns,
nonce,
svn,
sig_algo,
flags,
reserved_1,
report_data_len,
})
}
// ---------------------------------------------------------------------------
// 2. Full Attestation Record Codec
// ---------------------------------------------------------------------------
/// Encode a complete attestation record: header + report_data + quote.
pub fn encode_attestation_record(
header: &AttestationHeader,
report_data: &[u8],
quote: &[u8],
) -> Vec<u8> {
let hdr_bytes = encode_attestation_header(header);
let total = ATTESTATION_HEADER_SIZE + report_data.len() + quote.len();
let mut buf = Vec::with_capacity(total);
buf.extend_from_slice(&hdr_bytes);
buf.extend_from_slice(report_data);
buf.extend_from_slice(quote);
buf
}
/// Decode an attestation record, returning `(header, report_data, quote)`.
///
/// Returns `ErrorCode::TruncatedSegment` if data is too short for the
/// declared `report_data_len` and `quote_length`.
pub fn decode_attestation_record(
data: &[u8],
) -> Result<(AttestationHeader, Vec<u8>, Vec<u8>), RvfError> {
let header = decode_attestation_header(data)?;
let rd_len = header.report_data_len as usize;
let q_len = header.quote_length as usize;
let total_needed = ATTESTATION_HEADER_SIZE + rd_len + q_len;
if data.len() < total_needed {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let rd_start = ATTESTATION_HEADER_SIZE;
let rd_end = rd_start + rd_len;
let report_data = data[rd_start..rd_end].to_vec();
let q_start = rd_end;
let q_end = q_start + q_len;
let quote = data[q_start..q_end].to_vec();
Ok((header, report_data, quote))
}
// ---------------------------------------------------------------------------
// 3. Witness Chain Integration
// ---------------------------------------------------------------------------
/// Create a witness chain entry for an attestation event.
///
/// The `action_hash` is SHAKE-256-256 of the full attestation record bytes.
pub fn attestation_witness_entry(
attestation_record: &[u8],
timestamp_ns: u64,
witness_type: AttestationWitnessType,
) -> WitnessEntry {
WitnessEntry {
prev_hash: [0u8; 32], // will be set by create_witness_chain
action_hash: shake256_256(attestation_record),
timestamp_ns,
witness_type: witness_type as u8,
}
}
/// Build a WITNESS_SEG payload for attestation records.
///
/// Wire layout:
/// `chain_entry_count`: u32 (LE)
/// `record_offsets`: [u64; count] (LE, byte offsets into records section)
/// `witness_chain`: [WitnessEntry; count] (73 bytes each, linked via SHAKE-256)
/// `records`: concatenated attestation record bytes
pub fn build_attestation_witness_payload(
records: &[Vec<u8>],
timestamps: &[u64],
witness_types: &[AttestationWitnessType],
) -> Result<Vec<u8>, RvfError> {
let count = records.len();
// 1. Create witness entries for each record.
let entries: Vec<WitnessEntry> = records
.iter()
.enumerate()
.map(|(i, rec)| attestation_witness_entry(rec, timestamps[i], witness_types[i]))
.collect();
// 2. Run create_witness_chain to link entries via hashes.
let chain_bytes = create_witness_chain(&entries);
// 3. Compute record offsets (cumulative sums of record lengths).
let mut offsets = Vec::with_capacity(count);
let mut cumulative: u64 = 0;
for rec in records {
offsets.push(cumulative);
cumulative = cumulative
.checked_add(rec.len() as u64)
.ok_or(RvfError::Code(ErrorCode::SegmentTooLarge))?;
}
// 4. Concatenate: count(u32) + offsets([u64; n]) + chain_bytes + records.
let total = 4 + count * 8 + chain_bytes.len() + cumulative as usize;
let mut buf = Vec::with_capacity(total);
buf.extend_from_slice(&(count as u32).to_le_bytes());
for off in &offsets {
buf.extend_from_slice(&off.to_le_bytes());
}
buf.extend_from_slice(&chain_bytes);
for rec in records {
buf.extend_from_slice(rec);
}
Ok(buf)
}
/// A verified attestation entry: `(WitnessEntry, AttestationHeader, report_data, quote)`.
pub type VerifiedAttestationEntry = (WitnessEntry, AttestationHeader, Vec<u8>, Vec<u8>);
/// Verify an attestation witness payload.
///
/// Returns decoded entries paired with their attestation records.
pub fn verify_attestation_witness_payload(
data: &[u8],
) -> Result<Vec<VerifiedAttestationEntry>, RvfError> {
// 1. Read count from first 4 bytes.
if data.len() < 4 {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let count = u32::from_le_bytes(data[0..4].try_into().unwrap()) as usize;
if count == 0 {
return Ok(Vec::new());
}
// 2. Read offset table.
let offsets_end = 4 + count * 8;
if data.len() < offsets_end {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let mut offsets = Vec::with_capacity(count);
for i in 0..count {
let o = 4 + i * 8;
let offset = u64::from_le_bytes(data[o..o + 8].try_into().unwrap());
offsets.push(offset as usize);
}
// 3. Extract witness chain bytes and verify.
let chain_start = offsets_end;
let chain_len = count * WITNESS_ENTRY_SIZE;
let chain_end = chain_start + chain_len;
if data.len() < chain_end {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let chain_bytes = &data[chain_start..chain_end];
let entries = verify_witness_chain(chain_bytes)?;
// 4. Records start after the chain.
let records_base = chain_end;
let records_data = if records_base <= data.len() {
&data[records_base..]
} else {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
};
// 5. For each entry, decode the attestation record at the corresponding offset.
let mut results = Vec::with_capacity(count);
for (i, entry) in entries.iter().enumerate() {
let rec_start = offsets[i];
// Determine record end from the next offset, or from total records length.
let rec_end = if i + 1 < count {
offsets[i + 1]
} else {
records_data.len()
};
if rec_start > records_data.len() || rec_end > records_data.len() {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let record_bytes = &records_data[rec_start..rec_end];
// Verify action_hash matches shake256_256(record_bytes).
let expected_hash = shake256_256(record_bytes);
if entry.action_hash != expected_hash {
return Err(RvfError::Code(ErrorCode::InvalidChecksum));
}
let (header, report_data, quote) = decode_attestation_record(record_bytes)?;
results.push((entry.clone(), header, report_data, quote));
}
Ok(results)
}
// ---------------------------------------------------------------------------
// 4. TEE-Bound Key Record
// ---------------------------------------------------------------------------
/// A TEE-bound key record for CRYPTO_SEG.
#[derive(Clone, Debug, PartialEq)]
pub struct TeeBoundKeyRecord {
/// Always `KEY_TYPE_TEE_BOUND` (4).
pub key_type: u8,
/// `SignatureAlgo` / KEM algo discriminant.
pub algorithm: u8,
/// Length of the sealed key material.
pub sealed_key_length: u16,
/// SHAKE-256-128 of the public key.
pub key_id: [u8; 16],
/// TEE measurement that seals this key.
pub measurement: [u8; 32],
/// `TeePlatform` discriminant.
pub platform: u8,
/// Reserved, must be zero.
pub reserved: [u8; 3],
/// Timestamp (nanoseconds) when key becomes valid.
pub valid_from: u64,
/// Timestamp (nanoseconds) when key expires. 0 = no expiry.
pub valid_until: u64,
/// Sealed key material.
pub sealed_key: Vec<u8>,
}
/// Size of the fixed header portion of a `TeeBoundKeyRecord`.
const TEE_KEY_HEADER_SIZE: usize = 72;
/// Encode a `TeeBoundKeyRecord` to wire format.
pub fn encode_tee_bound_key(record: &TeeBoundKeyRecord) -> Vec<u8> {
let total = TEE_KEY_HEADER_SIZE + record.sealed_key.len();
let mut buf = Vec::with_capacity(total);
buf.push(record.key_type); // 0x00
buf.push(record.algorithm); // 0x01
buf.extend_from_slice(&record.sealed_key_length.to_le_bytes()); // 0x02..0x04
buf.extend_from_slice(&record.key_id); // 0x04..0x14
buf.extend_from_slice(&record.measurement); // 0x14..0x34
buf.push(record.platform); // 0x34
buf.extend_from_slice(&record.reserved); // 0x35..0x38
buf.extend_from_slice(&record.valid_from.to_le_bytes()); // 0x38..0x40
buf.extend_from_slice(&record.valid_until.to_le_bytes()); // 0x40..0x48
buf.extend_from_slice(&record.sealed_key); // 0x48..
buf
}
/// Decode a `TeeBoundKeyRecord` from wire format.
///
/// Returns `ErrorCode::TruncatedSegment` if data is too short.
pub fn decode_tee_bound_key(data: &[u8]) -> Result<TeeBoundKeyRecord, RvfError> {
if data.len() < TEE_KEY_HEADER_SIZE {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let key_type = data[0x00];
let algorithm = data[0x01];
let sealed_key_length = u16::from_le_bytes([data[0x02], data[0x03]]);
let mut key_id = [0u8; 16];
key_id.copy_from_slice(&data[0x04..0x14]);
let mut measurement = [0u8; 32];
measurement.copy_from_slice(&data[0x14..0x34]);
let platform = data[0x34];
let mut reserved = [0u8; 3];
reserved.copy_from_slice(&data[0x35..0x38]);
let valid_from = u64::from_le_bytes(data[0x38..0x40].try_into().unwrap());
let valid_until = u64::from_le_bytes(data[0x40..0x48].try_into().unwrap());
let sk_len = sealed_key_length as usize;
if data.len() < TEE_KEY_HEADER_SIZE + sk_len {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let sealed_key = data[0x48..0x48 + sk_len].to_vec();
Ok(TeeBoundKeyRecord {
key_type,
algorithm,
sealed_key_length,
key_id,
measurement,
platform,
reserved,
valid_from,
valid_until,
sealed_key,
})
}
// ---------------------------------------------------------------------------
// 5. Key Binding Verification
// ---------------------------------------------------------------------------
/// Verify that a TEE-bound key is accessible in the current environment.
///
/// Checks platform, measurement, and expiry.
pub fn verify_key_binding(
key: &TeeBoundKeyRecord,
current_platform: TeePlatform,
current_measurement: &[u8; 32],
current_time_ns: u64,
) -> Result<(), RvfError> {
// Check platform matches.
if key.platform != current_platform as u8 {
return Err(RvfError::Code(ErrorCode::KeyNotBound));
}
// Check measurement matches.
if key.measurement != *current_measurement {
return Err(RvfError::Code(ErrorCode::KeyNotBound));
}
// Check not expired (valid_until == 0 means no expiry).
if key.valid_until != 0 && current_time_ns > key.valid_until {
return Err(RvfError::Code(ErrorCode::KeyExpired));
}
Ok(())
}
// ---------------------------------------------------------------------------
// 6. QuoteVerifier Trait
// ---------------------------------------------------------------------------
/// Platform-specific attestation quote verifier.
///
/// Object-safe for dynamic dispatch.
pub trait QuoteVerifier {
/// The TEE platform this verifier handles.
fn platform(&self) -> TeePlatform;
/// Verify a quote against its header and report data.
///
/// Returns `Ok(true)` if valid, `Ok(false)` if invalid, or an error
/// if verification could not be performed.
fn verify_quote(
&self,
header: &AttestationHeader,
report_data: &[u8],
quote: &[u8],
) -> Result<bool, RvfError>;
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
#[cfg(test)]
mod tests {
use super::*;
use crate::hash::shake256_128;
use alloc::vec;
use rvf_types::KEY_TYPE_TEE_BOUND;
/// Helper: build a fully-populated AttestationHeader.
fn make_test_header(report_data_len: u64, quote_length: u16) -> AttestationHeader {
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let mut signer_id = [0u8; 32];
signer_id[0] = 0xCC;
signer_id[31] = 0xDD;
let mut nonce = [0u8; 16];
nonce[0] = 0x01;
nonce[15] = 0x0F;
AttestationHeader {
platform: TeePlatform::SevSnp as u8,
attestation_type: AttestationWitnessType::PlatformAttestation as u8,
quote_length,
reserved_0: 0,
measurement,
signer_id,
timestamp_ns: 1_700_000_000_000_000_000,
nonce,
svn: 42,
sig_algo: 1,
flags: AttestationHeader::FLAG_HAS_REPORT_DATA,
reserved_1: [0u8; 3],
report_data_len,
}
}
/// Helper: build a test record with given report_data and quote sizes.
fn make_test_record(rd_len: usize, q_len: usize) -> (AttestationHeader, Vec<u8>, Vec<u8>) {
let report_data: Vec<u8> = (0..rd_len).map(|i| (i & 0xFF) as u8).collect();
let quote: Vec<u8> = (0..q_len).map(|i| ((i + 0x80) & 0xFF) as u8).collect();
let header = make_test_header(rd_len as u64, q_len as u16);
(header, report_data, quote)
}
/// Helper: build a TeeBoundKeyRecord for testing.
fn make_test_key_record() -> TeeBoundKeyRecord {
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let sealed_key = vec![0x10, 0x20, 0x30, 0x40, 0x50];
let public_key = b"test-public-key-material";
let key_id = shake256_128(public_key);
TeeBoundKeyRecord {
key_type: KEY_TYPE_TEE_BOUND,
algorithm: 1,
sealed_key_length: sealed_key.len() as u16,
key_id,
measurement,
platform: TeePlatform::SevSnp as u8,
reserved: [0u8; 3],
valid_from: 1_000_000_000,
valid_until: 2_000_000_000,
sealed_key,
}
}
// -----------------------------------------------------------------------
// 1. header_codec_round_trip
// -----------------------------------------------------------------------
#[test]
fn header_codec_round_trip() {
let header = make_test_header(64, 256);
let encoded = encode_attestation_header(&header);
assert_eq!(encoded.len(), ATTESTATION_HEADER_SIZE);
let decoded = decode_attestation_header(&encoded).unwrap();
assert_eq!(decoded.platform, header.platform);
assert_eq!(decoded.attestation_type, header.attestation_type);
assert_eq!(decoded.quote_length, header.quote_length);
assert_eq!(decoded.reserved_0, header.reserved_0);
assert_eq!(decoded.measurement, header.measurement);
assert_eq!(decoded.signer_id, header.signer_id);
assert_eq!(decoded.timestamp_ns, header.timestamp_ns);
assert_eq!(decoded.nonce, header.nonce);
assert_eq!(decoded.svn, header.svn);
assert_eq!(decoded.sig_algo, header.sig_algo);
assert_eq!(decoded.flags, header.flags);
assert_eq!(decoded.reserved_1, header.reserved_1);
assert_eq!(decoded.report_data_len, header.report_data_len);
}
// -----------------------------------------------------------------------
// 2. header_decode_truncated
// -----------------------------------------------------------------------
#[test]
fn header_decode_truncated() {
let data = [0u8; 111]; // One byte short
let result = decode_attestation_header(&data);
assert!(matches!(
result,
Err(RvfError::Code(ErrorCode::TruncatedSegment))
));
}
// -----------------------------------------------------------------------
// 3. record_codec_round_trip
// -----------------------------------------------------------------------
#[test]
fn record_codec_round_trip() {
let (header, report_data, quote) = make_test_record(64, 128);
let encoded = encode_attestation_record(&header, &report_data, &quote);
assert_eq!(encoded.len(), ATTESTATION_HEADER_SIZE + 64 + 128);
let (dec_hdr, dec_rd, dec_q) = decode_attestation_record(&encoded).unwrap();
assert_eq!(dec_hdr.platform, header.platform);
assert_eq!(dec_hdr.quote_length, header.quote_length);
assert_eq!(dec_hdr.report_data_len, header.report_data_len);
assert_eq!(dec_rd, report_data);
assert_eq!(dec_q, quote);
}
// -----------------------------------------------------------------------
// 4. record_empty_report_data
// -----------------------------------------------------------------------
#[test]
fn record_empty_report_data() {
let (header, report_data, quote) = make_test_record(0, 32);
let encoded = encode_attestation_record(&header, &report_data, &quote);
let (dec_hdr, dec_rd, dec_q) = decode_attestation_record(&encoded).unwrap();
assert!(dec_rd.is_empty());
assert_eq!(dec_q, quote);
assert_eq!(dec_hdr.report_data_len, 0);
assert_eq!(dec_hdr.quote_length, 32);
}
// -----------------------------------------------------------------------
// 5. record_empty_quote
// -----------------------------------------------------------------------
#[test]
fn record_empty_quote() {
let (header, report_data, quote) = make_test_record(48, 0);
let encoded = encode_attestation_record(&header, &report_data, &quote);
let (dec_hdr, dec_rd, dec_q) = decode_attestation_record(&encoded).unwrap();
assert_eq!(dec_rd, report_data);
assert!(dec_q.is_empty());
assert_eq!(dec_hdr.report_data_len, 48);
assert_eq!(dec_hdr.quote_length, 0);
}
// -----------------------------------------------------------------------
// 6. witness_entry_hash_binding
// -----------------------------------------------------------------------
#[test]
fn witness_entry_hash_binding() {
let (header, report_data, quote) = make_test_record(32, 64);
let record = encode_attestation_record(&header, &report_data, &quote);
let expected_hash = shake256_256(&record);
let entry = attestation_witness_entry(
&record,
1_000_000_000,
AttestationWitnessType::PlatformAttestation,
);
assert_eq!(entry.action_hash, expected_hash);
assert_eq!(entry.timestamp_ns, 1_000_000_000);
assert_eq!(
entry.witness_type,
AttestationWitnessType::PlatformAttestation as u8
);
}
// -----------------------------------------------------------------------
// 7. witness_payload_round_trip
// -----------------------------------------------------------------------
#[test]
fn witness_payload_round_trip() {
let records: Vec<Vec<u8>> = (0..3)
.map(|i| {
let (h, rd, q) = make_test_record(16 + i * 4, 32 + i * 8);
encode_attestation_record(&h, &rd, &q)
})
.collect();
let timestamps = vec![100, 200, 300];
let witness_types = vec![
AttestationWitnessType::PlatformAttestation,
AttestationWitnessType::KeyBinding,
AttestationWitnessType::ComputationProof,
];
let payload =
build_attestation_witness_payload(&records, &timestamps, &witness_types).unwrap();
let results = verify_attestation_witness_payload(&payload).unwrap();
assert_eq!(results.len(), 3);
for (i, (entry, header, rd, q)) in results.iter().enumerate() {
assert_eq!(entry.timestamp_ns, timestamps[i]);
assert_eq!(entry.witness_type, witness_types[i] as u8);
// Re-encode and compare the record bytes.
let re_encoded = encode_attestation_record(header, rd, q);
assert_eq!(re_encoded, records[i]);
}
}
// -----------------------------------------------------------------------
// 8. witness_payload_single_entry
// -----------------------------------------------------------------------
#[test]
fn witness_payload_single_entry() {
let (h, rd, q) = make_test_record(8, 16);
let record = encode_attestation_record(&h, &rd, &q);
let records = vec![record.clone()];
let timestamps = vec![42];
let witness_types = vec![AttestationWitnessType::DataProvenance];
let payload =
build_attestation_witness_payload(&records, &timestamps, &witness_types).unwrap();
let results = verify_attestation_witness_payload(&payload).unwrap();
assert_eq!(results.len(), 1);
let (entry, header, dec_rd, dec_q) = &results[0];
assert_eq!(entry.timestamp_ns, 42);
assert_eq!(
entry.witness_type,
AttestationWitnessType::DataProvenance as u8
);
assert_eq!(*dec_rd, rd);
assert_eq!(*dec_q, q);
assert_eq!(header.platform, h.platform);
}
// -----------------------------------------------------------------------
// 9. witness_payload_tamper_detected
// -----------------------------------------------------------------------
#[test]
fn witness_payload_tamper_detected() {
let (h, rd, q) = make_test_record(16, 32);
let record = encode_attestation_record(&h, &rd, &q);
let records = vec![record];
let timestamps = vec![999];
let witness_types = vec![AttestationWitnessType::PlatformAttestation];
let mut payload =
build_attestation_witness_payload(&records, &timestamps, &witness_types).unwrap();
// Flip a byte in the attestation record (after count + offsets + chain).
let records_offset = 4 + 8 + WITNESS_ENTRY_SIZE;
if records_offset + 50 < payload.len() {
payload[records_offset + 50] ^= 0xFF;
}
let result = verify_attestation_witness_payload(&payload);
assert!(matches!(
result,
Err(RvfError::Code(ErrorCode::InvalidChecksum))
));
}
// -----------------------------------------------------------------------
// 10. tee_key_codec_round_trip
// -----------------------------------------------------------------------
#[test]
fn tee_key_codec_round_trip() {
let record = make_test_key_record();
let encoded = encode_tee_bound_key(&record);
assert_eq!(encoded.len(), TEE_KEY_HEADER_SIZE + record.sealed_key.len());
let decoded = decode_tee_bound_key(&encoded).unwrap();
assert_eq!(decoded.key_type, record.key_type);
assert_eq!(decoded.algorithm, record.algorithm);
assert_eq!(decoded.sealed_key_length, record.sealed_key_length);
assert_eq!(decoded.key_id, record.key_id);
assert_eq!(decoded.measurement, record.measurement);
assert_eq!(decoded.platform, record.platform);
assert_eq!(decoded.reserved, record.reserved);
assert_eq!(decoded.valid_from, record.valid_from);
assert_eq!(decoded.valid_until, record.valid_until);
assert_eq!(decoded.sealed_key, record.sealed_key);
}
// -----------------------------------------------------------------------
// 11. tee_key_decode_truncated
// -----------------------------------------------------------------------
#[test]
fn tee_key_decode_truncated() {
// Header too short.
let data = [0u8; TEE_KEY_HEADER_SIZE - 1];
let result = decode_tee_bound_key(&data);
assert_eq!(result, Err(RvfError::Code(ErrorCode::TruncatedSegment)));
// Header present but sealed_key truncated.
let record = make_test_key_record();
let encoded = encode_tee_bound_key(&record);
let truncated = &encoded[..TEE_KEY_HEADER_SIZE + 2]; // 2 < sealed_key_length (5)
let result = decode_tee_bound_key(truncated);
assert_eq!(result, Err(RvfError::Code(ErrorCode::TruncatedSegment)));
}
// -----------------------------------------------------------------------
// 12. key_binding_valid
// -----------------------------------------------------------------------
#[test]
fn key_binding_valid() {
let record = make_test_key_record();
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let result = verify_key_binding(
&record,
TeePlatform::SevSnp,
&measurement,
1_500_000_000, // between valid_from and valid_until
);
assert!(result.is_ok());
}
// -----------------------------------------------------------------------
// 13. key_binding_wrong_platform
// -----------------------------------------------------------------------
#[test]
fn key_binding_wrong_platform() {
let record = make_test_key_record();
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let result = verify_key_binding(
&record,
TeePlatform::Sgx, // wrong platform
&measurement,
1_500_000_000,
);
assert_eq!(result, Err(RvfError::Code(ErrorCode::KeyNotBound)));
}
// -----------------------------------------------------------------------
// 14. key_binding_wrong_measurement
// -----------------------------------------------------------------------
#[test]
fn key_binding_wrong_measurement() {
let record = make_test_key_record();
let wrong_measurement = [0xFF; 32]; // does not match
let result = verify_key_binding(
&record,
TeePlatform::SevSnp,
&wrong_measurement,
1_500_000_000,
);
assert_eq!(result, Err(RvfError::Code(ErrorCode::KeyNotBound)));
}
// -----------------------------------------------------------------------
// 15. key_binding_expired
// -----------------------------------------------------------------------
#[test]
fn key_binding_expired() {
let record = make_test_key_record(); // valid_until = 2_000_000_000
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let result = verify_key_binding(
&record,
TeePlatform::SevSnp,
&measurement,
3_000_000_000, // past valid_until
);
assert_eq!(result, Err(RvfError::Code(ErrorCode::KeyExpired)));
}
// -----------------------------------------------------------------------
// 16. key_binding_no_expiry
// -----------------------------------------------------------------------
#[test]
fn key_binding_no_expiry() {
let mut record = make_test_key_record();
record.valid_until = 0; // no expiry
let mut measurement = [0u8; 32];
measurement[0] = 0xAA;
measurement[31] = 0xBB;
let result = verify_key_binding(
&record,
TeePlatform::SevSnp,
&measurement,
u64::MAX, // far future -- should still pass
);
assert!(result.is_ok());
}
}

113
vendor/ruvector/crates/rvf/rvf-crypto/src/footer.rs vendored Normal file
View File

@@ -0,0 +1,113 @@
//! Signature footer codec for RVF segments.
//!
//! Encodes/decodes `rvf_types::SignatureFooter` to/from wire-format bytes.
//! Wire layout:
//! [0..2] sig_algo (u16 LE)
//! [2..4] sig_length (u16 LE)
//! [4..4+sig_length] signature bytes
//! [4+sig_length..4+sig_length+4] footer_length (u32 LE)
use alloc::vec::Vec;
use rvf_types::{ErrorCode, RvfError, SignatureFooter};
/// Minimum footer wire size: 2 (algo) + 2 (sig_len) + 4 (footer_len) = 8 bytes.
const FOOTER_MIN_SIZE: usize = 8;
/// Encode a `SignatureFooter` into wire-format bytes.
pub fn encode_signature_footer(footer: &SignatureFooter) -> Vec<u8> {
let sig_len = footer.sig_length as usize;
let total = 2 + 2 + sig_len + 4;
let mut buf = Vec::with_capacity(total);
buf.extend_from_slice(&footer.sig_algo.to_le_bytes());
buf.extend_from_slice(&footer.sig_length.to_le_bytes());
buf.extend_from_slice(&footer.signature[..sig_len]);
buf.extend_from_slice(&footer.footer_length.to_le_bytes());
buf
}
/// Decode a `SignatureFooter` from wire-format bytes.
pub fn decode_signature_footer(data: &[u8]) -> Result<SignatureFooter, RvfError> {
if data.len() < FOOTER_MIN_SIZE {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let sig_algo = u16::from_le_bytes([data[0], data[1]]);
let sig_length = u16::from_le_bytes([data[2], data[3]]);
let sig_len = sig_length as usize;
if sig_len > SignatureFooter::MAX_SIG_LEN {
return Err(RvfError::Code(ErrorCode::InvalidSignature));
}
if data.len() < 4 + sig_len + 4 {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let mut signature = [0u8; SignatureFooter::MAX_SIG_LEN];
signature[..sig_len].copy_from_slice(&data[4..4 + sig_len]);
let fl_offset = 4 + sig_len;
let footer_length = u32::from_le_bytes([
data[fl_offset],
data[fl_offset + 1],
data[fl_offset + 2],
data[fl_offset + 3],
]);
Ok(SignatureFooter {
sig_algo,
sig_length,
signature,
footer_length,
})
}
#[cfg(test)]
mod tests {
use super::*;
fn make_footer(algo: u16, sig_len: u16, fill: u8) -> SignatureFooter {
let mut signature = [0u8; SignatureFooter::MAX_SIG_LEN];
signature[..sig_len as usize].fill(fill);
SignatureFooter {
sig_algo: algo,
sig_length: sig_len,
signature,
footer_length: SignatureFooter::compute_footer_length(sig_len),
}
}
#[test]
fn round_trip_ed25519() {
let footer = make_footer(0, 64, 0xAB);
let encoded = encode_signature_footer(&footer);
assert_eq!(encoded.len(), 2 + 2 + 64 + 4);
let decoded = decode_signature_footer(&encoded).unwrap();
assert_eq!(decoded.sig_algo, footer.sig_algo);
assert_eq!(decoded.sig_length, footer.sig_length);
assert_eq!(&decoded.signature[..64], &footer.signature[..64]);
assert_eq!(decoded.footer_length, footer.footer_length);
}
#[test]
fn decode_truncated_header() {
let result = decode_signature_footer(&[0u8; 5]);
assert!(result.is_err());
}
#[test]
fn decode_truncated_signature() {
let footer = make_footer(0, 64, 0xCC);
let encoded = encode_signature_footer(&footer);
let result = decode_signature_footer(&encoded[..10]);
assert!(result.is_err());
}
#[test]
fn empty_signature() {
let footer = make_footer(1, 0, 0);
let encoded = encode_signature_footer(&footer);
assert_eq!(encoded.len(), FOOTER_MIN_SIZE);
let decoded = decode_signature_footer(&encoded).unwrap();
assert_eq!(decoded.sig_algo, 1);
assert_eq!(decoded.sig_length, 0);
}
}

97
vendor/ruvector/crates/rvf/rvf-crypto/src/hash.rs vendored Normal file
View File

@@ -0,0 +1,97 @@
//! SHAKE-256 hashing for cryptographic witness and content hashing.
use sha3::{
digest::{ExtendableOutput, Update, XofReader},
Shake256,
};
use alloc::vec;
use alloc::vec::Vec;
/// Compute SHAKE-256 hash of `data` with arbitrary `output_len`.
pub fn shake256_hash(data: &[u8], output_len: usize) -> Vec<u8> {
let mut hasher = Shake256::default();
hasher.update(data);
let mut reader = hasher.finalize_xof();
let mut output = vec![0u8; output_len];
reader.read(&mut output);
output
}
/// Compute 128-bit (16-byte) SHAKE-256 hash.
pub fn shake256_128(data: &[u8]) -> [u8; 16] {
let mut hasher = Shake256::default();
hasher.update(data);
let mut reader = hasher.finalize_xof();
let mut output = [0u8; 16];
reader.read(&mut output);
output
}
/// Compute 256-bit (32-byte) SHAKE-256 hash.
pub fn shake256_256(data: &[u8]) -> [u8; 32] {
let mut hasher = Shake256::default();
hasher.update(data);
let mut reader = hasher.finalize_xof();
let mut output = [0u8; 32];
reader.read(&mut output);
output
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn shake256_empty_input() {
let h128 = shake256_128(b"");
let h256 = shake256_256(b"");
// Non-zero output for empty input (SHAKE-256 is a sponge)
assert_ne!(h128, [0u8; 16]);
assert_ne!(h256, [0u8; 32]);
}
#[test]
fn shake256_deterministic() {
let a = shake256_256(b"test data");
let b = shake256_256(b"test data");
assert_eq!(a, b);
}
#[test]
fn shake256_different_inputs() {
let a = shake256_256(b"input A");
let b = shake256_256(b"input B");
assert_ne!(a, b);
}
#[test]
fn shake256_arbitrary_output_len() {
let h = shake256_hash(b"hello", 64);
assert_eq!(h.len(), 64);
// Prefix should match the 32-byte version
let h32 = shake256_hash(b"hello", 32);
assert_eq!(&h[..32], &h32[..]);
}
#[test]
fn shake256_128_is_prefix_of_256() {
let h128 = shake256_128(b"consistency check");
let h256 = shake256_256(b"consistency check");
assert_eq!(&h128[..], &h256[..16]);
}
#[test]
fn shake256_known_vector() {
// NIST test: SHAKE256("") first 32 bytes
let h = shake256_hash(b"", 32);
assert_eq!(
h,
[
0x46, 0xb9, 0xdd, 0x2b, 0x0b, 0xa8, 0x8d, 0x13, 0x23, 0x3b, 0x3f, 0xeb, 0x74, 0x3e,
0xeb, 0x24, 0x3f, 0xcd, 0x52, 0xea, 0x62, 0xb8, 0x1b, 0x82, 0xb5, 0x0c, 0x27, 0x64,
0x6e, 0xd5, 0x76, 0x2f,
]
);
}
}

