Phase 5 now references the architect role and SDD process from docs/sdd_process.md instead of creating ad-hoc spec stubs. Added key new ADRs and architecture docs the architect will need to produce. Updated gitserver reference note (MPL concern, archive it). Kept rudolfs reference (MIT/Apache, fork candidate). Also removed 'needs-update' status from the lifecycle states since it's not part of the SDD process — stale docs get annotated with a note and existing status, not a new status.
16 KiB
Cleanup Plan: Pre-Pivot Housekeeping
Status: Draft Created: 2026-06-15 Purpose: Clean the workspace before starting the ALPN-as-service refactor so agents have a clear, bias-free starting point.
Guiding Principles
- Delete noise, preserve signal. If a document describes concepts that the pivot replaces or defers, it should be archived — not left in place where agents might pattern-match to the old model.
- Reference docs are a library, not a plan. The
references/directory (iroh, ssh, nats, etc.) is neutral research about external projects. Those stay. But gitserver is MPL — see below. - ADRs that codify discarded abstractions become landmines. An agent reading ADR-026 ("Transport/interface separation") will try to implement the three-layer model. These need to be marked superseded or archived.
- Code that stays should compile cleanly. We're not rewriting yet — we're making the existing code a clean reference implementation to port from.
- Follow the SDD process. This cleanup is preparation for Phase 0→1. After cleanup, the architect role will produce proper architecture specs following the format in
docs/sdd_process.md— modular docs, ADRs, open questions, README index. No ad-hoc spec stubs.
Phase 1: Archive Obsolete Architecture Docs
These documents describe concepts that the ALPN pivot replaces entirely. They're historical record, not guidance. Move to docs/_archived/ (preserved in git history, out of sight for agents).
Architecture docs to archive
| Document | Reason |
|---|---|
docs/architecture/interface.md |
Defines StreamInterface / MessageInterface — replaced by ProtocolHandler |
docs/architecture/services.md |
Defines irpc service layer, OperationEnv three dispatch paths — replaced by ALPN dispatch |
docs/architecture/call-protocol.md |
Describes OperationEnv composition model — will be rewritten for alknet-call |
docs/architecture/storage.md |
Metagraph/data model — deferred per pivot |
docs/architecture/flowgraph.md |
FlowGraph crate — deferred per pivot |
docs/architecture/credentials.md |
CredentialProvider phases A–D — simplifying per pivot |
docs/architecture/napi-and-pubsub.md |
Describes pubsub event target adapter through SSH control channel — old model |
docs/architecture/open-questions.md |
Most open questions are about the old model; will regenerate after pivot |
docs/architecture/tun-shim.md |
Already deprecated |
ADRs to mark superseded
These ADRs codify abstractions that the pivot replaces. Don't delete — mark them with a clear Superseded status and a pointer to the pivot doc so agents don't treat them as current guidance.
