Phase 0: Foundation Laid

2026-02-14

The first milestone of the Tesseras project is complete. Phase 0 establishes the -foundation that every future component will build on: domain types, -cryptography, storage, and a usable command-line interface.

What was built

tesseras-core — The domain layer defines the tessera format: ContentHash -(BLAKE3, 32 bytes), NodeId (Kademlia, 20 bytes), memory types (Moment, -Reflection, Daily, Relation, Object), visibility modes (Private, Circle, Public, -PublicAfterDeath, Sealed), and a plain-text manifest format that can be parsed -by any programming language for the next thousand years. The application service -layer (TesseraService) handles create, verify, export, and list operations -through port traits, following hexagonal architecture.

tesseras-crypto — Ed25519 key generation, signing, and verification. A -dual-signature framework (Ed25519 + ML-DSA placeholder) ready for post-quantum -migration. BLAKE3 content hashing. Reed-Solomon erasure coding behind a feature -flag for future replication.

tesseras-storage — SQLite index via rusqlite with plain-SQL migrations. -Filesystem blob store with content-addressable layout -(blobs/<tessera_hash>/<memory_hash>/<filename>). Identity key persistence on -disk.

tesseras-cli — A working tesseras binary with five commands:

init — generates Ed25519 identity, creates SQLite database
create <dir> — scans a directory for media files, creates a signed tessera
verify <hash> — checks signature and file integrity
export <hash> <dest> — writes a self-contained tessera directory
list — shows a table of stored tesseras

Testing — 67+ tests across the workspace: unit tests in every module, -property-based tests (proptest) for hex roundtrips and manifest serialization, -integration tests covering the full create-verify-export cycle including -tampered file and invalid signature detection. Zero clippy warnings.

Architecture decisions

Hexagonal architecture: crypto operations are injected via trait objects -(Box<dyn Hasher>, Box<dyn ManifestSigner>, Box<dyn ManifestVerifier>), -keeping the core crate free of concrete crypto dependencies.
Feature flags: the service feature on tesseras-core gates the async -application layer. The classical and erasure features on tesseras-crypto -control which algorithms are compiled in.
Plain-text manifest: parseable without any binary format library, with -explicit blake3: hash prefixes and human-readable layout.

What comes next

Phase 0 is the local-only foundation. The road ahead:

Phase 1: Networking — QUIC transport (quinn), Kademlia DHT for peer -discovery, NAT traversal
Phase 2: Replication — Reed-Solomon erasure coding over the network, -repair loops, bilateral reciprocity (no blockchain, no tokens)
Phase 3: Clients — Flutter mobile/desktop app via flutter_rust_bridge, -GraphQL API, WASM browser node
Phase 4: Hardening — ML-DSA post-quantum signatures, packaging for -Alpine/Arch/Debian/FreeBSD/OpenBSD, CI on SourceHut

The tessera format is stable. Everything built from here connects to and extends -what exists today.

- -