32
vendor/ruvector/crates/rvf/rvf-crypto/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,32 @@
//! Cryptographic primitives for the RuVector Format (RVF).
//!
//! Provides SHAKE-256 hashing, Ed25519 segment signing/verification,
//! signature footer codec, and WITNESS_SEG audit-trail support.
#![cfg_attr(not(feature = "std"), no_std)]
extern crate alloc;
pub mod attestation;
pub mod footer;
pub mod hash;
pub mod lineage;
#[cfg(feature = "ed25519")]
pub mod sign;
pub mod witness;
pub use attestation::{
attestation_witness_entry, build_attestation_witness_payload, decode_attestation_header,
decode_attestation_record, decode_tee_bound_key, encode_attestation_header,
encode_attestation_record, encode_tee_bound_key, verify_attestation_witness_payload,
verify_key_binding, QuoteVerifier, TeeBoundKeyRecord, VerifiedAttestationEntry,
};
pub use footer::{decode_signature_footer, encode_signature_footer};
pub use hash::{shake256_128, shake256_256, shake256_hash};
pub use lineage::{
compute_manifest_hash, lineage_record_from_bytes, lineage_record_to_bytes,
lineage_witness_entry, verify_lineage_chain,
};
#[cfg(feature = "ed25519")]
pub use sign::{sign_segment, verify_segment};
pub use witness::{create_witness_chain, verify_witness_chain, WitnessEntry};

272
vendor/ruvector/crates/rvf/rvf-crypto/src/lineage.rs vendored Normal file
View File

@@ -0,0 +1,272 @@
//! Lineage witness functions for DNA-style provenance chains.
//!
//! Provides serialization, hashing, and verification for lineage records
//! that track file derivation history through witness chain entries.
use rvf_types::{
DerivationType, ErrorCode, FileIdentity, LineageRecord, RvfError, LINEAGE_RECORD_SIZE,
WITNESS_DERIVATION,
};
use crate::hash::shake256_256;
use crate::witness::WitnessEntry;
/// Serialize a `LineageRecord` to a fixed 128-byte array.
pub fn lineage_record_to_bytes(record: &LineageRecord) -> [u8; LINEAGE_RECORD_SIZE] {
let mut buf = [0u8; LINEAGE_RECORD_SIZE];
buf[0x00..0x10].copy_from_slice(&record.file_id);
buf[0x10..0x20].copy_from_slice(&record.parent_id);
buf[0x20..0x40].copy_from_slice(&record.parent_hash);
buf[0x40] = record.derivation_type as u8;
// 3 bytes padding at 0x41..0x44
buf[0x44..0x48].copy_from_slice(&record.mutation_count.to_le_bytes());
buf[0x48..0x50].copy_from_slice(&record.timestamp_ns.to_le_bytes());
buf[0x50] = record.description_len;
let desc_len = (record.description_len as usize).min(47);
buf[0x51..0x51 + desc_len].copy_from_slice(&record.description[..desc_len]);
buf
}
/// Deserialize a `LineageRecord` from a 128-byte slice.
pub fn lineage_record_from_bytes(
data: &[u8; LINEAGE_RECORD_SIZE],
) -> Result<LineageRecord, RvfError> {
let mut file_id = [0u8; 16];
file_id.copy_from_slice(&data[0x00..0x10]);
let mut parent_id = [0u8; 16];
parent_id.copy_from_slice(&data[0x10..0x20]);
let mut parent_hash = [0u8; 32];
parent_hash.copy_from_slice(&data[0x20..0x40]);
let derivation_type =
DerivationType::try_from(data[0x40]).map_err(|v| RvfError::InvalidEnumValue {
type_name: "DerivationType",
value: v as u64,
})?;
let mutation_count = u32::from_le_bytes(data[0x44..0x48].try_into().unwrap());
let timestamp_ns = u64::from_le_bytes(data[0x48..0x50].try_into().unwrap());
let description_len = data[0x50].min(47);
let mut description = [0u8; 47];
description[..description_len as usize]
.copy_from_slice(&data[0x51..0x51 + description_len as usize]);
Ok(LineageRecord {
file_id,
parent_id,
parent_hash,
derivation_type,
mutation_count,
timestamp_ns,
description_len,
description,
})
}
/// Create a witness entry for a lineage derivation event.
///
/// The `action_hash` is SHAKE-256-256 of the serialized record bytes.
/// Uses witness type `WITNESS_DERIVATION` (0x09).
pub fn lineage_witness_entry(record: &LineageRecord, prev_hash: [u8; 32]) -> WitnessEntry {
let record_bytes = lineage_record_to_bytes(record);
let action_hash = shake256_256(&record_bytes);
WitnessEntry {
prev_hash,
action_hash,
timestamp_ns: record.timestamp_ns,
witness_type: WITNESS_DERIVATION,
}
}
/// Compute the SHAKE-256-256 hash of a 4096-byte manifest for use as parent_hash.
pub fn compute_manifest_hash(manifest: &[u8; 4096]) -> [u8; 32] {
shake256_256(manifest)
}
/// Verify a lineage chain: each child's parent_hash must match the
/// hash of the corresponding parent's manifest bytes.
///
/// Takes pairs of (FileIdentity, manifest_hash) in order from root to leaf.
pub fn verify_lineage_chain(entries: &[(FileIdentity, [u8; 32])]) -> Result<(), RvfError> {
if entries.is_empty() {
return Ok(());
}
// First entry must be root
if !entries[0].0.is_root() {
return Err(RvfError::Code(ErrorCode::LineageBroken));
}
for i in 1..entries.len() {
let child = &entries[i].0;
let parent = &entries[i - 1].0;
let parent_manifest_hash = &entries[i - 1].1;
// Child's parent_id must match parent's file_id
if child.parent_id != parent.file_id {
return Err(RvfError::Code(ErrorCode::LineageBroken));
}
// Child's parent_hash must match parent's manifest hash
if child.parent_hash != *parent_manifest_hash {
return Err(RvfError::Code(ErrorCode::ParentHashMismatch));
}
// Depth must increment by 1
if child.lineage_depth != parent.lineage_depth + 1 {
return Err(RvfError::Code(ErrorCode::LineageBroken));
}
}
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
fn sample_record() -> LineageRecord {
LineageRecord::new(
[1u8; 16],
[2u8; 16],
[3u8; 32],
DerivationType::Filter,
5,
1_700_000_000_000_000_000,
"test derivation",
)
}
#[test]
fn lineage_record_round_trip() {
let record = sample_record();
let bytes = lineage_record_to_bytes(&record);
assert_eq!(bytes.len(), LINEAGE_RECORD_SIZE);
let decoded = lineage_record_from_bytes(&bytes).unwrap();
assert_eq!(decoded.file_id, record.file_id);
assert_eq!(decoded.parent_id, record.parent_id);
assert_eq!(decoded.parent_hash, record.parent_hash);
assert_eq!(decoded.derivation_type, record.derivation_type);
assert_eq!(decoded.mutation_count, record.mutation_count);
assert_eq!(decoded.timestamp_ns, record.timestamp_ns);
assert_eq!(decoded.description_str(), record.description_str());
}
#[test]
fn lineage_record_invalid_derivation_type() {
let record = sample_record();
let mut bytes = lineage_record_to_bytes(&record);
bytes[0x40] = 0xFE; // invalid derivation type
let result = lineage_record_from_bytes(&bytes);
assert!(result.is_err());
}
#[test]
fn lineage_witness_entry_creates_valid_entry() {
let record = sample_record();
let prev_hash = [0u8; 32];
let entry = lineage_witness_entry(&record, prev_hash);
assert_eq!(entry.witness_type, WITNESS_DERIVATION);
assert_eq!(entry.prev_hash, prev_hash);
assert_eq!(entry.timestamp_ns, record.timestamp_ns);
assert_ne!(entry.action_hash, [0u8; 32]);
}
#[test]
fn compute_manifest_hash_deterministic() {
let manifest = [0xABu8; 4096];
let h1 = compute_manifest_hash(&manifest);
let h2 = compute_manifest_hash(&manifest);
assert_eq!(h1, h2);
assert_ne!(h1, [0u8; 32]);
}
#[test]
fn verify_empty_chain() {
assert!(verify_lineage_chain(&[]).is_ok());
}
#[test]
fn verify_single_root() {
let root = FileIdentity::new_root([1u8; 16]);
let hash = [0xAAu8; 32];
assert!(verify_lineage_chain(&[(root, hash)]).is_ok());
}
#[test]
fn verify_parent_child_chain() {
let root_id = [1u8; 16];
let child_id = [2u8; 16];
let root_hash = [0xAAu8; 32];
let child_hash = [0xBBu8; 32];
let root = FileIdentity::new_root(root_id);
let child = FileIdentity {
file_id: child_id,
parent_id: root_id,
parent_hash: root_hash,
lineage_depth: 1,
};
assert!(verify_lineage_chain(&[(root, root_hash), (child, child_hash)]).is_ok());
}
#[test]
fn verify_broken_parent_id() {
let root = FileIdentity::new_root([1u8; 16]);
let root_hash = [0xAAu8; 32];
let child = FileIdentity {
file_id: [2u8; 16],
parent_id: [3u8; 16], // wrong parent_id
parent_hash: root_hash,
lineage_depth: 1,
};
let result = verify_lineage_chain(&[(root, root_hash), (child, [0xBBu8; 32])]);
assert!(result.is_err());
}
#[test]
fn verify_hash_mismatch() {
let root_id = [1u8; 16];
let root = FileIdentity::new_root(root_id);
let root_hash = [0xAAu8; 32];
let child = FileIdentity {
file_id: [2u8; 16],
parent_id: root_id,
parent_hash: [0xCCu8; 32], // wrong hash
lineage_depth: 1,
};
let result = verify_lineage_chain(&[(root, root_hash), (child, [0xBBu8; 32])]);
assert!(matches!(
result,
Err(RvfError::Code(ErrorCode::ParentHashMismatch))
));
}
#[test]
fn verify_non_root_first() {
let non_root = FileIdentity {
file_id: [1u8; 16],
parent_id: [2u8; 16],
parent_hash: [3u8; 32],
lineage_depth: 1,
};
let result = verify_lineage_chain(&[(non_root, [0u8; 32])]);
assert!(result.is_err());
}
#[test]
fn verify_depth_mismatch() {
let root_id = [1u8; 16];
let root = FileIdentity::new_root(root_id);
let root_hash = [0xAAu8; 32];
let child = FileIdentity {
file_id: [2u8; 16],
parent_id: root_id,
parent_hash: root_hash,
lineage_depth: 5, // should be 1
};
let result = verify_lineage_chain(&[(root, root_hash), (child, [0xBBu8; 32])]);
assert!(result.is_err());
}
}

188
vendor/ruvector/crates/rvf/rvf-crypto/src/sign.rs vendored Normal file
View File

@@ -0,0 +1,188 @@
//! Ed25519 segment signing and verification.
//!
//! Signs the canonical representation: header bytes || content_hash || context.
//! ML-DSA-65 is a future TODO behind a feature flag.
use alloc::vec::Vec;
use ed25519_dalek::{Signature, Signer, SigningKey, Verifier, VerifyingKey};
use rvf_types::{SegmentHeader, SignatureFooter};
use crate::hash::shake256_128;
/// Ed25519 algorithm identifier (matches `SignatureAlgo::Ed25519`).
const SIG_ALGO_ED25519: u16 = 0;
/// Build the canonical message to sign for a segment.
///
/// signed_data = segment_header_bytes[0..40] || content_hash || context_string || segment_id
fn build_signed_data(header: &SegmentHeader, payload: &[u8]) -> Vec<u8> {
// Safe serialization of header fields to bytes, matching the wire format
// layout (see write_path.rs header_to_bytes). Avoids unsafe transmute which
// relies on compiler-specific struct layout guarantees.
let header_bytes = header_to_sign_bytes(header);
let mut msg = Vec::with_capacity(40 + 16 + 32);
// First 40 bytes of header (up to but not including content_hash at offset 0x28)
msg.extend_from_slice(&header_bytes[..40]);
// Content hash from header
msg.extend_from_slice(&header.content_hash);
// Context string for domain separation
msg.extend_from_slice(b"RVF-v1-segment");
// Segment ID bytes for replay prevention
msg.extend_from_slice(&header.segment_id.to_le_bytes());
// Include payload hash for binding
let payload_hash = shake256_128(payload);
msg.extend_from_slice(&payload_hash);
msg
}
/// Safely serialize a `SegmentHeader` into its 64-byte wire representation.
///
/// This mirrors the layout in `write_path::header_to_bytes` but lives here to
/// avoid an unsafe `transmute` / pointer cast whose correctness depends on
/// padding and alignment guarantees that are not enforced by the language.
fn header_to_sign_bytes(h: &SegmentHeader) -> [u8; 64] {
let mut buf = [0u8; 64];
buf[0x00..0x04].copy_from_slice(&h.magic.to_le_bytes());
buf[0x04] = h.version;
buf[0x05] = h.seg_type;
buf[0x06..0x08].copy_from_slice(&h.flags.to_le_bytes());
buf[0x08..0x10].copy_from_slice(&h.segment_id.to_le_bytes());
buf[0x10..0x18].copy_from_slice(&h.payload_length.to_le_bytes());
buf[0x18..0x20].copy_from_slice(&h.timestamp_ns.to_le_bytes());
buf[0x20] = h.checksum_algo;
buf[0x21] = h.compression;
buf[0x22..0x24].copy_from_slice(&h.reserved_0.to_le_bytes());
buf[0x24..0x28].copy_from_slice(&h.reserved_1.to_le_bytes());
buf[0x28..0x38].copy_from_slice(&h.content_hash);
buf[0x38..0x3C].copy_from_slice(&h.uncompressed_len.to_le_bytes());
buf[0x3C..0x40].copy_from_slice(&h.alignment_pad.to_le_bytes());
buf
}
/// Sign a segment with Ed25519, producing a `SignatureFooter`.
pub fn sign_segment(header: &SegmentHeader, payload: &[u8], key: &SigningKey) -> SignatureFooter {
let msg = build_signed_data(header, payload);
let sig: Signature = key.sign(&msg);
let sig_bytes = sig.to_bytes();
let mut signature = [0u8; SignatureFooter::MAX_SIG_LEN];
signature[..64].copy_from_slice(&sig_bytes);
SignatureFooter {
sig_algo: SIG_ALGO_ED25519,
sig_length: 64,
signature,
footer_length: SignatureFooter::compute_footer_length(64),
}
}
/// Verify a segment signature using Ed25519.
///
/// Returns `true` if the signature is valid, `false` otherwise.
pub fn verify_segment(
header: &SegmentHeader,
payload: &[u8],
footer: &SignatureFooter,
pubkey: &VerifyingKey,
) -> bool {
if footer.sig_algo != SIG_ALGO_ED25519 {
return false;
}
if footer.sig_length != 64 {
return false;
}
let msg = build_signed_data(header, payload);
let sig_bytes: [u8; 64] = match footer.signature[..64].try_into() {
Ok(b) => b,
Err(_) => return false,
};
let sig = Signature::from_bytes(&sig_bytes);
pubkey.verify(&msg, &sig).is_ok()
}
#[cfg(test)]
mod tests {
use super::*;
use ed25519_dalek::SigningKey;
use rand::rngs::OsRng;
fn make_test_header() -> SegmentHeader {
let mut h = SegmentHeader::new(0x01, 42);
h.timestamp_ns = 1_000_000_000;
h.payload_length = 100;
h
}
#[test]
fn sign_verify_round_trip() {
let key = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let payload = b"test payload data for signing";
let footer = sign_segment(&header, payload, &key);
let pubkey = key.verifying_key();
assert!(verify_segment(&header, payload, &footer, &pubkey));
}
#[test]
fn tampered_payload_fails() {
let key = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let payload = b"original payload";
let footer = sign_segment(&header, payload, &key);
let pubkey = key.verifying_key();
let tampered = b"tampered payload";
assert!(!verify_segment(&header, tampered, &footer, &pubkey));
}
#[test]
fn tampered_header_fails() {
let key = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let payload = b"payload";
let footer = sign_segment(&header, payload, &key);
let pubkey = key.verifying_key();
let mut bad_header = header;
bad_header.segment_id = 999;
assert!(!verify_segment(&bad_header, payload, &footer, &pubkey));
}
#[test]
fn wrong_key_fails() {
let key1 = SigningKey::generate(&mut OsRng);
let key2 = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let payload = b"payload";
let footer = sign_segment(&header, payload, &key1);
let wrong_pubkey = key2.verifying_key();
assert!(!verify_segment(&header, payload, &footer, &wrong_pubkey));
}
#[test]
fn sig_algo_is_ed25519() {
let key = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let footer = sign_segment(&header, b"x", &key);
assert_eq!(footer.sig_algo, 0);
assert_eq!(footer.sig_length, 64);
}
#[test]
fn footer_length_correct() {
let key = SigningKey::generate(&mut OsRng);
let header = make_test_header();
let footer = sign_segment(&header, b"data", &key);
assert_eq!(
footer.footer_length,
SignatureFooter::compute_footer_length(64)
);
}
}

189
vendor/ruvector/crates/rvf/rvf-crypto/src/witness.rs vendored Normal file
View File

@@ -0,0 +1,189 @@
//! WITNESS_SEG support for cryptographic audit trails.
//!
//! Each witness entry chains to the previous via hashes, forming a
//! tamper-evident log. The chain uses SHAKE-256 for hash binding.
use alloc::vec::Vec;
use rvf_types::{ErrorCode, RvfError};
use crate::hash::shake256_256;
/// A single entry in a witness chain.
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct WitnessEntry {
/// Hash of the previous entry (zero for the first entry).
pub prev_hash: [u8; 32],
/// Hash of the action being witnessed.
pub action_hash: [u8; 32],
/// Nanosecond UNIX timestamp.
pub timestamp_ns: u64,
/// Witness type: 0x01=PROVENANCE, 0x02=COMPUTATION, etc.
pub witness_type: u8,
}
/// Size of one serialized witness entry: 32 + 32 + 8 + 1 = 73 bytes.
const ENTRY_SIZE: usize = 73;
/// Serialize a `WitnessEntry` into bytes.
fn encode_entry(entry: &WitnessEntry) -> [u8; ENTRY_SIZE] {
let mut buf = [0u8; ENTRY_SIZE];
buf[0..32].copy_from_slice(&entry.prev_hash);
buf[32..64].copy_from_slice(&entry.action_hash);
buf[64..72].copy_from_slice(&entry.timestamp_ns.to_le_bytes());
buf[72] = entry.witness_type;
buf
}
/// Deserialize a `WitnessEntry` from bytes.
///
/// # Errors
///
/// Returns `TruncatedSegment` if `data` is shorter than `ENTRY_SIZE` (73) bytes.
fn decode_entry(data: &[u8]) -> Result<WitnessEntry, RvfError> {
if data.len() < ENTRY_SIZE {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let mut prev_hash = [0u8; 32];
prev_hash.copy_from_slice(&data[0..32]);
let mut action_hash = [0u8; 32];
action_hash.copy_from_slice(&data[32..64]);
let timestamp_ns = u64::from_le_bytes(data[64..72].try_into().unwrap());
let witness_type = data[72];
Ok(WitnessEntry {
prev_hash,
action_hash,
timestamp_ns,
witness_type,
})
}
/// Create a witness chain from entries, linking each to the previous via hashes.
///
/// The first entry's `prev_hash` is set to all zeros (genesis).
/// Subsequent entries have `prev_hash` = SHAKE-256(previous entry bytes).
///
/// Returns the serialized chain as a byte vector.
pub fn create_witness_chain(entries: &[WitnessEntry]) -> Vec<u8> {
let mut chain = Vec::with_capacity(entries.len() * ENTRY_SIZE);
let mut prev_hash = [0u8; 32];
for entry in entries {
let mut linked = entry.clone();
linked.prev_hash = prev_hash;
let encoded = encode_entry(&linked);
prev_hash = shake256_256(&encoded);
chain.extend_from_slice(&encoded);
}
chain
}
/// Verify a witness chain's integrity.
///
/// Checks that each entry's `prev_hash` matches the SHAKE-256 hash of the
/// preceding entry. Returns the decoded entries if valid.
pub fn verify_witness_chain(data: &[u8]) -> Result<Vec<WitnessEntry>, RvfError> {
if data.is_empty() {
return Ok(Vec::new());
}
if !data.len().is_multiple_of(ENTRY_SIZE) {
return Err(RvfError::Code(ErrorCode::TruncatedSegment));
}
let count = data.len() / ENTRY_SIZE;
let mut entries = Vec::with_capacity(count);
let mut expected_prev = [0u8; 32];
for i in 0..count {
let offset = i * ENTRY_SIZE;
let entry_bytes = &data[offset..offset + ENTRY_SIZE];
let entry = decode_entry(entry_bytes)?;
if entry.prev_hash != expected_prev {
return Err(RvfError::Code(ErrorCode::InvalidChecksum));
}
expected_prev = shake256_256(entry_bytes);
entries.push(entry);
}
Ok(entries)
}
#[cfg(test)]
mod tests {
use super::*;
fn make_entries(n: usize) -> Vec<WitnessEntry> {
(0..n)
.map(|i| WitnessEntry {
prev_hash: [0u8; 32], // will be overwritten by create_witness_chain
action_hash: shake256_256(&[i as u8]),
timestamp_ns: 1_000_000_000 + i as u64,
witness_type: 0x01,
})
.collect()
}
#[test]
fn empty_chain() {
let chain = create_witness_chain(&[]);
assert!(chain.is_empty());
let result = verify_witness_chain(&chain).unwrap();
assert!(result.is_empty());
}
#[test]
fn single_entry_chain() {
let entries = make_entries(1);
let chain = create_witness_chain(&entries);
assert_eq!(chain.len(), ENTRY_SIZE);
let verified = verify_witness_chain(&chain).unwrap();
assert_eq!(verified.len(), 1);
assert_eq!(verified[0].prev_hash, [0u8; 32]);
}
#[test]
fn multi_entry_chain() {
let entries = make_entries(5);
let chain = create_witness_chain(&entries);
assert_eq!(chain.len(), 5 * ENTRY_SIZE);
let verified = verify_witness_chain(&chain).unwrap();
assert_eq!(verified.len(), 5);
for (i, entry) in verified.iter().enumerate() {
assert_eq!(entry.action_hash, entries[i].action_hash);
assert_eq!(entry.timestamp_ns, entries[i].timestamp_ns);
}
}
#[test]
fn tampered_chain_detected() {
let entries = make_entries(3);
let mut chain = create_witness_chain(&entries);
// Tamper with the second entry's action_hash byte
chain[ENTRY_SIZE + 32] ^= 0xFF;
let result = verify_witness_chain(&chain);
assert!(result.is_err());
}
#[test]
fn truncated_chain_detected() {
let entries = make_entries(2);
let chain = create_witness_chain(&entries);
let result = verify_witness_chain(&chain[..ENTRY_SIZE + 10]);
assert!(result.is_err());
}
#[test]
fn chain_links_are_correct() {
let entries = make_entries(3);
let chain = create_witness_chain(&entries);
let verified = verify_witness_chain(&chain).unwrap();
// First entry has zero prev_hash
assert_eq!(verified[0].prev_hash, [0u8; 32]);
// Second entry's prev_hash should equal hash of first entry's bytes
let first_bytes = &chain[0..ENTRY_SIZE];
let expected = shake256_256(first_bytes);
assert_eq!(verified[1].prev_hash, expected);
}
}

16
vendor/ruvector/crates/rvf/rvf-ebpf/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,16 @@
[package]
name = "rvf-ebpf"
version = "0.1.0"
edition = "2021"
description = "Real eBPF programs for RVF vector distance computation"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["network-programming", "os"]
keywords = ["rvf", "ebpf", "xdp", "bpf", "vector-acceleration"]
[dependencies]
rvf-types = { version = "0.2.0", path = "../rvf-types" }
sha3 = "0.10"
tempfile = "3"

57
vendor/ruvector/crates/rvf/rvf-ebpf/README.md vendored Normal file
View File

@@ -0,0 +1,57 @@
# rvf-ebpf
Real eBPF program compiler and embedder for RVF cognitive containers.
## What It Does
`rvf-ebpf` compiles real BPF C programs with `clang` and embeds them into `.rvf` files as `EBPF_SEG` segments. These programs provide kernel-level acceleration for vector operations.
## Included Programs
| Program | Type | Description |
|---------|------|-------------|
| `xdp_distance.c` | XDP | L2 vector distance computation with LRU vector cache using BPF maps |
| `socket_filter.c` | Socket Filter | Port-based allow-list access control with per-CPU counters |
| `tc_query_route.c` | TC Classifier | Query priority routing (hot/warm/cold traffic classes) |
## Usage
```rust
use rvf_ebpf::{EbpfCompiler, programs};
// Access real BPF C source
println!("{}", programs::XDP_DISTANCE);
println!("{}", programs::SOCKET_FILTER);
println!("{}", programs::TC_QUERY_ROUTE);
// Compile with clang (requires clang installed)
let compiler = EbpfCompiler::new()?;
let program = compiler.compile_source(
programs::SOCKET_FILTER,
EbpfProgramType::SocketFilter,
)?;
// Embed compiled ELF into RVF
store.embed_ebpf(
program.program_type as u8,
program.attach_type as u8,
1536,
&program.elf_bytes,
program.btf_bytes.as_deref(),
)?;
```
## Requirements
- `clang` with BPF target support (for compilation)
- Programs can also be pre-compiled and embedded as raw ELF bytes
## Tests
```bash
cargo test -p rvf-ebpf # 17 tests
```
## License
MIT OR Apache-2.0

112
vendor/ruvector/crates/rvf/rvf-ebpf/bpf/socket_filter.c vendored Normal file
View File

@@ -0,0 +1,112 @@
// SPDX-License-Identifier: GPL-2.0
//
// RVF Socket Filter: Port-Based Access Control
//
// This BPF socket filter enforces a simple port allow-list for RVF
// deployments. Only packets destined for explicitly allowed ports are
// passed through; everything else is dropped.
//
// Allowed ports are stored in a BPF hash map so they can be updated at
// runtime from userspace without reloading the program.
//
// Default allowed ports (populated by userspace loader):
// - 8080: RVF API / vector query endpoint
// - 2222: SSH management access
// - 9090: Prometheus metrics scraping
// - 6379: Optional Redis sidecar for caching
//
// Attach point: SO_ATTACH_BPF on a raw socket, or cgroup/skb.
#include "vmlinux.h"
/* ── Configuration ───────────────────────────────────────────────── */
#define MAX_ALLOWED_PORTS 64
/* ── BPF maps ────────────────────────────────────────────────────── */
/* Hash map: allowed destination ports. Key = port number, value = 1 */
struct {
__uint(type, BPF_MAP_TYPE_HASH);
__uint(max_entries, MAX_ALLOWED_PORTS);
__type(key, __u16);
__type(value, __u8);
} allowed_ports SEC(".maps");
/* Per-CPU array: drop/pass counters for observability */
struct port_stats {
__u64 passed;
__u64 dropped;
};
struct {
__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
__uint(max_entries, 1);
__type(key, __u32);
__type(value, struct port_stats);
} stats SEC(".maps");
/* ── Helpers ─────────────────────────────────────────────────────── */
static __always_inline void bump_stat(int is_pass)
{
__u32 zero = 0;
struct port_stats *s = bpf_map_lookup_elem(&stats, &zero);
if (s) {
if (is_pass)
s->passed++;
else
s->dropped++;
}
}
/* ── Socket filter entry point ───────────────────────────────────── */
SEC("socket")
int rvf_port_filter(struct __sk_buff *skb)
{
/* Load the protocol field from the IP header.
* For socket filters attached via SO_ATTACH_BPF, skb->data
* starts at the IP header (no Ethernet header). */
__u8 protocol = 0;
/* IP protocol field is at byte offset 9 in the IPv4 header */
bpf_skb_load_bytes(skb, 9, &protocol, 1);
__u16 dport = 0;
if (protocol == IPPROTO_TCP) {
/* TCP dest port: IP header (ihl*4) + offset 2 in TCP header */
__u8 ihl_byte = 0;
bpf_skb_load_bytes(skb, 0, &ihl_byte, 1);
__u32 ip_hdr_len = (ihl_byte & 0x0F) * 4;
__be16 raw_port = 0;
bpf_skb_load_bytes(skb, ip_hdr_len + 2, &raw_port, 2);
dport = bpf_ntohs(raw_port);
} else if (protocol == IPPROTO_UDP) {
__u8 ihl_byte = 0;
bpf_skb_load_bytes(skb, 0, &ihl_byte, 1);
__u32 ip_hdr_len = (ihl_byte & 0x0F) * 4;
__be16 raw_port = 0;
bpf_skb_load_bytes(skb, ip_hdr_len + 2, &raw_port, 2);
dport = bpf_ntohs(raw_port);
} else {
/* Non-TCP/UDP traffic: pass through (e.g. ICMP for health checks) */
bump_stat(1);
return skb->len;
}
/* Look up the destination port in the allow-list */
__u8 *allowed = bpf_map_lookup_elem(&allowed_ports, &dport);
if (allowed) {
bump_stat(1);
return skb->len; /* Pass: return original packet length */
}
bump_stat(0);
return 0; /* Drop: returning 0 truncates the packet */
}
char _license[] SEC("license") = "GPL";

156
vendor/ruvector/crates/rvf/rvf-ebpf/bpf/tc_query_route.c vendored Normal file
View File

