# ROADMAP
Implementation progress for AgenticBlockTransfer (`abt`).
## v0.1.0 โ Foundation (current)
### Core Library
| Error types (`AbtError`) | โ
| thiserror-derived, 21 variants (6 new: Timeout, CancelledByUser, BackupFailed, TokenMismatch, RetryExhausted, DeviceChanged) |
| Type definitions | โ
| ImageFormat (15), DeviceType (12), Filesystem (10), HashAlgorithm (6) |
| Image format detection | โ
| Magic byte detection + extension fallback, BufReader-wrapped |
| Decompressing reader | โ
| gz, bz2, xz, zstd, zip โ streaming with BufReader wrapping |
| Write engine | โ
| BufWriter, inline hashing, retry w/ backoff, spawn_blocking, O_DIRECT + FILE_FLAG_NO_BUFFERING |
| Verification engine | โ
| Hash-based (no re-decompression), inline hash comparison |
| Hasher | โ
| SHA-256, SHA-512, SHA-1, MD5, BLAKE3, CRC32 โ trait-based dedup |
| Progress tracking | โ
| Fully lock-free AtomicU8/AtomicU64, no Mutex |
| Device formatting | โ
| Platform-dispatched, no shell injection, input validation |
| Device abstraction | โ
| `DeviceEnumerator` trait, `DeviceInfo` struct |
| Safety system | โ
| Pre-flight checks, dry-run, fingerprints, 10 exit codes, partition backup |
| HTTP download source | โ
| reqwest streaming download โ write pipeline with progress |
| Signal handling | โ
| Graceful Ctrl+C with device sync |
| Shell completions | โ
| bash, zsh, fish, PowerShell via clap_complete |
| Sparse write | โ
| Zero-block skipping with lseek/SetFilePointer |
### Platform Support
| Linux | sysfs + lsblk | โ
| mkfs.* | uid check | โ
|
| macOS | diskutil | โ
| diskutil | uid check | โ
|
| Windows | PowerShell Get-Disk | โ
| format.exe | Admin token | โ
|
| FreeBSD / other UNIX | sysctl + geom | โ
| newfs | uid check | โ
|
### CLI
| Argument parsing (clap) | โ
| 18 commands, aliases, global flags |
| `write` command | โ
| Full pipeline: decompress โ write โ sync โ verify |
| `verify` command | โ
| Source comparison + expected hash |
| `list` command | โ
| Tabular output, --all / --removable / --type filters |
| `info` command | โ
| Device + image inspection |
| `checksum` command | โ
| Multi-algorithm with progress bar |
| `format` command | โ
| Platform-dispatched |
| `ontology` command | โ
| JSON-LD and JSON output |
| `tui` command | โ
| Launches TUI mode |
| `gui` command | โ
| Launches GUI mode |
| JSON output mode (`-o json`) | โ
| Structured output on write (safety report + result) and list commands |
| Shell completions | โ
| bash, zsh, fish, PowerShell via `completions` command |
### TUI
| Source selection | โ
| Text input for image path |
| Device listing | โ
| Table with selection |
| Write confirmation | โ
| Safety prompt before write |
| Progress gauge | โ
| Real-time bytes/speed/ETA |
| Error display | โ
| Dedicated error state |
| Keyboard navigation | โ
| Up/Down/Enter/Esc/q |
| File browser | โ
| In-TUI file picker with directory navigation, extension filtering, Tab key |
### GUI
| 3-step wizard | โ
| Source โ Device โ Write |
| Device list | โ
| Selectable with system drive filter |
| Progress bar | โ
| Animated with speed/ETA |
| Menu bar | โ
| File / View / Help |
| Dark/light mode | โ
| Toggle via View menu |
| Native file dialog | โ
| rfd crate โ Browse and Open Image dialogs |
| Device refresh | โ
| Synchronous re-enumeration via runtime handle |
| Drag-and-drop | โ
| eframe egui with hover overlay + extension filtering |
| Theme system | โ
| 6 presets (Dark/Light/Nord/Solarized/Dracula/Monokai), View > Theme submenu |
### AI Ontology
| JSON-LD output | โ
| Full schema.org vocabulary |
| 7 capability definitions | โ
| Parameters, types, constraints, examples |
| Type definitions | โ
| ImageFormat, Compression, DeviceType, Filesystem, Hash |
| Platform support matrix | โ
| Per-OS details |
| Device scope categories | โ
| 4 categories with examples |
| Exit code semantics | โ
| Per-capability exit codes |
| JSON output mode | โ
| Compact JSON alternative |
