Architecture

What is the Areev architecture?

Areev is a single Rust crate compiled into one static binary that combines an HTTP/gRPC server, an LSM-tree storage engine, full-text and vector search indexes, a knowledge graph, and envelope encryption into a self-contained context database.

The server layer uses Axum for HTTP (serving 197 REST endpoints under /api/) and Tonic for gRPC. Both protocols share the same underlying AI memory engine, which coordinates writes, recalls, and forget operations across the storage and index subsystems. The engine enforces governance policy on every operation — retention checks, consent verification, and audit event emission happen inline, not as post-processing steps.

The storage layer uses Fjall, an embedded LSM-tree engine written in Rust, for durable grain persistence. On top of Fjall, three index subsystems provide different query modalities: Tantivy for BM25 full-text search, HNSW (via USearch or FAISS) for vector similarity search, and a hexastore for entity-relation triples. The autonomous memory engine routes each query to the appropriate index and fuses results using reciprocal rank fusion (RRF) when multiple indexes contribute hits.

How does a write flow through the system?

A write request enters through HTTP or gRPC, passes through authentication, policy enforcement, and encryption, then lands in Fjall LSM storage with parallel index updates.

The AI agent memory engine receives the grain payload and first validates it against the active governance policy — checking retention rules, required consent scopes, and content constraints. If the policy check passes, the engine serializes the grain into the .mg binary format (9-byte header + canonical MessagePack), encrypts the payload with a random per-user AES-256-GCM data encryption key (DEK) wrapped by the customer master key (CMK), and writes the encrypted .mg blob to Fjall.

In parallel, the engine updates the applicable indexes: inserting the grain’s text content into Tantivy for full-text search, computing and storing the embedding vector in the HNSW graph for similarity search, and adding any entity-relation triples to the hexastore. A bloom filter over the superseded set provides fast probable-not-superseded checks. Finally, the engine emits a GrainStored audit event and, if hooks are enabled, enqueues a CDC event for webhook delivery. The context database confirms the write only after all durable operations complete.

How does recall query multiple indexes?

Recall scatters the query across applicable indexes (BM25, HNSW, hexastore), gathers ranked results, and applies reciprocal rank fusion (RRF) to produce a unified ranking.

The AI memory engine analyzes the recall request to determine which indexes to query. A text query hits Tantivy BM25. A vector query hits the HNSW graph. A relation query hits the hexastore. Hybrid queries fan out to multiple indexes simultaneously. Each index returns a ranked list of grain IDs with scores. The engine applies RRF fusion to merge these lists into a single ranking that balances contributions from each index.

After fusion, the engine applies post-retrieval filters: governance policy checks (excluding grains with expired retention or revoked consent), diversity reranking (reducing redundant results), and contradiction detection (flagging grains that contradict each other). The entity_latest partition provides fast lookups for the most recent version of entity-type grains, supporting use cases where only the current state matters. The context database returns the final ranked list with content, metadata, and relevance scores.

What are the 37 feature flags?

Areev compiles as a single Rust crate with 37 Cargo feature flags that control which capabilities are included in the binary, grouped into five compound build profiles.

Feature flags allow you to produce binaries tailored to specific deployment scenarios. The edge profile (~4.7 MB) includes FTS, HTTP, auth, CAL, import, and basic metrics — a lightweight build suitable for resource-constrained deployments without gRPC, MCP, A2A, vectors, or app UI. The dev profile (the default) includes FTS, HTTP, gRPC, MCP, A2A, app UI, import, CAL, chat, hooks, vector search, auth, reranking, and metrics. The node profile is a full-featured single-box production build with signing, PII NER, Vault, and AWS KMS key backends. The cluster profile adds distributed Raft consensus and OpenTelemetry. The cloud profile enables everything for SaaS deployment including billing metering and Pilot-managed identity. Each flag maps to a Rust module that is conditionally compiled, so unused features add zero runtime overhead.

Key individual flags include fts (Tantivy BM25), vector (HNSW via USearch/FAISS), http (Axum REST API), grpc (Tonic), mcp (Model Context Protocol), a2a (Agent-to-Agent protocol), auth (email/password + OAuth), hooks (CDC + webhooks), import (PDF/DOCX/PPTX/HTML extraction), cal (Context Assembly Language), chat (conversational memory), distributed (Raft clustering), signing (COSE Sign1 Ed25519), and three key backend flags (vault, aws-kms, pkcs11). The autonomous memory engine’s core (write, recall, forget, policy enforcement, encryption) is always included regardless of feature flags.