Crate clawft_kernel 

WeftOS kernel layer for clawft.

This crate provides the kernel abstraction layer that sits between the CLI/API surface and clawft-core. It introduces:

• Boot sequence (boot::Kernel) – lifecycle management wrapping AppContext with structured startup/shutdown.
• Process table (process::ProcessTable) – PID-based agent tracking with state machine transitions.
• Service registry (service::ServiceRegistry) – named service lifecycle with health checks.
• IPC (ipc::KernelIpc) – typed message envelopes over the existing MessageBus.
• Capabilities (capability::AgentCapabilities) – permission model for agent processes.
• Health monitoring (health::HealthSystem) – aggregated health checks across all services.
• Console (console) – boot event types and output formatting for the interactive kernel terminal.
• Configuration (config::KernelConfig) – kernel-specific settings embedded in the root config.
• Containers (container::ContainerManager) – sidecar container lifecycle and health integration.
• Applications (app::AppManager) – application manifest parsing, validation, and lifecycle state machine.
• Cluster (cluster::ClusterMembership) – multi-node cluster membership, peer tracking, and health.
• Environments (environment::EnvironmentManager) – governance-scoped dev/staging/prod environments.
• Governance (governance::GovernanceEngine) – three-branch constitutional governance with effect algebra scoring.
• Agency (agency::Agency) – agent-first architecture with roles, spawn permissions, and agent manifests.

Feature Flags

• native (default) – enables tokio runtime, native file I/O.
• wasm-sandbox – enables WASM tool runner (Phase K3).
• containers – enables container manager (Phase K4).
• ecc – enables ECC cognitive substrate (Phase K3c).

Re-exports

pub use a2a::A2ARouter;

pub use agency::Agency;

pub use agency::AgentHealth;

pub use agency::AgentInterface;

pub use agency::AgentManifest;

pub use agency::AgentPriority;

pub use agency::AgentResources;

pub use agency::AgentRestartPolicy;

pub use agency::AgentRole;

pub use agency::InterfaceProtocol;

pub use agency::ResponseMode;

pub use app::AgentSpec;

pub use app::AppCapabilities;

pub use app::AppError;

pub use app::AppHooks;

pub use app::AppManager;

pub use app::AppManifest;

pub use app::AppState;

pub use app::InstalledApp;

pub use app::ServiceSpec;

pub use app::ToolSource;

pub use app::ToolSpec;

pub use boot::Kernel;

pub use boot::KernelState;

pub use capability::AgentCapabilities;

pub use capability::CapabilityChecker;

pub use capability::CapabilityElevationRequest;

pub use capability::ElevationResult;

pub use capability::IpcScope;

pub use capability::ResourceLimits;

pub use capability::ResourceType;

pub use capability::SandboxPolicy;

pub use capability::ToolPermissions;

pub use chain::AnchorReceipt;

pub use chain::ChainAnchor;

pub use chain::ChainCheckpoint;

pub use chain::ChainEvent;

pub use chain::ChainLoggable;

pub use chain::ChainManager;

pub use chain::ChainStatus;

pub use chain::ChainVerifyResult;

pub use chain::GovernanceDecisionEvent;

pub use chain::IpcDeadLetterEvent;

pub use chain::MockAnchor;

pub use chain::RestartEvent;

pub use calibration::EccCalibration;

pub use calibration::EccCalibrationConfig;

pub use causal::CausalEdge;

pub use causal::CausalEdgeType;

pub use causal::CausalGraph;

pub use causal::CausalNode;

pub use causal::ChangeEvent;

pub use causal::ChangePrediction;

pub use causal::CouplingPair;

pub use causal::SpectralResult;

pub use cognitive_tick::CognitiveTick;

pub use cognitive_tick::CognitiveTickConfig;

pub use cognitive_tick::CognitiveTickStats;

pub use crossref::CrossRef;

pub use crossref::CrossRefStore;

pub use crossref::CrossRefType;

pub use crossref::StructureTag;

pub use crossref::UniversalNodeId;

pub use democritus::DemocritusConfig;

pub use democritus::DemocritusLoop;

pub use democritus::DemocritusTickResult;

pub use gate::CapabilityGate;

pub use gate::GateBackend;

pub use gate::GateDecision;

pub use gate::GovernanceGate;

pub use tree_manager::TreeManager;

pub use tree_manager::TreeStats;

pub use cluster::ClusterConfig;

pub use cluster::ClusterError;

pub use cluster::ClusterMembership;

pub use cluster::NodeId;

pub use cluster::NodePlatform;

pub use cluster::NodeState;

pub use cluster::PeerNode;

pub use cluster::ClusterService;

pub use config::KernelConfigExt;

