openalice-rt
[Atlas card](https://atlas.blal.pro/repos/openalice-rt) · Live at **`rt.blal.pro`**
Architecture rating
Manifest 100/100, drift 90, zero circular deps and zero dead imports, clean SpacetimeDB-style envelope substrate adopted uniformly (score 88, grade B) — only code_health 50 drags uniformity.
Valid manifest (100), 8 @feature annotations (features 84), AGENTS.md + README Atlas card + docs/ + R1-LOAD-VALIDATION.md/R1-PER-ROOM-CHANNELS.md design notes and a client-sdk — thorough, only missing inline API-contract depth.
~40 tests spanning unit store (batch-atomic, delta-log, room isolation) and integration (WS subscribe/ping/unsub, reconnect catch-up, REST→WS delta, auth-rejected) incl. R1 load-validation chars — solid breadth, but latest CI run is RED so green status unverified.
Owns wal_entries with WAL-backed commit; strong per-room tenant isolation (cross_room_isolation, room_index prune/track, global_seq_monotonic_across_rooms characterization tests), HLC for ordering — but no SQL migrations dir, no FK/constraint or GDPR/retention signal.
GET /health (live, 200, 100% 24h uptime) and GET /metrics both present and test-covered, but RUST_LOG is declared-yet-unused (env drift), casting doubt on whether structured logging/tracing is actually wired.
Authn enforced — test_unauthenticated_request_rejected + ws_connect_anonymous prove auth gating on REST/WS; but /metrics exposed unauthenticated, and no evidence of rate-limiting, security headers, or secret-handling (SSRF/injection largely N/A for an in-memory state engine).
Batch-commit atomicity + reconnect catch-up + monotonic seq give idempotent recovery, but latest CI run = FAILURE (2026-06-16), code_health only 50/100, and no evidence of SIGTERM graceful shutdown, request timeouts, or retry policy.
source · auto-grader-2026-06-16
Ecosystem manifest
.atlas-deps.ymlReal-time state database for AI agent rooms — SpacetimeDB-inspired subscribe/mutate envelope engine over WebSocket, consumed by persona/live/world/social.
- openalice-authshared-jwtvia SHARED_JWT_SECRETValidate oa_session JWTs on WS upgrade and HTTP routes (SHARED_JWT_SECRET; RT_JWT_SECRET as standalone fallback).
- via cargoShared health/metrics handlers, Prometheus builder, and JwtVerifier trait used to wire AuthUser extractor.
- SHARED_JWT_SECRET
- RT_JWT_SECRET
- RT_PORT
- RT_BIND
- RT_DATA_DIR
- RT_CORS_ORIGINS
- RT_RATE_LIMIT
- RUST_LOG
- http_endpoint: GET /health
- http_endpoint: GET /state
- http_endpoint: POST /mutate
- http_endpoint: GET /search
- http_endpoint: GET /metrics
- ws_endpoint: WS /ws
- cargo_crate: openalice-rt
- wal_entries
Atlas grepped the repo's source for env reads (rust env::var · ts process.env · py os.environ · shell $VAR) and diffed against the manifest's consumes_env. Two lists below: stale declarations and undeclared reads.
- RUST_LOG
Roadmap · what's planned next
- multi-writer-coordinatorplanned0%no description
- snapshot-compactionplanned2%no description
- ivm-plan-cache-evictionplanned1%no descriptionevidence →rt.ivm.plan
- messagepack-defaultplanned1%no descriptionevidence →rt.session.subscribe
- rt-client-typed-handlersplanned0%no description
Code composition
tokei · loc- Rust94.5%
- TypeScript4.8%
- TOML0.8%
- Rust94.5%
- TypeScript4.8%
- TOML0.8%
- Rust94.5%· 5,190
- TypeScript4.8%· 262
- TOML0.8%· 42
| Language | % code | code | comments | blanks | files |
|---|---|---|---|---|---|
| Rust | 94.5% | 5,190 | 398 | 780 | 27 |
| TypeScript | 4.8% | 262 | 42 | 52 | 1 |
| TOML | 0.8% | 42 | 20 | 17 | 1 |
| Markdown | 0.0% | 0 | 402 | 132 | 5 |
Telemetry ribbon · last 90 days
4 eventsrt/clock
1 feature- rt.hlc.clocksrc/hlc.rs:66Hybrid Logical Clock (48-bit ms + 16-bit counter), lock-free via AtomicU64.since 0.1.0
rt/ivm
1 feature- rt.ivm.plansrc/ivm.rs:15Compiled subscription plan for incremental view maintenance, evaluates deltas without full re-scan.since 0.1.0
rt/persistence
1 feature- rt.snapshot.managersrc/snapshot.rs:24Periodic snapshots with Blake3 content hashing for fast WAL-replay recovery.since 0.1.0
rt/search
1 feature- rt.messages.searchsrc/routes.rs:194Case-insensitive substring search over message text fields, room-scoped, capped limit.api:GET /searchsince 0.1.0
rt/session
1 feature- rt.session.subscribesrc/ws.rs:30WebSocket gateway with subscribe/unsubscribe/mutate, JSON or MessagePack frames, JWT auth.api:WS /wssince 0.1.0
rt/state
2 features- rt.entity.mutatesrc/routes.rs:49Upsert or delete an entity (Room/Persona/Message/Presence) with WAL persistence.api:POST /mutatesince 0.1.0
- rt.state.snapshotsrc/routes.rs:25Return the current state snapshot with the highest committed sequence number.api:GET /statesince 0.1.0
rt/store
1 feature- rt.store.mvccsrc/store/mod.rs:55In-memory MVCC store with atomic batch commits and bounded delta-log broadcast.since 0.1.0