Validation Graph — design walkthrough
The validation graph is Aucert's knowledge layer — a two-graph system (per-tenant Tenant Graph + singular Aucert-owned Ecosystem Graph) that holds everything we know about our customers' apps, policies, and people. It's continuously enriched by the rover swarm and is the substrate against which test outcomes, agent decisions, and app behavior are validated.
Open the interactive walkthrough
The full design is captured in a self-contained interactive HTML walkthrough with 17 sections, embedded Mermaid diagrams, decision cards, and worked examples:
The walkthrough covers:
- The two-graph framing (Premise)
- All 13 design principles (P1–P13)
- The substrate model (claims, (a′) hybrid, retraction, validation status, time, identity, partitions)
- Tenancy + partitioning + tag-based scoping
- Identity + ACL (built-in roles + custom roles + CEL policies; granularity; actions; combination; default; traversal; storage)
- Conditions + variables (CEL grammar, inference, Kleene three-valued logic)
- Type system (3-layer registry, required-core + extensions, single inheritance + interfaces)
- Embeddings + AI integration (
Embeddedinterface, pluggable VectorIndex, multi-model coexistence,search_semanticAPI) - Cross-graph references (
eco:prefix scheme) - API shape (gRPC core + REST/NL/GraphQL adapters)
- Multi-deployment + entitlement enforcement (cloud / on-prem / OSS)
- Tech choice (Postgres + pgvector + migration triggers)
- The 5 plug-in abstractions
- Scale envelope
- Future enhancements (F1–F10 + named extensions)
- What's next (POC + implementation roadmap)
How this fits with the existing internal docs
This walkthrough is the readable companion to SPEC-035 — Validation Graph in the formal spec corpus. The full design lineage:
| Document | Purpose | Audience |
|---|---|---|
| SPEC-035 | Formal spec (frontmatter, structured sections, ready for approval) | Spec reviewers; implementation team |
| Design notes | Full reasoning, alternatives, worked examples, NL ↔ structured pairs (~1500 lines) | Architects; future contributors who need the why |
| Architecture summary | 3-page distillation with Mermaid diagrams | Quick read for context |
| Walkthrough HTML | Interactive visual walkthrough — this page | Team explanation; design reviews; onboarding |
| POC plan | Day-1 validation POC scope + scenarios | Engineer kicking off the POC |
| Implementation roadmap | Preliminary 8-phase build plan | Tech leads; project planning |
Status
- Design: locked. All graph-shaping decisions (D1–D26 + sub-decisions) settled. P1–P13 principles. F1–F10 + 5 named extensions. C1–C4 future-compat constraints.
- SPEC-035: draft; awaiting team review before approval.
- Implementation: not yet started. POC kickoff is the immediate next step.
- Operational backlog: ~15 Q-* items parked for later (validation workflow mechanics, pod architecture automation, embedding rollout, migration playbook, etc.).
Related ADRs
- ADR-005 — PostgreSQL+JSONB for Knowledge Graph MVP — superseded in scope by SPEC-035 (2026-05-15 amendment).
Feedback
Reviewing the walkthrough? Add comments to SPEC-035 in the PR or raise issues against the design notes. Specific Q-* items that are out of scope for SPEC-035 will be addressed via separate specs as their time comes — see the design notes' "Operational" section for the full backlog.