pub use console::BootEvent;

pub use console::BootLog;

pub use console::BootPhase;

pub use console::KernelEventLog;

pub use console::LogLevel;

pub use cron::CronService;

pub use container::ContainerConfig;

pub use container::ContainerError;

pub use container::ContainerManager;

pub use container::ContainerService;

pub use container::ContainerState;

pub use container::ManagedContainer;

pub use container::PortMapping;

pub use container::RestartPolicy;

pub use container::VolumeMount;

pub use environment::AuditLevel;

pub use environment::Environment;

pub use environment::EnvironmentClass;

pub use environment::EnvironmentError;

pub use environment::EnvironmentManager;

pub use environment::GovernanceBranches;

pub use environment::GovernanceScope;

pub use environment::LearningMode;

pub use error::KernelError;

pub use error::KernelResult;

pub use governance::EffectVector;

pub use governance::GovernanceBranch;

pub use governance::GovernanceDecision;

pub use governance::GovernanceEngine;

pub use governance::GovernanceRequest;

pub use governance::GovernanceResult;

pub use governance::GovernanceRule;

pub use governance::RuleSeverity;

pub use health::HealthStatus;

pub use health::HealthSystem;

pub use health::OverallHealth;

pub use hnsw_service::HnswSearchResult;

pub use hnsw_service::HnswService;

pub use hnsw_service::HnswServiceConfig;

pub use impulse::ImpulseQueue;

pub use impulse::ImpulseType;

pub use artifact_store::ArtifactBackend;

pub use artifact_store::ArtifactStore;

pub use artifact_store::ArtifactType;

pub use artifact_store::StoredArtifact;

pub use persistence::PersistenceConfig;

pub use embedding::select_embedding_provider;

pub use embedding::EmbeddingError;

pub use embedding::EmbeddingProvider;

pub use embedding::LlmEmbeddingConfig;

pub use embedding::LlmEmbeddingProvider;

pub use embedding::MockEmbeddingProvider;

pub use embedding_onnx::AstEmbeddingProvider;

pub use embedding_onnx::OnnxEmbeddingProvider;

pub use embedding_onnx::RustCodeFeatures;

pub use embedding_onnx::SentenceTransformerProvider;

pub use embedding_onnx::extract_rust_features;

pub use embedding_onnx::preprocess_markdown;

pub use embedding_onnx::split_sentences;

pub use weaver::ConfidenceGap;

pub use weaver::ConfidenceReport;

pub use weaver::DataSource;

pub use weaver::ExportedModel;

pub use weaver::IngestResult;

pub use weaver::MetaDecisionType;

pub use weaver::MetaLoomEvent;

pub use weaver::ModelingSession;

pub use weaver::ModelingSuggestion;

pub use weaver::StrategyPattern;

pub use weaver::TickResult;

pub use weaver::WeaverCommand;

pub use weaver::WeaverEngine;

pub use weaver::WeaverError;

pub use weaver::WeaverKnowledgeBase;

pub use weaver::WeaverResponse;

pub use cluster::NodeEccCapability;

pub use ipc::ExitReason as SignalExitReason;

pub use ipc::GlobalPid;

pub use ipc::KernelIpc;

pub use ipc::KernelMessage;

pub use ipc::KernelSignal;

pub use ipc::MessagePayload;

pub use ipc::MessageTarget;

pub use ipc::ProcessDown as SignalProcessDown;

pub use cluster::NodeIdentity;

pub use tree_view::AgentTreeView;

pub use tree_view::TreeScope;

pub use process::Pid;

pub use process::ProcessEntry;

pub use process::ProcessState;

pub use process::ProcessTable;

pub use process::ResourceUsage;

pub use service::McpAdapter;

pub use service::ServiceApi;

pub use service::ServiceAuditLevel;

pub use service::ServiceContract;

pub use service::ServiceEndpoint;

pub use service::ServiceEntry;

pub use service::ServiceInfo;

pub use service::ServiceRegistry;

pub use service::ServiceType;

pub use service::ShellAdapter;

pub use service::SystemService;

pub use supervisor::AgentSupervisor;

pub use supervisor::EnclaveConfig;

pub use supervisor::SpawnBackend;

pub use supervisor::SpawnRequest;

pub use supervisor::SpawnResult;

pub use topic::Subscription;

pub use topic::TopicRouter;

pub use wasm_runner::AgentInspectTool;

pub use wasm_runner::AgentListTool;

pub use wasm_runner::AgentResumeTool;

pub use wasm_runner::AgentSendTool;

pub use wasm_runner::AgentSpawnTool;

pub use wasm_runner::AgentStopTool;

pub use wasm_runner::AgentSuspendTool;

