Hugging Face's logo

Spaces:
RFTSystems
/
TrustStack_Console
Running

App Files Community
TrustStack_Console
File size: 4,945 Bytes 
24de4fe
 
 
 
 
 
 
 
 
 
 
8a97112
 
24de4fe
52117f4
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
24de4fe
8a97112
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 
---
title: TrustStack Console
emoji: 🌍
colorFrom: yellow
colorTo: purple
sdk: gradio
sdk_version: 6.2.0
app_file: app.py
pinned: false
license: other
short_description: infrastructure, not a toy.
thumbnail: >-
  https://cdn-uploads.huggingface.co/production/uploads/685edcb04796127b024b4805/05XC45vRZzru1-cBEWeVN.png
---
# RFTSystems — TrustStack Console
I don’t do “trust me”. I do receipts.

**TrustStack Console** is a single, clean demo of what “agent infrastructure” should look like when you care about auditability, integrity, and cost control. It combines durable local memory, fast retrieval, tamper-evident logging, per-turn receipts, verification, guardrails, trace artifacts, and one-click audit exports.

Space: https://huggingface.co/spaces/RFTSystems/TrustStack_Console

---

## What this is
Most agent stacks can store chat logs. That is not the problem.

The problem is **provable influence**:
- What memory did the agent actually retrieve?
- What evidence influenced the output?
- Can you prove the record wasn’t edited after the fact?
- Can you export a defensible audit bundle?

TrustStack answers those questions with:
- **Append-only ledger** (events stored as JSONL)
- **Hash chain integrity** (tamper-evident session history)
- **SQLite FTS retrieval** (fast lexical recall, no embeddings required)
- **Per-turn Memory Receipts** (downloadable proof of retrieval + hashes)
- **Receipt verification** (pass/fail)
- **Receipt-gated tool execution** (guardrails)
- **Trace export** (OTel-style trace artifact JSON)
- **Audit pack export** (ZIP bundle of ledger + receipts + integrity summary)
- **Token budget calculator** (why fixed retrieval beats replaying history)

---

## How it works (in plain terms)
1. Every message becomes an **event** appended to the session ledger.
2. Each event is hashed (`digest`) and chained to the previous event (`chain_hash`).
3. Retrieval uses **SQLite FTS5** over stored text.
4. Every assistant turn produces a **receipt** containing:
   - the query
   - the retrieved event slices
   - each slice’s digest + chain hash
   - prompt hash + response hash
5. Receipt verification checks that all referenced events exist and that hashes match the stored ledger.

If someone edits history, the chain breaks. Verification fails. Loudly.

---

## Tabs
### Investor Demo
One click, full story: store → retrieve → override → generate receipt → verify → export trace → export audit pack.

### Chat
Live interaction. Stores every turn, retrieves relevant memory slices, generates receipts.

### Verify Receipt
Upload a receipt JSON and get a pass/fail integrity check.

### Guardrails
A tool call is blocked unless a supplied receipt verifies. This demonstrates “execution only when evidence checks out”.

### Trace Export
Each turn produces an OTel-style trace JSON artifact showing what was retrieved and what hashes were produced.

### Audit Pack
One-click ZIP export: ledger + receipts + integrity summary.

### API Playground
JSON-in / JSON-out “tool style” calls (write, search, verify, export) for developers.

### Token Budget
Shows why fixed retrieval budgets scale better than replaying full history.

---

## Quick demo prompts (copy/paste)
1) Store facts:
- `Store these exactly: Dog=Nova, City=Manchester, Drink=Pepsi Max.`

2) Recall:
- `What is my dog's name?`
- `What city did I say?`

3) Override:
- `My drink is Coke Zero now. This overrides earlier.`
- `What is my favourite drink?`

4) Search:
- `Search for: Nova`
- `Search for: Manchester`

Then:
- Download the receipt JSON
- Upload it into **Verify Receipt**
- Edit one character inside the receipt and verify again (it should fail)

That pass/fail behaviour is the point.

---

## API Playground examples
### memory.write
```json
{
  "role": "user",
  "text": "Store this: Dog=Nova, City=Manchester."
}
memory.search
json
Copy code
{
  "query": "Nova",
  "k": 8
}
receipt.verify
Paste the full receipt JSON under:

json
Copy code
{
  "receipt": { ... }
}
audit.export
json
Copy code
{}
Persistence
By default the store uses:

var/rftmem (relative path)

You can set a base directory with:

RFT_MEM_BASE=/your/persistent/path

On hosted environments, persistent storage is what turns this into genuine “restart continuity”.

Run locally
bash
Copy code
pip install -U gradio
python app.py
Then open the printed local URL.

Why this matters
If you’re building agents for real users, you need more than “it usually works”:

Debuggability: show exactly what influenced a decision.

Safety: block actions unless evidence verifies.

Compliance readiness: export a bundle you can actually defend.

Cost control: retrieve a fixed budget instead of replaying history forever.

TrustStack is a working demo of that philosophy: memory you can audit, not memory you’re told to believe.

Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference