Skip to content
FractalOps

FractalOps Core Requirements

FractalOps Core Requirements

Section titled “FractalOps Core Requirements”

Identity

Section titled “Identity”

FractalOps is the organization meta-control plane, not a generic stack manager.

Core responsibility is to keep the path from onboarding to work to proposal to proof coherent across the product and its execution substrate.

Strongly-Owned Core

Section titled “Strongly-Owned Core”

FractalOps strongly owns:

  • portal
  • api
  • worker
  • execution-runtime
  • Temporal
  • DB / Hasura / Supabase Realtime
  • Daytona
  • PlaywrightGrid
  • proposal, lineage, proof, and recovery contracts

These are the places where FractalOps may legitimately carry deeper control logic.

Endpoint-First Rule

Section titled “Endpoint-First Rule”

Most adjacent systems are not core control surfaces. They are integration endpoints.

Examples:

  • Nexus
  • Penpot
  • Dokploy
  • Headlamp
  • many connector targets

Default contract for these systems:

  • public URL
  • executor URL when machine access is needed
  • auth or secret contract
  • readiness or health contract

FractalOps should not default to strong lifecycle governance for them.

Core Runtime and Execution Rules

Section titled “Core Runtime and Execution Rules”
  • API validates, records, and queues
  • Temporal performs heavy execution
  • proposal-bound work must not bypass the queue
  • proof must remain queryable after mutation
  • secrets and tokens must resolve through SSOT-backed secret contracts
  • runtime selection uses typed runtime assets or endpoint contracts, not raw stack-local nouns

Live Truth Rules

Section titled “Live Truth Rules”
  • outbox: portal_live_events
  • canonical live read: harness-projection
  • live UI should not merge multiple competing summaries

Ouroboros Rules

Section titled “Ouroboros Rules”
  • public continuity stays fresh | resume
  • launch diagnostics remain diagnostics, not extra public modes
  • browser-first must be runtime-enforced
  • auth wall is treated as continuity/recovery input, not an automatic bug classification

Prohibited Drift

Section titled “Prohibited Drift”
  • per-stack control logic added where endpoint contracts are enough
  • raw local or cluster URLs embedded without SSOT boundaries
  • public docs or APIs exposing legacy continuity modes
  • synchronous direct execution from request paths
  • stack-local slang replacing canonical product vocabulary

Validation

Section titled “Validation”
  • make test-unit
  • make test-contract
  • make test-integration
  • make codegen-check
  • focused SSOT and runtime regression tests where URLs, principals, or live truth boundaries change