Design System · MERIDIAN ZERO
Cold-Swiss · Graphite / Steel / Ultramarine · Human + Agent as peer co-editors
LAT 00.000 · LON 00.000
BUILD 0.1.0 · LIGHT MODE
SCR.ADashboard / Home
OVERVIEWRECENTSPACES
Northwind Eng / Overview
Search documents… ⌘K
⊹ 2026 · WK22 · TUE

Good morning, Nadia.

312 DOCUMENTS·6 SPACES·4 AGENTS ACTIVE
Documents
312
▲ 18 this week
Edits · 24h
1,204
Agent edits
487 / 40%
4 agents co-editing
Published
58
3 pending review
01Recently edited
View all →
DocumentLast editorUpdated
01
Runtime topology & co-hosting
platform / architecture
ARarchivistAI
 02m
02
Capability registry — SSOT
platform / specs
NANadia A.
 14m
03
Agent scope tiers & revocation
platform / security
JKLB
2 editors
 1h
04
Onboarding — new engineers
handbook / people
TMTheo M.
 3h
05
Markdown fidelity tiers
platform / specs
SMsummariserAI
 5h
02Activity ledger
AUDIT · LIVE
09:41
archivist proposed doc.suggest on Runtime topology — 1 insertion pending
09:38
Nadia A. ran doc.publishCapability registry
09:30
linter-bot applied doc.update · 4 blocks normalised
09:12
Jo K. ran collection.createSecurity
08:55
Theo M. ran doc.restore · recovered RFC-014
03

Spaces

6 TOTAL
SP·01
Platform
Architecture, specs, security & the kernel.
NAAR
128 docs · 2 agents
SP·02
Handbook
People, process, onboarding, rituals.
TMJK
64 docs · public
SP·03
Product
Briefs, decisions, release notes.
RP
47 docs · 1 agent
SCR.BDocuments · Space
COLLECTIONSHUMAN + AGENT EDITORSTABLE
Platform / Architecture / Topology
Filter in collection… /
◫ COLLECTION · SP·01 / ARCHITECTURE

Topology

STATUS · ALLEDITOR · ANYSORT ↓ UPDATED
TitleStatusEditorsWordsUpdated
01
Runtime topology & co-hosting
topology / runtime-topology
 In review
NAAR
 2,410 02m
02
Co-hosting & auth smoke
topology / co-hosting
 Published
NA
 1,884 3h
03
WS upgrade & presence channel
topology / ws-upgrade
 Draft
LB
linter-bot
 642 5h
04
Same-origin auth & cookies
topology / same-origin
 Published
JKTM
 3,120 1d
05
Embedded Hocuspocus port plan
topology / hocuspocus-port
 Draft
RPAR
 980 2d
06
Reader-path render projection
topology / reader-path
 In review
SMNA
 1,455 2d
ROWS 01–06 / 11 · HUMAN ◼ ULTRAMARINE · AGENT ◣ CYAN
SCR.CDocument · Reading view
TITLERICH BODYMETADATA
Platform / Architecture / Runtime topology
Published
⊹ RFC · PLATFORM / ARCHITECTURE · DOC #0a1e

Runtime topology
& co-hosting.

The Hono trunk is the top-level server: it hosts the SPA as static assets, the JSON-RPC capability surface, auth, MCP, and an embedded collaboration server — all on one owned port. This document fixes that decision and the four production-attach blockers it leaves open.

AuthorNA Nadia A.
Co-editorsAR archivist · AI
Versionv14 · snapshot
Words2,410
Updated2026·05·31

01 Decision

Adopt a single-process trunk. The HTTP server, the static SPA assets, the /auth and /mcp mounts, the event-rendered published HTML, and the embedded Hocuspocus collaboration server co-host on one http.Server instance. No second framework hosts the collaboration WebSocket.

Invariant. The WebSocket upgrade authenticates the principal from the same-origin cookie before any document is reachable; per-document authorization runs at onAuthenticate. A rolled-back SQL transaction must never leave a mutation resident in the live Y.Doc once clients attach.

02 Co-hosting mechanism

The trunk owns the server; raw ws in noServer mode receives the upgrade and hands the connection to Hocuspocus. Static assets are served from the SPA build directory; everything else routes through the capability surface.

server.ts · upgrade handoffTS
// one owned http.Server — all surfaces co-host
server.on("upgrade", async (req, socket, head) => {
  const principal = await resolver.fromCookie(req);
  if (!principal) return socket.destroy();
  ws.handleUpgrade(req, socket, head, (conn) =>
    hocuspocus.handleConnection(conn, req, { principal })
  );
});

03 Open blockers

  • Role-aware read / write at onAuthenticate, not the tenant-only floor.
  • An Origin check on the WebSocket upgrade.
  • Revocation freshness on the upgrade-time principal snapshot.
  • Enforce the onAuthenticate invariant by construction, not by convention.
SCR.DDocument · Editor AGENT CO-EDITING LIVE
SLASH MENUBLOCK HANDLESTRACKED AGENT SUGGESTION
Platform / Topology / Runtime topology
1 SUGGESTION
Live NA Nadia A. AR archivist · AI Synced · CRDT converged · v14
+
Runtime topology & co-hosting.
+
The Hono trunk is the top-level server: it hosts the SPA as static assets, the JSON-RPC capability surface, auth, MCP, and an embedded collaboration server — all on one owned port.
+
01 — Decision
+
Adopt a single-process trunk. The HTTP server, static SPA assets, the /auth and /mcp mountsarchivist
+
A rolled-back SQL transaction must not break thenever leave a mutation resident in the live Y.Doc once WebSocket clients attach.
ARarchivistSG·01
not break the never leave a mutation resident in the live Y.Doc…
Tightens the invariant wording per ADR 0030 — “resident in the live Y.Doc” matches the rollback-eviction guarantee.
+
Type / for blocks, to ask an agent…
BLOCKS/co
Text
H2 Heading 2 ##
<> Code block ```
Table
" Callout
AGENT ACTIONS
Ask agent to draft ⌘↵
Summarise selection
SCR.EAdmin · Members
USERSAGENTSTEAMSSCOPES
Administration / Members
Search members… ⌘K
◑ WORKSPACE MEMBERS

Members & agents.

34 USERS·4 AGENTS·7 TEAMS
MemberKindTeamRole / ScopeLast activeAudit
NA
Nadia Ahmadi
nadia@northwind.eng
 Human Platform Admin now 2,104
AR
archivist
agent · token #a7c1 · created by Nadia
 Agent Platform Editor
writing… 487
JK
Jo Kerrigan
jo@northwind.eng
 Human Security Editor 12m 988
LB
linter-bot
agent · token #3f02 · created by Jo
 Agent Security Author
09:30 1,240
TM
Theo Mensah
theo@northwind.eng
 Human Handbook Member 3h 512
SM
summariser
agent · token #9d4e · created by Nadia
 Agent Product Read-only
5h 203
SCOPE TIERS · READ → AUTHOR → EDITOR → ADMIN · AGENT TOKENS REVOCABLE PER ROW
MERIDIAN ZEROSPACE GROTESK · ARCHIVO · JETBRAINS MONOWCAG 2.1 AALIGHT MODE