| ADR | Title | Superseded by |
|---|---|---|
| 026 | Transport/interface separation (three-layer model) | ALPN dispatch — one trait, one dispatch point |
| 035 | StreamInterface / MessageInterface split | ProtocolHandler trait replaces both |
| 033 | OperationEnv as universal composition mechanism | Call protocol is one ALPN; no three dispatch paths |
| 027 | Crate decomposition (core, storage, flowgraph) | New crate decomposition per pivot |
| 028 | Auth as irpc service behind feature flag | Auth is shared in alknet-core, not an irpc service |
| 032 | Event boundary discipline (domain, irpc, call) | Simplified — each handler manages its own wire format |
| 018 | Control channel for pubsub over SSH | Pubsub is a handler concern, not a SSH control channel |
| 017 | Stealth mode — protocol multiplexing on port 443 | ALPN negotiation replaces byte-peek protocol detection |
ADRs that remain valid
These capture decisions that carry forward regardless of the refactor:
| ADR | Title | Why it stays |
|---|---|---|
| 001 | Pluggable transport via AsyncRead+AsyncWrite |
Still true — BiStream implements these traits |
| 003 | iroh stream via tokio::io::join |
Still relevant for iroh transport |
| 004 | SSH runs over transport, not alongside | Still true — SSH is one ALPN handler |
| 005 | SOCKS5 as primary client interface | Still true for alknet-ssh |
| 006 | No logging of tunnel destinations | Security principle, always valid |
| 008 | ACME/Let's Encrypt certificate provisioning | Still needed for TLS endpoints |
| 012 | Ed25519 keys + OpenSSH cert-authority | Auth model carries forward |
| 013 | Fail2ban-friendly logging | Still relevant |
| 023 | Unified auth with shared key material + token auth | Becomes IdentityProvider in core |
| 024 | Bidirectional call protocol (EventEnvelope) | EventEnvelope framing carries into alknet-call |
| 025 | Handler/spec separation | Still a good pattern — each ALPN handler has its own spec |
| 029 | Identity as core type in alknet-core | Still true |
| 030 | Static/dynamic config split with ArcSwap | Still true — ArcSwap<DynamicConfig> pattern continues |
| 031 | Forwarding policy with rule-based allow/deny | Still relevant for alknet-ssh |
| 037 | API keys as DynamicConfig auth | Carries forward |
| 038 | Seed lifecycle and memory security | alknet-secret is standalone, unchanged |
ADRs to archive (deferred/irrelevant)
| ADR | Title | Reason |
|---|---|---|
| 002 | TUN shim as separate process | Already superseded by ADR-014 |
| 007 | NAPI exposes single duplex stream | Needs rewrite — NAPI becomes call protocol client |
| 009 | Default iroh relay with override | Low-level transport detail, not an architecture decision |
| 010 | Transport chaining in CLI | CLI UX detail, revisit when building new CLI |
| 011 | Programmatic-first API, no file-based config | CLI detail, revisit |
| 014 | Defer TUN, recommend SOCKS5 + tun2proxy | Still valid direction but already noted as deferred |
| 015 | napi-rs for FFI bridge | Implementation detail, revisit |
| 016 | NAPI exposes both connect() and serve() | Needs rewrite for new model |
| 019 | Proxy dual semantics | CLI detail, revisit |
| 034 | Head/worker terminology | Terminology, not architecture; revisit |
| 036 | CredentialProvider as core type | Simplifying per pivot |
Phase 2: Clean Up Research Docs
Keep as-is (neutral external references)
docs/research/references/iroh/— ALPN dispatch, QUIC endpoints, protocol handler patterndocs/research/references/ssh/russh/— SSH implementation reference foralknet-sshdocs/research/references/ssh/russh-sftp/— SFTP protocol reference foralknet-sftpdocs/research/references/ssh/sftp-rs/— SFTP comparison referencedocs/research/references/nats.rs/— Service/pattern reference (not directly used but neutral)docs/research/references/honker/— SQLite pub/sub, queues, streams — may be relevant for in-node event systemdocs/research/references/polyglot/— FFI patterns for NAPI/WASMdocs/research/references/openstack-keystone/— Auth patterns referencedocs/research/references/rustfs/— S3-compatible object storage referencedocs/research/references/gitlfs/rudolfs-reference.md— Git LFS server reference (MIT/Apache-2.0, fork candidate)docs/research/ops/— fail2ban, certbot — production reference, still usefuldocs/research/feasibility/— Historical context, keep
Handle MPL-licensed reference
docs/research/references/gitserver/gitserver-reference.md — This references an MPL-2.0 project. The reference doc itself is our analysis, not derived work. However, since the git adapter will use gix (Apache-2.0/MIT) directly — not gitserver — keeping this doc around creates risk of an agent copying structure or logic from the MPL codebase.
Action: Archive it. Replace with a gix-focused reference when we spec the git adapter. The research value is the git protocol knowledge, not the gitserver code structure.