@@ -0,0 +1,156 @@
// SPDX-License-Identifier: GPL-2.0
//
// RVF TC Query Router: Priority-Based Query Classification
//
// This TC (Traffic Control) classifier inspects incoming UDP packets
// destined for the RVF query port and classifies them into priority
// tiers based on the query type encoded in the RVF protocol header.
//
// Classification tiers (set via skb->tc_classid):
// TC_H_MAKE(1, 1) = "hot" queries (low-latency, cached vectors)
// TC_H_MAKE(1, 2) = "warm" queries (standard priority)
// TC_H_MAKE(1, 3) = "cold" queries (batch/bulk, best-effort)
//
// The query type is determined by inspecting the flags field in the
// RVF query header that follows the UDP payload.
//
// Attach: tc filter add dev <iface> ingress bpf da obj tc_query_route.o
#include "vmlinux.h"
/* ── Configuration ───────────────────────────────────────────────── */
#define RVF_PORT 8080
#define RVF_MAGIC 0x52564600 /* "RVF\0" big-endian */
/* TC classid helpers: major:minor */
#define TC_H_MAKE(maj, min) (((maj) << 16) | (min))
/* Priority classes */
#define CLASS_HOT TC_H_MAKE(1, 1)
#define CLASS_WARM TC_H_MAKE(1, 2)
#define CLASS_COLD TC_H_MAKE(1, 3)
/* RVF query flag bits (in the flags field of the extended header) */
#define RVF_FLAG_HOT_CACHE 0x01 /* Request L0 (BPF map) cache lookup */
#define RVF_FLAG_BATCH 0x02 /* Batch query mode */
#define RVF_FLAG_PREFETCH 0x04 /* Prefetch hint for warming cache */
#define RVF_FLAG_PRIORITY 0x08 /* Caller-requested high priority */
/* ── RVF query header (same as xdp_distance.c) ──────────────────── */
struct rvf_query_hdr {
__u32 magic; /* RVF_MAGIC */
__u16 dimension; /* vector dimension (network byte order) */
__u16 k; /* top-k requested */
__u64 query_id; /* caller-chosen query identifier */
__u32 flags; /* query flags (network byte order) */
} __attribute__((packed));
/* ── BPF maps ────────────────────────────────────────────────────── */
/* Per-CPU counters for each priority class */
struct class_stats {
__u64 hot;
__u64 warm;
__u64 cold;
__u64 passthrough;
};
struct {
__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
__uint(max_entries, 1);
__type(key, __u32);
__type(value, struct class_stats);
} tc_stats SEC(".maps");
/* ── Helpers ─────────────────────────────────────────────────────── */
static __always_inline void bump_class(int class_idx)
{
__u32 zero = 0;
struct class_stats *s = bpf_map_lookup_elem(&tc_stats, &zero);
if (!s)
return;
switch (class_idx) {
case 0: s->hot++; break;
case 1: s->warm++; break;
case 2: s->cold++; break;
default: s->passthrough++; break;
}
}
/* ── TC classifier entry point ───────────────────────────────────── */
SEC("tc")
int rvf_query_classify(struct __sk_buff *skb)
{
/* ── Parse IP protocol and header length ─────────────────────── */
__u8 ihl_byte = 0;
if (bpf_skb_load_bytes(skb, 0, &ihl_byte, 1) < 0)
return TC_ACT_OK;
__u32 ip_hdr_len = (__u32)(ihl_byte & 0x0F) * 4;
if (ip_hdr_len < 20)
return TC_ACT_OK;
__u8 protocol = 0;
if (bpf_skb_load_bytes(skb, 9, &protocol, 1) < 0)
return TC_ACT_OK;
if (protocol != IPPROTO_UDP) {
bump_class(3);
return TC_ACT_OK;
}
/* ── Parse UDP destination port ──────────────────────────────── */
__be16 raw_dport = 0;
if (bpf_skb_load_bytes(skb, ip_hdr_len + 2, &raw_dport, 2) < 0)
return TC_ACT_OK;
__u16 dport = bpf_ntohs(raw_dport);
if (dport != RVF_PORT) {
bump_class(3);
return TC_ACT_OK;
}
/* ── Parse RVF query header (after 8-byte UDP header) ────────── */
__u32 rvf_offset = ip_hdr_len + 8; /* IP hdr + UDP hdr */
struct rvf_query_hdr qhdr;
__bpf_memset(&qhdr, 0, sizeof(qhdr));
if (bpf_skb_load_bytes(skb, rvf_offset, &qhdr, sizeof(qhdr)) < 0) {
bump_class(3);
return TC_ACT_OK;
}
if (qhdr.magic != bpf_htonl(RVF_MAGIC)) {
bump_class(3);
return TC_ACT_OK;
}
/* ── Classify based on flags ─────────────────────────────────── */
__u32 flags = bpf_ntohl(qhdr.flags);
if (flags & RVF_FLAG_PRIORITY || flags & RVF_FLAG_HOT_CACHE) {
/* Hot path: low-latency cached query */
skb->tc_classid = CLASS_HOT;
bump_class(0);
return TC_ACT_OK;
}
if (flags & RVF_FLAG_BATCH) {
/* Cold path: bulk/batch query, best-effort */
skb->tc_classid = CLASS_COLD;
bump_class(2);
return TC_ACT_OK;
}
/* Default: warm / standard priority */
skb->tc_classid = CLASS_WARM;
bump_class(1);
return TC_ACT_OK;
}
char _license[] SEC("license") = "GPL";

243
vendor/ruvector/crates/rvf/rvf-ebpf/bpf/vmlinux.h vendored Normal file
View File

@@ -0,0 +1,243 @@
/* SPDX-License-Identifier: GPL-2.0 */
/* Minimal BPF type stubs for RVF eBPF programs.
*
* This header provides the essential kernel type definitions so that
* BPF C programs can compile without requiring the full kernel headers.
* In production, replace this with the vmlinux.h generated by:
* bpftool btf dump file /sys/kernel/btf/vmlinux format c
*/
#ifndef __VMLINUX_H__
#define __VMLINUX_H__
/* ── Scalar typedefs ─────────────────────────────────────────────── */
typedef unsigned char __u8;
typedef unsigned short __u16;
typedef unsigned int __u32;
typedef unsigned long long __u64;
typedef signed char __s8;
typedef signed short __s16;
typedef signed int __s32;
typedef signed long long __s64;
typedef __u16 __be16;
typedef __u32 __be32;
typedef __u64 __be64;
typedef __u16 __sum16;
/* ── Ethernet ────────────────────────────────────────────────────── */
#define ETH_ALEN 6
#define ETH_P_IP 0x0800
#define ETH_P_IPV6 0x86DD
struct ethhdr {
unsigned char h_dest[ETH_ALEN];
unsigned char h_source[ETH_ALEN];
__be16 h_proto;
} __attribute__((packed));
/* ── IPv4 ────────────────────────────────────────────────────────── */
#define IPPROTO_TCP 6
#define IPPROTO_UDP 17
struct iphdr {
#if defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
__u8 ihl:4,
version:4;
#else
__u8 version:4,
ihl:4;
#endif
__u8 tos;
__be16 tot_len;
__be16 id;
__be16 frag_off;
__u8 ttl;
__u8 protocol;
__sum16 check;
__be32 saddr;
__be32 daddr;
} __attribute__((packed));
/* ── UDP ─────────────────────────────────────────────────────────── */
struct udphdr {
__be16 source;
__be16 dest;
__be16 len;
__sum16 check;
} __attribute__((packed));
/* ── TCP ─────────────────────────────────────────────────────────── */
struct tcphdr {
__be16 source;
__be16 dest;
__be32 seq;
__be32 ack_seq;
#if defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
__u16 res1:4,
doff:4,
fin:1,
syn:1,
rst:1,
psh:1,
ack:1,
urg:1,
ece:1,
cwr:1;
#else
__u16 doff:4,
res1:4,
cwr:1,
ece:1,
urg:1,
ack:1,
psh:1,
rst:1,
syn:1,
fin:1;
#endif
__be16 window;
__sum16 check;
__be16 urg_ptr;
} __attribute__((packed));
/* ── XDP context ─────────────────────────────────────────────────── */
struct xdp_md {
__u32 data;
__u32 data_end;
__u32 data_meta;
__u32 ingress_ifindex;
__u32 rx_queue_index;
__u32 egress_ifindex;
};
/* XDP return codes */
#define XDP_ABORTED 0
#define XDP_DROP 1
#define XDP_PASS 2
#define XDP_TX 3
#define XDP_REDIRECT 4
/* ── TC (Traffic Control) context ────────────────────────────────── */
struct __sk_buff {
__u32 len;
__u32 pkt_type;
__u32 mark;
__u32 queue_mapping;
__u32 protocol;
__u32 vlan_present;
__u32 vlan_tci;
__u32 vlan_proto;
__u32 priority;
__u32 ingress_ifindex;
__u32 ifindex;
__u32 tc_index;
__u32 cb[5];
__u32 hash;
__u32 tc_classid;
__u32 data;
__u32 data_end;
__u32 napi_id;
__u32 family;
__u32 remote_ip4;
__u32 local_ip4;
__u32 remote_ip6[4];
__u32 local_ip6[4];
__u32 remote_port;
__u32 local_port;
__u32 data_meta;
};
/* TC action return codes */
#define TC_ACT_UNSPEC (-1)
#define TC_ACT_OK 0
#define TC_ACT_RECLASSIFY 1
#define TC_ACT_SHOT 2
#define TC_ACT_PIPE 3
#define TC_ACT_STOLEN 4
#define TC_ACT_QUEUED 5
#define TC_ACT_REPEAT 6
#define TC_ACT_REDIRECT 7
/* ── BPF map type constants ──────────────────────────────────────── */
#define BPF_MAP_TYPE_HASH 1
#define BPF_MAP_TYPE_ARRAY 2
#define BPF_MAP_TYPE_PERCPU_ARRAY 6
#define BPF_MAP_TYPE_LRU_HASH 9
/* ── BPF helper function declarations ────────────────────────────── */
/* SEC / __always_inline macros (if not using bpf/bpf_helpers.h) */
#ifndef SEC
#define SEC(name) \
_Pragma("GCC diagnostic push") \
_Pragma("GCC diagnostic ignored \"-Wignored-attributes\"") \
__attribute__((section(name), used)) \
_Pragma("GCC diagnostic pop")
#endif
#ifndef __always_inline
#define __always_inline inline __attribute__((always_inline))
#endif
#ifndef __uint
#define __uint(name, val) int (*name)[val]
#endif
#ifndef __type
#define __type(name, val) typeof(val) *name
#endif
/* ── BPF helper IDs (from linux/bpf.h) ──────────────────────────── */
static void *(*bpf_map_lookup_elem)(void *map, const void *key) = (void *) 1;
static long (*bpf_map_update_elem)(void *map, const void *key,
const void *value, __u64 flags) = (void *) 2;
static long (*bpf_map_delete_elem)(void *map, const void *key) = (void *) 3;
static __u64 (*bpf_ktime_get_ns)(void) = (void *) 5;
static long (*bpf_trace_printk)(const char *fmt, __u32 fmt_size, ...) = (void *) 6;
static __u32 (*bpf_get_smp_processor_id)(void) = (void *) 8;
static long (*bpf_skb_store_bytes)(struct __sk_buff *skb, __u32 offset,
const void *from, __u32 len,
__u64 flags) = (void *) 9;
static long (*bpf_skb_load_bytes)(const struct __sk_buff *skb, __u32 offset,
void *to, __u32 len) = (void *) 26;
static __u32 (*bpf_get_prandom_u32)(void) = (void *) 7;
/* ── Endian helpers ──────────────────────────────────────────────── */
#ifndef bpf_htons
#define bpf_htons(x) __builtin_bswap16(x)
#endif
#ifndef bpf_ntohs
#define bpf_ntohs(x) __builtin_bswap16(x)
#endif
#ifndef bpf_htonl
#define bpf_htonl(x) __builtin_bswap32(x)
#endif
#ifndef bpf_ntohl
#define bpf_ntohl(x) __builtin_bswap32(x)
#endif
/* memcpy/memset for BPF -- must use builtins */
#ifndef __bpf_memcpy
#define __bpf_memcpy __builtin_memcpy
#endif
#ifndef __bpf_memset
#define __bpf_memset __builtin_memset
#endif
#endif /* __VMLINUX_H__ */

247
vendor/ruvector/crates/rvf/rvf-ebpf/bpf/xdp_distance.c vendored Normal file
View File

@@ -0,0 +1,247 @@
// SPDX-License-Identifier: GPL-2.0
//
// RVF XDP Vector Distance Computation
//
// Computes squared L2 distance between a query vector received in a
// UDP packet and stored vectors cached in a BPF LRU hash map. Results
// are written to a per-CPU array map for lock-free retrieval by
// userspace via bpf_map_lookup_elem.
//
// Wire format of an RVF query packet:
// Ethernet | IPv4 | UDP (dst port RVF_PORT) | rvf_query_hdr | f32[dim]
//
// The program only handles packets destined for RVF_PORT and bearing
// the correct magic number. All other traffic is passed through
// unchanged (XDP_PASS).
#include "vmlinux.h"
#define MAX_DIM 512
#define MAX_K 64
#define RVF_PORT 8080
#define RVF_MAGIC 0x52564600 /* "RVF\0" in big-endian */
/* ── RVF query packet header (follows UDP) ───────────────────────── */
struct rvf_query_hdr {
__u32 magic; /* RVF_MAGIC */
__u16 dimension; /* vector dimension (network byte order) */
__u16 k; /* top-k neighbours requested */
__u64 query_id; /* caller-chosen query identifier */
} __attribute__((packed));
/* ── Per-query result structure ──────────────────────────────────── */
struct query_result {
__u64 query_id;
__u32 count;
__u64 ids[MAX_K];
__u32 distances[MAX_K]; /* squared L2, fixed-point */
};
/* ── BPF maps ────────────────────────────────────────────────────── */
/* LRU hash map: caches hot vectors (vector_id -> f32[MAX_DIM]) */
struct {
__uint(type, BPF_MAP_TYPE_LRU_HASH);
__uint(max_entries, 4096);
__type(key, __u64);
__type(value, __u8[MAX_DIM * 4]);
} vector_cache SEC(".maps");
/* Per-CPU array: one result slot per CPU for lock-free writes */
struct {
__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
__uint(max_entries, 1);
__type(key, __u32);
__type(value, struct query_result);
} results SEC(".maps");
/* Array map: list of cached vector IDs for iteration */
struct {
__uint(type, BPF_MAP_TYPE_ARRAY);
__uint(max_entries, 4096);
__type(key, __u32);
__type(value, __u64);
} vector_ids SEC(".maps");
/* Array map: single entry holding the count of populated IDs */
struct {
__uint(type, BPF_MAP_TYPE_ARRAY);
__uint(max_entries, 1);
__type(key, __u32);
__type(value, __u32);
} id_count SEC(".maps");
/* ── Helpers ─────────────────────────────────────────────────────── */
/*
* Compute squared L2 distance between two vectors stored as raw bytes.
*
* Both `a` and `b` point to dim * 4 bytes of IEEE-754 f32 data.
* We reinterpret each 4-byte group as a __u32 and use integer
* subtraction as a rough fixed-point proxy -- this is an approximation
* suitable for ranking, not exact float arithmetic, because the BPF
* verifier does not support floating-point instructions.
*/
static __always_inline __u64 l2_distance_sq(
const __u8 *a, const __u8 *b, __u16 dim)
{
__u64 sum = 0;
__u16 i;
/* Bounded loop: the verifier requires a compile-time upper bound. */
#pragma unroll
for (i = 0; i < MAX_DIM; i++) {
if (i >= dim)
break;
__u32 va, vb;
__builtin_memcpy(&va, a + (__u32)i * 4, 4);
__builtin_memcpy(&vb, b + (__u32)i * 4, 4);
__s32 diff = (__s32)va - (__s32)vb;
sum += (__u64)((__s64)diff * (__s64)diff);
}
return sum;
}
/*
* Insert a (distance, id) pair into a max-heap of size k stored in the
* result arrays. We keep the worst (largest) distance at index 0 so
* eviction is O(1). This is a simplified sift-down for bounded k.
*/
static __always_inline void heap_insert(
struct query_result *res, __u32 k, __u64 vid, __u32 dist)
{
if (res->count < k) {
__u32 idx = res->count;
if (idx < MAX_K) {
res->ids[idx] = vid;
res->distances[idx] = dist;
res->count++;
}
return;
}
/* Find the current worst (max) distance in the heap */
__u32 worst_idx = 0;
__u32 worst_dist = 0;
__u32 i;
#pragma unroll
for (i = 0; i < MAX_K; i++) {
if (i >= res->count)
break;
if (res->distances[i] > worst_dist) {
worst_dist = res->distances[i];
worst_idx = i;
}
}
/* Evict the worst if the new distance is better */
if (dist < worst_dist && worst_idx < MAX_K) {
res->ids[worst_idx] = vid;
res->distances[worst_idx] = dist;
}
}
/* ── XDP entry point ─────────────────────────────────────────────── */
SEC("xdp")
int xdp_vector_distance(struct xdp_md *ctx)
{
void *data = (void *)(__u64)ctx->data;
void *data_end = (void *)(__u64)ctx->data_end;
/* ── Parse Ethernet ──────────────────────────────────────────── */
struct ethhdr *eth = data;
if ((void *)(eth + 1) > data_end)
return XDP_PASS;
if (eth->h_proto != bpf_htons(ETH_P_IP))
return XDP_PASS;
/* ── Parse IPv4 ──────────────────────────────────────────────── */
struct iphdr *iph = (void *)(eth + 1);
if ((void *)(iph + 1) > data_end)
return XDP_PASS;
if (iph->protocol != IPPROTO_UDP)
return XDP_PASS;
/* ── Parse UDP ───────────────────────────────────────────────── */
struct udphdr *udph = (void *)iph + (iph->ihl * 4);
if ((void *)(udph + 1) > data_end)
return XDP_PASS;
if (bpf_ntohs(udph->dest) != RVF_PORT)
return XDP_PASS;
/* ── Parse RVF query header ──────────────────────────────────── */
struct rvf_query_hdr *qhdr = (void *)(udph + 1);
if ((void *)(qhdr + 1) > data_end)
return XDP_PASS;
if (qhdr->magic != bpf_htonl(RVF_MAGIC))
return XDP_PASS;
__u16 dim = bpf_ntohs(qhdr->dimension);
__u16 k = bpf_ntohs(qhdr->k);
if (dim == 0 || dim > MAX_DIM)
return XDP_PASS;
if (k == 0 || k > MAX_K)
return XDP_PASS;
/* ── Bounds-check the query vector payload ───────────────────── */
__u8 *query_vec = (__u8 *)(qhdr + 1);
if ((void *)(query_vec + (__u32)dim * 4) > data_end)
return XDP_PASS;
/* ── Get the result slot for this CPU ────────────────────────── */
__u32 zero = 0;
struct query_result *result = bpf_map_lookup_elem(&results, &zero);
if (!result)
return XDP_PASS;
result->query_id = qhdr->query_id;
result->count = 0;
/* ── Get the number of cached vectors ────────────────────────── */
__u32 *cnt_ptr = bpf_map_lookup_elem(&id_count, &zero);
__u32 vec_count = cnt_ptr ? *cnt_ptr : 0;
if (vec_count > 4096)
vec_count = 4096;
/* ── Scan cached vectors, maintaining a top-k heap ───────────── */
__u32 idx;
#pragma unroll
for (idx = 0; idx < 256; idx++) {
if (idx >= vec_count)
break;
__u64 *vid_ptr = bpf_map_lookup_elem(&vector_ids, &idx);
if (!vid_ptr)
continue;
__u64 vid = *vid_ptr;
__u8 *stored = bpf_map_lookup_elem(&vector_cache, &vid);
if (!stored)
continue;
__u64 dist_sq = l2_distance_sq(query_vec, stored, dim);
/* Truncate to u32 for storage (upper bits are rarely needed
* for ranking among cached vectors). */
__u32 dist32 = (dist_sq > 0xFFFFFFFF) ? 0xFFFFFFFF : (__u32)dist_sq;
heap_insert(result, k, vid, dist32);
}
/* Let the packet continue to userspace for full-index search.
* The XDP path only accelerates the L0 cache lookup; userspace
* merges the BPF result with the full RVF index result. */
return XDP_PASS;
}
char _license[] SEC("license") = "GPL";

1082
vendor/ruvector/crates/rvf/rvf-ebpf/src/lib.rs vendored Normal file
View File

File diff suppressed because it is too large Load Diff

32
vendor/ruvector/crates/rvf/rvf-federation/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,32 @@
[package]
name = "rvf-federation"
version = "0.1.0"
edition = "2021"
description = "Federated RVF transfer learning -- PII stripping, differential privacy, federated averaging"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["science", "cryptography"]
keywords = ["federated-learning", "differential-privacy", "transfer-learning", "rvf"]
rust-version = "1.87"
[features]
default = ["std"]
std = []
serde = ["dep:serde"]
[dependencies]
serde = { version = "1", default-features = false, features = ["derive"], optional = true }
sha3 = { version = "0.10", default-features = false }
rand = { version = "0.8", default-features = false, features = ["std", "std_rng"] }
rand_distr = { version = "0.4", default-features = false }
regex = "1"
thiserror = "2"
[dev-dependencies]
criterion = { version = "0.5", features = ["html_reports"] }
[[bench]]
name = "federation_bench"
harness = false

333
vendor/ruvector/crates/rvf/rvf-federation/README.md vendored Normal file
View File

@@ -0,0 +1,333 @@
# rvf-federation
[![Crates.io](https://img.shields.io/crates/v/rvf-federation.svg)](https://crates.io/crates/rvf-federation)
[![docs.rs](https://img.shields.io/docsrs/rvf-federation)](https://docs.rs/rvf-federation)
[![License: MIT OR Apache-2.0](https://img.shields.io/badge/License-MIT%20OR%20Apache--2.0-blue.svg)](https://opensource.org/licenses/MIT)
[![Rust 1.87+](https://img.shields.io/badge/rust-1.87%2B-orange.svg)](https://www.rust-lang.org)
**Privacy-preserving federated transfer learning for the RVF format.**
```toml
rvf-federation = "0.1"
```
RuVector users independently accumulate learning patterns -- SONA weight trajectories, policy kernel configurations, domain expansion priors, HNSW tuning parameters. Today that learning is siloed. `rvf-federation` implements the inter-user federation layer defined in [ADR-057](../../../docs/adr/ADR-057-federated-rvf-transfer-learning.md): it strips PII, injects differential privacy noise, packages transferable learning as RVF segments, and merges incoming learning with formal privacy guarantees.
| | rvf-federation | Siloed learning | Manual sharing |
|---|---|---|---|
| **Privacy** | 3-stage PII stripping + calibrated DP noise | N/A -- nothing leaves the machine | Trust the sender |
| **Knowledge reuse** | New users bootstrap from community priors | Every deployment starts cold | Copy-paste config files |
| **Integrity** | Witness chain + Ed25519/ML-DSA-65 signatures | N/A | No verification |
| **Aggregation** | FedAvg, FedProx, Byzantine-tolerant averaging | N/A | Manual merge |
| **Privacy accounting** | RDP composition with formal epsilon budget | N/A | N/A |
## Quick Start
```rust
use rvf_federation::{
ExportBuilder, DiffPrivacyEngine, FederationPolicy,
TransferPriorSet, TransferPriorEntry, BetaParams,
};
// 1. Build an export from local learning
let priors = TransferPriorSet {
source_domain: "code_review".into(),
entries: vec![TransferPriorEntry {
bucket_id: "medium_algorithm".into(),
arm_id: "arm_0".into(),
params: BetaParams::new(10.0, 5.0),
observation_count: 50,
}],
cost_ema: 0.85,
};
// 2. Configure differential privacy (epsilon=1.0, delta=1e-5)
let mut dp = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 1.0).unwrap();
// 3. Build: PII strip -> DP noise -> assemble manifest
let export = ExportBuilder::new("alice_pseudo".into(), "code_review".into())
.with_policy(FederationPolicy::default())
.add_priors(priors)
.add_string_field("config_path".into(), "/home/alice/project/.config".into())
.build(&mut dp)
.unwrap();
assert_eq!(export.manifest.format_version, 1);
assert!(export.redaction_log.total_redactions >= 1); // PII was stripped
assert!(export.privacy_proof.epsilon > 0.0); // DP noise was applied
```
## Key Features
| Feature | What It Does | Why It Matters |
|---|---|---|
| **PII stripping** | 3-stage pipeline: detect, redact, attest | No personal data leaves the local machine |
| **Differential privacy** | Gaussian/Laplace noise with RDP accounting | Formal mathematical privacy guarantee per export |
| **Gradient clipping** | Bound L2 norms before aggregation | Limits any single user's influence on the aggregate |
| **FedAvg / FedProx** | Federated averaging with optional proximal term | Industry-standard aggregation (McMahan et al. 2017) |
| **Byzantine tolerance** | Outlier detection by L2-norm z-score | Malicious contributions are excluded automatically |
| **Version-aware merging** | Dampened confidence for cross-version imports | Older learning still helps, with reduced weight |
| **Selective sharing** | Allowlist/denylist for segments and domains | Users control exactly what they share |
## Architecture
```
Local Engine Remote
+------------------+ +------------+ +---------+ +----------+
| TransferPriors |--->| |--->| |---->| |
| PolicyKernels | | PII Strip | | DP | | RVF | Registry
| CostCurves | | (3-stage) | | Noise | | Export |----> (GCS)
| LoRA Weights | | | | | | Builder | |
+------------------+ +------------+ +---------+ +----------+ |
v
+------------------+ +------------+ +---------+ +----------+ +--------+
| Merged Learning |<---| Version- |<---| Import |<----| Validate |<-| Import |
| (local engines) | | Aware | | Merger | | (sig + | | (pull) |
| | | Merge | | | | witness) | +--------+
+------------------+ +------------+ +---------+ +----------+
```
## Modules
| Module | Description |
|---|---|
| `types` | Four new RVF segment payload types (0x33-0x36) plus federation data structures |
| `error` | 15 error variants covering privacy, validation, aggregation, and I/O failures |
| `pii_strip` | Three-stage PII stripping pipeline with 12 built-in detection rules |
| `diff_privacy` | Gaussian/Laplace noise engines, gradient clipping, RDP privacy accountant |
| `federation` | `ExportBuilder` and `ImportMerger` implementing the ADR-057 transfer protocol |
| `aggregate` | `FederatedAggregator` with FedAvg, FedProx, and Byzantine-tolerant strategies |
| `policy` | `FederationPolicy` for selective sharing with allowlists, denylists, and rate limits |
## Segment Types
Four new RVF segment types extend the `0x30-0x32` domain expansion range:
| Code | Name | Purpose |
|---|---|---|
| `0x33` | `FederatedManifest` | Describes the export: contributor pseudonym, timestamp, included segments, privacy budget spent |
| `0x34` | `DiffPrivacyProof` | Privacy attestation: epsilon/delta, mechanism, sensitivity, clipping norm, noise scale |
| `0x35` | `RedactionLog` | PII stripping attestation: redaction counts by category, pre-redaction content hash, rules fired |
| `0x36` | `AggregateWeights` | Federated-averaged LoRA deltas with participation count, round number, confidence scores |
Readers that do not recognize these segment types skip them per the RVF forward-compatibility rule. Existing `TransferPrior (0x30)`, `PolicyKernel (0x31)`, `CostCurve (0x32)`, `Witness`, and `Crypto` segments are reused as-is.
## PII Stripping Pipeline
`PiiStripper` runs a three-stage pipeline on every string field before it leaves the local machine.
**Stage 1 -- Detection.** Twelve built-in regex rules scan for:
- Unix and Windows file paths (`/home/user/...`, `C:\Users\...`)
- IPv4 and IPv6 addresses
- Email addresses
- API keys (`sk-...`, `AKIA...`, `ghp_...`, Bearer tokens)
- Environment variable references (`$HOME`, `%USERPROFILE%`)
- Usernames (`@handle`)
Custom rules can be registered with `add_rule()`.
**Stage 2 -- Redaction.** Detected PII is replaced with deterministic pseudonyms (`<PATH_1>`, `<IP_2>`, `<REDACTED_KEY>`). The same original value always maps to the same pseudonym within a single export, preserving structural relationships without revealing content.
**Stage 3 -- Attestation.** A `RedactionLog (0x35)` segment is generated containing redaction counts by category, the SHAKE-256 hash of the pre-redaction content (proves scanning happened without revealing it), and the rules that fired.
```rust
use rvf_federation::PiiStripper;
let mut stripper = PiiStripper::new();
let fields = vec![
("config", "/home/alice/project/.env"),
("server", "connecting to 10.0.0.1:8080"),
("note", "no pii here"),
];
let (redacted, log) = stripper.strip_fields(&fields);
assert_eq!(log.fields_scanned, 3);
assert!(log.total_redactions >= 2);
assert!(redacted[2].1 == "no pii here"); // clean fields pass through
```
## Differential Privacy
### Noise Mechanisms
| Mechanism | Privacy Model | Noise Distribution | Use Case |
|---|---|---|---|
| Gaussian | (epsilon, delta)-DP | N(0, sigma^2) where sigma = S * sqrt(2 ln(1.25/delta)) / epsilon | Default; tighter for large parameter counts |
| Laplace | Pure epsilon-DP | Laplace(0, S/epsilon) | Stronger guarantee; no delta term |
### Gradient Clipping
Before noise injection, all parameter vectors are clipped to a configurable L2 norm bound. This limits the sensitivity of the aggregation to any single user's contribution.
### Privacy Accountant
`PrivacyAccountant` tracks cumulative privacy loss using Renyi Differential Privacy (RDP) composition across 16 alpha orders. RDP composition is tighter than naive (epsilon, delta)-DP composition, meaning more exports fit within the same budget.
```rust
use rvf_federation::PrivacyAccountant;
let mut accountant = PrivacyAccountant::new(10.0, 1e-5); // budget: eps=10, delta=1e-5
accountant.record_gaussian(1.0, 1.0, 1e-5, 100);
assert!(accountant.remaining_budget() > 0.0);
assert!(!accountant.is_exhausted());
```
## Federation Strategies
| Strategy | Algorithm | Weighting | When to Use |
|---|---|---|---|
| `FedAvg` | Federated Averaging (McMahan et al.) | Trajectory count | Default; most scenarios |
| `FedProx` | Proximal regularization | Trajectory count + mu penalty | Heterogeneous data distributions |
| `WeightedAverage` | Simple weighted mean | Quality/reputation score | When contributor reputation varies widely |
| Byzantine detection | L2-norm z-score filtering | Outliers > 2 std removed | Always runs before aggregation |
```rust
use rvf_federation::{FederatedAggregator, AggregationStrategy};
use rvf_federation::aggregate::Contribution;
let mut agg = FederatedAggregator::new("code_review".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2)
.with_byzantine_threshold(2.0);
agg.add_contribution(Contribution {
contributor: "alice".into(),
weights: vec![1.0, 2.0, 3.0],
quality_weight: 0.9,
trajectory_count: 100,
});
agg.add_contribution(Contribution {
contributor: "bob".into(),
weights: vec![1.2, 1.8, 3.1],
quality_weight: 0.85,
trajectory_count: 80,
});
let result = agg.aggregate().unwrap();
assert_eq!(result.participation_count, 2);
assert_eq!(result.lora_deltas.len(), 3);
```
## Performance Benchmarks
Measured on an AMD64 Linux system with Criterion.
| Benchmark | Time |
|---|---|
| PII detect (single string) | 756 ns |
| PII strip (10 fields) | 44 us |
| PII strip (100 fields) | 303 us |
| Gaussian noise (100 params) | 4.7 us |
| Gaussian noise (10k params) | 334 us |
| Gradient clipping (1k params) | 487 ns |
| Privacy accountant (100 rounds) | 1.0 us |
| FedAvg (10 contrib, 100 dim) | 3.9 us |
| FedAvg (100 contrib, 1k dim) | 365 us |
| Byzantine detection (50 contrib) | 12 us |
| Full export pipeline | 1.2 ms |
| Merge 100 priors | 28 us |
## Feature Flags
| Flag | Default | What It Enables |
|---|---|---|
| `std` | Yes | Standard library support (required) |
| `serde` | No | Derive `Serialize`/`Deserialize` on all public types |
```toml
[dependencies]
rvf-federation = { version = "0.1", features = ["serde"] }
```
## API Overview
### Core Types
| Type | Description |
|---|---|
| `FederatedManifest` | Export metadata: contributor pseudonym, domain, timestamp, privacy budget spent |
| `DiffPrivacyProof` | Privacy attestation: epsilon, delta, mechanism, sensitivity, noise scale |
| `RedactionLog` | PII stripping attestation: entries by category, pre-redaction hash, field count |
| `AggregateWeights` | Federated-averaged LoRA deltas with round number, participation count, confidences |
| `BetaParams` | Beta distribution parameters for Thompson Sampling priors (merge, dampen, mean) |
### Transfer Types
| Type | Description |
|---|---|
| `TransferPriorEntry` | Single context bucket prior: bucket ID, arm ID, Beta params, observation count |
| `TransferPriorSet` | Collection of priors from a trained domain with cost EMA |
| `PolicyKernelSnapshot` | Snapshot of tunable policy knob values with fitness score |
| `CostCurveSnapshot` | Ordered (step, cost) points with acceleration factor |
### Aggregation Types
| Type | Description |
|---|---|
| `FederatedAggregator` | Aggregation server: collects contributions, detects outliers, produces `AggregateWeights` |
| `AggregationStrategy` | `FedAvg`, `FedProx { mu }`, or `WeightedAverage` |
| `Contribution` | Single participant's weight vector with quality and trajectory metadata |
### Protocol Types
| Type | Description |
|---|---|
| `ExportBuilder` | Builder pattern: add priors/kernels/weights, PII-strip, DP-noise, produce `FederatedExport` |
| `ImportMerger` | Validate imports, merge priors with version-aware dampening, merge weights |
| `FederatedExport` | Completed export: manifest + redaction log + privacy proof + learning data |
| `FederationPolicy` | Selective sharing: allowlists, denylists, quality gate, rate limit, privacy budget |
| `PiiStripper` | Three-stage PII pipeline: detect, redact, attest |
| `DiffPrivacyEngine` | Noise injection with Gaussian or Laplace mechanism and gradient clipping |
| `PrivacyAccountant` | RDP-based cumulative privacy loss tracker |
### Error Types
`FederationError` covers 15 variants:
| Variant | Trigger |
|---|---|
| `PrivacyBudgetExhausted` | Cumulative epsilon exceeds limit |
| `InvalidEpsilon` | Epsilon <= 0 |
| `InvalidDelta` | Delta outside (0, 1) |
| `SegmentValidation` | Malformed segment data |
| `VersionMismatch` | Incompatible format version |
| `SignatureVerification` | Ed25519/ML-DSA-65 signature check failed |
| `WitnessChainBroken` | Witness chain has a gap or tampered entry |
| `InsufficientObservations` | Prior has too few observations for export |
| `QualityBelowThreshold` | Trajectory quality below policy minimum |
| `RateLimited` | Export rate limit exceeded |
| `PiiLeakDetected` | PII found after stripping (defense-in-depth) |
| `ByzantineOutlier` | Contribution flagged as adversarial |
| `InsufficientContributions` | Not enough participants for aggregation round |
| `Serialization` | Encoding/decoding failure |
| `Io` | I/O operation failure |
## Related Crates
| Crate | Relationship |
|---|---|
| [`rvf-types`](../rvf-types) | Core RVF segment definitions; `rvf-federation` defines its own payload types to avoid circular deps |
| [`ruvector-domain-expansion`](../../ruvector-domain-expansion) | Source of `TransferPrior`, `PolicyKernel`, `CostCurve`; federation exports these as RVF segments |
| [`sona`](../../sona) | SONA learning engine; `FederatedCoordinator` handles intra-deployment aggregation, `rvf-federation` handles inter-user |
| [`rvf-crypto`](../rvf-crypto) | Ed25519 signatures and SHAKE-256 hashing used for witness chains and segment integrity |
## Testing
54 tests across all modules:
```bash
cargo test -p rvf-federation
```
Benchmarks:
```bash
cargo bench -p rvf-federation
```
## License
MIT OR Apache-2.0
---
Part of [RuVector](https://github.com/ruvnet/ruvector) -- the self-learning vector database.

