Expand description
§Kimberlite
Compliance-native database for regulated industries.
Kimberlite is built on a replicated append-only log with deterministic projection to a custom storage engine. This provides:
- Correctness by design - Ordered log → deterministic apply → snapshot
- Full audit trail - Every mutation is captured in the immutable log
- Point-in-time recovery - Replay from any offset
- Compliance by construction - Built-in durability and encryption
§Architecture
┌─────────────────────────────────────────────────────────────┐
│ Kimberlite │
│ ┌─────────┐ ┌───────────┐ ┌──────────┐ ┌──────────┐ │
│ │ Log │ → │ Kernel │ → │ Store │ → │ Query │ │
│ │(append) │ │(pure FSM) │ │(B+tree) │ │ (SQL) │ │
│ └─────────┘ └───────────┘ └──────────┘ └──────────┘ │
└─────────────────────────────────────────────────────────────┘§Quick Start
ⓘ
use kimberlite::{Kimberlite, TenantId, DataClass};
// Open database
let db = Kimberlite::open("./data")?;
// Get tenant handle
let tenant = db.tenant(TenantId::new(1));
// Create a stream
let stream_id = tenant.create_stream("events", DataClass::Public)?;
// Append events
tenant.append(stream_id, vec![b"event1".to_vec(), b"event2".to_vec()], Offset::ZERO)?;
// Query (point-in-time support)
let results = tenant.query("SELECT * FROM events LIMIT 10", &[])?;§Modules
- SDK Layer:
Kimberlite,TenantHandle- Main API - Foundation: Types, crypto, storage primitives
- Query: SQL subset for compliance lookups
Structs§
- Abac
Decision - The result of evaluating an access request against a policy.
- Abac
Policy - An Attribute-Based Access Control policy.
- Abac
Rule - A single access control rule within a policy.
- Access
Policy - Access control policy.
- Audit
Query - Query filter for the audit log.
- BTree
Store - B+tree-based projection store implementation.
- Breach
Detector - Automated breach detector implementing HIPAA Section 164.404 and GDPR Article 33.
- Breach
Event - A single breach detection event with full audit trail metadata.
- Breach
Report - Comprehensive breach report for regulatory notification.
- Breach
Thresholds - Configurable thresholds for breach detection indicators.
- Chain
Hash - A 32-byte SHA-256 hash used for chaining records.
- Column
Def - Definition of a table column.
- Column
Filter - Filter for column-level access control (field-level security).
- Column
Name - SQL column name.
- Compliance
Audit Event - A single audit event with full context.
- Compliance
Audit Log - Immutable, append-only audit log for compliance operations.
- Compliance
Report - Complete compliance report
- Consent
Record - A single consent record
- Consent
Tracker - Consent tracker manages all consent records
- Directory
- Routes stream placements to VSR replication groups.
- Environment
Attributes - Attributes describing the environment/context of the access request.
- Erasure
Engine - Engine managing the lifecycle of GDPR Article 17 erasure requests.
- Erasure
Request - An erasure request tracking the lifecycle of a right-to-erasure invocation.
- Export
Engine - Engine for GDPR Article 20 data portability exports
- Export
Record - A single record included in a portability export
- Field
Key - A key for encrypting a specific field, derived from a tenant key.
- Field
Mask - Describes how a single column should be masked.
- GroupId
- Unique identifier for a replication group.
- KAnonymity
Result - Result of a k-anonymity check.
- Key
- A key in the projection store.
- Kimberlite
- The main Kimberlite database handle.
- Kimberlite
Config - Configuration for opening a Kimberlite database.
- Masking
Policy - A collection of field masks forming a complete masking policy.
- Offset
- Position of an event within a stream.
- Permission
Set - Set of permissions granted to a role.
- Policy
Enforcer - Policy enforcement engine.
- Portability
Export - Metadata about a completed data portability export
- Proof
Certificate - Proof certificate embedding verification metadata
- Query
Engine - Query engine for executing SQL against a projection store.
- Query
Result - Result of executing a query.
- Record
- A single record in the event log.
- Requirement
- A single compliance requirement
- Resource
Attributes - Attributes describing the resource being accessed.
- Reversible
Token - Encrypted token that can be reversed with the key.
