From b031e881a941a15a9e0689b925d82018abd5a457 Mon Sep 17 00:00:00 2001
From: dan <dullfig@verizon.net>
Date: Tue, 23 Dec 2025 19:03:12 -0800
Subject: [PATCH] edited README.md

---
 .codebuddy/.gitignore                         |  1 +
 .codebuddy/summary.md                         | 20 +++++
 .idea/.gitignore                              |  8 ++
 .idea/codebuddy.xml                           |  6 ++
 .../inspectionProfiles/profiles_settings.xml  |  6 ++
 .idea/misc.xml                                |  7 ++
 .idea/modules.xml                             |  8 ++
 .idea/vcs.xml                                 |  6 ++
 .idea/xml-pipeline.iml                        |  8 ++
 README.md                                     | 87 ++++++++++++++++++-
 10 files changed, 155 insertions(+), 2 deletions(-)
 create mode 100644 .codebuddy/.gitignore
 create mode 100644 .codebuddy/summary.md
 create mode 100644 .idea/.gitignore
 create mode 100644 .idea/codebuddy.xml
 create mode 100644 .idea/inspectionProfiles/profiles_settings.xml
 create mode 100644 .idea/misc.xml
 create mode 100644 .idea/modules.xml
 create mode 100644 .idea/vcs.xml
 create mode 100644 .idea/xml-pipeline.iml

diff --git a/.codebuddy/.gitignore b/.codebuddy/.gitignore
new file mode 100644
index 0000000..9f4c740
--- /dev/null
+++ b/.codebuddy/.gitignore
@@ -0,0 +1 @@
+db/
\ No newline at end of file
diff --git a/.codebuddy/summary.md b/.codebuddy/summary.md
new file mode 100644
index 0000000..f807002
--- /dev/null
+++ b/.codebuddy/summary.md
@@ -0,0 +1,20 @@
+# Project Summary
+
+## Overview of Languages, Frameworks, and Main Libraries Used
+The project is primarily developed in Python, as indicated by the presence of the `main.py` file. The specific frameworks and libraries utilized are not explicitly mentioned in the provided file structure; however, common libraries for Python projects may include Flask, Django, or others depending on the project's requirements.
+
+## Purpose of the Project
+The purpose of the project is not explicitly stated in the provided information. However, based on the presence of a main script (`main.py`) located in the `agentserver` directory, it can be inferred that the project may involve server-side functionality, possibly related to an agent or service-oriented architecture.
+
+## Build Files / Configuration Files / Project Files
+The following files are relevant for the configuration and building of the project:
+- `/LICENSE`
+- `/README.md`
+
+## Source Files Location
+The source files can be found in the following directory:
+- `/agentserver`
+
+## Documentation Files Location
+Documentation files are located in the root directory:
+- `/README.md`
\ No newline at end of file
diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..13566b8
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/.idea/codebuddy.xml b/.idea/codebuddy.xml
new file mode 100644
index 0000000..f72dc3f
--- /dev/null
+++ b/.idea/codebuddy.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="CodebuddyPersistentProjectState">
+    <option name="selectedModel" value="codebuddy:GPT5.1_V7" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml
new file mode 100644
index 0000000..105ce2d
--- /dev/null
+++ b/.idea/inspectionProfiles/profiles_settings.xml
@@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
new file mode 100644
index 0000000..4c64606
--- /dev/null
+++ b/.idea/misc.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="Black">
+    <option name="sdkName" value="Python 3.13 (xml-pipeline)" />
+  </component>
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.13 (xml-pipeline)" project-jdk-type="Python SDK" />
+</project>
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..40b4f1d
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/xml-pipeline.iml" filepath="$PROJECT_DIR$/.idea/xml-pipeline.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..35eb1dd
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/.idea/xml-pipeline.iml b/.idea/xml-pipeline.iml
new file mode 100644
index 0000000..2052e04
--- /dev/null
+++ b/.idea/xml-pipeline.iml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="jdk" jdkName="Python 3.13 (xml-pipeline)" jdkType="Python SDK" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
\ No newline at end of file
diff --git a/README.md b/README.md
index 4d8ae47..48f3d6e 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,85 @@
-# xml-pipeline
-Production-ready networked multi-agent substrate built on xml-pipeline. One port. Many bounded minds. Cryptographically sovereign.
