kimi/Timmy-time-dashboard
Archived
1
0
Fork 0
forked from Rockachopa/Timmy-time-dashboard
Code Pull Requests Activity
This repository has been archived on 2026-03-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
bfbd428238e79db7f34275cfda8c5d853cb0b834
Timmy-time-dashboard/docs/sovereignty-audit.md

148 lines
4.5 KiB
Markdown
Raw Blame History

# Sovereignty Audit — Runtime Dependencies
**Issue:** #1508
**Date:** 2026-04-15
**Status:** Draft
## Purpose
SOUL.md mandates: *"If I ever require permission from a third party to function, I have failed."*
This document audits all runtime dependencies, classifies each as essential vs replaceable, and defines a path to full sovereignty.
---
## Dependency Inventory
### 1. LLM Inference
| Provider | Role | Status |
|----------|------|--------|
| Nous Research (OpenRouter) | Primary inference (mimo-v2-pro) | Third-party |
| Anthropic | Claude models (BANNED per policy) | Third-party, disabled |
| OpenAI | Codex agent | Third-party |
| Google | Gemini agent | Third-party |
**Classification:** REPLACEABLE
**Local path:** Ollama + GGUF models (Gemma, Llama, Qwen) on local hardware
**Current blocker:** Frontier model quality gap for complex reasoning
**Sovereignty score impact:** -40% (inference is the heaviest dependency)
### 2. Bitcoin Network
| Provider | Role | Status |
|----------|------|--------|
| Bitcoin Core (local or remote node) | Chain heartbeat, inscription verification | Acceptable |
**Classification:** ACCEPTABLE — Bitcoin is permissionless infrastructure, not a third party
**Sovereignty score impact:** 0% (running own node = sovereign)
### 3. Git Hosting (Gitea)
| Provider | Role | Status |
|----------|------|--------|
| forge.alexanderwhitestone.com | Issue tracking, PR workflow, agent coordination | Self-hosted |
**Classification:** ACCEPTABLE — self-hosted on own VPS
**Sovereignty score impact:** 0% (self-hosted)
### 4. Telegram
| Provider | Role | Status |
|----------|------|--------|
| Telegram Bot API | User-facing chat interface | Third-party |
**Classification:** REPLACEABLE
**Local path:** Matrix (self-hosted homeserver) or direct CLI/SSH
**Current blocker:** User adoption — Alexander uses Telegram
**Sovereignty score impact:** -10%
### 5. DNS / Network
| Provider | Role | Status |
|----------|------|--------|
| Domain registrar | DNS resolution | Third-party |
| Cloudflare (if used) | CDN/DDoS protection | Third-party |
**Classification:** REPLACEABLE
**Local path:** Direct IP access, local DNS, Tor hidden service
**Current blocker:** Usability — direct IP is fragile
**Sovereignty score impact:** -5%
### 6. Operating System
| Provider | Role | Status |
|----------|------|--------|
| macOS (Apple) | Primary development host | Third-party |
| Linux (VPS) | Production agent hosts | Acceptable (open source) |
**Classification:** ESSENTIAL (no practical alternative for current workflow)
**Notes:** macOS dependency is hardware-layer, not runtime-layer. Agents run on Linux VPS.
**Sovereignty score impact:** -5% (development only, not runtime)
---
## Sovereignty Score
```
Sovereignty Score = (Operations that work offline) / (Total operations)
Current estimate: ~50%
- Inference: can run locally (Ollama) but currently routes through Nous
- Communication: Telegram routes through third party
- Everything else: self-hosted or local
Target: 90%+
- Move inference to local Ollama for non-complex tasks (DONE partially)
- Add Matrix as primary comms channel (in progress)
- Maintain Bitcoin node for chain heartbeat
```
---
## Classification Summary
| Dependency | Essential? | Replaceable? | Local Alternative | Priority |
|------------|-----------|-------------|-------------------|----------|
| LLM Inference (Nous) | No | Yes | Ollama + local models | P1 |
| Telegram | No | Yes | Matrix homeserver | P2 |
| DNS | No | Yes | Direct IP / Tor | P3 |
| macOS | Dev only | N/A | Linux | N/A |
| Bitcoin | Yes | N/A | Already sovereign | N/A |
| Gitea | Yes | N/A | Already self-hosted | N/A |
---
## Local-Only Fallback Path
**Tier 1 — Fully sovereign (no network):**
- Local Ollama inference
- Local file storage
- Local git repositories
- Direct CLI interaction
**Tier 2 — Sovereign with network:**
- + Bitcoin node (permissionless)
- + Self-hosted Gitea (own VPS)
- + Self-hosted Matrix (own VPS)
**Tier 3 — Pragmatic (current state):**
- + Nous/OpenRouter inference (better quality)
- + Telegram (user adoption)
- + DNS resolution
**Goal:** Every Tier 3 dependency should have a Tier 1 or Tier 2 alternative tested and documented.
---
## Acceptance Criteria Status
1. **Document all runtime third-party dependencies** — DONE (this document)
2. **Classify each as essential vs replaceable** — DONE (table above)
3. **Define local-only fallback path for each** — DONE (tiered system)
4. **Create sovereignty score metric** — DONE (formula + current estimate)
---
*Sovereignty and service always.*
View Git Blame Copy Permalink