213
vendor/ruvector/crates/rvf/rvf-federation/benches/federation_bench.rs vendored Normal file
View File

@@ -0,0 +1,213 @@
//! Benchmarks for rvf-federation crate.
use criterion::{criterion_group, criterion_main, Criterion, black_box};
use rvf_federation::*;
use rvf_federation::aggregate::{FederatedAggregator, AggregationStrategy, Contribution};
use rvf_federation::diff_privacy::{DiffPrivacyEngine, PrivacyAccountant};
use rvf_federation::pii_strip::PiiStripper;
use rvf_federation::federation::{ExportBuilder, ImportMerger};
use rvf_federation::policy::FederationPolicy;
fn bench_pii_strip(c: &mut Criterion) {
let mut group = c.benchmark_group("pii_strip");
group.bench_function("detect_mixed_pii", |b| {
let stripper = PiiStripper::new();
let input = "file at /home/alice/project/main.rs, ip 192.168.1.100, email alice@example.com, key sk-abcdefghijklmnopqrstuv12";
b.iter(|| {
black_box(stripper.contains_pii(black_box(input)));
});
});
group.bench_function("strip_10_fields", |b| {
let fields: Vec<(&str, &str)> = (0..10).map(|i| {
if i % 3 == 0 {
("path", "/home/user/data/file.csv")
} else if i % 3 == 1 {
("ip", "server at 10.0.0.1:8080")
} else {
("clean", "no pii here at all")
}
}).collect();
b.iter(|| {
let mut stripper = PiiStripper::new();
black_box(stripper.strip_fields(black_box(&fields)));
});
});
group.bench_function("strip_100_fields", |b| {
let fields: Vec<(&str, &str)> = (0..100).map(|i| {
if i % 5 == 0 {
("path", "/home/user/data/file.csv")
} else {
("clean", "just normal text content")
}
}).collect();
b.iter(|| {
let mut stripper = PiiStripper::new();
black_box(stripper.strip_fields(black_box(&fields)));
});
});
group.finish();
}
fn bench_diff_privacy(c: &mut Criterion) {
let mut group = c.benchmark_group("diff_privacy");
group.bench_function("gaussian_noise_100_params", |b| {
b.iter(|| {
let mut engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0).unwrap().with_seed(42);
let mut params: Vec<f64> = (0..100).map(|i| i as f64 * 0.01).collect();
black_box(engine.add_noise(black_box(&mut params)));
});
});
group.bench_function("gaussian_noise_10000_params", |b| {
b.iter(|| {
let mut engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0).unwrap().with_seed(42);
let mut params: Vec<f64> = (0..10_000).map(|i| i as f64 * 0.0001).collect();
black_box(engine.add_noise(black_box(&mut params)));
});
});
group.bench_function("gradient_clipping_1000", |b| {
let engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 1.0).unwrap();
b.iter(|| {
let mut grads: Vec<f64> = (0..1000).map(|i| (i as f64).sin()).collect();
engine.clip_gradients(black_box(&mut grads));
});
});
group.bench_function("privacy_accountant_100_rounds", |b| {
b.iter(|| {
let mut acc = PrivacyAccountant::new(100.0, 1e-5);
for _ in 0..100 {
acc.record_gaussian(1.0, 1.0, 1e-5, 100);
}
black_box(acc.current_epsilon());
});
});
group.finish();
}
fn bench_aggregation(c: &mut Criterion) {
let mut group = c.benchmark_group("aggregation");
group.bench_function("fedavg_10_contributors_100_dim", |b| {
b.iter(|| {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
for i in 0..10 {
agg.add_contribution(Contribution {
contributor: format!("c_{}", i),
weights: (0..100).map(|j| (i as f64 + j as f64) * 0.01).collect(),
quality_weight: 0.8 + (i as f64) * 0.02,
trajectory_count: 100 + i * 10,
});
}
black_box(agg.aggregate().unwrap());
});
});
group.bench_function("fedavg_100_contributors_1000_dim", |b| {
b.iter(|| {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
for i in 0..100 {
agg.add_contribution(Contribution {
contributor: format!("c_{}", i),
weights: (0..1000).map(|j| (i as f64 + j as f64) * 0.001).collect(),
quality_weight: 0.8,
trajectory_count: 100,
});
}
black_box(agg.aggregate().unwrap());
});
});
group.bench_function("byzantine_detection_50_contributors", |b| {
b.iter(|| {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2)
.with_byzantine_threshold(2.0);
for i in 0..48 {
agg.add_contribution(Contribution {
contributor: format!("good_{}", i),
weights: vec![1.0; 50],
quality_weight: 0.9,
trajectory_count: 100,
});
}
// Add 2 outliers
agg.add_contribution(Contribution {
contributor: "evil_1".to_string(),
weights: vec![1000.0; 50],
quality_weight: 0.9,
trajectory_count: 100,
});
agg.add_contribution(Contribution {
contributor: "evil_2".to_string(),
weights: vec![-500.0; 50],
quality_weight: 0.9,
trajectory_count: 100,
});
black_box(agg.aggregate().unwrap());
});
});
group.finish();
}
fn bench_export_import(c: &mut Criterion) {
let mut group = c.benchmark_group("export_import");
group.bench_function("full_export_pipeline", |b| {
b.iter(|| {
let mut dp = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0).unwrap().with_seed(42);
let priors = TransferPriorSet {
source_domain: "/home/user/my_domain".to_string(),
entries: (0..20).map(|i| TransferPriorEntry {
bucket_id: format!("bucket_{}", i),
arm_id: format!("arm_{}", i % 4),
params: BetaParams::new(5.0 + i as f64, 3.0 + i as f64 * 0.5),
observation_count: 50 + i * 10,
}).collect(),
cost_ema: 0.85,
};
let export = ExportBuilder::new("pseudo".into(), "domain".into())
.add_priors(priors)
.add_weights((0..256).map(|i| i as f64 * 0.001).collect())
.add_string_field("note".into(), "trained on /home/user/data at 192.168.1.1".into())
.build(&mut dp)
.unwrap();
black_box(export);
});
});
group.bench_function("merge_100_priors", |b| {
let merger = ImportMerger::new();
let remote: Vec<TransferPriorEntry> = (0..100).map(|i| TransferPriorEntry {
bucket_id: format!("bucket_{}", i),
arm_id: format!("arm_{}", i % 4),
params: BetaParams::new(10.0, 5.0),
observation_count: 50,
}).collect();
b.iter(|| {
let mut local: Vec<TransferPriorEntry> = (0..50).map(|i| TransferPriorEntry {
bucket_id: format!("bucket_{}", i),
arm_id: format!("arm_{}", i % 4),
params: BetaParams::new(5.0, 3.0),
observation_count: 20,
}).collect();
merger.merge_priors(black_box(&mut local), black_box(&remote), 1);
black_box(local);
});
});
group.finish();
}
criterion_group!(benches, bench_pii_strip, bench_diff_privacy, bench_aggregation, bench_export_import);
criterion_main!(benches);

420
vendor/ruvector/crates/rvf/rvf-federation/src/aggregate.rs vendored Normal file
View File

@@ -0,0 +1,420 @@
//! Federated aggregation: FedAvg, FedProx, Byzantine-tolerant weighted averaging.
use crate::error::FederationError;
use crate::types::AggregateWeights;
/// Aggregation strategy.
#[derive(Clone, Copy, Debug, PartialEq, Eq)]
pub enum AggregationStrategy {
/// Federated Averaging (McMahan et al., 2017).
FedAvg,
/// Federated Proximal (Li et al., 2020).
FedProx { mu: u32 },
/// Simple weighted average.
WeightedAverage,
}
impl Default for AggregationStrategy {
fn default() -> Self {
Self::FedAvg
}
}
/// A single contribution to a federated averaging round.
#[derive(Clone, Debug)]
pub struct Contribution {
/// Contributor pseudonym.
pub contributor: String,
/// Weight vector (LoRA deltas).
pub weights: Vec<f64>,
/// Quality/reputation weight for this contributor.
pub quality_weight: f64,
/// Number of training trajectories behind this contribution.
pub trajectory_count: u64,
}
/// Federated aggregation server.
pub struct FederatedAggregator {
/// Aggregation strategy.
strategy: AggregationStrategy,
/// Domain identifier.
domain_id: String,
/// Current round number.
round: u64,
/// Minimum contributions required for a round.
min_contributions: usize,
/// Standard deviation threshold for Byzantine outlier detection.
byzantine_std_threshold: f64,
/// Collected contributions for the current round.
contributions: Vec<Contribution>,
}
impl FederatedAggregator {
/// Create a new aggregator.
pub fn new(domain_id: String, strategy: AggregationStrategy) -> Self {
Self {
strategy,
domain_id,
round: 0,
min_contributions: 2,
byzantine_std_threshold: 2.0,
contributions: Vec::new(),
}
}
/// Set minimum contributions required.
pub fn with_min_contributions(mut self, min: usize) -> Self {
self.min_contributions = min;
self
}
/// Set Byzantine outlier threshold (in standard deviations).
pub fn with_byzantine_threshold(mut self, threshold: f64) -> Self {
self.byzantine_std_threshold = threshold;
self
}
/// Add a contribution for the current round.
pub fn add_contribution(&mut self, contribution: Contribution) {
self.contributions.push(contribution);
}
/// Number of contributions collected so far.
pub fn contribution_count(&self) -> usize {
self.contributions.len()
}
/// Current round number.
pub fn round(&self) -> u64 {
self.round
}
/// Check if we have enough contributions to aggregate.
pub fn ready(&self) -> bool {
self.contributions.len() >= self.min_contributions
}
/// Detect and remove Byzantine outliers.
///
/// Returns the number of outliers removed.
fn remove_byzantine_outliers(&mut self) -> u32 {
if self.contributions.len() < 3 {
return 0; // Need at least 3 for meaningful outlier detection
}
let dim = self.contributions[0].weights.len();
if dim == 0 || !self.contributions.iter().all(|c| c.weights.len() == dim) {
return 0;
}
// Compute mean and std of L2 norms
let norms: Vec<f64> = self.contributions.iter()
.map(|c| c.weights.iter().map(|w| w * w).sum::<f64>().sqrt())
.collect();
let mean_norm = norms.iter().sum::<f64>() / norms.len() as f64;
let variance = norms.iter().map(|n| (n - mean_norm).powi(2)).sum::<f64>() / norms.len() as f64;
let std_dev = variance.sqrt();
if std_dev < 1e-10 {
return 0;
}
let original_count = self.contributions.len();
let threshold = self.byzantine_std_threshold;
self.contributions.retain(|c| {
let norm = c.weights.iter().map(|w| w * w).sum::<f64>().sqrt();
((norm - mean_norm) / std_dev).abs() <= threshold
});
(original_count - self.contributions.len()) as u32
}
/// Aggregate contributions and produce an `AggregateWeights` segment.
pub fn aggregate(&mut self) -> Result<AggregateWeights, FederationError> {
if self.contributions.len() < self.min_contributions {
return Err(FederationError::InsufficientContributions {
min: self.min_contributions,
got: self.contributions.len(),
});
}
// Byzantine outlier removal
let outliers_removed = self.remove_byzantine_outliers();
if self.contributions.is_empty() {
return Err(FederationError::InsufficientContributions {
min: self.min_contributions,
got: 0,
});
}
let dim = self.contributions[0].weights.len();
let result = match self.strategy {
AggregationStrategy::FedAvg => self.fedavg(dim),
AggregationStrategy::FedProx { mu } => self.fedprox(dim, mu as f64 / 100.0),
AggregationStrategy::WeightedAverage => self.weighted_avg(dim),
};
self.round += 1;
let participation_count = self.contributions.len() as u32;
// Compute loss stats
let losses: Vec<f64> = self.contributions.iter()
.map(|c| {
// Use inverse quality as a proxy for loss
1.0 - c.quality_weight.clamp(0.0, 1.0)
})
.collect();
let mean_loss = losses.iter().sum::<f64>() / losses.len() as f64;
let loss_variance = losses.iter().map(|l| (l - mean_loss).powi(2)).sum::<f64>() / losses.len() as f64;
self.contributions.clear();
Ok(AggregateWeights {
round: self.round,
participation_count,
lora_deltas: result.0,
confidences: result.1,
mean_loss,
loss_variance,
domain_id: self.domain_id.clone(),
byzantine_filtered: outliers_removed > 0,
outliers_removed,
})
}
/// FedAvg: weighted average by trajectory count.
fn fedavg(&self, dim: usize) -> (Vec<f64>, Vec<f64>) {
let total_trajectories: f64 = self.contributions.iter()
.map(|c| c.trajectory_count as f64)
.sum();
let mut avg = vec![0.0f64; dim];
let mut confidences = vec![0.0f64; dim];
if total_trajectories <= 0.0 {
return (avg, confidences);
}
for c in &self.contributions {
let w = c.trajectory_count as f64 / total_trajectories;
for (i, val) in c.weights.iter().enumerate() {
if i < dim {
avg[i] += w * val;
}
}
}
// Confidence = inverse of variance across contributions per dimension
for i in 0..dim {
let mean = avg[i];
let var: f64 = self.contributions.iter()
.map(|c| {
let v = if i < c.weights.len() { c.weights[i] } else { 0.0 };
(v - mean).powi(2)
})
.sum::<f64>() / self.contributions.len() as f64;
confidences[i] = 1.0 / (1.0 + var);
}
(avg, confidences)
}
/// FedProx: weighted average with proximal term.
fn fedprox(&self, dim: usize, mu: f64) -> (Vec<f64>, Vec<f64>) {
let (mut avg, confidences) = self.fedavg(dim);
// Apply proximal regularization: pull toward zero (global model)
for val in &mut avg {
*val *= 1.0 / (1.0 + mu);
}
(avg, confidences)
}
/// Weighted average by quality_weight.
fn weighted_avg(&self, dim: usize) -> (Vec<f64>, Vec<f64>) {
let total_weight: f64 = self.contributions.iter().map(|c| c.quality_weight).sum();
let mut avg = vec![0.0f64; dim];
let mut confidences = vec![0.0f64; dim];
if total_weight <= 0.0 {
return (avg, confidences);
}
for c in &self.contributions {
let w = c.quality_weight / total_weight;
for (i, val) in c.weights.iter().enumerate() {
if i < dim {
avg[i] += w * val;
}
}
}
for i in 0..dim {
let mean = avg[i];
let var: f64 = self.contributions.iter()
.map(|c| {
let v = if i < c.weights.len() { c.weights[i] } else { 0.0 };
(v - mean).powi(2)
})
.sum::<f64>() / self.contributions.len() as f64;
confidences[i] = 1.0 / (1.0 + var);
}
(avg, confidences)
}
}
#[cfg(test)]
mod tests {
use super::*;
fn make_contribution(name: &str, weights: Vec<f64>, quality: f64, trajectories: u64) -> Contribution {
Contribution {
contributor: name.to_string(),
weights,
quality_weight: quality,
trajectory_count: trajectories,
}
}
#[test]
fn fedavg_two_equal_contributions() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
agg.add_contribution(make_contribution("a", vec![1.0, 2.0, 3.0], 1.0, 100));
agg.add_contribution(make_contribution("b", vec![3.0, 4.0, 5.0], 1.0, 100));
let result = agg.aggregate().unwrap();
assert_eq!(result.round, 1);
assert_eq!(result.participation_count, 2);
assert!((result.lora_deltas[0] - 2.0).abs() < 1e-10);
assert!((result.lora_deltas[1] - 3.0).abs() < 1e-10);
assert!((result.lora_deltas[2] - 4.0).abs() < 1e-10);
}
#[test]
fn fedavg_weighted_by_trajectories() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
// A has 3x more trajectories, so A's values should dominate
agg.add_contribution(make_contribution("a", vec![10.0], 1.0, 300));
agg.add_contribution(make_contribution("b", vec![0.0], 1.0, 100));
let result = agg.aggregate().unwrap();
// (300*10 + 100*0) / 400 = 7.5
assert!((result.lora_deltas[0] - 7.5).abs() < 1e-10);
}
#[test]
fn fedprox_shrinks_toward_zero() {
let mut agg_avg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
agg_avg.add_contribution(make_contribution("a", vec![10.0], 1.0, 100));
agg_avg.add_contribution(make_contribution("b", vec![10.0], 1.0, 100));
let avg_result = agg_avg.aggregate().unwrap();
let mut agg_prox = FederatedAggregator::new("test".into(), AggregationStrategy::FedProx { mu: 50 })
.with_min_contributions(2);
agg_prox.add_contribution(make_contribution("a", vec![10.0], 1.0, 100));
agg_prox.add_contribution(make_contribution("b", vec![10.0], 1.0, 100));
let prox_result = agg_prox.aggregate().unwrap();
// FedProx should produce smaller values due to proximal regularization
assert!(prox_result.lora_deltas[0] < avg_result.lora_deltas[0]);
}
#[test]
fn byzantine_outlier_removal() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2)
.with_byzantine_threshold(2.0);
// Need enough good contributions so the outlier's z-score exceeds 2.0.
// With k good + 1 evil, the evil z-score grows with sqrt(k).
agg.add_contribution(make_contribution("good1", vec![1.0, 1.0], 1.0, 100));
agg.add_contribution(make_contribution("good2", vec![1.1, 0.9], 1.0, 100));
agg.add_contribution(make_contribution("good3", vec![0.9, 1.1], 1.0, 100));
agg.add_contribution(make_contribution("good4", vec![1.0, 1.0], 1.0, 100));
agg.add_contribution(make_contribution("good5", vec![1.0, 1.0], 1.0, 100));
agg.add_contribution(make_contribution("good6", vec![1.0, 1.0], 1.0, 100));
agg.add_contribution(make_contribution("evil", vec![100.0, 100.0], 1.0, 100)); // outlier
let result = agg.aggregate().unwrap();
assert!(result.byzantine_filtered);
assert!(result.outliers_removed >= 1);
// Result should be close to 1.0, not pulled toward 100
assert!(result.lora_deltas[0] < 5.0);
}
#[test]
fn insufficient_contributions_error() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(3);
agg.add_contribution(make_contribution("a", vec![1.0], 1.0, 100));
let result = agg.aggregate();
assert!(result.is_err());
}
#[test]
fn weighted_average_strategy() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::WeightedAverage)
.with_min_contributions(2);
agg.add_contribution(make_contribution("a", vec![10.0], 0.9, 10));
agg.add_contribution(make_contribution("b", vec![0.0], 0.1, 10));
let result = agg.aggregate().unwrap();
// (0.9*10 + 0.1*0) / 1.0 = 9.0
assert!((result.lora_deltas[0] - 9.0).abs() < 1e-10);
}
#[test]
fn round_increments() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
agg.add_contribution(make_contribution("a", vec![1.0], 1.0, 100));
agg.add_contribution(make_contribution("b", vec![2.0], 1.0, 100));
let r1 = agg.aggregate().unwrap();
assert_eq!(r1.round, 1);
agg.add_contribution(make_contribution("a", vec![3.0], 1.0, 100));
agg.add_contribution(make_contribution("b", vec![4.0], 1.0, 100));
let r2 = agg.aggregate().unwrap();
assert_eq!(r2.round, 2);
}
#[test]
fn confidences_high_when_agreement() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
agg.add_contribution(make_contribution("a", vec![1.0], 1.0, 100));
agg.add_contribution(make_contribution("b", vec![1.0], 1.0, 100));
let result = agg.aggregate().unwrap();
// When all agree, variance = 0, confidence = 1/(1+0) = 1.0
assert!((result.confidences[0] - 1.0).abs() < 1e-10);
}
#[test]
fn confidences_lower_when_disagreement() {
let mut agg = FederatedAggregator::new("test".into(), AggregationStrategy::FedAvg)
.with_min_contributions(2);
agg.add_contribution(make_contribution("a", vec![0.0], 1.0, 100));
agg.add_contribution(make_contribution("b", vec![10.0], 1.0, 100));
let result = agg.aggregate().unwrap();
// When disagreement, confidence < 1.0
assert!(result.confidences[0] < 1.0);
}
}

416
vendor/ruvector/crates/rvf/rvf-federation/src/diff_privacy.rs vendored Normal file
View File

@@ -0,0 +1,416 @@
//! Differential privacy primitives for federated learning.
//!
//! Provides calibrated noise injection, gradient clipping, and a Renyi
//! Differential Privacy (RDP) accountant for tracking cumulative privacy loss.
use rand::rngs::StdRng;
use rand::{Rng, SeedableRng};
use rand_distr::{Distribution, Normal};
use crate::error::FederationError;
use crate::types::{DiffPrivacyProof, NoiseMechanism};
/// Differential privacy engine for adding calibrated noise.
pub struct DiffPrivacyEngine {
/// Target epsilon (privacy loss bound).
epsilon: f64,
/// Target delta (probability of exceeding epsilon).
delta: f64,
/// L2 sensitivity bound.
sensitivity: f64,
/// Gradient clipping norm.
clipping_norm: f64,
/// Noise mechanism.
mechanism: NoiseMechanism,
/// Random number generator.
rng: StdRng,
}
impl DiffPrivacyEngine {
/// Create a new DP engine with Gaussian mechanism.
///
/// Default: epsilon=1.0, delta=1e-5 (strong privacy).
pub fn gaussian(
epsilon: f64,
delta: f64,
sensitivity: f64,
clipping_norm: f64,
) -> Result<Self, FederationError> {
if epsilon <= 0.0 {
return Err(FederationError::InvalidEpsilon(epsilon));
}
if delta <= 0.0 || delta >= 1.0 {
return Err(FederationError::InvalidDelta(delta));
}
Ok(Self {
epsilon,
delta,
sensitivity,
clipping_norm,
mechanism: NoiseMechanism::Gaussian,
rng: StdRng::from_rng(rand::thread_rng()).unwrap(),
})
}
/// Create a new DP engine with Laplace mechanism.
pub fn laplace(
epsilon: f64,
sensitivity: f64,
clipping_norm: f64,
) -> Result<Self, FederationError> {
if epsilon <= 0.0 {
return Err(FederationError::InvalidEpsilon(epsilon));
}
Ok(Self {
epsilon,
delta: 0.0,
sensitivity,
clipping_norm,
mechanism: NoiseMechanism::Laplace,
rng: StdRng::from_rng(rand::thread_rng()).unwrap(),
})
}
/// Create with a deterministic seed (for testing).
pub fn with_seed(mut self, seed: u64) -> Self {
self.rng = StdRng::seed_from_u64(seed);
self
}
/// Compute the Gaussian noise standard deviation (sigma).
fn gaussian_sigma(&self) -> f64 {
self.sensitivity * (2.0_f64 * (1.25_f64 / self.delta).ln()).sqrt() / self.epsilon
}
/// Compute the Laplace noise scale (b).
fn laplace_scale(&self) -> f64 {
self.sensitivity / self.epsilon
}
/// Clip a gradient vector to the configured L2 norm bound.
pub fn clip_gradients(&self, gradients: &mut [f64]) {
let norm: f64 = gradients.iter().map(|x| x * x).sum::<f64>().sqrt();
if norm > self.clipping_norm {
let scale = self.clipping_norm / norm;
for g in gradients.iter_mut() {
*g *= scale;
}
}
}
/// Add calibrated noise to a vector of parameters.
///
/// Clips gradients first, then adds noise per the configured mechanism.
pub fn add_noise(&mut self, params: &mut [f64]) -> DiffPrivacyProof {
self.clip_gradients(params);
match self.mechanism {
NoiseMechanism::Gaussian => {
let sigma = self.gaussian_sigma();
let normal = Normal::new(0.0, sigma).unwrap();
for p in params.iter_mut() {
*p += normal.sample(&mut self.rng);
}
DiffPrivacyProof {
epsilon: self.epsilon,
delta: self.delta,
mechanism: NoiseMechanism::Gaussian,
sensitivity: self.sensitivity,
clipping_norm: self.clipping_norm,
noise_scale: sigma,
noised_parameter_count: params.len() as u64,
}
}
NoiseMechanism::Laplace => {
let b = self.laplace_scale();
for p in params.iter_mut() {
// Laplace noise via inverse CDF: b * sign(u-0.5) * ln(1 - 2|u-0.5|)
let u: f64 = self.rng.gen::<f64>() - 0.5;
let noise = -b * u.signum() * (1.0 - 2.0 * u.abs()).ln();
*p += noise;
}
DiffPrivacyProof {
epsilon: self.epsilon,
delta: 0.0,
mechanism: NoiseMechanism::Laplace,
sensitivity: self.sensitivity,
clipping_norm: self.clipping_norm,
noise_scale: b,
noised_parameter_count: params.len() as u64,
}
}
}
}
/// Add noise to a single scalar value.
pub fn add_noise_scalar(&mut self, value: &mut f64) -> f64 {
let mut v = [*value];
self.add_noise(&mut v);
*value = v[0];
v[0]
}
/// Current epsilon setting.
pub fn epsilon(&self) -> f64 {
self.epsilon
}
/// Current delta setting.
pub fn delta(&self) -> f64 {
self.delta
}
}
// -- Privacy Accountant (RDP) ------------------------------------------------
/// Renyi Differential Privacy (RDP) accountant for tracking cumulative privacy loss.
///
/// Tracks privacy budget across multiple export rounds using RDP composition,
/// which provides tighter bounds than naive (epsilon, delta)-DP composition.
pub struct PrivacyAccountant {
/// Maximum allowed cumulative epsilon.
epsilon_limit: f64,
/// Target delta for conversion from RDP to (epsilon, delta)-DP.
target_delta: f64,
/// Accumulated RDP values at various alpha orders.
/// Each entry: (alpha_order, accumulated_rdp_epsilon)
rdp_alphas: Vec<(f64, f64)>,
/// History of exports: (timestamp, epsilon_spent, mechanism).
history: Vec<ExportRecord>,
}
/// Record of a single privacy-consuming export.
#[derive(Clone, Debug)]
pub struct ExportRecord {
/// UNIX timestamp of the export.
pub timestamp_s: u64,
/// Epsilon consumed by this export.
pub epsilon: f64,
/// Delta for this export (0 for pure epsilon-DP).
pub delta: f64,
/// Mechanism used.
pub mechanism: NoiseMechanism,
/// Number of parameters.
pub parameter_count: u64,
}
impl PrivacyAccountant {
/// Create a new accountant with the given budget.
pub fn new(epsilon_limit: f64, target_delta: f64) -> Self {
// Standard RDP alpha orders for accounting
let alphas: Vec<f64> = vec![
1.5, 1.75, 2.0, 2.5, 3.0, 4.0, 5.0, 6.0, 8.0, 16.0, 32.0, 64.0, 128.0, 256.0, 512.0,
1024.0,
];
let rdp_alphas = alphas.into_iter().map(|a| (a, 0.0)).collect();
Self {
epsilon_limit,
target_delta,
rdp_alphas,
history: Vec::new(),
}
}
/// Compute RDP epsilon for the Gaussian mechanism at a given alpha order.
fn gaussian_rdp(alpha: f64, sigma: f64) -> f64 {
alpha / (2.0 * sigma * sigma)
}
/// Convert RDP to (epsilon, delta)-DP for a given alpha order.
fn rdp_to_dp(alpha: f64, rdp_epsilon: f64, delta: f64) -> f64 {
rdp_epsilon - (delta.ln()) / (alpha - 1.0)
}
/// Record a Gaussian mechanism query.
pub fn record_gaussian(&mut self, sigma: f64, epsilon: f64, delta: f64, parameter_count: u64) {
// Accumulate RDP at each alpha order
for (alpha, rdp_eps) in &mut self.rdp_alphas {
*rdp_eps += Self::gaussian_rdp(*alpha, sigma);
}
self.history.push(ExportRecord {
timestamp_s: 0,
epsilon,
delta,
mechanism: NoiseMechanism::Gaussian,
parameter_count,
});
}
/// Record a Laplace mechanism query.
pub fn record_laplace(&mut self, epsilon: f64, parameter_count: u64) {
// For Laplace, RDP epsilon at order alpha is: alpha * eps / (alpha - 1)
// when alpha > 1
for (alpha, rdp_eps) in &mut self.rdp_alphas {
if *alpha > 1.0 {
*rdp_eps += *alpha * epsilon / (*alpha - 1.0);
}
}
self.history.push(ExportRecord {
timestamp_s: 0,
epsilon,
delta: 0.0,
mechanism: NoiseMechanism::Laplace,
parameter_count,
});
}
/// Get the current best (tightest) epsilon estimate.
pub fn current_epsilon(&self) -> f64 {
self.rdp_alphas
.iter()
.map(|(alpha, rdp_eps)| Self::rdp_to_dp(*alpha, *rdp_eps, self.target_delta))
.fold(f64::INFINITY, f64::min)
}
/// Remaining privacy budget.
pub fn remaining_budget(&self) -> f64 {
(self.epsilon_limit - self.current_epsilon()).max(0.0)
}
/// Check if we can afford another export with the given epsilon.
pub fn can_afford(&self, additional_epsilon: f64) -> bool {
self.current_epsilon() + additional_epsilon <= self.epsilon_limit
}
/// Check if budget is exhausted.
pub fn is_exhausted(&self) -> bool {
self.current_epsilon() >= self.epsilon_limit
}
/// Fraction of budget consumed (0.0 to 1.0+).
pub fn budget_fraction_used(&self) -> f64 {
self.current_epsilon() / self.epsilon_limit
}
/// Number of exports recorded.
pub fn export_count(&self) -> usize {
self.history.len()
}
/// Export history.
pub fn history(&self) -> &[ExportRecord] {
&self.history
}
/// Epsilon limit.
pub fn epsilon_limit(&self) -> f64 {
self.epsilon_limit
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn gaussian_engine_creates() {
let engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 1.0);
assert!(engine.is_ok());
}
#[test]
fn invalid_epsilon_rejected() {
let engine = DiffPrivacyEngine::gaussian(0.0, 1e-5, 1.0, 1.0);
assert!(engine.is_err());
let engine = DiffPrivacyEngine::gaussian(-1.0, 1e-5, 1.0, 1.0);
assert!(engine.is_err());
}
#[test]
fn invalid_delta_rejected() {
let engine = DiffPrivacyEngine::gaussian(1.0, 0.0, 1.0, 1.0);
assert!(engine.is_err());
let engine = DiffPrivacyEngine::gaussian(1.0, 1.0, 1.0, 1.0);
assert!(engine.is_err());
}
#[test]
fn gradient_clipping() {
let engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 1.0).unwrap();
let mut grads = vec![3.0, 4.0]; // norm = 5.0
engine.clip_gradients(&mut grads);
let norm: f64 = grads.iter().map(|x| x * x).sum::<f64>().sqrt();
assert!((norm - 1.0).abs() < 1e-6); // clipped to norm 1.0
}
#[test]
fn gradient_no_clip_when_small() {
let engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0).unwrap();
let mut grads = vec![3.0, 4.0]; // norm = 5.0, clip = 10.0
engine.clip_gradients(&mut grads);
assert!((grads[0] - 3.0).abs() < 1e-10);
assert!((grads[1] - 4.0).abs() < 1e-10);
}
#[test]
fn add_noise_gaussian_deterministic() {
let mut engine = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 100.0)
.unwrap()
.with_seed(42);
let mut params = vec![1.0, 2.0, 3.0];
let original = params.clone();
let proof = engine.add_noise(&mut params);
assert_eq!(proof.mechanism, NoiseMechanism::Gaussian);
assert_eq!(proof.noised_parameter_count, 3);
// Params should be different from original (noise added)
assert!(params
.iter()
.zip(original.iter())
.any(|(a, b)| (a - b).abs() > 1e-10));
}
#[test]
fn add_noise_laplace_deterministic() {
let mut engine = DiffPrivacyEngine::laplace(1.0, 1.0, 100.0)
.unwrap()
.with_seed(42);
let mut params = vec![1.0, 2.0, 3.0];
let proof = engine.add_noise(&mut params);
assert_eq!(proof.mechanism, NoiseMechanism::Laplace);
assert_eq!(proof.noised_parameter_count, 3);
}
#[test]
fn privacy_accountant_initial_state() {
let acc = PrivacyAccountant::new(10.0, 1e-5);
assert_eq!(acc.export_count(), 0);
assert!(!acc.is_exhausted());
assert!(acc.can_afford(1.0));
assert!(acc.remaining_budget() > 9.9);
}
#[test]
fn privacy_accountant_tracks_gaussian() {
let mut acc = PrivacyAccountant::new(10.0, 1e-5);
// sigma=1.0 with epsilon=1.0 per query
acc.record_gaussian(1.0, 1.0, 1e-5, 100);
assert_eq!(acc.export_count(), 1);
let eps = acc.current_epsilon();
assert!(eps > 0.0);
assert!(eps < 10.0);
}
#[test]
fn privacy_accountant_composition() {
let mut acc = PrivacyAccountant::new(10.0, 1e-5);
let eps_after_1 = {
acc.record_gaussian(1.0, 1.0, 1e-5, 100);
acc.current_epsilon()
};
acc.record_gaussian(1.0, 1.0, 1e-5, 100);
let eps_after_2 = acc.current_epsilon();
// After 2 queries, epsilon should be larger
assert!(eps_after_2 > eps_after_1);
}
#[test]
fn privacy_accountant_exhaustion() {
let mut acc = PrivacyAccountant::new(1.0, 1e-5);
// Use a very small sigma to burn budget fast
for _ in 0..100 {
acc.record_gaussian(0.1, 10.0, 1e-5, 10);
}
assert!(acc.is_exhausted());
assert!(!acc.can_afford(0.1));
}
}

