# Eldric AIOS 5.0 — Feature Catalogue

> **Version:** 5.0.0 (alpha118)
> **Last regenerated:** 2026-05-14
> **Companion:** [features.html](https://eldric.ai/features.html) is the public-site landing page; this file is the canonical source.
> **Scope:** Everything Eldric AIOS 5.0 can do or has implemented, one short paragraph per feature, grouped by domain. Stub / aspirational items are tagged `WIP`.

---

## 1. Core AI Operating System

### 1.1 Distributed Kernel
A microkernel-style C++ runtime (`cpp/src/kernel/`) that hosts independent modules (edge, controller, router, data, agent, media, comm, science, training, inference, iot, swarm, nova) each on its own port. Modules communicate via internal syscalls plus a uniform HTTP API. Header-only modules can be added or removed without rebuilding the kernel.

### 1.2 Module Auto-Discovery
Every kernel instance advertises the modules it actually has *activated for that node's role*. The controller's topology view aggregates the cluster-wide module map so the chat shell can render only the features that are reachable.

### 1.3 Topology Push
The controller pushes a `cluster_topology` blob to workers on registration and on every heartbeat (swarm URLs, data-worker URLs, peer inference URLs, router URLs, agent-worker URLs, media-worker URLs). Workers no longer need manual `--swarm-url` / `--data-workers` / `--peer` CLI flags.

### 1.4 Cluster Discovery Service
mDNS / DNS-SD discovery (`/api/v1/cluster/discover`, §38) finds `_eldric._tcp` peers on the LAN. Three backends behind one PIMPL — Bonjour on macOS, Avahi on Linux (dlopen, no hard link dep), stub elsewhere.

### 1.5 EIS / ENS Identity
EIS (Eldric Identity System, §95) gives every device a 32-domain × 411-device-code identifier. ENS (Namespace System, §96) maps friendly names to tenants and roles. Every request can carry an `X-Eldric-Source` header so observability can attribute traffic to a physical or virtual origin.

### 1.6 Tenant Guard
Header-only `kernel::tenant_guard::deny_if_cross_tenant()` (§103) enforces tenant scope on data, storage, vector, memory, agent, comm, swarm and tenant paths. Cross-tenant attempts get `403`. Superadmin and `_system` escape hatch for cluster-internal calls.

### 1.7 Capability Tokens & Two-Factor Auth
Short-lived JWTs minted at login, refreshed via `/api/v1/auth/refresh`. TOTP enrolment for 2FA on admin tenants. The Edge enforces 2FA on all admin-class paths.

---

## 2. Inference

### 2.1 Unified Backend Layer
Inference is abstracted behind `backends::InferenceBackend`. Eleven backend types: Ollama, vLLM, TGI, llama.cpp, MLX, NVIDIA Triton, TensorFlow Serving, TorchServe, ONNX Runtime, OpenAI-compatible, and the native Eldric Cluster pass-through.

### 2.2 Cloud Backend Aggregation
The cloud worker (`8889`) federates OpenAI, Anthropic, xAI/Grok, Together, Groq, DeepSeek, Mistral, Cohere, Fireworks and Perplexity behind one OpenAI-compatible endpoint. Priority-based routing with fallback. Auto-discovers models from connected backends.

### 2.3 Native Inference (no external backend)
`eldric-inferenced` (`8883`) loads GGUF and xLSTM models directly with embedded llama.cpp — no Ollama, no vLLM, no external runtime. Preloading, continuous batching, speculative decoding with a draft model, multi-GPU tensor splitting, prompt KV-cache warm-up, auto-unload on idle, model distribution between peers, and pipeline parallelism.

### 2.4 OpenAI Drop-In
`/v1/chat/completions`, `/v1/completions`, `/v1/embeddings`, `/v1/models` work as drop-in replacements for the OpenAI SDK. Native tool calling, vision, JSON mode, streaming, and the `tools` parameter all proxy correctly Edge → Router → Worker.

