v1.5.0 — Complete Specification Overhaul

23 Architecture Decision Records (ADR-132 through ADR-154)

Every subsystem is now formally specified. From 6 ADRs to 23 — complete coverage.

Research Foundation (14 topics across 4 documents)

Key Specifications Added

• IPC Protocol (ADR-145): FIFO ordering, capability-gated send/receive, backpressure, coherence graph integration
• SMP Scheduling (ADR-146): Multi-core coordination, VMID-aware assignment, GPU context save/restore
• HAL Contract (ADR-147): 4 traits (Platform, MmuOps, TimerOps, InterruptOps), safety policy for arch implementations
• Error Model (ADR-148): 34 error variants mapped to F1-F4 failure classes, witnessed escalation chain
• RVF Integration (ADR-149): Boot images, dormant checkpoints, witness archives, GPU kernel distribution
• Device Leases (ADR-150): Epoch-based grant/revoke/expiry, GPU MMIO, DMA budget enforcement
• GPU Witness Events (ADR-151): 12 new ActionKind variants (0xA0-0xAF range)
• GPU MinCut Correctness (ADR-152): Integer-space computation, 4-level fallback, cross-validation
• Multi-Node Mesh (ADR-153, Draft): Partition migration, cross-node coherence, witness federation
• Formal Verification (ADR-154, Draft): Kani/Prusti roadmap, 4 verification priorities

Stats

• 23 ADRs (17 new, 3 fixed, 3 existing)
• 14 research topics across 4 documents
• 3,851 lines of specification added
• 945 tests passing, 0 failures

Full Changelog: v1.4.0...v1.5.0

v1.4.0 — GPU Compute: Security Hardened, Benchmarked, Production-Ready

Security Audit Remediation

Deep code review identified 3 Critical, 6 High, 4 Medium issues in the GPU subsystem. All fixed:

GPU Capabilities

Usage

Basic: Create a GPU context

use rvm_kernel::gpu::{context::GpuContext, budget::GpuBudget, GpuStatus};
use rvm_types::PartitionId;

let budget = GpuBudget::new(1_000_000_000, 512*1024*1024, 1_000_000_000, 1000);
let mut ctx = GpuContext::new(PartitionId::new(1), 0, budget);
ctx.status = GpuStatus::Ready;

// Atomic budget check + record (no TOCTOU)
ctx.try_launch(50_000, 1024)?;  // 50µs compute, 1KB transfer

Intermediate: Configure kernel launch

use rvm_kernel::gpu::kernel::LaunchConfig;

let config = LaunchConfig {
    workgroups: [64, 64, 1],
    workgroup_size: [256, 1, 1],
    shared_memory_bytes: 16384,
    timeout_ns: 100_000_000,
};
assert_eq!(config.total_threads(), 1_048_576);
config.validate()?;

Advanced: Command queue pipeline

use rvm_kernel::gpu::queue::{GpuQueue, QueueId, QueueCommand};
use rvm_kernel::gpu::kernel::KernelId;
use rvm_kernel::gpu::buffer::BufferId;

let mut queue = GpuQueue::with_max_depth(QueueId::new(0), pid, 256);
queue.enqueue(QueueCommand::kernel_launch(KernelId::new(1)))?;
queue.enqueue(QueueCommand::buffer_copy(BufferId::new(0), BufferId::new(1), 4096))?;
queue.enqueue(QueueCommand::barrier())?;

Exotic: Coherence engine GPU acceleration

use rvm_kernel::gpu::accel::{GpuMinCutConfig, GpuScoringConfig};

// Offload mincut to GPU (50µs budget → microseconds on GPU)
let cfg = GpuMinCutConfig { max_nodes: 32, budget_iterations: 31, use_gpu: true };

// Parallel scoring across all 256 partitions
let scoring = GpuScoringConfig { max_partitions: 256, use_gpu: true };

Stats

Submodules

Links

• ADR-144: GPU Compute Support
• Deep Review Report
• User Guide
• pi.ruv.io

Full Changelog: v1.3.0...v1.4.0

Mac Mini Benchmark Results (Apple Silicon)

All GPU operations are sub-nanosecond on Apple Silicon — zero impact on partition switch hot path.

What's New

GPU Compute Support (ADR-144)

Complete GPU compute subsystem enabling capability-gated, proof-verified, witness-logged GPU access for RVM partitions.

New: rvm-gpu crate

6 GPU Backends

5 New WASM Host Functions

GpuLaunch, GpuAlloc, GpuFree, GpuTransfer, GpuSync

Submodules Added

• cuda-wasm/ — ruv-FANN (CUDA parser, transpiler, WebGPU/Metal backend, flash attention, tensor ops)
• ruvector/ — RuVector ecosystem (RVF, mincut, solver, coherence, ruvix kernel primitives)

Stats

• 862 tests passing (797 existing + 65 new GPU), 0 failures
• 2,608 lines added across 23 files
• Zero cost when GPU features disabled (feature-gated)

Security Model

• Capability-gated: EXECUTE | WRITE rights required
• IOMMU isolation per partition
• DMA budget enforced per epoch
• GPU context saved/restored on partition switch
• Every GPU operation witnessed

Full Changelog: v1.2.0...v1.3.0

What's New

Nightly Verified Release Pipeline (ADR-143)

Automated CI/CD pipeline that detects new Claude Code releases, verifies RVM compatibility, and publishes verified builds with zero regressions.