52
vendor/ruvector/crates/rvf/rvf-federation/src/error.rs vendored Normal file
View File

@@ -0,0 +1,52 @@
//! Federation error types.
use thiserror::Error;
/// Errors that can occur during federation operations.
#[derive(Debug, Error)]
pub enum FederationError {
#[error("privacy budget exhausted: spent {spent:.4}, limit {limit:.4}")]
PrivacyBudgetExhausted { spent: f64, limit: f64 },
#[error("invalid epsilon value: {0} (must be > 0)")]
InvalidEpsilon(f64),
#[error("invalid delta value: {0} (must be in (0, 1))")]
InvalidDelta(f64),
#[error("segment validation failed: {0}")]
SegmentValidation(String),
#[error("version mismatch: expected {expected}, got {got}")]
VersionMismatch { expected: u32, got: u32 },
#[error("signature verification failed")]
SignatureVerification,
#[error("witness chain broken at index {0}")]
WitnessChainBroken(usize),
#[error("insufficient observations: need {needed}, have {have}")]
InsufficientObservations { needed: u64, have: u64 },
#[error("quality below threshold: {score:.4} < {threshold:.4}")]
QualityBelowThreshold { score: f64, threshold: f64 },
#[error("export rate limited: next export allowed at {next_allowed_epoch_s}")]
RateLimited { next_allowed_epoch_s: u64 },
#[error("PII detected after stripping: {field}")]
PiiLeakDetected { field: String },
#[error("Byzantine outlier detected from contributor {contributor}")]
ByzantineOutlier { contributor: String },
#[error("aggregation requires at least {min} contributions, got {got}")]
InsufficientContributions { min: usize, got: usize },
#[error("serialization error: {0}")]
Serialization(String),
#[error("io error: {0}")]
Io(String),
}

477
vendor/ruvector/crates/rvf/rvf-federation/src/federation.rs vendored Normal file
View File

@@ -0,0 +1,477 @@
//! Federation protocol: export builder, import merger, version-aware conflict resolution.
use crate::diff_privacy::DiffPrivacyEngine;
use crate::error::FederationError;
use crate::pii_strip::PiiStripper;
use crate::policy::FederationPolicy;
use crate::types::*;
/// Builder for constructing a federated learning export.
///
/// Follows the export flow from ADR-057:
/// 1. Extract learning (priors, kernels, cost curves, weights)
/// 2. PII-strip all payloads
/// 3. Add differential privacy noise
/// 4. Assemble manifest + attestation segments
pub struct ExportBuilder {
contributor_pseudonym: String,
domain_id: String,
priors: Vec<TransferPriorSet>,
kernels: Vec<PolicyKernelSnapshot>,
cost_curves: Vec<CostCurveSnapshot>,
weights: Vec<Vec<f64>>,
policy: FederationPolicy,
string_fields: Vec<(String, String)>,
}
/// A completed federated export ready for publishing.
#[derive(Clone, Debug)]
pub struct FederatedExport {
/// The manifest describing this export.
pub manifest: FederatedManifest,
/// PII redaction attestation.
pub redaction_log: RedactionLog,
/// Differential privacy attestation.
pub privacy_proof: DiffPrivacyProof,
/// Transfer priors (after PII stripping and DP noise).
pub priors: Vec<TransferPriorSet>,
/// Policy kernel snapshots.
pub kernels: Vec<PolicyKernelSnapshot>,
/// Cost curve snapshots.
pub cost_curves: Vec<CostCurveSnapshot>,
/// Noised aggregate weights (if any).
pub weights: Vec<Vec<f64>>,
}
impl ExportBuilder {
/// Create a new export builder.
pub fn new(contributor_pseudonym: String, domain_id: String) -> Self {
Self {
contributor_pseudonym,
domain_id,
priors: Vec::new(),
kernels: Vec::new(),
cost_curves: Vec::new(),
weights: Vec::new(),
policy: FederationPolicy::default(),
string_fields: Vec::new(),
}
}
/// Set the federation policy.
pub fn with_policy(mut self, policy: FederationPolicy) -> Self {
self.policy = policy;
self
}
/// Add transfer priors from a trained domain.
pub fn add_priors(mut self, priors: TransferPriorSet) -> Self {
self.priors.push(priors);
self
}
/// Add a policy kernel snapshot.
pub fn add_kernel(mut self, kernel: PolicyKernelSnapshot) -> Self {
self.kernels.push(kernel);
self
}
/// Add a cost curve snapshot.
pub fn add_cost_curve(mut self, curve: CostCurveSnapshot) -> Self {
self.cost_curves.push(curve);
self
}
/// Add raw weight vectors (LoRA deltas).
pub fn add_weights(mut self, weights: Vec<f64>) -> Self {
self.weights.push(weights);
self
}
/// Add a named string field for PII scanning.
pub fn add_string_field(mut self, name: String, value: String) -> Self {
self.string_fields.push((name, value));
self
}
/// Build the export: PII-strip, add DP noise, assemble manifest.
pub fn build(mut self, dp_engine: &mut DiffPrivacyEngine) -> Result<FederatedExport, FederationError> {
// 1. Apply quality gate from policy
self.priors.retain(|ps| {
ps.entries.iter().all(|e| e.observation_count >= self.policy.min_observations)
});
// 2. PII stripping
let mut stripper = PiiStripper::new();
let field_refs: Vec<(&str, &str)> = self.string_fields
.iter()
.map(|(n, v)| (n.as_str(), v.as_str()))
.collect();
let (_redacted_fields, redaction_log) = stripper.strip_fields(&field_refs);
// Strip PII from domain IDs and bucket IDs in priors
for ps in &mut self.priors {
ps.source_domain = stripper.strip_value(&ps.source_domain);
for entry in &mut ps.entries {
entry.bucket_id = stripper.strip_value(&entry.bucket_id);
}
}
// Strip PII from cost curve domain IDs
for curve in &mut self.cost_curves {
curve.domain_id = stripper.strip_value(&curve.domain_id);
}
// 3. Add differential privacy noise to numerical parameters
// Noise the Beta posteriors
let mut noised_count: u64 = 0;
for ps in &mut self.priors {
for entry in &mut ps.entries {
let mut params = [entry.params.alpha, entry.params.beta];
dp_engine.add_noise(&mut params);
entry.params.alpha = params[0].max(0.01); // Keep positive
entry.params.beta = params[1].max(0.01);
noised_count += 2;
}
}
// Noise the weight vectors
for w in &mut self.weights {
dp_engine.add_noise(w);
noised_count += w.len() as u64;
}
// Noise kernel knobs
for kernel in &mut self.kernels {
dp_engine.add_noise(&mut kernel.knobs);
noised_count += kernel.knobs.len() as u64;
}
// Noise cost curve values
for curve in &mut self.cost_curves {
let mut costs: Vec<f64> = curve.points.iter().map(|(_, c)| *c).collect();
dp_engine.add_noise(&mut costs);
for (i, (_, c)) in curve.points.iter_mut().enumerate() {
*c = costs[i];
}
noised_count += costs.len() as u64;
}
let privacy_proof = DiffPrivacyProof {
epsilon: dp_engine.epsilon(),
delta: dp_engine.delta(),
mechanism: NoiseMechanism::Gaussian,
sensitivity: 1.0,
clipping_norm: 1.0,
noise_scale: 0.0,
noised_parameter_count: noised_count,
};
// 4. Build manifest
let total_trajectories: u64 = self.priors.iter()
.flat_map(|ps| ps.entries.iter())
.map(|e| e.observation_count)
.sum();
let avg_quality = if !self.priors.is_empty() {
self.priors.iter()
.flat_map(|ps| ps.entries.iter())
.map(|e| e.params.mean())
.sum::<f64>()
/ self.priors.iter().map(|ps| ps.entries.len()).sum::<usize>().max(1) as f64
} else {
0.0
};
let manifest = FederatedManifest {
format_version: 1,
contributor_pseudonym: self.contributor_pseudonym,
export_timestamp_s: 0,
included_segment_ids: Vec::new(),
privacy_budget_spent: dp_engine.epsilon(),
domain_id: self.domain_id,
rvf_version_tag: String::from("rvf-v1"),
trajectory_count: total_trajectories,
avg_quality_score: avg_quality,
};
Ok(FederatedExport {
manifest,
redaction_log,
privacy_proof,
priors: self.priors,
kernels: self.kernels,
cost_curves: self.cost_curves,
weights: self.weights,
})
}
}
/// Merger for importing federated learning into local engines.
///
/// Follows the import flow from ADR-057:
/// 1. Validate signature and witness chain
/// 2. Check version compatibility
/// 3. Merge with dampened confidence
pub struct ImportMerger {
/// Current RVF version for compatibility checks.
current_version: u32,
/// Dampening factor for cross-version imports.
version_dampen_factor: f64,
}
impl ImportMerger {
/// Create a new import merger.
pub fn new() -> Self {
Self {
current_version: 1,
version_dampen_factor: 0.5,
}
}
/// Set the dampening factor for imports from different versions.
pub fn with_version_dampen(mut self, factor: f64) -> Self {
self.version_dampen_factor = factor.clamp(0.0, 1.0);
self
}
/// Validate a federated export.
pub fn validate(&self, export: &FederatedExport) -> Result<(), FederationError> {
// Check format version
if export.manifest.format_version == 0 {
return Err(FederationError::SegmentValidation(
"format_version must be > 0".into(),
));
}
// Check privacy proof has valid parameters
if export.privacy_proof.epsilon <= 0.0 {
return Err(FederationError::InvalidEpsilon(export.privacy_proof.epsilon));
}
// Check priors have positive parameters
for ps in &export.priors {
for entry in &ps.entries {
if entry.params.alpha <= 0.0 || entry.params.beta <= 0.0 {
return Err(FederationError::SegmentValidation(format!(
"invalid Beta params in bucket {}: alpha={}, beta={}",
entry.bucket_id, entry.params.alpha, entry.params.beta
)));
}
}
}
Ok(())
}
/// Merge imported priors with local priors.
///
/// Uses version-aware dampening: same version gets full weight,
/// older versions get dampened (sqrt-scaling per MetaThompsonEngine).
pub fn merge_priors(
&self,
local: &mut Vec<TransferPriorEntry>,
remote: &[TransferPriorEntry],
remote_version: u32,
) {
let dampen = if remote_version == self.current_version {
1.0
} else {
self.version_dampen_factor
};
for remote_entry in remote {
let dampened = remote_entry.params.dampen(dampen);
if let Some(local_entry) = local.iter_mut().find(|l| {
l.bucket_id == remote_entry.bucket_id && l.arm_id == remote_entry.arm_id
}) {
// Merge: sum parameters minus uniform prior
local_entry.params = local_entry.params.merge(&dampened);
local_entry.observation_count += remote_entry.observation_count;
} else {
// New entry: insert with dampened params
local.push(TransferPriorEntry {
bucket_id: remote_entry.bucket_id.clone(),
arm_id: remote_entry.arm_id.clone(),
params: dampened,
observation_count: remote_entry.observation_count,
});
}
}
}
/// Merge imported weights with local weights using weighted average.
pub fn merge_weights(
&self,
local: &mut [f64],
remote: &[f64],
local_weight: f64,
remote_weight: f64,
) {
let total = local_weight + remote_weight;
if total <= 0.0 || local.len() != remote.len() {
return;
}
for (l, r) in local.iter_mut().zip(remote.iter()) {
*l = (local_weight * *l + remote_weight * *r) / total;
}
}
}
impl Default for ImportMerger {
fn default() -> Self {
Self::new()
}
}
#[cfg(test)]
mod tests {
use super::*;
use crate::diff_privacy::DiffPrivacyEngine;
fn make_test_priors() -> TransferPriorSet {
TransferPriorSet {
source_domain: "test_domain".into(),
entries: vec![
TransferPriorEntry {
bucket_id: "medium_algorithm".into(),
arm_id: "arm_0".into(),
params: BetaParams::new(10.0, 5.0),
observation_count: 50,
},
TransferPriorEntry {
bucket_id: "hard_synthesis".into(),
arm_id: "arm_1".into(),
params: BetaParams::new(8.0, 12.0),
observation_count: 30,
},
],
cost_ema: 0.85,
}
}
#[test]
fn export_builder_basic() {
let mut dp = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0)
.unwrap()
.with_seed(42);
let export = ExportBuilder::new("alice_pseudo".into(), "code_review".into())
.add_priors(make_test_priors())
.build(&mut dp)
.unwrap();
assert_eq!(export.manifest.contributor_pseudonym, "alice_pseudo");
assert_eq!(export.manifest.domain_id, "code_review");
assert_eq!(export.manifest.format_version, 1);
assert!(!export.priors.is_empty());
}
#[test]
fn export_builder_with_weights() {
let mut dp = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0)
.unwrap()
.with_seed(42);
let weights = vec![0.1, 0.2, 0.3, 0.4];
let export = ExportBuilder::new("bob_pseudo".into(), "genomics".into())
.add_weights(weights.clone())
.build(&mut dp)
.unwrap();
assert_eq!(export.weights.len(), 1);
// Weights should be different from original (noise added)
assert!(export.weights[0].iter().zip(weights.iter()).any(|(a, b)| (a - b).abs() > 1e-10));
}
#[test]
fn import_merger_validate() {
let mut dp = DiffPrivacyEngine::gaussian(1.0, 1e-5, 1.0, 10.0)
.unwrap()
.with_seed(42);
let export = ExportBuilder::new("alice".into(), "domain".into())
.add_priors(make_test_priors())
.build(&mut dp)
.unwrap();
let merger = ImportMerger::new();
assert!(merger.validate(&export).is_ok());
}
#[test]
fn import_merger_merge_priors_same_version() {
let merger = ImportMerger::new();
let mut local = vec![TransferPriorEntry {
bucket_id: "medium_algorithm".into(),
arm_id: "arm_0".into(),
params: BetaParams::new(5.0, 3.0),
observation_count: 20,
}];
let remote = vec![TransferPriorEntry {
bucket_id: "medium_algorithm".into(),
arm_id: "arm_0".into(),
params: BetaParams::new(10.0, 5.0),
observation_count: 50,
}];
merger.merge_priors(&mut local, &remote, 1);
assert_eq!(local.len(), 1);
// Merged: alpha = 5 + 10 - 1 = 14, beta = 3 + 5 - 1 = 7
assert!((local[0].params.alpha - 14.0).abs() < 1e-10);
assert!((local[0].params.beta - 7.0).abs() < 1e-10);
assert_eq!(local[0].observation_count, 70);
}
#[test]
fn import_merger_merge_priors_different_version() {
let merger = ImportMerger::new();
let mut local = vec![TransferPriorEntry {
bucket_id: "b".into(),
arm_id: "a".into(),
params: BetaParams::new(10.0, 10.0),
observation_count: 50,
}];
let remote = vec![TransferPriorEntry {
bucket_id: "b".into(),
arm_id: "a".into(),
params: BetaParams::new(20.0, 5.0),
observation_count: 40,
}];
merger.merge_priors(&mut local, &remote, 0); // older version -> dampened
assert_eq!(local.len(), 1);
// Remote dampened by 0.5: alpha = 1 + (20-1)*0.5 = 10.5, beta = 1 + (5-1)*0.5 = 3.0
// Merged: alpha = 10 + 10.5 - 1 = 19.5, beta = 10 + 3.0 - 1 = 12.0
assert!((local[0].params.alpha - 19.5).abs() < 1e-10);
assert!((local[0].params.beta - 12.0).abs() < 1e-10);
}
#[test]
fn import_merger_merge_new_bucket() {
let merger = ImportMerger::new();
let mut local: Vec<TransferPriorEntry> = Vec::new();
let remote = vec![TransferPriorEntry {
bucket_id: "new_bucket".into(),
arm_id: "arm_0".into(),
params: BetaParams::new(10.0, 5.0),
observation_count: 30,
}];
merger.merge_priors(&mut local, &remote, 1);
assert_eq!(local.len(), 1);
assert_eq!(local[0].bucket_id, "new_bucket");
}
#[test]
fn merge_weights_weighted_average() {
let merger = ImportMerger::new();
let mut local = vec![1.0, 2.0, 3.0];
let remote = vec![3.0, 4.0, 5.0];
merger.merge_weights(&mut local, &remote, 0.5, 0.5);
assert!((local[0] - 2.0).abs() < 1e-10);
assert!((local[1] - 3.0).abs() < 1e-10);
assert!((local[2] - 4.0).abs() < 1e-10);
}
}

24
vendor/ruvector/crates/rvf/rvf-federation/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,24 @@
//! Federated RVF transfer learning.
//!
//! This crate implements the federation protocol described in ADR-057:
//! - **PII stripping**: Three-stage pipeline (detect, redact, attest)
//! - **Differential privacy**: Gaussian/Laplace noise, RDP accountant, gradient clipping
//! - **Federation protocol**: Export builder, import merger, version-aware conflict resolution
//! - **Federated aggregation**: FedAvg, FedProx, Byzantine-tolerant weighted averaging
//! - **Segment types**: FederatedManifest, DiffPrivacyProof, RedactionLog, AggregateWeights
pub mod types;
pub mod error;
pub mod pii_strip;
pub mod diff_privacy;
pub mod federation;
pub mod aggregate;
pub mod policy;
pub use types::*;
pub use error::FederationError;
pub use pii_strip::PiiStripper;
pub use diff_privacy::{DiffPrivacyEngine, PrivacyAccountant};
pub use federation::{ExportBuilder, ImportMerger};
pub use aggregate::{FederatedAggregator, AggregationStrategy};
pub use policy::FederationPolicy;

354
vendor/ruvector/crates/rvf/rvf-federation/src/pii_strip.rs vendored Normal file
View File

@@ -0,0 +1,354 @@
//! Three-stage PII stripping pipeline.
//!
//! **Stage 1 — Detection**: Scan string fields for PII patterns.
//! **Stage 2 — Redaction**: Replace PII with deterministic pseudonyms.
//! **Stage 3 — Attestation**: Generate a `RedactionLog` segment.
use std::collections::HashMap;
use regex::Regex;
use sha3::{Shake256, digest::{Update, ExtendableOutput, XofReader}};
use crate::types::{RedactionLog, RedactionEntry};
/// PII category with its detection regex and replacement template.
struct PiiRule {
category: &'static str,
rule_id: &'static str,
pattern: Regex,
prefix: &'static str,
}
/// Three-stage PII stripping pipeline.
pub struct PiiStripper {
rules: Vec<PiiRule>,
/// Custom regex rules added by the user.
custom_rules: Vec<PiiRule>,
/// Pseudonym counter per category (for deterministic replacement).
counters: HashMap<String, u32>,
/// Map from original value to pseudonym (preserves structural relationships).
pseudonym_map: HashMap<String, String>,
}
impl PiiStripper {
/// Create a new stripper with default detection rules.
pub fn new() -> Self {
let rules = vec![
PiiRule {
category: "path",
rule_id: "rule_path_unix",
pattern: Regex::new(r#"(?:/(?:home|Users|var|tmp|opt|etc)/[^\s,;:"'\]}>)]+)"#).unwrap(),
prefix: "PATH",
},
PiiRule {
category: "path",
rule_id: "rule_path_windows",
pattern: Regex::new(r#"(?i:[A-Z]:\\(?:Users|Documents|Program Files)[^\s,;:"'\]}>)]+)"#).unwrap(),
prefix: "PATH",
},
PiiRule {
category: "ip",
rule_id: "rule_ipv4",
pattern: Regex::new(r"\b(?:(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\b").unwrap(),
prefix: "IP",
},
PiiRule {
category: "ip",
rule_id: "rule_ipv6",
pattern: Regex::new(r"\b(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\b").unwrap(),
prefix: "IP",
},
PiiRule {
category: "email",
rule_id: "rule_email",
pattern: Regex::new(r"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b").unwrap(),
prefix: "EMAIL",
},
PiiRule {
category: "api_key",
rule_id: "rule_api_key_sk",
pattern: Regex::new(r"\bsk-[A-Za-z0-9]{20,}\b").unwrap(),
prefix: "REDACTED_KEY",
},
PiiRule {
category: "api_key",
rule_id: "rule_api_key_aws",
pattern: Regex::new(r"\bAKIA[A-Z0-9]{16}\b").unwrap(),
prefix: "REDACTED_KEY",
},
PiiRule {
category: "api_key",
rule_id: "rule_api_key_github",
pattern: Regex::new(r"\bghp_[A-Za-z0-9]{36}\b").unwrap(),
prefix: "REDACTED_KEY",
},
PiiRule {
category: "api_key",
rule_id: "rule_bearer_token",
pattern: Regex::new(r"\bBearer\s+[A-Za-z0-9._~+/=-]{20,}\b").unwrap(),
prefix: "REDACTED_KEY",
},
PiiRule {
category: "env_var",
rule_id: "rule_env_unix",
pattern: Regex::new(r"\$(?:HOME|USER|USERNAME|USERPROFILE|PATH|TMPDIR)\b").unwrap(),
prefix: "ENV",
},
PiiRule {
category: "env_var",
rule_id: "rule_env_windows",
pattern: Regex::new(r"%(?:HOME|USER|USERNAME|USERPROFILE|PATH|TEMP)%").unwrap(),
prefix: "ENV",
},
PiiRule {
category: "username",
rule_id: "rule_username_at",
pattern: Regex::new(r"@[A-Za-z][A-Za-z0-9_-]{2,30}\b").unwrap(),
prefix: "USER",
},
];
Self {
rules,
custom_rules: Vec::new(),
counters: HashMap::new(),
pseudonym_map: HashMap::new(),
}
}
/// Add a custom detection rule.
pub fn add_rule(&mut self, category: &'static str, rule_id: &'static str, pattern: &str, prefix: &'static str) -> Result<(), regex::Error> {
self.custom_rules.push(PiiRule {
category,
rule_id,
pattern: Regex::new(pattern)?,
prefix,
});
Ok(())
}
/// Reset the pseudonym map and counters (call between exports).
pub fn reset(&mut self) {
self.counters.clear();
self.pseudonym_map.clear();
}
/// Get or create a deterministic pseudonym for a matched value.
fn pseudonym(&mut self, original: &str, prefix: &str) -> String {
if let Some(existing) = self.pseudonym_map.get(original) {
return existing.clone();
}
let counter = self.counters.entry(prefix.to_string()).or_insert(0);
*counter += 1;
let pseudo = format!("<{}_{}>", prefix, counter);
self.pseudonym_map.insert(original.to_string(), pseudo.clone());
pseudo
}
/// Stage 1+2: Detect and redact PII in a single string.
/// Returns (redacted_string, list of (category, rule_id, count) tuples).
fn strip_string(&mut self, input: &str) -> (String, Vec<(String, String, u32)>) {
let mut result = input.to_string();
let mut detections: Vec<(String, String, u32)> = Vec::new();
let num_builtin = self.rules.len();
let num_custom = self.custom_rules.len();
for i in 0..(num_builtin + num_custom) {
let (pattern, prefix, category, rule_id) = if i < num_builtin {
let r = &self.rules[i];
(&r.pattern as &Regex, r.prefix, r.category, r.rule_id)
} else {
let r = &self.custom_rules[i - num_builtin];
(&r.pattern as &Regex, r.prefix, r.category, r.rule_id)
};
let matches: Vec<String> = pattern.find_iter(&result).map(|m| m.as_str().to_string()).collect();
if matches.is_empty() {
continue;
}
let count = matches.len() as u32;
// Build pseudonyms and perform replacements
let mut replacements: Vec<(String, String)> = Vec::new();
for m in &matches {
let pseudo = self.pseudonym(m, prefix);
replacements.push((m.clone(), pseudo));
}
for (original, pseudo) in &replacements {
result = result.replace(original.as_str(), pseudo.as_str());
}
detections.push((category.to_string(), rule_id.to_string(), count));
}
(result, detections)
}
/// Strip PII from a collection of named string fields.
///
/// Returns the redacted fields and a `RedactionLog` attestation.
pub fn strip_fields(&mut self, fields: &[(&str, &str)]) -> (Vec<(String, String)>, RedactionLog) {
// Stage 1+2: Detect and redact
let mut redacted_fields = Vec::new();
let mut all_detections: HashMap<(String, String), u32> = HashMap::new();
// Compute pre-redaction hash (Stage 3 prep)
let mut hasher = Shake256::default();
for (name, value) in fields {
hasher.update(name.as_bytes());
hasher.update(value.as_bytes());
}
let mut pre_hash = [0u8; 32];
hasher.finalize_xof().read(&mut pre_hash);
for (name, value) in fields {
let (redacted, detections) = self.strip_string(value);
redacted_fields.push((name.to_string(), redacted));
for (cat, rule, count) in detections {
*all_detections.entry((cat, rule)).or_insert(0) += count;
}
}
// Stage 3: Build attestation
let mut log = RedactionLog {
entries: Vec::new(),
pre_redaction_hash: pre_hash,
fields_scanned: fields.len() as u64,
total_redactions: 0,
timestamp_s: 0, // caller should set this
};
for ((category, rule_id), count) in &all_detections {
log.entries.push(RedactionEntry {
category: category.clone(),
count: *count,
rule_id: rule_id.clone(),
});
log.total_redactions += *count as u64;
}
(redacted_fields, log)
}
/// Strip PII from a single string value.
pub fn strip_value(&mut self, input: &str) -> String {
let (result, _) = self.strip_string(input);
result
}
/// Check if a string contains any detectable PII.
pub fn contains_pii(&self, input: &str) -> bool {
let all_rules: Vec<&PiiRule> = self.rules.iter().chain(self.custom_rules.iter()).collect();
for rule in all_rules {
if rule.pattern.is_match(input) {
return true;
}
}
false
}
/// Return the current pseudonym map (for debugging/auditing).
pub fn pseudonym_map(&self) -> &HashMap<String, String> {
&self.pseudonym_map
}
}
impl Default for PiiStripper {
fn default() -> Self {
Self::new()
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn detect_unix_paths() {
let stripper = PiiStripper::new();
assert!(stripper.contains_pii("/home/user/project/src/main.rs"));
assert!(stripper.contains_pii("/Users/alice/.ssh/id_rsa"));
}
#[test]
fn detect_ipv4() {
let stripper = PiiStripper::new();
assert!(stripper.contains_pii("connecting to 192.168.1.100:8080"));
assert!(stripper.contains_pii("server at 10.0.0.1"));
}
#[test]
fn detect_emails() {
let stripper = PiiStripper::new();
assert!(stripper.contains_pii("contact user@example.com for help"));
}
#[test]
fn detect_api_keys() {
let stripper = PiiStripper::new();
assert!(stripper.contains_pii("key: sk-abcdefghijklmnopqrstuv"));
assert!(stripper.contains_pii("aws: AKIAIOSFODNN7EXAMPLE"));
assert!(stripper.contains_pii("token: ghp_abcdefghijklmnopqrstuvwxyz0123456789"));
}
#[test]
fn detect_env_vars() {
let stripper = PiiStripper::new();
assert!(stripper.contains_pii("path is $HOME/.config"));
assert!(stripper.contains_pii("dir is %USERPROFILE%\\Desktop"));
}
#[test]
fn redact_preserves_structure() {
let mut stripper = PiiStripper::new();
let input1 = "file at /home/alice/project/a.rs";
let input2 = "also at /home/alice/project/b.rs";
let r1 = stripper.strip_value(input1);
let r2 = stripper.strip_value(input2);
// Same path prefix should get same pseudonym
assert!(r1.contains("<PATH_"));
assert!(r2.contains("<PATH_"));
assert!(!r1.contains("/home/alice"));
assert!(!r2.contains("/home/alice"));
}
#[test]
fn strip_fields_produces_redaction_log() {
let mut stripper = PiiStripper::new();
let fields = vec![
("path_field", "/home/user/data.csv"),
("ip_field", "connecting to 10.0.0.1"),
("clean_field", "no pii here"),
];
let (redacted, log) = stripper.strip_fields(&fields);
assert_eq!(redacted.len(), 3);
assert_eq!(log.fields_scanned, 3);
assert!(log.total_redactions >= 2);
assert!(log.pre_redaction_hash != [0u8; 32]);
// clean field should be unchanged
assert_eq!(redacted[2].1, "no pii here");
}
#[test]
fn no_pii_returns_clean() {
let stripper = PiiStripper::new();
assert!(!stripper.contains_pii("just a normal string"));
assert!(!stripper.contains_pii("alpha = 10.5, beta = 3.2"));
}
#[test]
fn reset_clears_state() {
let mut stripper = PiiStripper::new();
stripper.strip_value("/home/user/test");
assert!(!stripper.pseudonym_map().is_empty());
stripper.reset();
assert!(stripper.pseudonym_map().is_empty());
}
#[test]
fn custom_rule() {
let mut stripper = PiiStripper::new();
stripper.add_rule("ssn", "rule_ssn", r"\b\d{3}-\d{2}-\d{4}\b", "SSN").unwrap();
assert!(stripper.contains_pii("ssn: 123-45-6789"));
let redacted = stripper.strip_value("ssn: 123-45-6789");
assert!(redacted.contains("<SSN_"));
assert!(!redacted.contains("123-45-6789"));
}
}