Archive (biased toward old model)
| Document | Reason |
|---|---|
docs/research/core.md |
Describes the three-layer model in detail — superseded by pivot |
docs/research/services.md |
Describes irpc service layer, OperationEnv — superseded |
docs/research/storage.md |
Metagraph — deferred |
docs/research/flow.md |
FlowGraph — deferred |
docs/research/configuration.md |
Promoted to architecture docs already |
docs/research/integration-plan.md |
Phase-based integration plan for old model — superseded |
docs/research/phase2/interface-model.md |
StreamInterface/MessageInterface analysis — superseded |
docs/research/phase2/credential-provider.md |
CredentialProvider phases — simplifying |
docs/research/phase2/definitions.md |
Promoted to architecture already |
docs/research/phase2/tls-transport.md |
Describes stealth mode — ALPN replaces this |
docs/research/event-sourcing/ |
Event sourcing patterns — not currently needed |
Keep but annotate
| Document | Reason |
|---|---|
docs/research/pivot/alpn-service-architecture.md |
The pivot proposal. Current. |
docs/research/pivot/cleanup-plan.md |
This doc. Current. |
Phase 3: Clean Up Architecture Docs That Stay
These docs describe concepts that carry forward but need updating to reflect the new model. We'll mark them as needs-update and add a note pointing to the pivot. Don't rewrite yet — just annotate so agents know they're partially stale.
| Document | What changes |
|---|---|
docs/architecture/overview.md |
Crate structure, three-layer model references |
docs/architecture/transport.md |
Still valid but needs ALPN endpoint section |
docs/architecture/auth.md |
Auth per-handler table from pivot replaces credential presentation per interface |
docs/architecture/client.md |
Client connects to endpoint, opens stream on ALPN — simpler |
docs/architecture/server.md |
Server becomes ALPN router — fundamentally different |
docs/architecture/identity.md |
Mostly valid, needs IdentityProvider simplification |
docs/architecture/configuration.md |
ListenerConfig → ALPN advertisement config |
docs/architecture/secret-service.md |
Unchanged — alknet-secret is standalone |
docs/architecture/definitions.md |
Terminology needs update (interface, listener, handler → ALPN, handler) |
Phase 4: Clean Up Code
Not a rewrite — just remove dead weight so agents don't pattern-match to it.
Delete from alknet-core
These modules/files implement concepts that the pivot replaces entirely. They'll be re-implemented in new crates:
| What | Lines | Reason |
|---|---|---|
src/interface/mod.rs |
140 | StreamInterface / MessageInterface — replaced by ProtocolHandler |
src/interface/pairs.rs |
122 | Transport/interface validation — no longer needed |
src/interface/config.rs |
270 | ListenerConfig variants — replaced by ALPN advertisement |
src/interface/session.rs |
62 | InterfaceSession / InterfaceEvent — old model |
src/interface/http.rs |
66 | Old HTTP interface — becomes alknet-http handler |
src/interface/dns.rs |
47 | Old DNS interface — becomes alknet-dns handler |
src/interface/raw_framing.rs |
399 | Stealth mode byte-peek — replaced by ALPN negotiation |
src/server/stealth.rs |
316 | Stealth mode — replaced by ALPN negotiation |
src/server/control_channel.rs |
196 | SSH control channel for pubsub — old model |
Keep as-is (port later):
| What | Lines | Destination |
|---|---|---|
src/interface/ssh.rs |
982 | → alknet-ssh (largest single extraction) |
src/server/handler.rs |
974 | → alknet-ssh (SSH server handler) |
src/server/channel_proxy.rs |
555 | → alknet-ssh (port forwarding proxy) |
src/server/serve.rs |
1526 | → rewrite as ALPN router (keep for reference, rewrite later) |
src/call/* |
~1200 | → alknet-call (relatively clean extraction) |
src/auth/* |
~1450 | → alknet-core (shared auth/identity) |
src/config/* |
~950 | → alknet-core (static/dynamic config) |
src/transport/* |
~1500 | → alknet-core (endpoint acceptors) |
src/client/* |
~1900 | → alknet-ssh (client session, SOCKS5, forwarding) |
src/socks5/* |
~800 | → alknet-ssh (SOCKS5 server) |
src/credentials/* |
~250 | → simplify into alknet-core auth |
src/http/* |
~340 | → alknet-http |
src/error.rs |
~240 | → alknet-core |
src/testutil.rs |
~140 | → alknet-core test utilities |
Delete entire crate
| Crate | Reason |
|---|---|
(none yet — alknet-storage and alknet-flowgraph don't exist as crates) |
The current workspace only has alknet-core, alknet-secret, alknet-napi, and alknet (CLI). No storage or flowgraph crates exist to delete.
