Architecture

SingularCore is built on a bifurcated architecture that physically separates reasoning from execution. This guarantees that if the AI hallucinates, your system does not crash.

System Overview

YouCOMMUNICATIONWebTelegramDiscordSlackWhatsAppiMessage🧠 THE BRAINPython AsyncIntent ClassifierMoA RouterExecutive AgentSkill RegistryModel ManagerMEMORYL1 RedisHotL2 pgvectorEpisodicL3 KuzuGraphL4 ArchiveCold🦾 THE MUSCLERust / C++SIMD IndexerC++Firecracker VMRustAudit LedgerSQLitegRPC BridgeRust🛡️ SECURITY LAYERSquid ProxyPodmanBreakglass🤖 MODEL LAYEROllama (Local)HuggingFaceCloud APIsDREAM CYCLEThe Pulse (60s)
Communication Layer
Web DashboardReal-time chat & monitoring
Telegram BotMobile commands & approvals
Discord BotSlash commands & embeds
+3 more
The Brain (Python)
Intent ClassifierFast-path regex + AI fallback
MoA RouterParallel agent orchestration
Executive AgentGoal decomposition & planning
+2 more
Memory Tier System
L1: RedisHot cache, sub-ms retrieval
L2: PostgreSQL+pgvectorEpisodic, semantic search
L3: Kuzu GraphKnowledge relationships
+1 more
The Muscle (Rust/C++)
SIMD IndexerC++ bare-metal code search
Firecracker SandboxRust micro-VM isolation
Audit LedgerSQLite WAL, append-only
+1 more
Security Layer
Squid ProxyNetwork whitelist (GitHub/PyPI only)
Rootless PodmanContainer escape prevention
Approval QueueTier-based human-in-the-loop
+1 more
Model Layer
Ollama100K+ local GGUF models
HuggingFaceOne-click model registry
Cloud APIsOpenAI, Anthropic, Google
+1 more

Self-Improvement Cycles

The Pulse
60 seconds
Health check, scheduled tasks, monitoring
Dream Cycle
2:00 AM
Performance review, pattern extraction, self-optimization
Micro-Dreams
Real-time
Instant repair on security breach or crash
Red Team
2x daily
Self-penetration testing, vulnerability patching

The Brain and The Muscle

🧠

The Cognitive Engine (The Brain)

Written in asynchronous Python

The Brain handles orchestration, memory, and LLM routing. It never touches your raw filesystem directly.

  • IntentClassifier & Task-Based MoA Router — Analyzes complexity, routes simple tasks to fast models, complex tasks trigger Mixture of Agents
  • Unified Memory Tier — Four-layer architecture (Redis → PostgreSQL/pgvector → Kuzu Graph → File Archive)
  • Skill Registry — Zero-trust plugin system with strict AST validation and blacklist pattern matching
🦾

The High-Speed Executor (The Muscle)

Written in memory-safe Rust and C++

The Muscle handles the dangerous work. It receives gRPC payloads from the Brain and executes them in isolated environments.

  • SIMD-Accelerated Indexer (C++) — Crawls massive enterprise NAS drives and monorepos at near bare-metal speeds
  • Firecracker Micro-VM Sandbox (Rust) — All AI-generated code runs in isolated sandboxes with strict cgroups resource limits
  • Audit Ledger — Immutable, append-only SQLite WAL database for forensic logging

Self-Improvement Cycles

⏱️

The Pulse

Every 60 seconds

Health checks, scheduled tasks, system monitoring. Your AI is always watching.

🌙

Dream Cycle

Nightly (2:00 AM)

Performance review, pattern extraction, self-optimization. Gets smarter while you sleep.

Micro-Dreams

Real-time

Instant repair on security breach or crash. Fixes itself in under 5 seconds.

🎯

Red Team Protocol

Twice daily

Self-penetration testing. Attacks itself to find and patch vulnerabilities.

Four-Tier Memory System

L1

Redis — Hot Memory

Fast access for recent conversations and active context. Sub-millisecond retrieval.

L2

PostgreSQL + pgvector — Episodic Memory

Semantic similarity searches across conversation history. Vector embeddings for context.

L3

Kuzu Graph — Knowledge Graph

Relationships between codebases, concepts, and patterns. Structured knowledge retrieval.

L4

File Archive — Cold Storage

Historical patterns and long-term logs. Compressed, indexed, rarely accessed.

Security Model: Tier-Based Actions

Actions are classified by impact level with corresponding approval requirements:

Tier 0: OBSERVE

Read-only operations. Automatic approval. Status, skills, dream summary.

Tier 1: COORDINATE

Sandboxed execution. Automatic. Goal submission, file reads, safe searches.

Tier 2: AUTONOMY

Local system changes. Internal review. File writes, staging deploys, code patches.

Tier 3: REASON

External/destructive actions. Human approval required. Production deploys, database changes.

Network Security

The agent has internet access, but it is physically restricted via Squid Proxy to a whitelist:

GitHub (code retrieval)
PyPI (package downloads)
Everything else blocked
Internal systems unreachable

This resolves 90% of enterprise "rogue agent" fears. Even if the AI wanted to, it physically cannot reach your internal systems.

Blast Radius Control

All AI-generated code runs in Firecracker micro-VMs with strict resource limits:

RiskDockerSingularCore (Podman + Rust)
Container EscapeKnown vulnerabilityMitigated by design
Privilege EscalationRequires rootRootless by default
Blast RadiusLimitedHardware-enforced isolation