Pipeline: Runs nightly at 03:00 UTC via GitHub Actions

npm check → 797 tests → benchmarks → cargo audit → AI analysis → release

Verification Gates (ALL must pass)

On Failure

• Release blocked automatically
• GitHub issue opened with investigation link
• No broken builds ever published

AI-Powered Discovery Analysis

Uses Claude Sonnet 4.6 to analyze changes between Claude Code versions:

• New features and capabilities
• Breaking changes
• Security-relevant updates
• Architecture changes
• Impact on RVM integration

rudevolution Submodule

Added rudevolution as git submodule for Claude Code version tracking via AI-powered decompilation (34,759 functions, 95.7% accuracy).

Files Added

Required Secrets

• GITHUB_TOKEN — automatic (for releases and issues)
• ANTHROPIC_API_KEY — optional (for AI discovery analysis)

Manual Trigger

gh workflow run nightly.yml -f force_release=true

Links

• ADR-143
• pi.ruv.io
• rudevolution

Full Changelog: v1.1.0...v1.2.0

What's New

Comprehensive User Guide (17 chapters, 7,087 lines)

Complete documentation covering every RVM subsystem, from 5-minute quick start through exotic capabilities with no prior art.

MCP Documentation Tools (rvm-docs-mcp)

AI-assisted documentation search and navigation via MCP server and standalone CLI.

6 Tools: docs_search, docs_navigate, docs_xref, docs_glossary, docs_api, docs_howto

# Register with Claude Code
claude mcp add rvm-docs -- node /path/to/rvm/userguide/mcp/dist/index.js

# CLI usage
node userguide/mcp/dist/cli.js search "capability"
node userguide/mcp/dist/cli.js howto "build rvm"

README Updates

• Collapsed tutorial section with quick start commands
• Full user guide table of contents
• MCP tools section with installation and usage examples

Stats

• 797 tests passing, 0 failures
• 28 files added (9,254 lines)
• All 11 ADR benchmarks continue to exceed targets

Full Changelog: v1.0.0...v1.1.0

RVM v1.0.0 — The Virtual Machine Built for the Agentic Age

RVM is not a virtual machine. It is a coherence-native microhypervisor that replaces static VMs with dynamic, graph-partitioned coherence domains driven by how agents actually communicate.

Agents don't fit in static VMs. They spawn in milliseconds, communicate in dense shifting graphs, share context across trust boundaries, and die without warning. RVM treats this as the normal case, not an edge case.

The RVM Format

Three complementary layers in one system:

1. Coherence Domains (not VMs)

RVM replaces the VM abstraction with coherence domains — lightweight partitions whose isolation, scheduling, and memory placement are driven by spectral graph metrics and mincut algorithms. Partitions split when communication patterns diverge. They merge when coherence is high. The scheduler reads graph structure, not just priority numbers.

13 Rust crates, all no_std, all #![forbid(unsafe_code)] (except HAL):

2. Witness & Proof System

Every mutation is proof-gated. Every action is witnessed. The system understands its own structure.

Three-tier proof pipeline:

• P1 (Capability) — Bitmap check, <1 us, runs in scheduler hot path
• P2 (Policy) — Structural validation, ownership chains, region bounds, <100 us
• P3 (Deep Proof) — SHA-256, Ed25519 (verify_strict), HMAC-SHA256, TEE attestation, <10 ms

Witness records (64 bytes, cache-aligned):

• Hash-chained (SHA-256 default, FNV-1a fallback)
• HMAC-SHA256 signed (aux field)
• 40+ action kinds across all subsystems
• Ring buffer storage, no heap allocation
• Invariant: "No witness, no mutation"

3. TEE Cryptographic Verification (ADR-142)

Production-grade cryptographic infrastructure replacing development stubs:

5 signer implementations:

TEE pipeline (per ADR-142 reviewer amendments):

• TeeQuoteProvider — local evidence generation
• TeeQuoteVerifier — collateral validation + measurement check
• WitnessSigner — signs after quote accepted
• Platform table: SGX (MRENCLAVE), TDX (MRTD+RTMR), SEV-SNP (LAUNCH_DIGEST), ARM CCA (RIM)

subtle::ConstantTimeEq for all verification paths. Parse-normalize-compare ordering enforced.

Security Audit

Full remediation of 87 findings from comprehensive security audit:

Performance

26 optimizations, all hot paths addressed:

Plus: cache-line aligned SwitchContext (hot fields first), per-CPU false sharing prevention, #[inline] on 11+ hot functions, FNV-1a 8x loop unroll, precomputed bit-offset LUT.

Benchmarks

Test Coverage

752 tests, 0 failures across 11 library crates + integration suite.

8 ADR-142 acceptance criteria integration tests verify that forged witnesses with reordered fields, reused nonces, invalid Merkle paths, expired TEE collateral, and tampered signatures all fail deterministically.

Architecture Decision Records

One Line

One file. Boot bare metal. Run WASM in a browser. Prove every mutation. Trust nothing.