Purpose

Policy-aware trace vault with sessions, permissions, storage backends, WAL, fsck, snapshots, and replication. This page follows the real source shape for Trace Vault and explains the workflow a developer is likely to use first.

Trust contract

Document which keys authorize the operation, what is signed, what is encrypted, what is deliberately public, and which policy hook can deny the call. Security examples should use deterministic test vectors where possible.

Primary types to know

  • AgentPermissions — libs/trace-vault/src/permissions.rs
  • AppendGuard — libs/trace-vault/src/vault.rs
  • Atom — libs/trace-vault/src/vault.rs
  • CreateOptions — libs/trace-vault/src/config.rs
  • DefaultPolicy — libs/trace-vault/src/policy.rs
  • FileMetadataStorage — libs/trace-vault/src/storage/filesystem.rs
  • FileSystemStorage — libs/trace-vault/src/storage/filesystem.rs
  • FileSystemStorageFactory — libs/trace-vault/src/storage/filesystem.rs
  • FileTraceStorage — libs/trace-vault/src/storage/filesystem.rs
  • FsckReport — libs/trace-vault/src/fsck.rs
  • IndexingConfig — libs/trace-vault/src/config.rs
  • LruStoragePool — libs/trace-vault/src/storage/mod.rs

Example shape

use trace_vault::*;

// Minimal example skeleton. Replace placeholders with the concrete constructor
// listed on the API Surface page for this library.
async fn example() -> Result<(), Box<dyn std::error::Error>> {
    // 1. Build config or open storage.
    // 2. Execute one operation from this page.
    // 3. Assert the observable result before wiring peers or persistence.
    Ok(())
}

Release-quality documentation checklist

  • Every public type on the API Surface page has at least one sentence of behavior documentation.
  • Every fallible operation lists errors and recovery guidance.
  • Every networked example names the peer/session/topic lifecycle.
  • Every storage example names durability, repair, and deletion semantics.