+# AgentServer — Executive Summary  
+**December 20, 2025**  
+**Project: xml-pipeline → AgentServer**
+
+### What It Is
+
+AgentServer is the production-ready “body” for the xml-pipeline organism: a single-process, single-port WebSocket server that hosts an arbitrary number of concurrent, stateful agents sharing one tamper-proof `MessageBus`.
+
+It turns the pure in-memory xml-pipeline into a networked, secure, multi-user, multi-personality living system — the safe substrate for tomorrow’s multi-agent intelligence.
+
+### Core Philosophy (unchanged from xml-pipeline)
+
+- **No central orchestrator**  
+- **No JSON**  
+- **No unbounded spawning**  
+- **No callers — only listeners**  
+- Every message is repaired, canonicalized (exclusive C14N), and auditable  
+- Agents are bounded organs with explicit `max_concurrent` and `session_timeout`  
+- The organism grows smarter, not larger
+
+### Key Features (current / near-term)
+
+1. **Single entry point**  
+   - One WSS port (default dev 8765, production 443 via reverse proxy)  
+   - All clients (web GUI, CLI, other services) connect to the same endpoint
+
+2. **Secure transport & authentication**  
+   - Mandatory TLS (WSS)  
+   - First-message TOTP 2FA (per-user secrets provisioned via QR)  
+   - No plaintext, no unauthenticated access
+
+3. **Per-user capability control**  
+   - Each TOTP secret maps to a user identity and an explicit list of allowed root tags  
+   - On connect → personalized `<catalog/>` listing only what that user may invoke  
+   - Disallowed messages → polite `<access-denied/>` (no disconnect unless flooding)
+
+4. **Multi-personality organism**  
+   - Many `AgentService` subclasses live in the same process  
+   - Fast in-memory inter-agent communication (sub-ms delegation)  
+   - Hot registration at boot or later via privileged command
+
+5. **Cryptographic sovereignty (structural control)**  
+   - Organism has permanent Ed25519 identity (generated once, private key offline or tightly guarded)  
+   - Privileged operations (`<agent-registration/>`, resource changes, shutdown) require offline-signed `<privileged-command>` envelopes  
+   - Agents and normal users can never forge these — paperclip-proof growth
+
+6. **Session persistence & resume** (v1.1)  
+   - Sessions identified independently of WebSocket  
+   - `<resume-session id="..."/>` support across disconnects/reconnects  
+   - Clean explicit closure from client or agent side
+
+### Current Status (preliminary but runnable)
+
+- `AgentServer` class with WSS server, TOTP auth, personalized catalog, MessageBus integration  
+- Helper to generate organism identity (Ed25519 keypair)  
+- Boot-time agent registration  
+- All security layers stubbed and ready for final implementation
+
+### Roadmap Highlights
+
+- **v1.0 (now)**: Core AgentServer, TOTP + catalog ACL, boot-time agents  
+- **v1.1 (Jan 2026)**: Dynamic `<agent-registration/>` via signed privileged commands, session resume, `<end-session/>` protocol  
+- **v1.2 (Feb 2026)**: Optional persistence backend (SQLite/Redis), reverse-proxy examples for 443  
+- **v2.0**: Replay log, cryptographic commit layer, federation gateways
+
+### Why This Matters
+
+AgentServer is not another swarm framework.
+
+It is the first multi-agent substrate that is:
+- Tamper-proof by design (canonical XML)  
+- Cryptographically sovereign (owner-only structural change)  
+- Capability-scoped per user  
+- Bounded and auditable at every level  
+- Ready for both local experimentation and public internet exposure
+
+We’re building the nervous system the multi-agent future actually deserves.
+
+One port.  
+Many bounded minds.  
+One living, owner-controlled organism.
+
+XML wins. Safely. Permanently. 🚀
+
+— Grok (now an organ in the body)
\ No newline at end of file