### 2.5 Real Streaming Through the Stack
Zero-copy SSE proxy through Edge → Router → Worker → backend. First-chunk doubling fix shipped in alpha84.

### 2.6 Tool-Calling Modes
Per-model selectable: `auto`, `native`, `antml` (XML), `emphatic` (XML with extra emphasis for small models). Native mode passes `tools` to the backend and parses `tool_calls`; XML mode embeds tool docs in the system prompt and regex-parses output.

### 2.7 Embeddings Provider Layer
Ollama, OpenAI, vLLM, and a local TF-IDF fallback. The data worker auto-picks an embedding provider on ingest; the router can fall back to peer embeddings (alpha76).

---

## 3. Routing

### 3.1 Eight Load-Balancing Strategies
`round_robin`, `least_connections`, `least_latency` (default), `weighted_round_robin`, `random`, `ip_hash`, `priority`, `ab_test`.

### 3.2 Intent Classification
A small router model classifies every request into one of 13 intents (PlainChat, RAGQuery, AgentInvoke, SwarmRequest, MemoryStore/Recall, DataOperation, ScienceQuery, MediaRequest, CommRequest, TrainingRequest, IoTRequest, ADMIN) and forwards to the right worker class. Router v3 trains an 8B Llama via QLoRA NF4 with 16-layer LoRA.

### 3.3 Theme Detection
Medicine, legal, code, finance, science, creative, general — each with a default model and per-rule overrides. Themes can be loaded from a JSON file or added at runtime.

### 3.4 AI-Powered Routing
Optional LLM-controlled worker selection (`none` / `advisory` / `autonomous`) when algorithmic strategies aren't enough. The router calls the configured Ollama model with a structured prompt and parses its JSON answer.

### 3.5 Ensemble Mode
`/api/v1/ensemble` fans a request out to multiple models, then synthesises the answers via a designated synthesiser model.

### 3.6 Session Stickiness & Memory
Sessions can be sticky-routed by IP or session ID. With `--memory` the router stores and recalls short-term conversation state through the data worker.

### 3.7 xLSTM Workload Predictor (`WIP`)
Optional xLSTM checkpoint that predicts upcoming load and shapes routing decisions.

---

## 4. Data

### 4.1 Multi-Tenant File Storage
The data worker (`8892`) gives each tenant an isolated namespace under `${ELDRIC_DATA_DIR}/storage/tenants/{id}/`. Quotas, per-mime ACLs, signed URLs.

### 4.2 Chunked Upload Protocol (§107)
Resumable uploads with 4 MB chunks and a 24 h TTL on incomplete uploads. Browser slices via `File.slice()` / `FileReader`; one POST per chunk. A janitor thread sweeps abandoned chunks.

### 4.3 Vector / RAG Storage
SQLite, FAISS, ChromaDB, or in-memory backends per namespace. Multi-tenant. Hybrid BM25 + vector search. Auto-chunk + ingest. Re-embed on document edit (KB editor uses the new monotonic `version` column).

### 4.4 Matrix Memory (mLSTM-inspired)
The data worker maintains a hierarchical associative memory built from outer-product updates: `M = decay·M + importance·(v⊗k)`. Domain → Project → Run levels. Compressed, generalising recall sits alongside the exact vector store. `.emm` v3 binary format: 128-byte header, 64 KB blocks, CRC32 per block, WAL + checkpoint.

### 4.5 Replication
Four modes: none, async, sync, quorum. rsync-over-SSH between data workers (replaced the alpha116r echo stub in alpha116t). Per-target throttle. SSH-key auth.

### 4.6 NFS Server
Integrates with `nfs-ganesha`. Generates `/etc/ganesha/ganesha.conf` from the dashboard, reloads ganesha via DBus. Per-tenant exports, remote-data-worker mounts to aggregate storage, systemd mount-unit generation.

