Expand description
§ArkheForge Runtime — L2 Services / Platform (arkhe-forge-platform)
L2 services surface — Manifest loader, L2 projection observer, Policy,
Rate limit, Audit receipt issuance, Cascade scheduler, Idempotency dedup,
GDPR erasure-cascade service, DR coordinator. Depends on L0
arkhe-kernel plus L1 arkhe-forge-core only — no upward edge
into shell crates (layer-independence directive).
§Feature flags
| Flag | Pulls in | Role |
|---|---|---|
| (none — default) | — | Tier-0 dev: MockKmsBackend + in-memory crypto-erasure + NoopHookHost + NoopObserverHost. |
tier-1-kms | argon2, chacha20poly1305 | Tier-1 KMS free-tier — XChaCha20-Poly1305 AEAD. |
tier-2-multi-kms | tier-1-kms + aes-gcm + aes-gcm-siv | Tier-2 production AEAD surface (implies tier-1-kms). |
tier-2-aws-kms | aws-sdk-kms, aws-config, tokio | Orthogonal AWS KMS backend opt-in — AwsKmsBackend impl of hf2_kms::KmsBackend. |
tier-2-hook-host-v2 | wasmtime, wasmtime-wasi | Hook host v2 wasmtime sandbox — chain-affecting compute path (E14.L2-Allow). |
tier-2-observer-host-v2 | wasmtime, wasmtime-wasi | Observer host v2 wasmtime sandbox — chain-non-affecting side-effect path (E15). |
The L0 kernel WAL chain signing inherits Hybrid Ed25519 + ML-DSA 65
transitively via arkhe-kernel. Forge L2 attestation surfaces emit
Ed25519.
Cloud KMS backends are orthogonal to the AEAD tiering — a deployment can
run tier-1-kms AEAD with tier-2-aws-kms key storage, or any other
mix. GCP / Azure backends land as their own tier-2-<vendor>-kms flags
in future releases. The two wasmtime hosts (tier-2-hook-host-v2 /
tier-2-observer-host-v2) are independent — a deployment may enable
just one, the other, or both; Cargo dedups the shared wasmtime dep.
Modules§
- crypto
- Crypto-erasure coordinator — Tier-1+ AEAD envelope encryption.
- crypto_
erasure - Erasure cascade observer — E-user-3 cascade activation.
- dedup
- L2 idempotency-key dedup service.
- dispatcher
- L2 service layer — drives forge actions through the kernel’s authorize → dispatch → WAL append loop.
- hf2_kms
- Multi-KMS infrastructure — health + threshold HSM + KMS abstraction.
- hook_
host - Hook host — pre-submit capability-bounded extension point.
- manifest
- Shell Manifest TOML loader.
- observer_
host - Observer host — capability-bounded WASM sandbox for L2 projection observers (E15 — Observer Capability Confinement).
- process_
protection - Process protection trait — spec LF4.
- projection
- L2 Projection observer pipeline.
- verifier
- Audit verifier — public erasure receipt + transparency log.
- wal_
export - WAL streaming export — incremental record append for snapshot / backup.
Constants§
- PLATFORM_
SEMVER - ArkheForge Runtime Platform semver — matches the repo release.