- RowFilter
- Filter for row-level security (RLS).
- Schema
- Schema registry mapping SQL names to store types.
- Schema
Builder - Builder for constructing schemas fluently.
- Standard
Policies - Standard policies for each role.
- State
- The kernel’s in-memory state.
- Storage
- Append-only event log storage with checkpoint support and segment rotation.
- Stream
Filter - Filter for stream-level access control.
- Stream
Id - Unique identifier for a stream within the system.
- Stream
Metadata - Metadata describing a stream’s configuration and current state.
- Stream
Name - Human-readable name for a stream.
- Table
Def - Definition of a table in the schema.
- TableId
- Unique identifier for a table within the store.
- Table
Name - SQL table name.
- Tenant
Handle - A tenant-scoped handle for database operations.
- Tenant
Id - Unique identifier for a tenant (organization/customer).
- Token
- A deterministic token for consistent pseudonymization.
- User
Attributes - Attributes describing the user making the access request.
- Write
Batch - A batch of write operations to apply atomically.
Enums§
- Breach
Error - Breach
Indicator - Indicator that triggered a breach detection event.
- Breach
Severity - Severity level for a breach event, ordered from lowest to highest.
- Breach
Status - Status of a breach event through its lifecycle.
- Command
- A command to be applied to the kernel.
- Compliance
Audit Action - Extended audit actions covering all compliance modules.
- Compliance
Error - Compliance
Framework - Compliance framework identifiers
- Consent
Error - Consent
Scope - Scope of consent (what data is covered)
- Data
Class - Classification of data for compliance purposes.
- Data
Type - SQL data types supported by the query engine.
- Date
Precision - Precision level for date truncation.
- Directory
Error - Errors that can occur during directory lookups.
- Effect
- An effect to be executed by the runtime.
- Enforcement
Error - Error type for policy enforcement.
- Erasure
Error - Erasure
Status - Current status of an erasure request.
- Execute
Result - Result of executing a DDL/DML statement.
- Exemption
Basis - Legal basis for exemption from the right to erasure.
- Export
Error - Export
Format - Machine-readable export format (GDPR Article 20 compliance)
- GeoLevel
- Geographic hierarchy levels for generalization.
- Kernel
Error - Errors that can occur when applying commands to the kernel.
- Kimberlite
Error - Errors that can occur during Kimberlite operations.
- Mask
Style - Style for masking sensitive values.
- Masking
Error - Errors that can occur during masking operations.
- Masking
Strategy - Strategy used to mask a field value.
- Permission
- Permission that can be granted to a role.
- Placement
- Placement policy for a stream.
- Policy
Effect - The effect of a policy rule: allow or deny access.
- Proof
Status - Status of a compliance requirement
- Purpose
- Lawful basis for data processing (GDPR Article 6)
- Query
Error - Errors that can occur during query parsing and execution.
- Redact
Pattern - Pattern for partial redaction of known data formats.
- Region
- Geographic region for data placement.
- Role
- Role in the access control system.
- RowFilter
Operator - Operator for row-level security filters.
- Storage
Error - Errors that can occur during storage operations.
- Store
Error - Errors that can occur during store operations.
- Value
- A typed SQL value.
- WriteOp
- A single write operation within a batch.
Traits§
- Command
Router - Hook installed by replicated runtimes (
kimberlite-serverin cluster mode) soKimberlite::submitcan route writes through VSR before they touch the local projection. - Projection
Store - Trait for projection stores that maintain derived state from the log.
Functions§
- apply_
committed - Applies a committed command to the state, producing new state and effects.
- chain_
hash - Computes the next hash in the chain.
- check_
k_ anonymity - Checks if a set of quasi-identifier combinations achieves k-anonymity.
- decrypt_
field - Decrypts a field value encrypted with
encrypt_field. - encrypt_
field - Encrypts a field value with randomized encryption.
- generalize_
age - generalize_
numeric - Generalizes a numeric value into a range.
- generalize_
zip - Generalizes a ZIP code by preserving only the first N digits.
- mask
- Masks a string value according to the specified style.
- redact
- Returns
Noneto represent a fully redacted value. - tokenize
- Creates a deterministic token from a value.
- truncate_
date - Truncates a date to the specified precision.