Implementation Waves
Ordered first-parity build waves and runtime proof expectations.
Implementation Waves
Build in waves. Keep the blocking spine ahead of the later surfaces.
The current canon allows implementation to start. It still requires each wave to pass its proof package before runtime signoff.
Wave Table
| Wave | Scope | Depends on | Status |
|---|---|---|---|
W0 | Contract and test hygiene freeze | none | blocking |
W1 | Stream and runtime spine | W0 | blocking |
W2 | Provider normalization, model registry, and Responses transport | W1 | blocking |
W3 | MCP, tool security, lifecycle, and direct tool transport | W1 | blocking |
W4 | Files, conversations, tags, and non-write message core | W1, W2, W3 | blocking |
W5 | Auth, admin, config, ACL, and session transport | W1, W3 | blocking |
W5A | Auditability and discovery spine | W1, W2, W3, W4, W5 | blocking |
W5B | Agents, assistants, prompt library, marketplace, presets, and share publication | W3, W4, W5, W5A | blocking |
W6 | Message write API hardening | W4, W5, W5A | blocking |
W7 | Web shell | W0, W5, W5A, W5B | later wave |
W8 | Chat, reusable-agent surfaces, memory, temporary chat, and shared DTO normalization | W0, W2, W4, W5A, W5B, W6 | later wave |
W9 | Codex integration | W1, W5, W7, W10 | later wave |
W10 | SwiftUI shell | W2, W5, W5A, W6, W8 | later wave |
W11 | CLI wrappers | W5, W9 | deferred |
Blocking Build Path
Start with the harness and streaming spine.
Then build provider normalization, model registry, Responses transport, MCP, tools, files, conversations, auth, admin, config, ACL, and sessions.
Build W5A before any surface claims enterprise-ready behavior. The audit and discovery spine gates mutation success, legal hold, export, retention, and projection.
After W5A, build agents, assistants, prompt library, share publication, and message write hardening.
Web, chat UI, Codex integration, SwiftUI, and CLI wrappers follow only after their dependencies have real runtime proof.
Wave Proof
W0 adopts the GoRunChat browser and route proof rules. Weak asynchronous checks and truthiness-only assertions do not count.
W1 proves ordered replay, reconnect recovery, abort, job replacement, and tenant scoping.
W2 proves OpenAI, Anthropic, Google, model registry, endpoint registry, and Responses behavior. Stored response round trips must preserve usage and continuation state.
W3 proves MCP OAuth, token refresh, registry lifecycle, SSRF blocking, direct tools transport, action OAuth, action import, and material tool or MCP action evidence.
W4 proves file validation, attachment routing, citations, document parsing, conversation lifecycle, tags, import limits, and destructive content behavior.
W5 proves mounted admin routes, public and authenticated config, auth/session transport, role and grant rules, ACL behavior, BYOK mutation, user account routes, security middleware, and utility routes.
W5A proves append-only audit, immutable discovery, fail-closed mutation behavior, admin and super_admin hold and export controls, 3-year retention, query copy, archive projection, and observable projector lag.
W6 proves path-only message create, conversation-scoped edit and feedback, branch and artifact routes, and conversation-scoped feedback refresh.
W7 and W8 require browser-owned proof through composed UI paths. Isolated component proof can supplement the package only where the contract allows it.
W9 proves Go can talk to Rust app-server without taking over Rust-owned Codex behavior.
W10 proves SwiftUI consumes the same local-service, event, auth, session, search, SSE, and ACL contracts as the web path.
W11 stays outside first parity unless a Go operational wrapper becomes required.