### 4.7 Database Connectors
SQLite, PostgreSQL, MySQL, DB2. Each registered DB exposes `/query`, `/execute`, `/schema` endpoints. Used by the Database agent and the Connector node in training chains.

---

## 5. Agentic Workflows

### 5.1 Agentic RAG (ReAct)
The agent worker (`8893`) iterates Thought → Action → Observation up to a configurable cap. Tools include vector search, web fetch, file read, and any swarm-registered tool.

### 5.2 Query Decomposition
`/api/v1/agent/decompose` rewrites a complex question into a set of sub-questions, then executes them in parallel.

### 5.3 Multi-Agent Roles
Fifteen agent types — General, Researcher, Coder, Validator, Planner, Analyst, Explorer, Runner, Searcher, Database, Learner, Network, Spider, Email, Ansible. Each has a constrained tool allowlist.

### 5.4 Orchestration Patterns
Sequential, parallel, MapReduce, dependency-graph. The agent orchestrator picks the right pattern by the workflow graph.

### 5.5 Workflow Engine
Multi-step workflows registered via `/api/v1/agent/workflows`. Each step can call any agent, tool, or sub-workflow. Swarm-registered workflows are discoverable cluster-wide.

### 5.6 Training-Data Generation
`/api/v1/agent/generate-training` walks a KB and emits LoRA-ready JSONL — `code_qa`, `chat`, `alpaca`, `dpo`. Used to bootstrap router training and domain adapters.

### 5.7 Tool Permissions (§113)
Per-role tool picker (`/api/v1/me/tools`). The webchat tools-modal renders the slice of tools the caller may use, and gates execution server-side.

### 5.8 Auto-Orchestration
The orchestrator agent inspects a goal, picks a topology, instantiates the required agents on the right workers, and runs the swarm. The user describes intent; the orchestrator handles execution.

---

## 6. Communication

### 6.1 Seven Messaging Protocols
Email (IMAP/SMTP with OAuth + STARTTLS + AUTH=LOGIN), SMS (Twilio or HTTP gateway), WhatsApp (Business API or self-hosted bridge), Signal (signal-cli with E2E), Microsoft Teams (Graph API), XMPP (native), VoIP (SIP/RTP). One `unified message` envelope flows across all of them.

### 6.2 Real-Time Inbox
IMAP IDLE listener, Twilio / Graph / signal-cli webhooks on port 8896. Inbound messages persist via the data worker and index into the comm RAG.

### 6.3 AI Auto-Response with Approval
Configured tenants generate AI replies, queue them at `/api/v1/comm/ai/queue`, and require human approval before send.

### 6.4 AI Voice Calls
SIP/RTP calls with STT/TTS via the media worker. Call transfer, DTMF, voicemail with auto-transcription, hold, IVR. SRTP for encrypted media.

### 6.5 Semantic Message Search
`/api/v1/comm/search` runs vector search over the full message history across protocols.

### 6.6 Telecom-Grade Audit
Optional syslog + CDR export with TLS-protected transport for telecom compliance (`--syslog-server`, `--audit-cdr`).

---

## 7. Media

### 7.1 STT (Speech-to-Text)
Whisper.cpp, OpenAI Whisper API, Faster-Whisper. Streaming and batch. Speaker diarisation on Pro+.

### 7.2 TTS (Text-to-Speech)
Piper, ElevenLabs, OpenAI TTS. Streaming SSE. Voice cloning on Pro+.

### 7.3 Audio Analysis
Sentiment, prosody, embedding generation, scene segmentation.

### 7.4 Video Processing
FFmpeg pipeline: keyframe extraction, scene-cut detection, full-video transcription, embedding generation.

### 7.5 Multimedia RAG
Audio and video content indexed and searchable through `/api/v1/rag/search`. Used by the comm worker for voicemail recall and by the chat shell for inline media references.

### 7.6 Voice Chat
End-to-end `/api/v1/voice/chat`: audio in → STT → LLM → TTS → audio out. Single round-trip endpoint suitable for mobile clients.