193
vendor/ruvector/crates/rvf/rvf-federation/src/policy.rs vendored Normal file
View File

@@ -0,0 +1,193 @@
//! Federation policy for selective sharing.
//!
//! Controls what learning is exported, quality gates, rate limits,
//! and privacy budget constraints.
use std::collections::HashSet;
/// Controls what a user shares in federated exports.
#[derive(Clone, Debug)]
pub struct FederationPolicy {
/// Segment types allowed for export (empty = all allowed).
pub allowed_segments: HashSet<u8>,
/// Segment types explicitly denied for export.
pub denied_segments: HashSet<u8>,
/// Domain IDs allowed for export (empty = all allowed).
pub allowed_domains: HashSet<String>,
/// Domain IDs denied for export.
pub denied_domains: HashSet<String>,
/// Minimum quality score for exported trajectories (0.0 - 1.0).
pub quality_threshold: f64,
/// Minimum observations per prior entry for export.
pub min_observations: u64,
/// Maximum exports per hour.
pub max_exports_per_hour: u32,
/// Maximum cumulative privacy budget (epsilon).
pub privacy_budget_limit: f64,
/// Whether to include policy kernel snapshots.
pub export_kernels: bool,
/// Whether to include cost curve data.
pub export_cost_curves: bool,
}
impl Default for FederationPolicy {
fn default() -> Self {
Self {
allowed_segments: HashSet::new(),
denied_segments: HashSet::new(),
allowed_domains: HashSet::new(),
denied_domains: HashSet::new(),
quality_threshold: 0.5,
min_observations: 12,
max_exports_per_hour: 100,
privacy_budget_limit: 10.0,
export_kernels: true,
export_cost_curves: true,
}
}
}
impl FederationPolicy {
/// Create a restrictive policy (deny all by default).
pub fn restrictive() -> Self {
Self {
quality_threshold: 0.8,
min_observations: 50,
max_exports_per_hour: 10,
privacy_budget_limit: 5.0,
export_kernels: false,
export_cost_curves: false,
..Default::default()
}
}
/// Create a permissive policy (share everything).
pub fn permissive() -> Self {
Self {
quality_threshold: 0.0,
min_observations: 1,
max_exports_per_hour: 1000,
privacy_budget_limit: 100.0,
export_kernels: true,
export_cost_curves: true,
..Default::default()
}
}
/// Check if a segment type is allowed for export.
pub fn is_segment_allowed(&self, seg_type: u8) -> bool {
if self.denied_segments.contains(&seg_type) {
return false;
}
if self.allowed_segments.is_empty() {
return true;
}
self.allowed_segments.contains(&seg_type)
}
/// Check if a domain is allowed for export.
pub fn is_domain_allowed(&self, domain_id: &str) -> bool {
if self.denied_domains.contains(domain_id) {
return false;
}
if self.allowed_domains.is_empty() {
return true;
}
self.allowed_domains.contains(domain_id)
}
/// Allow a specific segment type.
pub fn allow_segment(mut self, seg_type: u8) -> Self {
self.allowed_segments.insert(seg_type);
self
}
/// Deny a specific segment type.
pub fn deny_segment(mut self, seg_type: u8) -> Self {
self.denied_segments.insert(seg_type);
self
}
/// Allow a specific domain.
pub fn allow_domain(mut self, domain_id: &str) -> Self {
self.allowed_domains.insert(domain_id.to_string());
self
}
/// Deny a specific domain.
pub fn deny_domain(mut self, domain_id: &str) -> Self {
self.denied_domains.insert(domain_id.to_string());
self
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn default_policy() {
let p = FederationPolicy::default();
assert_eq!(p.quality_threshold, 0.5);
assert_eq!(p.min_observations, 12);
assert!(p.is_segment_allowed(0x33));
assert!(p.is_domain_allowed("anything"));
}
#[test]
fn restrictive_policy() {
let p = FederationPolicy::restrictive();
assert_eq!(p.quality_threshold, 0.8);
assert_eq!(p.min_observations, 50);
assert!(!p.export_kernels);
assert!(!p.export_cost_curves);
}
#[test]
fn permissive_policy() {
let p = FederationPolicy::permissive();
assert_eq!(p.quality_threshold, 0.0);
assert_eq!(p.min_observations, 1);
}
#[test]
fn segment_allowlist() {
let p = FederationPolicy::default().allow_segment(0x33).allow_segment(0x34);
assert!(p.is_segment_allowed(0x33));
assert!(p.is_segment_allowed(0x34));
assert!(!p.is_segment_allowed(0x35)); // not in allowlist
}
#[test]
fn segment_denylist() {
let p = FederationPolicy::default().deny_segment(0x36);
assert!(p.is_segment_allowed(0x33));
assert!(!p.is_segment_allowed(0x36)); // denied
}
#[test]
fn deny_takes_precedence() {
let p = FederationPolicy::default()
.allow_segment(0x33)
.deny_segment(0x33);
assert!(!p.is_segment_allowed(0x33)); // deny wins
}
#[test]
fn domain_filtering() {
let p = FederationPolicy::default()
.allow_domain("genomics")
.deny_domain("secret_project");
assert!(p.is_domain_allowed("genomics"));
assert!(!p.is_domain_allowed("secret_project"));
assert!(!p.is_domain_allowed("trading")); // not in allowlist
}
#[test]
fn empty_allowlist_allows_all() {
let p = FederationPolicy::default();
assert!(p.is_segment_allowed(0x33));
assert!(p.is_segment_allowed(0xFF));
assert!(p.is_domain_allowed("any_domain"));
}
}

426
vendor/ruvector/crates/rvf/rvf-federation/src/types.rs vendored Normal file
View File

@@ -0,0 +1,426 @@
//! Federation segment payload types.
//!
//! Four new RVF segment types (0x33-0x36) defined in ADR-057.
#[cfg(feature = "serde")]
use serde::{Deserialize, Serialize};
// ── Segment type constants ──────────────────────────────────────────
/// Segment type discriminator for FederatedManifest.
pub const SEG_FEDERATED_MANIFEST: u8 = 0x33;
/// Segment type discriminator for DiffPrivacyProof.
pub const SEG_DIFF_PRIVACY_PROOF: u8 = 0x34;
/// Segment type discriminator for RedactionLog.
pub const SEG_REDACTION_LOG: u8 = 0x35;
/// Segment type discriminator for AggregateWeights.
pub const SEG_AGGREGATE_WEIGHTS: u8 = 0x36;
// ── FederatedManifest (0x33) ────────────────────────────────────────
/// Describes a federated learning export.
///
/// Attached as the first segment in every federation RVF file.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct FederatedManifest {
/// Format version (currently 1).
pub format_version: u32,
/// Pseudonym of the contributor (never the real identity).
pub contributor_pseudonym: String,
/// UNIX timestamp (seconds) when the export was created.
pub export_timestamp_s: u64,
/// Segment IDs included in this export.
pub included_segment_ids: Vec<u64>,
/// Cumulative differential privacy budget spent (epsilon).
pub privacy_budget_spent: f64,
/// Domain identifier this export applies to.
pub domain_id: String,
/// RVF format version compatibility tag.
pub rvf_version_tag: String,
/// Number of trajectories summarized in the exported learning.
pub trajectory_count: u64,
/// Average quality score of exported trajectories.
pub avg_quality_score: f64,
}
impl FederatedManifest {
/// Create a new manifest with required fields.
pub fn new(contributor_pseudonym: String, domain_id: String) -> Self {
Self {
format_version: 1,
contributor_pseudonym,
export_timestamp_s: 0,
included_segment_ids: Vec::new(),
privacy_budget_spent: 0.0,
domain_id,
rvf_version_tag: String::from("rvf-v1"),
trajectory_count: 0,
avg_quality_score: 0.0,
}
}
}
// ── DiffPrivacyProof (0x34) ─────────────────────────────────────────
/// Noise mechanism used for differential privacy.
#[derive(Clone, Copy, Debug, PartialEq, Eq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub enum NoiseMechanism {
/// Gaussian noise for (epsilon, delta)-DP.
Gaussian,
/// Laplace noise for epsilon-DP.
Laplace,
}
/// Differential privacy attestation.
///
/// Records the privacy parameters and noise applied during export.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct DiffPrivacyProof {
/// Privacy loss parameter.
pub epsilon: f64,
/// Probability of privacy failure.
pub delta: f64,
/// Noise mechanism applied.
pub mechanism: NoiseMechanism,
/// L2 sensitivity bound used for noise calibration.
pub sensitivity: f64,
/// Gradient clipping norm.
pub clipping_norm: f64,
/// Noise scale (sigma for Gaussian, b for Laplace).
pub noise_scale: f64,
/// Number of parameters that had noise added.
pub noised_parameter_count: u64,
}
impl DiffPrivacyProof {
/// Create a new proof for Gaussian mechanism.
pub fn gaussian(epsilon: f64, delta: f64, sensitivity: f64, clipping_norm: f64) -> Self {
let sigma = sensitivity * (2.0_f64 * (1.25_f64 / delta).ln()).sqrt() / epsilon;
Self {
epsilon,
delta,
mechanism: NoiseMechanism::Gaussian,
sensitivity,
clipping_norm,
noise_scale: sigma,
noised_parameter_count: 0,
}
}
/// Create a new proof for Laplace mechanism.
pub fn laplace(epsilon: f64, sensitivity: f64, clipping_norm: f64) -> Self {
let b = sensitivity / epsilon;
Self {
epsilon,
delta: 0.0,
mechanism: NoiseMechanism::Laplace,
sensitivity,
clipping_norm,
noise_scale: b,
noised_parameter_count: 0,
}
}
}
// ── RedactionLog (0x35) ─────────────────────────────────────────────
/// A single redaction event.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct RedactionEntry {
/// Category of PII detected (e.g. "path", "ip", "email", "api_key").
pub category: String,
/// Number of occurrences redacted.
pub count: u32,
/// Rule identifier that triggered the redaction.
pub rule_id: String,
}
/// PII stripping attestation.
///
/// Proves that PII scanning was performed without revealing the original content.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct RedactionLog {
/// Individual redaction entries by category.
pub entries: Vec<RedactionEntry>,
/// SHAKE-256 hash of the pre-redaction content (32 bytes).
pub pre_redaction_hash: [u8; 32],
/// Total number of fields scanned.
pub fields_scanned: u64,
/// Total number of redactions applied.
pub total_redactions: u64,
/// UNIX timestamp (seconds) when redaction was performed.
pub timestamp_s: u64,
}
impl RedactionLog {
/// Create an empty redaction log.
pub fn new() -> Self {
Self {
entries: Vec::new(),
pre_redaction_hash: [0u8; 32],
fields_scanned: 0,
total_redactions: 0,
timestamp_s: 0,
}
}
/// Add a redaction entry.
pub fn add_entry(&mut self, category: &str, count: u32, rule_id: &str) {
self.total_redactions += count as u64;
self.entries.push(RedactionEntry {
category: category.to_string(),
count,
rule_id: rule_id.to_string(),
});
}
}
impl Default for RedactionLog {
fn default() -> Self {
Self::new()
}
}
// ── AggregateWeights (0x36) ─────────────────────────────────────────
/// Federated-averaged weight vector with metadata.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct AggregateWeights {
/// Federated averaging round number.
pub round: u64,
/// Number of participants in this round.
pub participation_count: u32,
/// Aggregated LoRA delta weights (flattened).
pub lora_deltas: Vec<f64>,
/// Per-weight confidence scores.
pub confidences: Vec<f64>,
/// Mean loss across participants.
pub mean_loss: f64,
/// Loss variance across participants.
pub loss_variance: f64,
/// Domain identifier.
pub domain_id: String,
/// Whether Byzantine outlier removal was applied.
pub byzantine_filtered: bool,
/// Number of contributions removed as outliers.
pub outliers_removed: u32,
}
impl AggregateWeights {
/// Create empty aggregate weights for a domain.
pub fn new(domain_id: String, round: u64) -> Self {
Self {
round,
participation_count: 0,
lora_deltas: Vec::new(),
confidences: Vec::new(),
mean_loss: 0.0,
loss_variance: 0.0,
domain_id,
byzantine_filtered: false,
outliers_removed: 0,
}
}
}
// ── BetaParams (local copy for federation) ──────────────────────────
/// Beta distribution parameters for Thompson Sampling priors.
///
/// Mirrors the type in `ruvector-domain-expansion` to avoid cross-crate dependency.
#[derive(Clone, Copy, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct BetaParams {
/// Alpha (success count + 1).
pub alpha: f64,
/// Beta (failure count + 1).
pub beta: f64,
}
impl BetaParams {
/// Create new Beta parameters.
pub fn new(alpha: f64, beta: f64) -> Self {
Self { alpha, beta }
}
/// Uniform (uninformative) prior.
pub fn uniform() -> Self {
Self { alpha: 1.0, beta: 1.0 }
}
/// Mean of the Beta distribution.
pub fn mean(&self) -> f64 {
self.alpha / (self.alpha + self.beta)
}
/// Total observations (alpha + beta - 2 for a Beta(1,1) prior).
pub fn observations(&self) -> f64 {
self.alpha + self.beta - 2.0
}
/// Merge two Beta posteriors by summing parameters and subtracting the uniform prior.
pub fn merge(&self, other: &BetaParams) -> BetaParams {
BetaParams {
alpha: self.alpha + other.alpha - 1.0,
beta: self.beta + other.beta - 1.0,
}
}
/// Dampen this prior by mixing with a uniform prior using sqrt-scaling.
pub fn dampen(&self, factor: f64) -> BetaParams {
let f = factor.clamp(0.0, 1.0);
BetaParams {
alpha: 1.0 + (self.alpha - 1.0) * f,
beta: 1.0 + (self.beta - 1.0) * f,
}
}
}
impl Default for BetaParams {
fn default() -> Self {
Self::uniform()
}
}
// ── TransferPrior (local copy for federation) ───────────────────────
/// Compact summary of learned priors for a single context bucket.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct TransferPriorEntry {
/// Context bucket identifier.
pub bucket_id: String,
/// Arm identifier.
pub arm_id: String,
/// Beta posterior parameters.
pub params: BetaParams,
/// Number of observations backing this prior.
pub observation_count: u64,
}
/// Collection of transfer priors from a trained domain.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct TransferPriorSet {
/// Source domain identifier.
pub source_domain: String,
/// Individual prior entries.
pub entries: Vec<TransferPriorEntry>,
/// EMA cost at time of extraction.
pub cost_ema: f64,
}
// ── PolicyKernelSnapshot ────────────────────────────────────────────
/// Snapshot of a policy kernel configuration for federation export.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct PolicyKernelSnapshot {
/// Kernel identifier.
pub kernel_id: String,
/// Tunable knob values.
pub knobs: Vec<f64>,
/// Fitness score.
pub fitness: f64,
/// Generation number.
pub generation: u64,
}
// ── CostCurveSnapshot ───────────────────────────────────────────────
/// Snapshot of cost curve data for federation export.
#[derive(Clone, Debug, PartialEq)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
pub struct CostCurveSnapshot {
/// Domain identifier.
pub domain_id: String,
/// Ordered (step, cost) points.
pub points: Vec<(u64, f64)>,
/// Acceleration factor (> 1.0 means transfer helped).
pub acceleration: f64,
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn segment_type_constants() {
assert_eq!(SEG_FEDERATED_MANIFEST, 0x33);
assert_eq!(SEG_DIFF_PRIVACY_PROOF, 0x34);
assert_eq!(SEG_REDACTION_LOG, 0x35);
assert_eq!(SEG_AGGREGATE_WEIGHTS, 0x36);
}
#[test]
fn federated_manifest_new() {
let m = FederatedManifest::new("alice".into(), "genomics".into());
assert_eq!(m.format_version, 1);
assert_eq!(m.contributor_pseudonym, "alice");
assert_eq!(m.domain_id, "genomics");
assert_eq!(m.trajectory_count, 0);
}
#[test]
fn diff_privacy_proof_gaussian() {
let p = DiffPrivacyProof::gaussian(1.0, 1e-5, 1.0, 1.0);
assert_eq!(p.mechanism, NoiseMechanism::Gaussian);
assert!(p.noise_scale > 0.0);
assert_eq!(p.epsilon, 1.0);
}
#[test]
fn diff_privacy_proof_laplace() {
let p = DiffPrivacyProof::laplace(1.0, 1.0, 1.0);
assert_eq!(p.mechanism, NoiseMechanism::Laplace);
assert!((p.noise_scale - 1.0).abs() < 1e-10);
}
#[test]
fn redaction_log_add_entry() {
let mut log = RedactionLog::new();
log.add_entry("path", 3, "rule_path_unix");
log.add_entry("ip", 2, "rule_ipv4");
assert_eq!(log.entries.len(), 2);
assert_eq!(log.total_redactions, 5);
}
#[test]
fn aggregate_weights_new() {
let w = AggregateWeights::new("code_review".into(), 1);
assert_eq!(w.round, 1);
assert_eq!(w.participation_count, 0);
assert!(!w.byzantine_filtered);
}
#[test]
fn beta_params_merge() {
let a = BetaParams::new(10.0, 5.0);
let b = BetaParams::new(8.0, 3.0);
let merged = a.merge(&b);
assert!((merged.alpha - 17.0).abs() < 1e-10);
assert!((merged.beta - 7.0).abs() < 1e-10);
}
#[test]
fn beta_params_dampen() {
let p = BetaParams::new(10.0, 5.0);
let dampened = p.dampen(0.25);
// alpha = 1 + (10-1)*0.25 = 1 + 2.25 = 3.25
assert!((dampened.alpha - 3.25).abs() < 1e-10);
// beta = 1 + (5-1)*0.25 = 1 + 1.0 = 2.0
assert!((dampened.beta - 2.0).abs() < 1e-10);
}
#[test]
fn beta_params_mean() {
let p = BetaParams::new(10.0, 10.0);
assert!((p.mean() - 0.5).abs() < 1e-10);
}
}

26
vendor/ruvector/crates/rvf/rvf-import/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,26 @@
[package]
name = "rvf-import"
version = "0.1.0"
edition = "2021"
description = "Import tools for migrating data from JSON, CSV, and NumPy formats into RVF stores"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["database-implementations", "command-line-utilities"]
keywords = ["rvf", "import", "json", "csv", "numpy"]
[[bin]]
name = "rvf-import"
path = "src/bin/rvf_import.rs"
[dependencies]
rvf-runtime = { version = "0.2.0", path = "../rvf-runtime", features = ["std"] }
rvf-types = { version = "0.2.0", path = "../rvf-types", features = ["std"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
clap = { version = "4", features = ["derive"] }
csv = "1"
[dev-dependencies]
tempfile = "3"

46
vendor/ruvector/crates/rvf/rvf-import/README.md vendored Normal file
View File

@@ -0,0 +1,46 @@
# rvf-import
Data import tools for migrating vectors from JSON, CSV, and NumPy formats into RVF stores.
## What It Does
`rvf-import` provides both a library API and a CLI binary for importing vector data from common formats into `.rvf` files. Supports automatic ID generation, metadata extraction, and batch ingestion.
## Supported Formats
| Format | Extension | Features |
|--------|-----------|----------|
| **JSON** | `.json` | Configurable ID/vector/metadata field names |
| **CSV** | `.csv` | Header-based column mapping, configurable delimiter |
| **NumPy** | `.npy` | Direct binary array loading, auto-dimension detection |
## Library Usage
```rust
use rvf_import::json::{parse_json_file, JsonConfig};
let config = JsonConfig {
id_field: "id".into(),
vector_field: "embedding".into(),
..Default::default()
};
let records = parse_json_file(Path::new("vectors.json"), &config)?;
```
## CLI Usage
```bash
rvf-import --input data.npy --output vectors.rvf --format npy --dimension 384
rvf-import --input data.csv --output vectors.rvf --format csv --dimension 128
rvf-import --input data.json --output vectors.rvf --format json
```
## Tests
```bash
cargo test -p rvf-import
```
## License
MIT OR Apache-2.0

167
vendor/ruvector/crates/rvf/rvf-import/src/bin/rvf_import.rs vendored Normal file
View File

@@ -0,0 +1,167 @@
//! CLI binary for importing data into RVF stores.
//!
//! Usage examples:
//! rvf-import --format json --input vectors.json --output data.rvf --dimension 384
//! rvf-import --format csv --input data.csv --output data.rvf --id-column 0 --vector-start 1
//! rvf-import --format npy --input embeddings.npy --output data.rvf
use clap::Parser;
use rvf_import::progress::StderrProgress;
use std::path::PathBuf;
use std::process;
#[derive(Parser)]
#[command(name = "rvf-import", about = "Import vectors into an RVF store")]
struct Cli {
/// Input format: json, csv, tsv, or npy.
#[arg(long)]
format: String,
/// Path to the input file.
#[arg(long)]
input: PathBuf,
/// Path to the output .rvf file (will be created).
#[arg(long)]
output: PathBuf,
/// Vector dimension. Required for json/csv; auto-detected for npy.
#[arg(long)]
dimension: Option<u16>,
/// (CSV) Column index for the vector ID (0-based, default 0).
#[arg(long, default_value_t = 0)]
id_column: usize,
/// (CSV) Column index where vector components start (0-based, default 1).
#[arg(long, default_value_t = 1)]
vector_start: usize,
/// (CSV) Disable header row detection.
#[arg(long)]
no_header: bool,
/// (NPY) Starting ID for auto-assigned vector IDs.
#[arg(long, default_value_t = 0)]
start_id: u64,
/// Batch size for ingestion (default 1000).
#[arg(long, default_value_t = 1000)]
batch_size: usize,
/// Suppress progress output.
#[arg(long)]
quiet: bool,
}
fn main() {
let cli = Cli::parse();
let records = match cli.format.as_str() {
"json" => match rvf_import::json::parse_json_file(&cli.input) {
Ok(r) => r,
Err(e) => {
eprintln!("error: {e}");
process::exit(1);
}
},
"csv" => {
let config = rvf_import::csv_import::CsvConfig {
id_column: cli.id_column,
vector_start: cli.vector_start,
delimiter: b',',
has_header: !cli.no_header,
dimension: cli.dimension.map(|d| d as usize),
};
match rvf_import::csv_import::parse_csv_file(&cli.input, &config) {
Ok(r) => r,
Err(e) => {
eprintln!("error: {e}");
process::exit(1);
}
}
}
"tsv" => {
let config = rvf_import::csv_import::CsvConfig {
id_column: cli.id_column,
vector_start: cli.vector_start,
delimiter: b'\t',
has_header: !cli.no_header,
dimension: cli.dimension.map(|d| d as usize),
};
match rvf_import::csv_import::parse_csv_file(&cli.input, &config) {
Ok(r) => r,
Err(e) => {
eprintln!("error: {e}");
process::exit(1);
}
}
}
"npy" => {
let config = rvf_import::numpy::NpyConfig {
start_id: cli.start_id,
};
match rvf_import::numpy::parse_npy_file(&cli.input, &config) {
Ok(r) => r,
Err(e) => {
eprintln!("error: {e}");
process::exit(1);
}
}
}
other => {
eprintln!("error: unknown format '{other}'. Use: json, csv, tsv, npy");
process::exit(1);
}
};
if records.is_empty() {
eprintln!("warning: no records parsed from input file");
process::exit(0);
}
// Determine dimension
let dimension = match cli.dimension {
Some(d) => d,
None => {
let inferred = records[0].vector.len() as u16;
if inferred == 0 {
eprintln!("error: cannot infer dimension (first vector is empty). Use --dimension");
process::exit(1);
}
eprintln!("info: inferred dimension = {inferred} from first record");
inferred
}
};
let progress: Option<&dyn rvf_import::progress::ProgressReporter> = if cli.quiet {
None
} else {
Some(&StderrProgress)
};
match rvf_import::import_to_new_store(
&cli.output,
dimension,
&records,
cli.batch_size,
progress,
) {
Ok(result) => {
if !cli.quiet {
eprintln!();
}
eprintln!(
"done: imported {} vectors, rejected {}, in {} batches -> {}",
result.total_imported,
result.total_rejected,
result.batches,
cli.output.display()
);
}
Err(e) => {
eprintln!("\nerror: import failed: {e}");
process::exit(1);
}
}
}

209
vendor/ruvector/crates/rvf/rvf-import/src/csv_import.rs vendored Normal file
View File

@@ -0,0 +1,209 @@
//! CSV/TSV importer for RVF stores.
//!
//! Expects a CSV where one column contains the vector ID and a contiguous
//! range of columns holds the vector components (as f32).
//!
//! Example CSV (id_column=0, vector_start=1, dimension=3):
//! ```text
//! id,x0,x1,x2
//! 1,0.1,0.2,0.3
//! 2,0.4,0.5,0.6
//! ```
use crate::VectorRecord;
use std::io::Read;
use std::path::Path;
/// Configuration for CSV parsing.
#[derive(Clone, Debug)]
pub struct CsvConfig {
/// Column index (0-based) that holds the vector ID.
pub id_column: usize,
/// Column index (0-based) where vector components begin.
pub vector_start: usize,
/// Expected vector dimensionality. If `None`, it is inferred from the
/// first data row as `num_columns - vector_start`.
pub dimension: Option<usize>,
/// Field delimiter. Defaults to `,`.
pub delimiter: u8,
/// Whether the first row is a header row (skipped).
pub has_header: bool,
}
impl Default for CsvConfig {
fn default() -> Self {
Self {
id_column: 0,
vector_start: 1,
dimension: None,
delimiter: b',',
has_header: true,
}
}
}
/// Parse CSV from a reader with the given config.
pub fn parse_csv<R: Read>(reader: R, config: &CsvConfig) -> Result<Vec<VectorRecord>, String> {
let mut csv_reader = csv::ReaderBuilder::new()
.delimiter(config.delimiter)
.has_headers(config.has_header)
.from_reader(reader);
let mut records = Vec::new();
let mut inferred_dim: Option<usize> = config.dimension;
for (row_idx, result) in csv_reader.records().enumerate() {
let record = result.map_err(|e| format!("CSV row {}: {e}", row_idx + 1))?;
let id: u64 = record
.get(config.id_column)
.ok_or_else(|| {
format!(
"row {}: missing id column {}",
row_idx + 1,
config.id_column
)
})?
.trim()
.parse()
.map_err(|e| format!("row {}: bad id: {e}", row_idx + 1))?;
let dim = match inferred_dim {
Some(d) => d,
None => {
let d = record.len().saturating_sub(config.vector_start);
if d == 0 {
return Err(format!(
"row {}: no vector columns after index {}",
row_idx + 1,
config.vector_start
));
}
inferred_dim = Some(d);
d
}
};
let end = config.vector_start + dim;
if record.len() < end {
return Err(format!(
"row {}: expected {} columns for vector, got {}",
row_idx + 1,
dim,
record.len().saturating_sub(config.vector_start)
));
}
let mut vector = Vec::with_capacity(dim);
for col in config.vector_start..end {
let val: f32 = record
.get(col)
.ok_or_else(|| format!("row {}: missing column {col}", row_idx + 1))?
.trim()
.parse()
.map_err(|e| format!("row {}, col {col}: bad float: {e}", row_idx + 1))?;
vector.push(val);
}
records.push(VectorRecord {
id,
vector,
metadata: Vec::new(),
});
}
Ok(records)
}
/// Parse CSV from a file path.
pub fn parse_csv_file(path: &Path, config: &CsvConfig) -> Result<Vec<VectorRecord>, String> {
let file =
std::fs::File::open(path).map_err(|e| format!("cannot open {}: {e}", path.display()))?;
let reader = std::io::BufReader::new(file);
parse_csv(reader, config)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn parse_basic_csv() {
let data = "id,x0,x1,x2\n1,0.1,0.2,0.3\n2,0.4,0.5,0.6\n";
let config = CsvConfig::default();
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert_eq!(records.len(), 2);
assert_eq!(records[0].id, 1);
assert_eq!(records[0].vector, vec![0.1, 0.2, 0.3]);
assert_eq!(records[1].id, 2);
assert_eq!(records[1].vector, vec![0.4, 0.5, 0.6]);
}
#[test]
fn parse_tsv() {
let data = "id\tx0\tx1\n10\t1.0\t2.0\n20\t3.0\t4.0\n";
let config = CsvConfig {
delimiter: b'\t',
..Default::default()
};
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert_eq!(records.len(), 2);
assert_eq!(records[0].id, 10);
assert_eq!(records[0].vector, vec![1.0, 2.0]);
}
#[test]
fn parse_no_header() {
let data = "1,0.1,0.2\n2,0.3,0.4\n";
let config = CsvConfig {
has_header: false,
dimension: Some(2),
..Default::default()
};
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert_eq!(records.len(), 2);
}
#[test]
fn parse_custom_columns() {
let data = "x0,x1,id\n0.1,0.2,100\n0.3,0.4,200\n";
let config = CsvConfig {
id_column: 2,
vector_start: 0,
dimension: Some(2),
..Default::default()
};
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert_eq!(records[0].id, 100);
assert_eq!(records[0].vector, vec![0.1, 0.2]);
}
#[test]
fn parse_empty_csv() {
let data = "id,x0\n";
let config = CsvConfig::default();
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert!(records.is_empty());
}
#[test]
fn bad_float_gives_error() {
let data = "id,x0\n1,notanumber\n";
let config = CsvConfig::default();
let result = parse_csv(data.as_bytes(), &config);
assert!(result.is_err());
assert!(result.unwrap_err().contains("bad float"));
}
#[test]
fn infer_dimension_from_first_row() {
let data = "id,a,b,c,d\n1,0.1,0.2,0.3,0.4\n2,0.5,0.6,0.7,0.8\n";
let config = CsvConfig {
dimension: None,
..Default::default()
};
let records = parse_csv(data.as_bytes(), &config).unwrap();
assert_eq!(records[0].vector.len(), 4);
assert_eq!(records[1].vector.len(), 4);
}
}