| YAML output | โ
| serde_yaml serialization via `abt ontology -f yaml` |
| MCP/Tool-use schema | โ
| Full MCP server with JSON-RPC 2.0 over stdio, 6 tools |
| OpenAPI-style schema | โ
| OpenAPI 3.1 spec with 9 endpoints, 12 schemas via `abt ontology -f openapi` |
---
## v0.2.0 โ Reliability & Testing
| Unit tests for core library | โ
| 109 tests: image detection, hasher, progress, device, types, download, partition, config, ISO 9660, blocksize, notify |
| Integration tests | โ
| 17 integration tests: compression round-trips, partition parsing, config, verifier, progress |
| CI pipeline (GitHub Actions) | โ
| Linux + macOS + Windows matrix, clippy, fmt, feature combinations, MSRV |
| Loopback device testing | โ
| LoopbackDevice struct, create_test_image, create_compressed_test_image, 10 tests |
| Error recovery | โ
| WriteCheckpoint with JSON persistence, verify_written_region, try_resume(), 8 tests |
| Signal handling | โ
| Graceful Ctrl+C with progress cancel + sync |
| Logging improvements | โ
| Structured logging with file output via `--log-file` |
## v0.3.0 โ Performance
| Direct I/O (O_DIRECT) | โ
| Linux O_DIRECT + Windows FILE_FLAG_NO_BUFFERING via `--direct-io` |
| Async I/O (io_uring) | โ
| Linux kernel 5.1+ with graceful fallback |
| Parallel hashing | โ
| Inline hash during write (no second pass) |
| Memory-mapped I/O | โ
| memmap2-based verification with fallback to standard I/O |
| Adaptive block size | โ
| Benchmark-based auto-tune with diminishing-returns detection + heuristic fallback |
| Zero-copy splice/sendfile | โ
| splice (Linux), sendfile (macOS/FreeBSD), fallback (Windows) |
| Multi-threaded decompression | โ
| pigz/pbzip2-style channel-based pipeline, parallel bz2/zstd, read-ahead gz/xz |
| Benchmarking suite | โ
| `abt bench` โ block-size sweep, read/write throughput, IOPS, JSON |
| Sparse write optimization | โ
| Skip all-zero blocks via lseek SEEK_CUR |
| Retry with backoff | โ
| 3ร retry on transient I/O errors |
| BufReader/BufWriter | โ
| All file I/O buffered, decompressors wrapped |
## v0.4.0 โ Extended Format Support
| QCOW2 reading | โ
| Header parsing (v2/v3), L1โL2โcluster chain, streaming Read impl, 8 tests |
| VHD/VHDX reading | โ
| VHD footer/dynamic header/BAT, Fixed+Dynamic readers, VHDX identifier+header parsing, 8 tests |
| VMDK reading | โ
| Sparse extent header, grain directory/table chain, streaming Read, 8 tests |
| WIM extraction | โ
| Header parsing, flags, compression, GUID, XML metadata, 8 tests |
| Partition table parsing | โ
| GPT/MBR parsing with type lookups, mixed-endian GUID, UTF-16LE names |
| ISO 9660 metadata | โ
| PVD parsing, El Torito boot detection, Joliet, volume label, dates |
| Sparse write optimization | โ
| Skip zero blocks (done in v0.1.0) |
## v0.5.0 โ Ecosystem
| Shell completions (bash/zsh/fish/pwsh) | โ
| `abt completions <shell>` via clap_complete |
| Man page generation | โ
| `abt man` generates roff pages for all commands via clap_mangen |
| Native file dialog (GUI) | โ
| rfd crate โ Browse, Open Image, filter by disk image extensions |
| Drag-and-drop (GUI) | โ
| eframe egui with hover overlay + extension filtering |
| URL/HTTP download source | โ
| Streaming download โ decompress โ write pipeline |
| Progress notification (OS) | โ
| notify-rust โ toast on write success/failure, verify pass/fail |
| Config file (~/.config/abt) | โ
| TOML config: write, safety, output, logging sections with defaults |
| Plugin/extension system | โ
| FormatPlugin trait, PluginRegistry, 4 built-in plugins, custom registration |
## v1.0.0 โ Production Release
| Stable API guarantee | โ
| semver commitment, version 1.0.0, CHANGELOG.md |
| Security audit | โ
| 8 categories, 20+ checks (SEC-001-SEC-063), path/symlink/privilege/TOCTOU/URL/hash audit |
| Signed releases | โ
| GPG-signed binaries, SHA-256 checksums, GitHub artifact attestation |
| Package manager distribution | โ
