forked from Rockachopa/Timmy-time-dashboard
This commit is contained in:
147
docs/sovereignty-audit.md
Normal file
147
docs/sovereignty-audit.md
Normal file
@@ -0,0 +1,147 @@
|
||||
# Sovereignty Audit — Runtime Dependencies
|
||||
|
||||
**Issue:** #1508
|
||||
**Date:** 2026-04-15
|
||||
**Status:** Draft
|
||||
|
||||
## Purpose
|
||||
|
||||
SOUL.md mandates: *"If I ever require permission from a third party to function, I have failed."*
|
||||
|
||||
This document audits all runtime dependencies, classifies each as essential vs replaceable, and defines a path to full sovereignty.
|
||||
|
||||
---
|
||||
|
||||
## Dependency Inventory
|
||||
|
||||
### 1. LLM Inference
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| Nous Research (OpenRouter) | Primary inference (mimo-v2-pro) | Third-party |
|
||||
| Anthropic | Claude models (BANNED per policy) | Third-party, disabled |
|
||||
| OpenAI | Codex agent | Third-party |
|
||||
| Google | Gemini agent | Third-party |
|
||||
|
||||
**Classification:** REPLACEABLE
|
||||
**Local path:** Ollama + GGUF models (Gemma, Llama, Qwen) on local hardware
|
||||
**Current blocker:** Frontier model quality gap for complex reasoning
|
||||
**Sovereignty score impact:** -40% (inference is the heaviest dependency)
|
||||
|
||||
### 2. Bitcoin Network
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| Bitcoin Core (local or remote node) | Chain heartbeat, inscription verification | Acceptable |
|
||||
|
||||
**Classification:** ACCEPTABLE — Bitcoin is permissionless infrastructure, not a third party
|
||||
**Sovereignty score impact:** 0% (running own node = sovereign)
|
||||
|
||||
### 3. Git Hosting (Gitea)
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| forge.alexanderwhitestone.com | Issue tracking, PR workflow, agent coordination | Self-hosted |
|
||||
|
||||
**Classification:** ACCEPTABLE — self-hosted on own VPS
|
||||
**Sovereignty score impact:** 0% (self-hosted)
|
||||
|
||||
### 4. Telegram
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| Telegram Bot API | User-facing chat interface | Third-party |
|
||||
|
||||
**Classification:** REPLACEABLE
|
||||
**Local path:** Matrix (self-hosted homeserver) or direct CLI/SSH
|
||||
**Current blocker:** User adoption — Alexander uses Telegram
|
||||
**Sovereignty score impact:** -10%
|
||||
|
||||
### 5. DNS / Network
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| Domain registrar | DNS resolution | Third-party |
|
||||
| Cloudflare (if used) | CDN/DDoS protection | Third-party |
|
||||
|
||||
**Classification:** REPLACEABLE
|
||||
**Local path:** Direct IP access, local DNS, Tor hidden service
|
||||
**Current blocker:** Usability — direct IP is fragile
|
||||
**Sovereignty score impact:** -5%
|
||||
|
||||
### 6. Operating System
|
||||
|
||||
| Provider | Role | Status |
|
||||
|----------|------|--------|
|
||||
| macOS (Apple) | Primary development host | Third-party |
|
||||
| Linux (VPS) | Production agent hosts | Acceptable (open source) |
|
||||
|
||||
**Classification:** ESSENTIAL (no practical alternative for current workflow)
|
||||
**Notes:** macOS dependency is hardware-layer, not runtime-layer. Agents run on Linux VPS.
|
||||
**Sovereignty score impact:** -5% (development only, not runtime)
|
||||
|
||||
---
|
||||
|
||||
## Sovereignty Score
|
||||
|
||||
```
|
||||
Sovereignty Score = (Operations that work offline) / (Total operations)
|
||||
|
||||
Current estimate: ~50%
|
||||
- Inference: can run locally (Ollama) but currently routes through Nous
|
||||
- Communication: Telegram routes through third party
|
||||
- Everything else: self-hosted or local
|
||||
|
||||
Target: 90%+
|
||||
- Move inference to local Ollama for non-complex tasks (DONE partially)
|
||||
- Add Matrix as primary comms channel (in progress)
|
||||
- Maintain Bitcoin node for chain heartbeat
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Classification Summary
|
||||
|
||||
| Dependency | Essential? | Replaceable? | Local Alternative | Priority |
|
||||
|------------|-----------|-------------|-------------------|----------|
|
||||
| LLM Inference (Nous) | No | Yes | Ollama + local models | P1 |
|
||||
| Telegram | No | Yes | Matrix homeserver | P2 |
|
||||
| DNS | No | Yes | Direct IP / Tor | P3 |
|
||||
| macOS | Dev only | N/A | Linux | N/A |
|
||||
| Bitcoin | Yes | N/A | Already sovereign | N/A |
|
||||
| Gitea | Yes | N/A | Already self-hosted | N/A |
|
||||
|
||||
---
|
||||
|
||||
## Local-Only Fallback Path
|
||||
|
||||
**Tier 1 — Fully sovereign (no network):**
|
||||
- Local Ollama inference
|
||||
- Local file storage
|
||||
- Local git repositories
|
||||
- Direct CLI interaction
|
||||
|
||||
**Tier 2 — Sovereign with network:**
|
||||
- + Bitcoin node (permissionless)
|
||||
- + Self-hosted Gitea (own VPS)
|
||||
- + Self-hosted Matrix (own VPS)
|
||||
|
||||
**Tier 3 — Pragmatic (current state):**
|
||||
- + Nous/OpenRouter inference (better quality)
|
||||
- + Telegram (user adoption)
|
||||
- + DNS resolution
|
||||
|
||||
**Goal:** Every Tier 3 dependency should have a Tier 1 or Tier 2 alternative tested and documented.
|
||||
|
||||
---
|
||||
|
||||
## Acceptance Criteria Status
|
||||
|
||||
1. **Document all runtime third-party dependencies** — DONE (this document)
|
||||
2. **Classify each as essential vs replaceable** — DONE (table above)
|
||||
3. **Define local-only fallback path for each** — DONE (tiered system)
|
||||
4. **Create sovereignty score metric** — DONE (formula + current estimate)
|
||||
|
||||
---
|
||||
|
||||
*Sovereignty and service always.*
|
||||
Reference in New Issue
Block a user