203
vendor/ruvector/crates/rvf/rvf-import/src/json.rs vendored Normal file
View File

@@ -0,0 +1,203 @@
//! JSON importer for RVF stores.
//!
//! Supports two JSON layouts:
//!
//! 1. **Array of objects** (the common case):
//! ```json
//! [
//! {"id": 1, "vector": [0.1, 0.2, ...], "metadata": {"key": "value"}},
//! {"id": 2, "vector": [0.3, 0.4, ...]}
//! ]
//! ```
//!
//! 2. **HNSW dump format**:
//! ```json
//! {
//! "vectors": [
//! {"id": 1, "vector": [0.1, 0.2, ...]},
//! ...
//! ],
//! "graph": { ... }
//! }
//! ```
//!
//! The `graph` field in HNSW dumps is ignored — only vector data is imported.
use crate::VectorRecord;
use rvf_runtime::{MetadataEntry, MetadataValue};
use serde::Deserialize;
use std::collections::HashMap;
use std::io::Read;
use std::path::Path;
/// A single vector entry as it appears in JSON.
#[derive(Deserialize)]
struct JsonVectorEntry {
id: u64,
vector: Vec<f32>,
#[serde(default)]
metadata: Option<HashMap<String, serde_json::Value>>,
}
/// HNSW dump envelope.
#[derive(Deserialize)]
struct HnswDump {
vectors: Vec<JsonVectorEntry>,
// `graph` is intentionally ignored during import.
}
/// Intermediate deserialization target that handles both layouts.
#[derive(Deserialize)]
#[serde(untagged)]
enum JsonInput {
Array(Vec<JsonVectorEntry>),
HnswDump(HnswDump),
}
fn convert_metadata(map: &HashMap<String, serde_json::Value>) -> Vec<MetadataEntry> {
let mut entries = Vec::new();
for (i, (_key, value)) in map.iter().enumerate() {
let field_id = i as u16;
match value {
serde_json::Value::Number(n) => {
if let Some(u) = n.as_u64() {
entries.push(MetadataEntry {
field_id,
value: MetadataValue::U64(u),
});
} else if let Some(i) = n.as_i64() {
entries.push(MetadataEntry {
field_id,
value: MetadataValue::I64(i),
});
} else if let Some(f) = n.as_f64() {
entries.push(MetadataEntry {
field_id,
value: MetadataValue::F64(f),
});
}
}
serde_json::Value::String(s) => {
entries.push(MetadataEntry {
field_id,
value: MetadataValue::String(s.clone()),
});
}
_ => {
// Arrays, objects, bools, null — store as JSON string
entries.push(MetadataEntry {
field_id,
value: MetadataValue::String(value.to_string()),
});
}
}
}
entries
}
fn entries_to_records(entries: Vec<JsonVectorEntry>) -> Vec<VectorRecord> {
entries
.into_iter()
.map(|e| {
let metadata = e
.metadata
.as_ref()
.map(convert_metadata)
.unwrap_or_default();
VectorRecord {
id: e.id,
vector: e.vector,
metadata,
}
})
.collect()
}
/// Parse JSON from a reader. Handles both array-of-objects and HNSW dump formats.
pub fn parse_json<R: Read>(reader: R) -> Result<Vec<VectorRecord>, String> {
let input: JsonInput =
serde_json::from_reader(reader).map_err(|e| format!("JSON parse error: {e}"))?;
let entries = match input {
JsonInput::Array(arr) => arr,
JsonInput::HnswDump(dump) => dump.vectors,
};
Ok(entries_to_records(entries))
}
/// Parse JSON from a file path.
pub fn parse_json_file(path: &Path) -> Result<Vec<VectorRecord>, String> {
let file =
std::fs::File::open(path).map_err(|e| format!("cannot open {}: {e}", path.display()))?;
let reader = std::io::BufReader::new(file);
parse_json(reader)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn parse_array_format() {
let json = r#"[
{"id": 1, "vector": [0.1, 0.2, 0.3]},
{"id": 2, "vector": [0.4, 0.5, 0.6], "metadata": {"category": "test", "score": 42}}
]"#;
let records = parse_json(json.as_bytes()).unwrap();
assert_eq!(records.len(), 2);
assert_eq!(records[0].id, 1);
assert_eq!(records[0].vector, vec![0.1, 0.2, 0.3]);
assert!(records[0].metadata.is_empty());
assert_eq!(records[1].id, 2);
assert_eq!(records[1].vector, vec![0.4, 0.5, 0.6]);
assert_eq!(records[1].metadata.len(), 2);
}
#[test]
fn parse_hnsw_dump_format() {
let json = r#"{
"vectors": [
{"id": 10, "vector": [1.0, 2.0]},
{"id": 20, "vector": [3.0, 4.0]}
],
"graph": {"layers": 3, "nodes": []}
}"#;
let records = parse_json(json.as_bytes()).unwrap();
assert_eq!(records.len(), 2);
assert_eq!(records[0].id, 10);
assert_eq!(records[1].id, 20);
}
#[test]
fn parse_empty_array() {
let json = "[]";
let records = parse_json(json.as_bytes()).unwrap();
assert!(records.is_empty());
}
#[test]
fn parse_invalid_json() {
let json = "not json at all";
let result = parse_json(json.as_bytes());
assert!(result.is_err());
}
#[test]
fn metadata_types() {
let json = r#"[
{"id": 1, "vector": [0.1], "metadata": {
"name": "hello",
"count": 99,
"neg": -5,
"score": 3.14
}}
]"#;
let records = parse_json(json.as_bytes()).unwrap();
assert_eq!(records[0].metadata.len(), 4);
}
}

101
vendor/ruvector/crates/rvf/rvf-import/src/lib.rs vendored Normal file
View File

@@ -0,0 +1,101 @@
//! rvf-import: Migration tools for importing data into RVF stores.
//!
//! Supports JSON, CSV/TSV, and NumPy `.npy` formats. Each importer
//! parses the source format and batch-ingests vectors into an
//! [`rvf_runtime::RvfStore`].
pub mod csv_import;
pub mod json;
pub mod numpy;
pub mod progress;
use rvf_runtime::{MetadataEntry, RvfOptions, RvfStore};
use rvf_types::RvfError;
use std::path::Path;
/// A single vector record ready for ingestion.
#[derive(Clone, Debug)]
pub struct VectorRecord {
/// Unique identifier for this vector.
pub id: u64,
/// The embedding / feature vector.
pub vector: Vec<f32>,
/// Optional key-value metadata entries.
pub metadata: Vec<MetadataEntry>,
}
/// Result summary returned after an import completes.
#[derive(Clone, Debug)]
pub struct ImportResult {
/// Total records successfully ingested.
pub total_imported: u64,
/// Total records that failed validation (wrong dimension, etc.).
pub total_rejected: u64,
/// Number of batches written.
pub batches: u32,
}
/// Batch-ingest a slice of [`VectorRecord`]s into an [`RvfStore`].
///
/// Records whose vector length does not match `dimension` are silently
/// rejected by the store. Returns an [`ImportResult`] summarising the
/// operation.
pub fn ingest_records(
store: &mut RvfStore,
records: &[VectorRecord],
batch_size: usize,
progress: Option<&dyn progress::ProgressReporter>,
) -> Result<ImportResult, RvfError> {
let batch_size = batch_size.max(1);
let mut total_imported = 0u64;
let mut total_rejected = 0u64;
let mut batches = 0u32;
for chunk in records.chunks(batch_size) {
let vec_data: Vec<Vec<f32>> = chunk.iter().map(|r| r.vector.clone()).collect();
let vec_refs: Vec<&[f32]> = vec_data.iter().map(|v| v.as_slice()).collect();
let ids: Vec<u64> = chunk.iter().map(|r| r.id).collect();
let has_metadata = chunk.iter().any(|r| !r.metadata.is_empty());
let metadata: Option<Vec<MetadataEntry>> = if has_metadata {
Some(chunk.iter().flat_map(|r| r.metadata.clone()).collect())
} else {
None
};
let result = store.ingest_batch(&vec_refs, &ids, metadata.as_deref())?;
total_imported += result.accepted;
total_rejected += result.rejected;
batches += 1;
if let Some(p) = progress {
p.report(total_imported, total_rejected, records.len() as u64);
}
}
Ok(ImportResult {
total_imported,
total_rejected,
batches,
})
}
/// Create a new RVF store at `path` with the given dimension, then
/// ingest all `records` into it.
pub fn import_to_new_store(
path: &Path,
dimension: u16,
records: &[VectorRecord],
batch_size: usize,
progress: Option<&dyn progress::ProgressReporter>,
) -> Result<ImportResult, RvfError> {
let options = RvfOptions {
dimension,
..Default::default()
};
let mut store = RvfStore::create(path, options)?;
let result = ingest_records(&mut store, records, batch_size, progress)?;
store.close()?;
Ok(result)
}

251
vendor/ruvector/crates/rvf/rvf-import/src/numpy.rs vendored Normal file
View File

@@ -0,0 +1,251 @@
//! NumPy `.npy` importer for RVF stores.
//!
//! Parses the NumPy v1/v2 `.npy` format (little-endian float32 only).
//! The shape `(N, D)` is read from the header; IDs are assigned
//! sequentially starting from `start_id` (default 0).
//!
//! Reference: <https://numpy.org/devdocs/reference/generated/numpy.lib.format.html>
use crate::VectorRecord;
use std::io::Read;
use std::path::Path;
/// Configuration for NumPy import.
#[derive(Clone, Debug, Default)]
pub struct NpyConfig {
/// Starting ID for auto-assigned vector IDs.
pub start_id: u64,
}
/// Parsed header from a `.npy` file.
#[derive(Debug)]
struct NpyHeader {
/// Number of rows (vectors).
rows: usize,
/// Number of columns (dimensions per vector).
cols: usize,
}
/// Parse the `.npy` header from a reader, returning the shape and
/// advancing the reader past the header.
fn parse_npy_header<R: Read>(reader: &mut R) -> Result<NpyHeader, String> {
// Magic: \x93NUMPY
let mut magic = [0u8; 6];
reader
.read_exact(&mut magic)
.map_err(|e| format!("failed to read npy magic: {e}"))?;
if magic[0] != 0x93 || &magic[1..6] != b"NUMPY" {
return Err("not a valid .npy file (bad magic)".to_string());
}
// Version
let mut version = [0u8; 2];
reader
.read_exact(&mut version)
.map_err(|e| format!("failed to read npy version: {e}"))?;
let major = version[0];
// Header length
let header_len: usize = if major <= 1 {
let mut buf = [0u8; 2];
reader
.read_exact(&mut buf)
.map_err(|e| format!("failed to read header length: {e}"))?;
u16::from_le_bytes(buf) as usize
} else {
let mut buf = [0u8; 4];
reader
.read_exact(&mut buf)
.map_err(|e| format!("failed to read header length: {e}"))?;
u32::from_le_bytes(buf) as usize
};
// Read the header dict string
let mut header_bytes = vec![0u8; header_len];
reader
.read_exact(&mut header_bytes)
.map_err(|e| format!("failed to read header dict: {e}"))?;
let header_str =
std::str::from_utf8(&header_bytes).map_err(|e| format!("header is not utf8: {e}"))?;
// Validate dtype is float32
if !header_str.contains("'<f4'") && !header_str.contains("'float32'") {
return Err(format!(
"unsupported dtype in npy header (only float32/<f4 supported): {header_str}"
));
}
// Parse shape: look for 'shape': (N, D) or 'shape': (N,)
let shape = parse_shape(header_str)?;
Ok(shape)
}
fn parse_shape(header: &str) -> Result<NpyHeader, String> {
// Find the shape tuple in the header dict
let shape_start = header
.find("'shape':")
.or_else(|| header.find("\"shape\":"))
.ok_or_else(|| format!("no 'shape' key in npy header: {header}"))?;
let after_key = &header[shape_start..];
let paren_open = after_key
.find('(')
.ok_or_else(|| "no opening paren in shape".to_string())?;
let paren_close = after_key
.find(')')
.ok_or_else(|| "no closing paren in shape".to_string())?;
let shape_content = &after_key[paren_open + 1..paren_close];
let parts: Vec<&str> = shape_content
.split(',')
.map(|s| s.trim())
.filter(|s| !s.is_empty())
.collect();
match parts.len() {
1 => {
let rows: usize = parts[0]
.parse()
.map_err(|e| format!("bad shape dim: {e}"))?;
// 1-D array: each element is a 1-d vector
Ok(NpyHeader { rows, cols: 1 })
}
2 => {
let rows: usize = parts[0]
.parse()
.map_err(|e| format!("bad shape row: {e}"))?;
let cols: usize = parts[1]
.parse()
.map_err(|e| format!("bad shape col: {e}"))?;
Ok(NpyHeader { rows, cols })
}
_ => Err(format!(
"unsupported shape rank {}: {shape_content}",
parts.len()
)),
}
}
/// Parse a `.npy` file from a reader.
pub fn parse_npy<R: Read>(mut reader: R, config: &NpyConfig) -> Result<Vec<VectorRecord>, String> {
let header = parse_npy_header(&mut reader)?;
let total_floats = header.rows * header.cols;
let total_bytes = total_floats * 4;
let mut raw = vec![0u8; total_bytes];
reader
.read_exact(&mut raw)
.map_err(|e| format!("failed to read npy data ({total_bytes} bytes expected): {e}"))?;
let mut records = Vec::with_capacity(header.rows);
for i in 0..header.rows {
let offset = i * header.cols * 4;
let mut vector = Vec::with_capacity(header.cols);
for j in 0..header.cols {
let byte_offset = offset + j * 4;
let bytes: [u8; 4] = [
raw[byte_offset],
raw[byte_offset + 1],
raw[byte_offset + 2],
raw[byte_offset + 3],
];
vector.push(f32::from_le_bytes(bytes));
}
records.push(VectorRecord {
id: config.start_id + i as u64,
vector,
metadata: Vec::new(),
});
}
Ok(records)
}
/// Parse a `.npy` file from a file path.
pub fn parse_npy_file(path: &Path, config: &NpyConfig) -> Result<Vec<VectorRecord>, String> {
let file =
std::fs::File::open(path).map_err(|e| format!("cannot open {}: {e}", path.display()))?;
let reader = std::io::BufReader::new(file);
parse_npy(reader, config)
}
#[cfg(test)]
mod tests {
use super::*;
/// Build a minimal valid .npy file in memory with the given shape and f32 data.
fn build_npy(rows: usize, cols: usize, data: &[f32]) -> Vec<u8> {
let header_dict =
format!("{{'descr': '<f4', 'fortran_order': False, 'shape': ({rows}, {cols}), }}");
// Pad header to 64-byte alignment (magic=6 + version=2 + header_len=2 + dict)
let preamble_len = 6 + 2 + 2;
let total_header = preamble_len + header_dict.len();
let padding = (64 - (total_header % 64)) % 64;
let padded_dict_len = header_dict.len() + padding;
let mut buf = Vec::new();
// Magic
buf.push(0x93);
buf.extend_from_slice(b"NUMPY");
// Version 1.0
buf.push(1);
buf.push(0);
// Header length (u16 LE)
buf.extend_from_slice(&(padded_dict_len as u16).to_le_bytes());
// Dict
buf.extend_from_slice(header_dict.as_bytes());
// Padding (spaces + newline)
buf.extend(std::iter::repeat_n(b' ', padding.saturating_sub(1)));
if padding > 0 {
buf.push(b'\n');
}
// Data
for &val in data {
buf.extend_from_slice(&val.to_le_bytes());
}
buf
}
#[test]
fn parse_2d_npy() {
let data = vec![1.0f32, 2.0, 3.0, 4.0, 5.0, 6.0];
let npy = build_npy(2, 3, &data);
let records = parse_npy(npy.as_slice(), &NpyConfig::default()).unwrap();
assert_eq!(records.len(), 2);
assert_eq!(records[0].id, 0);
assert_eq!(records[0].vector, vec![1.0, 2.0, 3.0]);
assert_eq!(records[1].id, 1);
assert_eq!(records[1].vector, vec![4.0, 5.0, 6.0]);
}
#[test]
fn parse_npy_custom_start_id() {
let data = vec![0.5f32, 0.6];
let npy = build_npy(1, 2, &data);
let config = NpyConfig { start_id: 100 };
let records = parse_npy(npy.as_slice(), &config).unwrap();
assert_eq!(records[0].id, 100);
}
#[test]
fn bad_magic_rejected() {
let bad = b"NOT_NUMPY_DATA";
let result = parse_npy(bad.as_slice(), &NpyConfig::default());
assert!(result.is_err());
assert!(result.unwrap_err().contains("bad magic"));
}
#[test]
fn shape_parsing() {
let h = parse_shape("{'descr': '<f4', 'shape': (100, 384), }").unwrap();
assert_eq!(h.rows, 100);
assert_eq!(h.cols, 384);
let h = parse_shape("{'descr': '<f4', 'shape': (50,), }").unwrap();
assert_eq!(h.rows, 50);
assert_eq!(h.cols, 1);
}
}

54
vendor/ruvector/crates/rvf/rvf-import/src/progress.rs vendored Normal file
View File

@@ -0,0 +1,54 @@
//! Progress reporting for long-running imports.
use std::io::Write;
/// Trait for receiving import progress callbacks.
pub trait ProgressReporter {
/// Called after each batch with cumulative counts.
fn report(&self, imported: u64, rejected: u64, total: u64);
}
/// A reporter that prints progress to stderr.
pub struct StderrProgress;
impl ProgressReporter for StderrProgress {
fn report(&self, imported: u64, rejected: u64, total: u64) {
if total > 0 {
let pct = (imported + rejected) as f64 / total as f64 * 100.0;
eprint!("\r imported: {imported}, rejected: {rejected}, total: {total} ({pct:.1}%)");
let _ = std::io::stderr().flush();
}
}
}
/// A reporter that collects reports for testing.
pub struct CollectingProgress {
reports: std::sync::Mutex<Vec<(u64, u64, u64)>>,
}
impl Default for CollectingProgress {
fn default() -> Self {
Self {
reports: std::sync::Mutex::new(Vec::new()),
}
}
}
impl CollectingProgress {
pub fn new() -> Self {
Self::default()
}
pub fn reports(&self) -> Vec<(u64, u64, u64)> {
self.reports.lock().unwrap().clone()
}
}
impl ProgressReporter for CollectingProgress {
fn report(&self, imported: u64, rejected: u64, total: u64) {
self.reports
.lock()
.unwrap()
.push((imported, rejected, total));
}
}

24
vendor/ruvector/crates/rvf/rvf-index/Cargo.toml vendored Normal file
View File

@@ -0,0 +1,24 @@
[package]
name = "rvf-index"
version = "0.1.0"
edition = "2021"
description = "RuVector Format progressive HNSW indexing with Layer A/B/C tiered search"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ruvnet/ruvector"
homepage = "https://github.com/ruvnet/ruvector"
readme = "README.md"
categories = ["algorithms", "data-structures"]
keywords = ["vector", "hnsw", "nearest-neighbor", "indexing", "rvf"]
rust-version = "1.87"
[features]
default = ["std"]
std = []
simd = []
[dependencies]
# rvf-types dependency will be re-enabled once rvf-types stabilizes.
# For now, rvf-index defines its own local types.
[dev-dependencies]
rand = "0.8"

28
vendor/ruvector/crates/rvf/rvf-index/README.md vendored Normal file
View File

@@ -0,0 +1,28 @@
# rvf-index
Progressive HNSW indexing with tiered Layer A/B/C search for RuVector Format.
## Overview
`rvf-index` implements a Hierarchical Navigable Small World (HNSW) index optimized for the RVF storage model:
- **Layer A** -- hot vectors, full-precision, in-memory graph
- **Layer B** -- warm vectors, quantized, memory-mapped
- **Layer C** -- cold vectors, compressed, on-disk with lazy loading
- **Progressive build** -- index grows incrementally without full rebuilds
## Usage
```toml
[dependencies]
rvf-index = "0.1"
```
## Features
- `std` (default) -- enable `std` support
- `simd` -- enable SIMD-accelerated distance computations
## License
MIT OR Apache-2.0

271
vendor/ruvector/crates/rvf/rvf-index/src/builder.rs vendored Normal file
View File

@@ -0,0 +1,271 @@
//! Index construction: building Layer A, B, C from vectors and an HNSW graph.
extern crate alloc;
use alloc::collections::BTreeMap;
use alloc::collections::BTreeSet;
use alloc::vec::Vec;
use crate::hnsw::{HnswConfig, HnswGraph, HnswLayer};
use crate::layers::{LayerA, LayerB, LayerC, PartitionEntry};
use crate::traits::VectorStore;
/// Build the full HNSW graph from a set of vectors.
///
/// `rng_values`: one random value per vector for level selection.
/// These should be uniform in (0, 1).
pub fn build_full_index(
vectors: &dyn VectorStore,
num_vectors: usize,
config: &HnswConfig,
rng_values: &[f64],
distance_fn: &dyn Fn(&[f32], &[f32]) -> f32,
) -> HnswGraph {
assert!(
rng_values.len() >= num_vectors,
"Need at least one rng value per vector"
);
let mut graph = HnswGraph::new(config);
for (i, &rng_val) in rng_values.iter().enumerate().take(num_vectors) {
graph.insert(i as u64, rng_val, vectors, distance_fn);
}
graph
}
/// Build Layer A from an existing HNSW graph.
///
/// Extracts entry points, top-layer adjacency, centroids, and a partition map.
///
/// `centroids`: precomputed cluster centroids.
/// `assignments`: for each vector ID, the centroid index it's assigned to.
pub fn build_layer_a(
graph: &HnswGraph,
centroids: &[Vec<f32>],
assignments: &[u32],
_num_vectors: u64,
) -> LayerA {
let entry_points = match graph.entry_point {
Some(ep) => vec![(ep, graph.max_layer as u32)],
None => vec![],
};
// Extract top layers. "Top" = layers above the threshold.
// For progressive indexing, we take layers >= max_layer - 1 (at least
// the top 2 layers). Adjust based on graph size.
let threshold = graph.max_layer.saturating_sub(1);
let top_layers: Vec<HnswLayer> = graph.layers[threshold..].to_vec();
// Build partition map from assignments.
let mut partitions: BTreeMap<u32, (u64, u64)> = BTreeMap::new();
for (vid, &centroid_id) in assignments.iter().enumerate() {
let entry = partitions
.entry(centroid_id)
.or_insert((vid as u64, vid as u64));
entry.0 = entry.0.min(vid as u64);
entry.1 = entry.1.max(vid as u64 + 1);
}
let partition_map: Vec<PartitionEntry> = partitions
.into_iter()
.map(|(centroid_id, (start, end))| PartitionEntry {
centroid_id,
vector_id_start: start,
vector_id_end: end,
segment_ref: 0,
block_ref: 0,
})
.collect();
LayerA {
entry_points,
top_layers,
top_layer_start: threshold,
centroids: centroids.to_vec(),
partition_map,
}
}
/// Build Layer B from an existing HNSW graph, keeping only hot nodes.
///
/// `hot_node_ids`: the set of node IDs in the hot working set.
pub fn build_layer_b(graph: &HnswGraph, hot_node_ids: &BTreeSet<u64>) -> LayerB {
let mut partial_adjacency = BTreeMap::new();
// For each hot node, include its layer 0 neighbors.
if let Some(layer0) = graph.layers.first() {
for &nid in hot_node_ids {
if let Some(neighbors) = layer0.adjacency.get(&nid) {
partial_adjacency.insert(nid, neighbors.clone());
}
}
}
// Compute covered ranges from the hot node set.
let covered_ranges = compute_ranges(hot_node_ids);
LayerB {
partial_adjacency,
covered_ranges,
}
}
/// Build Layer C from the full HNSW graph (just wraps all adjacency).
pub fn build_layer_c(graph: &HnswGraph) -> LayerC {
LayerC {
full_adjacency: graph.layers.clone(),
}
}
/// Incrementally add a vector to an existing HNSW graph.
pub fn incremental_insert(
graph: &mut HnswGraph,
id: u64,
rng_val: f64,
vectors: &dyn VectorStore,
distance_fn: &dyn Fn(&[f32], &[f32]) -> f32,
) {
graph.insert(id, rng_val, vectors, distance_fn);
}
/// Compute contiguous ranges from a sorted set of IDs.
fn compute_ranges(ids: &BTreeSet<u64>) -> Vec<(u64, u64)> {
if ids.is_empty() {
return Vec::new();
}
let mut ranges = Vec::new();
let mut iter = ids.iter();
let &first = iter.next().unwrap();
let mut start = first;
let mut end = first + 1;
for &id in iter {
if id == end {
end = id + 1;
} else {
ranges.push((start, end));
start = id;
end = id + 1;
}
}
ranges.push((start, end));
ranges
}
#[cfg(test)]
mod tests {
use super::*;
use crate::distance::l2_distance;
use crate::traits::InMemoryVectorStore;
#[test]
fn build_full_index_basic() {
let n = 50;
let dim = 4;
let vecs: Vec<Vec<f32>> = (0..n)
.map(|i| (0..dim).map(|d| (i * dim + d) as f32).collect())
.collect();
let store = InMemoryVectorStore::new(vecs);
let config = HnswConfig {
m: 8,
m0: 16,
ef_construction: 50,
};
let rng_vals: Vec<f64> = (0..n).map(|i| ((i * 7 + 3) % 100) as f64 / 100.0).collect();
let graph = build_full_index(&store, n, &config, &rng_vals, &l2_distance);
assert_eq!(graph.node_count(), n);
assert!(graph.entry_point.is_some());
}
#[test]
fn build_layer_a_from_graph() {
let n = 100;
let dim = 4;
let vecs: Vec<Vec<f32>> = (0..n)
.map(|i| (0..dim).map(|d| (i * dim + d) as f32).collect())
.collect();
let store = InMemoryVectorStore::new(vecs.clone());
let config = HnswConfig::default();
let rng_vals: Vec<f64> = (0..n).map(|i| ((i * 7 + 3) % 100) as f64 / 100.0).collect();
let graph = build_full_index(&store, n, &config, &rng_vals, &l2_distance);
let centroids = vec![vecs[25].clone(), vecs[75].clone()];
let assignments: Vec<u32> = (0..n).map(|i| if i < 50 { 0 } else { 1 }).collect();
let layer_a = build_layer_a(&graph, &centroids, &assignments, n as u64);
assert!(!layer_a.entry_points.is_empty());
assert_eq!(layer_a.centroids.len(), 2);
assert!(!layer_a.partition_map.is_empty());
}
#[test]
fn build_layer_b_from_graph() {
let n = 50;
let dim = 4;
let vecs: Vec<Vec<f32>> = (0..n)
.map(|i| (0..dim).map(|d| (i * dim + d) as f32).collect())
.collect();
let store = InMemoryVectorStore::new(vecs);
let config = HnswConfig {
m: 8,
m0: 16,
ef_construction: 50,
};
let rng_vals: Vec<f64> = (0..n).map(|i| ((i * 7 + 3) % 100) as f64 / 100.0).collect();
let graph = build_full_index(&store, n, &config, &rng_vals, &l2_distance);
// Mark first 25 nodes as hot.
let hot: BTreeSet<u64> = (0..25).collect();
let layer_b = build_layer_b(&graph, &hot);
assert!(!layer_b.partial_adjacency.is_empty());
assert!(layer_b.has_node(0));
assert!(!layer_b.has_node(49));
}
#[test]
fn compute_ranges_basic() {
let ids: BTreeSet<u64> = [1, 2, 3, 5, 6, 10].into_iter().collect();
let ranges = compute_ranges(&ids);
assert_eq!(ranges, vec![(1, 4), (5, 7), (10, 11)]);
}
#[test]
fn compute_ranges_empty() {
let ids: BTreeSet<u64> = BTreeSet::new();
assert!(compute_ranges(&ids).is_empty());
}
#[test]
fn incremental_insert_works() {
let n = 20;
let dim = 4;
let mut vecs: Vec<Vec<f32>> = (0..n)
.map(|i| (0..dim).map(|d| (i * dim + d) as f32).collect())
.collect();
let store = InMemoryVectorStore::new(vecs.clone());
let config = HnswConfig {
m: 8,
m0: 16,
ef_construction: 50,
};
let rng_vals: Vec<f64> = (0..n).map(|i| ((i * 7 + 3) % 100) as f64 / 100.0).collect();
let mut graph = build_full_index(&store, n, &config, &rng_vals, &l2_distance);
assert_eq!(graph.node_count(), n);
// Add one more vector.
vecs.push((0..dim).map(|d| (n * dim + d) as f32).collect());
let store2 = InMemoryVectorStore::new(vecs);
incremental_insert(&mut graph, n as u64, 0.5, &store2, &l2_distance);
assert_eq!(graph.node_count(), n + 1);
}
}

503
vendor/ruvector/crates/rvf/rvf-index/src/codec.rs vendored Normal file
View File