| Homebrew, AUR, winget, deb, rpm packaging configs |
| Localization / i18n | โ
| 12 locales, 4 built-in catalogs (en/de/fr/es), format args, detect_system_locale |
| Accessibility | โ
| 16 ARIA roles, WCAG 2.1 AA contrast, announcement queue, keyboard-only mode |
| Comprehensive documentation | โ
| mdbook with 16 chapters: User Guide, Interfaces, AI Integration, Advanced, Development |
| MCP server mode | โ
| JSON-RPC 2.0 over stdio, 6 tools, `abt mcp` command |
## Future / Research
| Device cloning (device โ device) | โ
`abt clone` โ block-level clone with inline hashing, sparse, verification |
| Network block device source | โ
`abt` supports nbd:// URLs as image source, NBD protocol client |
| Multicast imaging | โ
`abt` multicast sender/receiver, CRC32 per-chunk, session ID, NAK recovery |
| Differential/incremental writes | โ
`abt diff` โ block-level comparison, skip identical, dry-run, verify |
| Secure erase | โ
`abt erase` โ 6 methods: auto/zero/random/ATA/NVMe/discard, multi-pass |
| Boot sector validation | โ
`abt boot` โ MBR/GPT/UEFI validation with 7 checks, JSON output |
| Raspberry Pi OS catalog | โ
`abt catalog` โ fetch/search/browse rpi-imager OS catalog |
| Ventoy-style multi-boot | โ
`abt multiboot` โ registry, GRUB2 config, OS auto-detect, add/remove/list |
## v1.1.0 โ Feature Wave 10 (Reference Project Parity)
Inspired by studying 5 reference projects (etcher, rufus, Ventoy, MediaWriter, rpi-imager).
| OS Customization | โ
| `abt customize` โ firstrun.sh / cloud-init / network-config generation, WiFi, SSH keys |
| Image Download Cache | โ
| `abt cache` โ SHA-256 verified local cache, eviction policies, manifest persistence |
| Drive Health / Bad Blocks | โ
| `abt health` โ multi-pass destructive bad block check, fake flash detection, read test |
| Sleep Inhibitor | โ
| RAII guard prevents OS sleep during writes (systemd/caffeinate/SetThreadExecutionState) |
| Drive Backup | โ
| `abt backup` โ 5 compression formats, inline SHA-256, sparse zero-skip, progress |
| Persistent Storage | โ
| `abt persist` โ casper/Fedora/Ventoy persistence partitions and image files |
## v1.2.0 โ Feature Wave 11 (Download Resilience & Hardware Awareness)
Gap analysis from reference projects (rufus, etcher, MediaWriter, rpi-imager, Ventoy).
| Resumable Downloads | โ
| HTTP Range resume with .part/.meta.json files, ETag/Last-Modified validation |
| Mirror Selection & Failover | โ
| `abt mirror` โ latency probing, failover, metalink (RFC 5854) parsing |
| Self-Update Checker | โ
| `abt update` โ GitHub Releases API, semver compare, platform asset detection |
| Checksum File Parsing | โ
| `abt checksum-file` โ SHA256SUMS/MD5SUMS auto-detect (GNU/BSD/simple formats) |
| USB Speed Detection | โ
| `abt usb-info` โ USB speed enum, degraded warnings, write-time estimates |
| Large FAT32 Formatter | โ
| FAT32 formatting for drives >32 GB with custom cluster sizes (up to 2 TiB) |
## v1.3.0 โ Feature Wave 12 (Security, Windows Automation & Fleet Management)
Gap analysis from reference projects (rufus, etcher, MediaWriter, rpi-imager, Ventoy).
| Proxy Configuration | โ
| HTTP/HTTPS/SOCKS5 auto-detection, no-proxy lists, fetch profiles (Interactive/Background) |
| Signature Verification | โ
| RSA SHA-256 with PEM keyring, detached .sig/.asc, download-and-verify workflow |
| Windows Unattended Setup (WUE) | โ
| `abt wue` โ autounattend.xml generator, TPM/SecureBoot/RAM bypasses, OOBE, accounts |
| Generic OS Catalog | โ
| Provider registry with hardware tags, cache persistence, rpi-imager JSON conversion |
| UEFI:NTFS Dual-Partition Layout | โ
| FAT32 file-size analysis, ESP+NTFS layout planner, Windows To Go support |
| Fleet (Multi-Target) Writing | โ
| `abt fleet` โ concurrent device sessions, progress snapshots, cancellation, USB detect |
## v1.4.0 โ Feature Wave 13 (Recovery, Telemetry & Secure Boot)
Gap analysis from reference projects (rufus, etcher, MediaWriter, rpi-imager, Ventoy).