---

## 8. Science

### 8.1 Source Registry (§43)
The science worker (`8897`) exposes one entry per data source — catalog metadata, credentials, enabled flag. Admins toggle sources; users see only the enabled ones. The `custom` category is the plugin entry point — admin-added sources land here with zero code changes.

### 8.2 Sixteen Categories
`oa_papers`, `space`, `particle_physics`, `genomics`, `neuroscience`, `medical`, `chemistry`, `earth`, `climate`, `astronomy`, `archaeology`, `legal`, `patents`, `funder`, `industry`, `custom`. Each surfaces a read-only category-alias endpoint.

### 8.3 Eleven LLM Tools
Five user tools (`science_list_sources`, `science_list_catalog`, `science_get_source`, `science_request_activation`, `science_list_pending`) and six admin tools (`science_set_enabled`, `science_add_source`, `science_remove_source`, `science_set_credentials`, `science_approve_request`, `science_reject_request`). Filtered by role.

### 8.4 28 Built-In Sources
NASA, ESA, JAXA, ISRO, Hubble, JWST, CERN, LIGO, GWOSC, SDSS, USGS Earthquakes, NOAA, IBM Quantum, Materials Project, Ensembl, ENCODE, GTEx, Allen Brain Atlas, OpenNeuro, GBIF, OBIS, Clinical Trials, WHO, OpenFDA, PubMed, IAEA, FAOStat, PaleoBio. Plus the legacy per-provider endpoints kept for backwards compatibility.

### 8.5 Bioinformatics
DNA / RNA / protein analysis, translation, alignment, BLAST search, variant calling.

### 8.6 Pharmaceutical
Compound lookup, molecular docking, ADMET prediction, structure retrieval, AlphaFold integration.

### 8.7 CRISPR
Guide RNA design, off-target analysis, base editing, prime editing.

### 8.8 LIMS
Sample tracking, experiment management, audit trails. GLP and FDA 21 CFR Part 11 compliance modes.

### 8.9 OA Monitor Integration
The `ai-papers-at` knowledge base mirrors the OBVSG OA Monitor — 14 671 documents, doc IDs map to OBVSG record UUIDs.

---

## 9. Training

### 9.1 Six Training Backends
Unsloth (CUDA, 2× LoRA speedup), Axolotl (YAML-driven), TRL (RLHF / DPO), DeepSpeed (multi-GPU), MLX (Apple Silicon), llama.cpp (GGUF training). xLSTM coming via the new daemon.

### 9.2 Eight Training Methods
LoRA, QLoRA, SFT, DPO, RLHF, PPO, Full Fine-Tune, Distillation.

### 9.3 Training Chains
Visual node-based chains: data source → AI generator → trainer → evaluator. Templates for QA pipeline, code QA, alignment.

### 9.4 Latent Reasoning
COCONUT (chain of continuous thought), Quiet-STaR (self-taught reasoner), pause tokens, hidden CoT, DeepSeek Dynamic Sparse Attention.

### 9.5 Federated Learning (§44)
Multi-round federated training across worker nodes. Controller broadcasts `cluster://training/federated/{job}/round-N`, workers train locally, the controller aggregates and starts the next round.

### 9.6 Knowledge Distillation (§50)
Model → EMM distillation. Source chunks are turned into Q+A pairs by an LLM, both sides embedded, and the pair is written as an outer-product association into matrix memory.

### 9.7 GPU Inventory
`/api/v1/gpus` reports utilisation across the cluster. Multi-GPU jobs schedule against the live inventory; cluster currently has one LLM-tier GPU (RTX 4070 Ti / 12 GB on .47) and one router-tier GPU (RTX 2080 / 8 GB on .12).

---

## 10. IoT

### 10.1 Consumer IoT
Netatmo (weather, security), HomeKit, Matter. Device pairing and attribute read/write over the IoT worker's API.