Phase 5: Architecture Specs (Follow SDD Process)
After cleanup, the architect role will produce proper architecture specs following the SDD process defined in docs/sdd_process.md. This means:
- Modular docs in
docs/architecture/— one focused doc per component/area - ADRs in
docs/architecture/decisions/— new ADRs for pivot decisions (ALPN dispatch, ProtocolHandler trait, crate decomposition, etc.) - Open questions centralized in
docs/architecture/open-questions.md - README index in
docs/architecture/README.mdwith doc table, ADR table, lifecycle definitions - YAML frontmatter with
status,last_updatedon every doc
The pivot proposal (docs/research/pivot/alpn-service-architecture.md) serves as Phase 0 research output. The architect will use it as input to produce Phase 1 architecture docs. No ad-hoc spec stubs — proper SDD specs from the start.
Key new ADRs the architect will need to produce:
| ADR | Title |
|---|---|
| 039 | ALPN-based protocol dispatch (replaces ADR-026, ADR-035) |
| 040 | ProtocolHandler trait (replaces StreamInterface/MessageInterface) |
| 041 | New crate decomposition (replaces ADR-027) |
| 042 | Auth as shared core (replaces ADR-028) |
| 043 | Event model per-handler (replaces ADR-032, ADR-018) |
| 044 | ALPN negotiation replaces stealth mode (replaces ADR-017) |
Key architecture docs the architect will need to produce or rewrite:
| Document | Scope |
|---|---|
overview.md |
Rewrite — crate structure, ALPN dispatch model, exports |
server.md |
Rewrite — ALPN router, handler registry, endpoint lifecycle |
client.md |
Rewrite — connect to endpoint, open stream on ALPN |
auth.md |
Update — IdentityProvider, per-handler credential table |
call-protocol.md |
Rewrite — alknet-call as one ALPN, EventEnvelope framing |
configuration.md |
Update — ALPN advertisement, handler config |
identity.md |
Update — IdentityProvider simplification |
definitions.md |
Update — new terminology |
Execution Order
- Create
docs/_archived/directory and move files there (preserves git history) - Mark superseded ADRs with
Supersededstatus and pivot reference - Move obsolete research docs to
docs/_archived/research/ - Annotate stale-but-keeping architecture docs with
status: needs-updatefrontmatter and pivot reference note - Delete replaced code modules from
alknet-core(interface layer, stealth, control channel) - Fix compilation — removing modules will break imports. Fix them minimally (comment out, stub, or remove call sites) so the project compiles. This is temporary scaffolding, not the refactor.
- Architect produces proper SDD architecture specs per Phase 1 of the SDD process
After this cleanup, the repo should:
- Compile (possibly with reduced functionality)
- Have no references to
StreamInterface,MessageInterface,ListenerConfig, or stealth mode in active docs - Have superseded ADRs clearly marked so agents don't implement the old model
- Have all obsolete material in
docs/_archived/where it won't bias agents - Be ready for the architect role to produce proper Phase 1 architecture specs following the SDD process