docs(architecture): add trust-boundary system map diagram
This commit is contained in:
William Valentin
@@ -4,6 +4,61 @@ This is a high-signal, agent-oriented view of Flynn's structure and execution fl
|
||||
|
||||
If you're new to the codebase, start here, then jump to the referenced files.
|
||||
|
||||
## System Map (Boundaries + Trust)
|
||||
|
||||
This is the fastest way to understand what runs where, and where the security boundaries sit.
|
||||
|
||||
```mermaid
|
||||
flowchart LR
|
||||
subgraph EXT[External Systems]
|
||||
MP[Model Providers\nAnthropic/OpenAI/Gemini/...\nvia ModelClient]
|
||||
CH[Chat Networks\nTelegram/Discord/Slack/WhatsApp/...]
|
||||
WEB[Web\nsearch/fetch targets]
|
||||
end
|
||||
|
||||
subgraph HOST[Host (Flynn Daemon)]
|
||||
CA[ChannelAdapters]
|
||||
GW[Gateway\nHTTP + WS JSON-RPC + Web UI]
|
||||
RT[Routing\ncreateMessageRouter()]
|
||||
SM[SessionManager\nSQLite]
|
||||
OR[AgentOrchestrator]
|
||||
NA[NativeAgent\n(tool loop)]
|
||||
MR[ModelRouter]
|
||||
TP[ToolPolicy + ToolRegistry]
|
||||
TE[ToolExecutor\nhooks + enforcement + audit]
|
||||
MEM[Memory Store\nfiles + vector/keyword]
|
||||
AU[Audit Logger\nredacted]
|
||||
HS[Hooks/Autonomy\nconfirm/log/silent]
|
||||
end
|
||||
|
||||
subgraph SBX[Sandbox (per-session Docker)]
|
||||
ST[Sandboxed Tools\nshell/process/fs writes]
|
||||
FS[Sandbox FS\nworkspace mount (scoped)]
|
||||
NET[Sandbox Network\n(egress policy)]
|
||||
end
|
||||
|
||||
CH --> CA
|
||||
GW --> RT
|
||||
CA --> RT
|
||||
RT --> SM
|
||||
RT --> OR
|
||||
OR --> NA
|
||||
NA --> MR
|
||||
MR --> MP
|
||||
|
||||
NA --> TP
|
||||
TP --> TE
|
||||
TE --> HS
|
||||
TE --> AU
|
||||
TE --> MEM
|
||||
|
||||
TE -->|high-risk tools| ST
|
||||
ST --> FS
|
||||
ST --> NET
|
||||
|
||||
TE -->|web tools| WEB
|
||||
```
|
||||
|
||||
## Big Picture (Runtime Data Flow)
|
||||
|
||||
```text
|
||||
|
||||
Reference in New Issue
Block a user