pub use wasm_runner::BackendSelection;

pub use wasm_runner::BuiltinTool;

pub use wasm_runner::BuiltinToolSpec;

pub use wasm_runner::Certificate;

pub use wasm_runner::IpcSendTool;

pub use wasm_runner::IpcSubscribeTool;

pub use wasm_runner::CompiledModuleCache;

pub use wasm_runner::DeployedTool;

pub use wasm_runner::FsCopyTool;

pub use wasm_runner::FsCreateDirTool;

pub use wasm_runner::FsExistsTool;

pub use wasm_runner::FsGlobTool;

pub use wasm_runner::FsMoveTool;

pub use wasm_runner::FsReadDirTool;

pub use wasm_runner::FsReadFileTool;

pub use wasm_runner::FsRemoveTool;

pub use wasm_runner::FsStatTool;

pub use wasm_runner::FsWriteFileTool;

pub use wasm_runner::SandboxConfig;

pub use wasm_runner::SysCronAddTool;

pub use wasm_runner::SysCronListTool;

pub use wasm_runner::SysCronRemoveTool;

pub use wasm_runner::SysEnvGetTool;

pub use wasm_runner::SysServiceHealthTool;

pub use wasm_runner::SysServiceListTool;

pub use wasm_runner::ToolCategory;

pub use wasm_runner::ToolError;

pub use wasm_runner::ToolRegistry;

pub use wasm_runner::ToolSigningAuthority;

pub use wasm_runner::ToolVersion;

pub use wasm_runner::WasmError;

pub use wasm_runner::WasiFsScope;

pub use wasm_runner::WasmSandboxConfig;

pub use wasm_runner::WasmTool;

pub use wasm_runner::ShellPipeline;

pub use wasm_runner::WasmToolResult;

pub use wasm_runner::WasmToolRunner;

pub use wasm_runner::WasmValidation;

pub use wasm_runner::builtin_tool_catalog;

pub use wasm_runner::compute_module_hash;

pub use wasm_runner::verify_tool_signature;

pub use wasm_runner::SysChainQueryTool;

pub use wasm_runner::SysChainStatusTool;

pub use wasm_runner::SysTreeInspectTool;

pub use wasm_runner::SysTreeReadTool;

Modules

a2a

Agent-to-agent IPC protocol.

agency

Agent-first architecture: roles, agency, and agent manifests.

agent_loop

Built-in kernel agent work loop.

app

Application framework for WeftOS.

artifact_store

Content-addressed artifact store using BLAKE3 hashes (K3-G1).

auth_service

Centralized credential management service – Plan 9 Factotum pattern (K5-G2).

boot

Kernel boot sequence and state machine.

calibration

Boot-time ECC benchmarking and capability advertisement (Phase K3c).

capability

Agent capabilities and resource limits.

causal

Causal graph DAG with typed/weighted directed edges.

chain

Local exochain manager for kernel event logging.

cluster

Cluster membership and node fabric.

cognitive_tick

Configurable cognitive tick loop – the heartbeat of the ECC cognitive substrate.

config

Kernel configuration re-exports and extensions.

config_service

Configuration and secrets service (K5-G1).

console

Kernel console: boot event types and output formatting.

container

Container integration for sidecar service orchestration.

cron

Cron scheduling service for WeftOS kernel.

crossref

Universal cross-references between forest structures.

democritus

DEMOCRITUS continuous cognitive loop (ECC decision D5).

embedding

Pluggable embedding backends for ECC vector operations (K3c-G2).

embedding_onnx

ONNX, sentence-transformer, and AST-aware embedding backends (K3c-G2).

environment

Environment scoping for WeftOS governance.

error

Kernel error types.

gate

Gate backend abstraction for permission decisions.

governance

Constitutional governance engine for WeftOS.

health

Health monitoring subsystem.

hnsw_service

HNSW vector search as a kernel SystemService.

impulse

Ephemeral causal impulse queue for inter-structure communication (ECC Phase K3c).

ipc

Kernel IPC subsystem.

persistence

Unified persistence coordinator for kernel state.

process

Process table for PID-based agent tracking.

service

System service registry and lifecycle management.

supervisor

Agent supervisor for process lifecycle management.

topic

Pub/sub topic routing for kernel IPC.

tree_manager

Unified tree-chain facade for the exo-resource-tree subsystem.

tree_view

Per-agent tree views with capability-based access filtering (K5-G3).

wasm_runner

WASM tool execution sandbox and built-in tool catalog.

weaver

WeaverEngine: ECC-powered codebase modeling service (K3c-G1).

Structs

ClusterNetworkConfig

Cluster networking configuration for distributed WeftOS nodes.

KernelConfig

Kernel subsystem configuration.