@@ -0,0 +1,503 @@
//! INDEX_SEG encode/decode: varint delta encoding with restart points.
//!
//! Implements the binary layout from the RVF wire spec for INDEX_SEG payloads.
extern crate alloc;
use alloc::vec::Vec;
/// Default restart interval for varint delta encoding.
pub const DEFAULT_RESTART_INTERVAL: u32 = 64;
/// Index segment header (64-byte aligned).
#[derive(Clone, Debug, PartialEq)]
pub struct IndexSegHeader {
/// 0 = HNSW, 1 = IVF, 2 = flat.
pub index_type: u8,
/// Layer level: 0 = A, 1 = B, 2 = C.
pub layer_level: u8,
/// HNSW max neighbors per layer.
pub m: u16,
/// ef_construction parameter.
pub ef_construction: u32,
/// Number of nodes in this segment.
pub node_count: u64,
}
/// Encoded adjacency data for a single node.
#[derive(Clone, Debug, PartialEq)]
pub struct NodeAdjacency {
/// The node ID.
pub node_id: u64,
/// Neighbor IDs per HNSW layer (index 0 = layer 0).
pub layers: Vec<Vec<u64>>,
}
/// Full decoded index segment data.
#[derive(Clone, Debug, PartialEq)]
pub struct IndexSegData {
pub header: IndexSegHeader,
pub restart_interval: u32,
pub nodes: Vec<NodeAdjacency>,
}
// ── Varint Encoding (LEB128) ─────────────────────────────────────
/// Encode a u64 as LEB128 varint.
pub fn encode_varint(mut value: u64, buf: &mut Vec<u8>) {
loop {
let mut byte = (value & 0x7F) as u8;
value >>= 7;
if value != 0 {
byte |= 0x80;
}
buf.push(byte);
if value == 0 {
break;
}
}
}
/// Decode a LEB128 varint from a byte slice. Returns `(value, bytes_consumed)`.
pub fn decode_varint(data: &[u8]) -> Option<(u64, usize)> {
let mut value: u64 = 0;
let mut shift: u32 = 0;
for (i, &byte) in data.iter().enumerate() {
if shift >= 64 {
return None; // Overflow.
}
value |= ((byte & 0x7F) as u64) << shift;
shift += 7;
if byte & 0x80 == 0 {
return Some((value, i + 1));
}
}
None // Incomplete.
}
// ── Delta Encoding ───────────────────────────────────────────────
/// Delta-encode a sorted sequence of u64 values.
pub fn delta_encode(sorted_ids: &[u64]) -> Vec<u64> {
if sorted_ids.is_empty() {
return Vec::new();
}
let mut deltas = Vec::with_capacity(sorted_ids.len());
deltas.push(sorted_ids[0]);
for i in 1..sorted_ids.len() {
deltas.push(sorted_ids[i] - sorted_ids[i - 1]);
}
deltas
}
/// Decode delta-encoded values back to absolute IDs.
pub fn delta_decode(deltas: &[u64]) -> Vec<u64> {
if deltas.is_empty() {
return Vec::new();
}
let mut ids = Vec::with_capacity(deltas.len());
ids.push(deltas[0]);
for i in 1..deltas.len() {
ids.push(ids[i - 1] + deltas[i]);
}
ids
}
// ── INDEX_SEG Encode ─────────────────────────────────────────────
/// Encode an INDEX_SEG payload.
///
/// Layout:
/// 1. Index header (padded to 64 bytes)
/// 2. Restart point index (padded to 64 bytes)
/// 3. Adjacency data with delta-encoded neighbor lists
pub fn encode_index_seg(data: &IndexSegData) -> Vec<u8> {
let mut buf = Vec::new();
// 1. Header (pad to 64 bytes).
buf.push(data.header.index_type);
buf.push(data.header.layer_level);
buf.extend_from_slice(&data.header.m.to_le_bytes());
buf.extend_from_slice(&data.header.ef_construction.to_le_bytes());
buf.extend_from_slice(&data.header.node_count.to_le_bytes());
pad_to_alignment(&mut buf, 64);
// 2. Encode adjacency data with restart points.
let restart_interval = data.restart_interval;
let mut adj_buf = Vec::new();
let mut restart_offsets: Vec<u32> = Vec::new();
for (idx, node) in data.nodes.iter().enumerate() {
if (idx as u32).is_multiple_of(restart_interval) {
restart_offsets.push(adj_buf.len() as u32);
}
// Encode layer count.
encode_varint(node.layers.len() as u64, &mut adj_buf);
// Encode each layer's neighbors.
for neighbors in &node.layers {
encode_varint(neighbors.len() as u64, &mut adj_buf);
// Delta-encode sorted neighbor IDs.
let mut sorted = neighbors.clone();
sorted.sort();
let is_restart = (idx as u32).is_multiple_of(restart_interval);
if is_restart {
// At restart points, encode absolute IDs.
for &nid in &sorted {
encode_varint(nid, &mut adj_buf);
}
} else {
// Delta encode.
let deltas = delta_encode(&sorted);
for &d in &deltas {
encode_varint(d, &mut adj_buf);
}
}
}
}
// Write restart point index.
buf.extend_from_slice(&restart_interval.to_le_bytes());
let restart_count = restart_offsets.len() as u32;
buf.extend_from_slice(&restart_count.to_le_bytes());
for offset in &restart_offsets {
buf.extend_from_slice(&offset.to_le_bytes());
}
pad_to_alignment(&mut buf, 64);
// Write adjacency data.
buf.extend_from_slice(&adj_buf);
pad_to_alignment(&mut buf, 64);
buf
}
/// Decode an INDEX_SEG payload.
pub fn decode_index_seg(data: &[u8]) -> Result<IndexSegData, CodecError> {
if data.len() < 64 {
return Err(CodecError::TooShort);
}
// 1. Parse header.
let index_type = data[0];
let layer_level = data[1];
let m = u16::from_le_bytes([data[2], data[3]]);
let ef_construction = u32::from_le_bytes([data[4], data[5], data[6], data[7]]);
let node_count = u64::from_le_bytes([
data[8], data[9], data[10], data[11], data[12], data[13], data[14], data[15],
]);
let header = IndexSegHeader {
index_type,
layer_level,
m,
ef_construction,
node_count,
};
// Skip header padding.
let mut pos = 64;
// 2. Parse restart point index.
if pos + 8 > data.len() {
return Err(CodecError::TooShort);
}
let restart_interval =
u32::from_le_bytes([data[pos], data[pos + 1], data[pos + 2], data[pos + 3]]);
pos += 4;
let restart_count =
u32::from_le_bytes([data[pos], data[pos + 1], data[pos + 2], data[pos + 3]]);
pos += 4;
let mut restart_offsets = Vec::with_capacity(restart_count as usize);
for _ in 0..restart_count {
if pos + 4 > data.len() {
return Err(CodecError::TooShort);
}
let offset = u32::from_le_bytes([data[pos], data[pos + 1], data[pos + 2], data[pos + 3]]);
restart_offsets.push(offset);
pos += 4;
}
// Skip padding to 64-byte alignment.
pos = align_up(pos, 64);
// 3. Parse adjacency data.
let adj_start = pos;
let adj_data = &data[adj_start..];
let mut nodes = Vec::new();
let mut adj_pos = 0;
for node_idx in 0..node_count as usize {
let is_restart = (node_idx as u32).is_multiple_of(restart_interval);
// Decode layer count.
let (layer_count, consumed) =
decode_varint(&adj_data[adj_pos..]).ok_or(CodecError::InvalidVarint)?;
adj_pos += consumed;
let mut layers = Vec::with_capacity(layer_count as usize);
for _ in 0..layer_count {
let (neighbor_count, consumed) =
decode_varint(&adj_data[adj_pos..]).ok_or(CodecError::InvalidVarint)?;
adj_pos += consumed;
let mut neighbor_ids = Vec::with_capacity(neighbor_count as usize);
if is_restart {
// Absolute IDs at restart points.
for _ in 0..neighbor_count {
let (nid, consumed) =
decode_varint(&adj_data[adj_pos..]).ok_or(CodecError::InvalidVarint)?;
adj_pos += consumed;
neighbor_ids.push(nid);
}
} else {
// Delta-encoded IDs.
let mut deltas = Vec::with_capacity(neighbor_count as usize);
for _ in 0..neighbor_count {
let (d, consumed) =
decode_varint(&adj_data[adj_pos..]).ok_or(CodecError::InvalidVarint)?;
adj_pos += consumed;
deltas.push(d);
}
neighbor_ids = delta_decode(&deltas);
}
layers.push(neighbor_ids);
}
nodes.push(NodeAdjacency {
node_id: node_idx as u64,
layers,
});
}
Ok(IndexSegData {
header,
restart_interval,
nodes,
})
}
/// Errors that can occur during INDEX_SEG codec operations.
#[derive(Clone, Debug, PartialEq)]
pub enum CodecError {
/// Input data is shorter than expected.
TooShort,
/// Invalid varint encountered.
InvalidVarint,
/// Unknown index type.
UnknownIndexType(u8),
}
impl core::fmt::Display for CodecError {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
match self {
Self::TooShort => write!(f, "input data too short"),
Self::InvalidVarint => write!(f, "invalid varint encoding"),
Self::UnknownIndexType(t) => write!(f, "unknown index type: {}", t),
}
}
}
// ── Helpers ──────────────────────────────────────────────────────
/// Pad `buf` with zeros to the next multiple of `alignment`.
fn pad_to_alignment(buf: &mut Vec<u8>, alignment: usize) {
let rem = buf.len() % alignment;
if rem != 0 {
buf.resize(buf.len() + (alignment - rem), 0);
}
}
/// Round `offset` up to the next multiple of `alignment`.
fn align_up(offset: usize, alignment: usize) -> usize {
let rem = offset % alignment;
if rem == 0 {
offset
} else {
offset + (alignment - rem)
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn varint_round_trip() {
let values = [0, 1, 127, 128, 16383, 16384, 2097151, u64::MAX];
for &val in &values {
let mut buf = Vec::new();
encode_varint(val, &mut buf);
let (decoded, consumed) = decode_varint(&buf).unwrap();
assert_eq!(decoded, val);
assert_eq!(consumed, buf.len());
}
}
#[test]
fn varint_encoding_sizes() {
let mut buf = Vec::new();
encode_varint(0, &mut buf);
assert_eq!(buf.len(), 1);
buf.clear();
encode_varint(127, &mut buf);
assert_eq!(buf.len(), 1);
buf.clear();
encode_varint(128, &mut buf);
assert_eq!(buf.len(), 2);
buf.clear();
encode_varint(16383, &mut buf);
assert_eq!(buf.len(), 2);
buf.clear();
encode_varint(16384, &mut buf);
assert_eq!(buf.len(), 3);
}
#[test]
fn delta_encode_decode_round_trip() {
let ids = vec![100, 105, 108, 120, 200];
let deltas = delta_encode(&ids);
assert_eq!(deltas, vec![100, 5, 3, 12, 80]);
let decoded = delta_decode(&deltas);
assert_eq!(decoded, ids);
}
#[test]
fn delta_encode_empty() {
assert!(delta_encode(&[]).is_empty());
assert!(delta_decode(&[]).is_empty());
}
#[test]
fn index_seg_round_trip() {
let data = IndexSegData {
header: IndexSegHeader {
index_type: 0, // HNSW
layer_level: 2, // Layer C
m: 16,
ef_construction: 200,
node_count: 5,
},
restart_interval: 3,
nodes: vec![
NodeAdjacency {
node_id: 0,
layers: vec![vec![1, 2, 3], vec![1]],
},
NodeAdjacency {
node_id: 1,
layers: vec![vec![0, 2, 4]],
},
NodeAdjacency {
node_id: 2,
layers: vec![vec![0, 1, 3, 4]],
},
NodeAdjacency {
node_id: 3,
layers: vec![vec![0, 2, 4], vec![4]],
},
NodeAdjacency {
node_id: 4,
layers: vec![vec![1, 2, 3]],
},
],
};
let encoded = encode_index_seg(&data);
let decoded = decode_index_seg(&encoded).unwrap();
assert_eq!(decoded.header, data.header);
assert_eq!(decoded.restart_interval, data.restart_interval);
assert_eq!(decoded.nodes.len(), data.nodes.len());
// Verify each node's adjacency. Note: neighbors are sorted during encoding.
for (orig, dec) in data.nodes.iter().zip(decoded.nodes.iter()) {
assert_eq!(dec.node_id, orig.node_id);
assert_eq!(dec.layers.len(), orig.layers.len());
for (ol, dl) in orig.layers.iter().zip(dec.layers.iter()) {
let mut sorted_orig = ol.clone();
sorted_orig.sort();
assert_eq!(*dl, sorted_orig);
}
}
}
#[test]
fn index_seg_larger_with_restart() {
// Test with enough nodes to exercise multiple restart groups.
let num_nodes = 200;
let restart_interval = 64;
let nodes: Vec<NodeAdjacency> = (0..num_nodes)
.map(|i| {
let neighbors: Vec<u64> =
(0..8).map(|j| ((i + j + 1) % num_nodes) as u64).collect();
NodeAdjacency {
node_id: i as u64,
layers: vec![neighbors],
}
})
.collect();
let data = IndexSegData {
header: IndexSegHeader {
index_type: 0,
layer_level: 2,
m: 16,
ef_construction: 200,
node_count: num_nodes as u64,
},
restart_interval,
nodes,
};
let encoded = encode_index_seg(&data);
let decoded = decode_index_seg(&encoded).unwrap();
assert_eq!(decoded.header, data.header);
assert_eq!(decoded.nodes.len(), data.nodes.len());
for (orig, dec) in data.nodes.iter().zip(decoded.nodes.iter()) {
assert_eq!(dec.layers.len(), orig.layers.len());
for (ol, dl) in orig.layers.iter().zip(dec.layers.iter()) {
let mut sorted_orig = ol.clone();
sorted_orig.sort();
assert_eq!(*dl, sorted_orig);
}
}
}
#[test]
fn delta_encoding_sorted_u64_sequences() {
// Verify exact round-trip for various sorted u64 sequences.
let sequences: Vec<Vec<u64>> = vec![
vec![0, 1, 2, 3, 4],
vec![1000, 2000, 3000, 4000],
vec![0, 100, 200, 300, 400, 500],
vec![
u64::MAX - 4,
u64::MAX - 3,
u64::MAX - 2,
u64::MAX - 1,
u64::MAX,
],
];
for seq in sequences {
let deltas = delta_encode(&seq);
let decoded = delta_decode(&deltas);
assert_eq!(decoded, seq, "Failed for sequence: {:?}", seq);
}
}
}

516
vendor/ruvector/crates/rvf/rvf-index/src/distance.rs vendored Normal file
View File

@@ -0,0 +1,516 @@
//! Distance functions for vector similarity search.
//!
//! Provides L2 (Euclidean), cosine, and inner product distance metrics.
//! Includes platform-specific SIMD implementations (AVX2+FMA on x86_64,
//! NEON on aarch64) with automatic runtime dispatch.
// ── Scalar implementations ─────────────────────────────────────────
/// Scalar squared L2 (Euclidean) distance between two vectors.
///
/// Returns the sum of squared differences. Does NOT take the square root
/// because the ordering is preserved and sqrt is monotonic.
#[inline]
fn l2_distance_scalar(a: &[f32], b: &[f32]) -> f32 {
debug_assert_eq!(a.len(), b.len());
a.iter()
.zip(b.iter())
.map(|(x, y)| {
let d = x - y;
d * d
})
.sum()
}
/// Scalar cosine distance: `1 - cosine_similarity`.
///
/// Returns a value in `[0, 2]` where 0 means identical direction.
/// If either vector has zero norm, returns `1.0`.
#[inline]
fn cosine_distance_scalar(a: &[f32], b: &[f32]) -> f32 {
debug_assert_eq!(a.len(), b.len());
let mut dot = 0.0f32;
let mut norm_a = 0.0f32;
let mut norm_b = 0.0f32;
for (x, y) in a.iter().zip(b.iter()) {
dot += x * y;
norm_a += x * x;
norm_b += y * y;
}
let denom = (norm_a * norm_b).sqrt();
if denom < f32::EPSILON {
return 1.0;
}
1.0 - dot / denom
}
/// Scalar inner (dot) product distance: `-dot(a, b)`.
///
/// Negated so that higher similarity yields a lower distance value,
/// which is consistent with the min-heap search ordering.
#[inline]
fn dot_product_scalar(a: &[f32], b: &[f32]) -> f32 {
debug_assert_eq!(a.len(), b.len());
let dot: f32 = a.iter().zip(b.iter()).map(|(x, y)| x * y).sum();
-dot
}
// ── x86_64 AVX2+FMA implementations ────────────────────────────────
#[cfg(target_arch = "x86_64")]
mod avx2 {
#[target_feature(enable = "avx2", enable = "fma")]
pub(super) unsafe fn l2_distance_avx2(a: &[f32], b: &[f32]) -> f32 {
use core::arch::x86_64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 8;
let remainder = n % 8;
let mut sum = _mm256_setzero_ps();
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 8;
let va = _mm256_loadu_ps(a_ptr.add(offset));
let vb = _mm256_loadu_ps(b_ptr.add(offset));
let diff = _mm256_sub_ps(va, vb);
sum = _mm256_fmadd_ps(diff, diff, sum);
}
// Horizontal sum of the 8 lanes.
// sum = [s0, s1, s2, s3, s4, s5, s6, s7]
let hi128 = _mm256_extractf128_ps(sum, 1);
let lo128 = _mm256_castps256_ps128(sum);
let sum128 = _mm_add_ps(lo128, hi128);
let shuf = _mm_movehdup_ps(sum128);
let sums = _mm_add_ps(sum128, shuf);
let shuf2 = _mm_movehl_ps(sums, sums);
let result = _mm_add_ss(sums, shuf2);
let mut total = _mm_cvtss_f32(result);
// Handle remainder with scalar.
let base = chunks * 8;
for i in 0..remainder {
let d = a[base + i] - b[base + i];
total += d * d;
}
total
}
#[target_feature(enable = "avx2", enable = "fma")]
pub(super) unsafe fn cosine_distance_avx2(a: &[f32], b: &[f32]) -> f32 {
use core::arch::x86_64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 8;
let remainder = n % 8;
let mut dot_acc = _mm256_setzero_ps();
let mut norm_a_acc = _mm256_setzero_ps();
let mut norm_b_acc = _mm256_setzero_ps();
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 8;
let va = _mm256_loadu_ps(a_ptr.add(offset));
let vb = _mm256_loadu_ps(b_ptr.add(offset));
dot_acc = _mm256_fmadd_ps(va, vb, dot_acc);
norm_a_acc = _mm256_fmadd_ps(va, va, norm_a_acc);
norm_b_acc = _mm256_fmadd_ps(vb, vb, norm_b_acc);
}
// Horizontal sums.
let hsum = |v: __m256| -> f32 {
let hi128 = _mm256_extractf128_ps(v, 1);
let lo128 = _mm256_castps256_ps128(v);
let sum128 = _mm_add_ps(lo128, hi128);
let shuf = _mm_movehdup_ps(sum128);
let sums = _mm_add_ps(sum128, shuf);
let shuf2 = _mm_movehl_ps(sums, sums);
let result = _mm_add_ss(sums, shuf2);
_mm_cvtss_f32(result)
};
let mut dot = hsum(dot_acc);
let mut norm_a = hsum(norm_a_acc);
let mut norm_b = hsum(norm_b_acc);
// Remainder.
let base = chunks * 8;
for i in 0..remainder {
let x = a[base + i];
let y = b[base + i];
dot += x * y;
norm_a += x * x;
norm_b += y * y;
}
let denom = (norm_a * norm_b).sqrt();
if denom < f32::EPSILON {
return 1.0;
}
1.0 - dot / denom
}
#[target_feature(enable = "avx2", enable = "fma")]
pub(super) unsafe fn dot_product_avx2(a: &[f32], b: &[f32]) -> f32 {
use core::arch::x86_64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 8;
let remainder = n % 8;
let mut dot_acc = _mm256_setzero_ps();
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 8;
let va = _mm256_loadu_ps(a_ptr.add(offset));
let vb = _mm256_loadu_ps(b_ptr.add(offset));
dot_acc = _mm256_fmadd_ps(va, vb, dot_acc);
}
let hi128 = _mm256_extractf128_ps(dot_acc, 1);
let lo128 = _mm256_castps256_ps128(dot_acc);
let sum128 = _mm_add_ps(lo128, hi128);
let shuf = _mm_movehdup_ps(sum128);
let sums = _mm_add_ps(sum128, shuf);
let shuf2 = _mm_movehl_ps(sums, sums);
let result = _mm_add_ss(sums, shuf2);
let mut dot = _mm_cvtss_f32(result);
let base = chunks * 8;
for i in 0..remainder {
dot += a[base + i] * b[base + i];
}
-dot
}
}
// ── aarch64 NEON implementations ────────────────────────────────────
#[cfg(target_arch = "aarch64")]
mod neon {
#[target_feature(enable = "neon")]
pub(super) unsafe fn l2_distance_neon(a: &[f32], b: &[f32]) -> f32 {
use core::arch::aarch64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 4;
let remainder = n % 4;
let mut sum = vdupq_n_f32(0.0);
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 4;
let va = vld1q_f32(a_ptr.add(offset));
let vb = vld1q_f32(b_ptr.add(offset));
let diff = vsubq_f32(va, vb);
sum = vfmaq_f32(sum, diff, diff);
}
let mut total = vaddvq_f32(sum);
let base = chunks * 4;
for i in 0..remainder {
let d = a[base + i] - b[base + i];
total += d * d;
}
total
}
#[target_feature(enable = "neon")]
pub(super) unsafe fn cosine_distance_neon(a: &[f32], b: &[f32]) -> f32 {
use core::arch::aarch64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 4;
let remainder = n % 4;
let mut dot_acc = vdupq_n_f32(0.0);
let mut norm_a_acc = vdupq_n_f32(0.0);
let mut norm_b_acc = vdupq_n_f32(0.0);
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 4;
let va = vld1q_f32(a_ptr.add(offset));
let vb = vld1q_f32(b_ptr.add(offset));
dot_acc = vfmaq_f32(dot_acc, va, vb);
norm_a_acc = vfmaq_f32(norm_a_acc, va, va);
norm_b_acc = vfmaq_f32(norm_b_acc, vb, vb);
}
let mut dot = vaddvq_f32(dot_acc);
let mut norm_a = vaddvq_f32(norm_a_acc);
let mut norm_b = vaddvq_f32(norm_b_acc);
let base = chunks * 4;
for i in 0..remainder {
let x = a[base + i];
let y = b[base + i];
dot += x * y;
norm_a += x * x;
norm_b += y * y;
}
let denom = (norm_a * norm_b).sqrt();
if denom < f32::EPSILON {
return 1.0;
}
1.0 - dot / denom
}
#[target_feature(enable = "neon")]
pub(super) unsafe fn dot_product_neon(a: &[f32], b: &[f32]) -> f32 {
use core::arch::aarch64::*;
debug_assert_eq!(a.len(), b.len());
let n = a.len();
let chunks = n / 4;
let remainder = n % 4;
let mut dot_acc = vdupq_n_f32(0.0);
let a_ptr = a.as_ptr();
let b_ptr = b.as_ptr();
for i in 0..chunks {
let offset = i * 4;
let va = vld1q_f32(a_ptr.add(offset));
let vb = vld1q_f32(b_ptr.add(offset));
dot_acc = vfmaq_f32(dot_acc, va, vb);
}
let mut dot = vaddvq_f32(dot_acc);
let base = chunks * 4;
for i in 0..remainder {
dot += a[base + i] * b[base + i];
}
-dot
}
}
// ── Runtime dispatch ────────────────────────────────────────────────
/// Squared L2 (Euclidean) distance between two vectors.
///
/// Returns the sum of squared differences. Does NOT take the square root
/// because the ordering is preserved and sqrt is monotonic.
///
/// Automatically selects the best SIMD implementation at runtime:
/// - x86_64: AVX2+FMA (processes 8 floats per cycle)
/// - aarch64: NEON (processes 4 floats per cycle)
/// - Fallback: scalar loop
#[inline]
pub fn l2_distance(a: &[f32], b: &[f32]) -> f32 {
#[cfg(target_arch = "x86_64")]
{
if is_x86_feature_detected!("avx2") && is_x86_feature_detected!("fma") {
return unsafe { avx2::l2_distance_avx2(a, b) };
}
}
#[cfg(target_arch = "aarch64")]
{
if std::arch::is_aarch64_feature_detected!("neon") {
return unsafe { neon::l2_distance_neon(a, b) };
}
}
l2_distance_scalar(a, b)
}
/// Cosine distance: `1 - cosine_similarity`.
///
/// Returns a value in `[0, 2]` where 0 means identical direction.
/// If either vector has zero norm, returns `1.0`.
///
/// Automatically selects the best SIMD implementation at runtime.
#[inline]
pub fn cosine_distance(a: &[f32], b: &[f32]) -> f32 {
#[cfg(target_arch = "x86_64")]
{
if is_x86_feature_detected!("avx2") && is_x86_feature_detected!("fma") {
return unsafe { avx2::cosine_distance_avx2(a, b) };
}
}
#[cfg(target_arch = "aarch64")]
{
if std::arch::is_aarch64_feature_detected!("neon") {
return unsafe { neon::cosine_distance_neon(a, b) };
}
}
cosine_distance_scalar(a, b)
}
/// Inner (dot) product distance: `-dot(a, b)`.
///
/// Negated so that higher similarity yields a lower distance value,
/// which is consistent with the min-heap search ordering.
///
/// Automatically selects the best SIMD implementation at runtime.
#[inline]
pub fn dot_product(a: &[f32], b: &[f32]) -> f32 {
#[cfg(target_arch = "x86_64")]
{
if is_x86_feature_detected!("avx2") && is_x86_feature_detected!("fma") {
return unsafe { avx2::dot_product_avx2(a, b) };
}
}
#[cfg(target_arch = "aarch64")]
{
if std::arch::is_aarch64_feature_detected!("neon") {
return unsafe { neon::dot_product_neon(a, b) };
}
}
dot_product_scalar(a, b)
}
// ── SIMD feature-gated wrappers (backward compatibility) ────────────
/// SIMD-accelerated squared L2 distance (same as `l2_distance` with runtime dispatch).
#[cfg(feature = "simd")]
#[inline]
pub fn l2_distance_simd(a: &[f32], b: &[f32]) -> f32 {
l2_distance(a, b)
}
/// SIMD-accelerated cosine distance (same as `cosine_distance` with runtime dispatch).
#[cfg(feature = "simd")]
#[inline]
pub fn cosine_distance_simd(a: &[f32], b: &[f32]) -> f32 {
cosine_distance(a, b)
}
/// SIMD-accelerated negative dot product distance (same as `dot_product` with runtime dispatch).
#[cfg(feature = "simd")]
#[inline]
pub fn dot_product_simd(a: &[f32], b: &[f32]) -> f32 {
dot_product(a, b)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn l2_identical_is_zero() {
let v = vec![1.0, 2.0, 3.0];
assert!((l2_distance(&v, &v) - 0.0).abs() < f32::EPSILON);
}
#[test]
fn l2_known_value() {
let a = vec![0.0, 0.0];
let b = vec![3.0, 4.0];
assert!((l2_distance(&a, &b) - 25.0).abs() < f32::EPSILON);
}
#[test]
fn l2_large_vector() {
// Test with a vector large enough to exercise SIMD paths (>8 elements).
let n = 256;
let a: Vec<f32> = (0..n).map(|i| i as f32 * 0.1).collect();
let b: Vec<f32> = (0..n).map(|i| i as f32 * 0.1 + 0.5).collect();
let dist = l2_distance(&a, &b);
let expected = l2_distance_scalar(&a, &b);
assert!(
(dist - expected).abs() < 1e-3,
"SIMD L2 mismatch: got {dist}, expected {expected}"
);
}
#[test]
fn l2_odd_length() {
// Non-multiple-of-8 length to test remainder handling.
let a: Vec<f32> = (0..13).map(|i| i as f32).collect();
let b: Vec<f32> = (0..13).map(|i| (i as f32) + 1.0).collect();
let dist = l2_distance(&a, &b);
// Each diff is 1.0, so sum = 13.0.
assert!((dist - 13.0).abs() < 1e-4);
}
#[test]
fn cosine_identical_is_zero() {
let v = vec![1.0, 2.0, 3.0];
assert!(cosine_distance(&v, &v) < 1e-6);
}
#[test]
fn cosine_orthogonal_is_one() {
let a = vec![1.0, 0.0];
let b = vec![0.0, 1.0];
assert!((cosine_distance(&a, &b) - 1.0).abs() < 1e-6);
}
#[test]
fn cosine_zero_vector() {
let a = vec![0.0, 0.0];
let b = vec![1.0, 2.0];
assert!((cosine_distance(&a, &b) - 1.0).abs() < f32::EPSILON);
}
#[test]
fn cosine_large_vector() {
let n = 256;
let a: Vec<f32> = (0..n).map(|i| (i as f32 + 1.0).sin()).collect();
let b: Vec<f32> = (0..n).map(|i| (i as f32 + 2.0).cos()).collect();
let dist = cosine_distance(&a, &b);
let expected = cosine_distance_scalar(&a, &b);
assert!(
(dist - expected).abs() < 1e-4,
"SIMD cosine mismatch: got {dist}, expected {expected}"
);
}
#[test]
fn dot_product_known_value() {
let a = vec![1.0, 2.0, 3.0];
let b = vec![4.0, 5.0, 6.0];
// dot = 4 + 10 + 18 = 32, negated = -32
assert!((dot_product(&a, &b) - (-32.0)).abs() < f32::EPSILON);
}
#[test]
fn dot_product_large_vector() {
let n = 256;
let a: Vec<f32> = (0..n).map(|i| i as f32 * 0.01).collect();
let b: Vec<f32> = (0..n).map(|i| (n - i) as f32 * 0.01).collect();
let dist = dot_product(&a, &b);
let expected = dot_product_scalar(&a, &b);
assert!(
(dist - expected).abs() < 1e-2,
"SIMD dot mismatch: got {dist}, expected {expected}"
);
}
#[test]
fn scalar_matches_dispatch() {
// Ensure the dispatched version matches scalar on various sizes.
for n in [1, 2, 3, 7, 8, 9, 15, 16, 17, 31, 32, 100] {
let a: Vec<f32> = (0..n).map(|i| (i as f32 * 1.7).sin()).collect();
let b: Vec<f32> = (0..n).map(|i| (i as f32 * 2.3).cos()).collect();
let l2 = l2_distance(&a, &b);
let l2s = l2_distance_scalar(&a, &b);
assert!((l2 - l2s).abs() < 1e-3, "L2 mismatch for n={n}");
let cos = cosine_distance(&a, &b);
let coss = cosine_distance_scalar(&a, &b);
assert!((cos - coss).abs() < 1e-4, "Cosine mismatch for n={n}");
let dp = dot_product(&a, &b);
let dps = dot_product_scalar(&a, &b);
assert!((dp - dps).abs() < 1e-3, "Dot mismatch for n={n}");
}
}
}

Some files were not shown because too many files have changed in this diff Show More