| Drive Restore | โ
| Factory-state restore with GPT/MBR management, sector wiping, multi-filesystem format |
| Performance Telemetry | โ
| Bottleneck detection, per-phase throughput, session recording, JSON export/import |
| Write Watchdog | โ
| Stall detection with escalation chains, queue depth reduction, sync fallback, presets |
| WIM Extraction | โ
| Header parsing, image enumeration, glob filtering, edition/build/arch detection |
| Secure Boot Detection | โ
| EFI variable reading, firmware mode, key databases, PE Authenticode, bootloader ID |
## v1.5.0 โ Feature Wave 14 (Filesystem Detection, Drive Scanning & Bootloader Management)
Gap analysis from reference projects (rufus, etcher, MediaWriter, rpi-imager, Ventoy).
| Filesystem Detection | โ
| Superblock magic detection for 17 filesystem types, confidence scores, metadata extraction |
| Drive Scanner | โ
| Async hot-plug scanning, DeviceAdapter trait, tokio broadcast events, scan snapshots |
| Drive Constraints | โ
| System drive protection, size checks, source overlap detection, auto-select best drive |
| Windows To Go | โ
| ISO analysis, GPT/MBR partition planning, SAN policy, drive attribute validation |
| Syslinux/Bootloader Management | โ
| 8 bootloader types, version parsing, fs compatibility, syslinux.cfg generation, MBR plans |
## v1.6.0 โ Feature Wave 15 (Image Formats, Security & Hardware Access)
Gap analysis from reference projects (rufus, etcher, MediaWriter, rpi-imager, Ventoy).
| FFU Image Parser | โ
| Security/image/store header parsing, manifest extraction, FfuReader streaming, 9 tests |
| ISOHybrid Detection | โ
| MBR/GPT hybrid analysis, Isolinux/GRUB2/GenericMBR, write mode recommendation, 11 tests |
| Process Lock Detection | โ
| Cross-platform lock scanning (Linux /proc, macOS lsof, Windows wmic), 10 tests |
| Privilege Elevation | โ
| UAC/pkexec/sudo/osascript re-launch, status reporting, method detection, 12 tests |
| Optical Disc Reader | โ
| CD/DVD/Blu-ray reading, ISO 9660 PVD, retry/zero-fill, SHA-256 verification, 9 tests |
## v1.7.0 โ Feature Wave 16 (FIPS Compliance & Formal Verification)
NIST FIPS, CMMC 2.0 Level 2, and DoD compliance hardening; formal verification of safety invariants.
| FIPS Compliance Module | โ
| FIPS 140-2/3 mode, algorithm validation gate, runtime enforcement via `--fips` / env var |
| SP 800-90A CSPRNG | โ
| `getrandom` OS CSPRNG replaces xorshift64 in FIPS mode for secure erase patterns |
| SP 800-88 Sanitization Records | โ
| Certificate generation per NIST SP 800-88 Rev 1 ยง4.7, JSON serialization |
| CMMC Audit Trail | โ
| HMAC-SHA256 integrity-chained event log, JSON-lines format, SIEM-ready |
| FIPS Device Fingerprinting | โ
| SHA-256 replaces CRC32 for device tokens in FIPS mode (FIPS 180-4) |
| TLS Hardening | โ
| TLS 1.2 minimum, HTTPS-only URL validation in FIPS mode (SP 800-52 Rev 2) |
| FIPS Algorithm Gate | โ
| Hash algorithm validation rejects MD5/CRC32/BLAKE3 in FIPS mode (SP 800-131A) |
| Compliance Self-Assessment | โ
| `abt compliance` command โ FIPS/CMMC/DoD checklist with JSON output for auditors |
| Formal Verification | โ
| 10 Safety Invariants (SI-1 โ SI-10), Kani proof harnesses, compile-time static assertions |
| Property-Based Testing | โ
| 24 proptest harnesses covering safety, hashing, progress, and device enumeration |
| Unsafe Audit | โ
| All 17 `unsafe` blocks documented with `// SAFETY:` comments per Rust API Guidelines |