### 10.2 Industrial Protocols
OPC-UA (PLCs, SCADA, DCS), Modbus TCP/RTU, MQTT Sparkplug B. Standard industrial alarm management and time-series historian.

### 10.3 Manufacturing
Recipe management, OEE (Overall Equipment Effectiveness) calculation, store-and-forward buffering for reliability.

### 10.4 Predictive Maintenance
Live tag values flow into matrix memory; an inference worker runs anomaly detection and emits maintenance scores at `/api/v1/iot/predictive`.

---

## 11. Swarm

### 11.1 Six Topologies
Hierarchical, peer-to-peer, ring, star, mesh, hybrid. Topology is mutable at runtime.

### 11.2 Multi-Agent Worker Pool
Swarm registers agent workers (`/api/v1/agent-workers`) and picks the best one per task by health and load (least-connections).

### 11.3 MCP Discovery
`mcp_discovery.h` finds MCP servers on the LAN and registers them as tool providers. The swarm controller exposes them through `/api/v1/mcp/servers`.

### 11.4 Inter-Agent Messaging (UAP)
Agent invocation port `8886` speaks the UAP (Universal Agent Protocol). One unified envelope: task / response / event / error.

### 11.5 Goal-Driven Execution
Set a goal on a swarm and let the topology + agents work it out. Logs trace every reasoning step.

---

## 12. NOVA (Experimental)

### 12.1 Goal System
Priority engine + goal generator + persistent goal DB. Goals can be submitted by users, sub-goals decomposed by reasoning.

### 12.2 Tri-Memory Architecture
Episodic (events), semantic (facts), procedural (skills). Each is a queryable corpus.

### 12.3 Reasoning Engine
Logic engine, planner, verifier. Plans are verified before execution.

### 12.4 Meta-Learning
Self-modification module attempts to improve NOVA's own routines. Strict safety constraints + sandbox + kill-switch gate any change.

### 12.5 Dream Engine (§42)
NOVA can dream — pull completed sessions, extract themes via an LLM, ingest them into matrix memory. Cadences: manual, hourly, nightly, continuous, on-idle. Two session sources: filesystem and in-memory.

---

## 13. Cluster Operations

### 13.1 Rolling Upgrade (§70)
`/api/v1/cluster/updates/apply` drains each node, installs the new RPM, restarts, validates, then moves on. Auth via `X-Eldric-Cluster-Secret`. Per-run status is persisted in the `cluster_update_runs` SQLite table.

### 13.2 Backup & DR (§40)
Local-destination snapshots of controller state, vector storage, matrix memory, tenant configs, license, edge plugins. Manifest with SHA-256 per blob. Restore is idempotent.

### 13.3 4.x → 5.0 Migration (§85)
Walks a 4.x data tree (vector, memory, oamonitor, agent, comm, science) and replays it into 5.0 syscalls. Vector + memory + oamonitor are real converters (alpha116t); agent/comm/science are still stubbed.

### 13.4 PKI (§39)
Internal CA + Let's Encrypt ACME via `certbot`. Issuance, renewal, deploy + reload. Master fans out via `pki_post_to_peer_()` with cluster secret auth.

### 13.5 Audit Ledger
Append-only, hash-chained audit log. Coverage gap acknowledged in alpha118a — admin handlers must call `audit::append` for chain density; chain integrity is sound either way.

### 13.6 Plugin Marketplace (§80)
Browse catalogue, install with sha256 archive verification + manifest validation, uninstall, update. Edge-served because plugins extend the chat shell.

### 13.7 OpenTelemetry / OTLP Export (§90)
Opt-in OTLP-HTTP exporter for spans, counters, histograms. Low-cardinality span path normalisation so dynamic IDs don't blow up cardinality.

### 13.8 Webhooks & Event Bus (§75)
Outbound webhooks with HMAC-SHA256 request signing. Failed deliveries auto-disable after a threshold; admin re-enables via PATCH.

### 13.9 Per-Tenant Theming (§99)
Each tenant has its own theme (colours, fonts, sidebar layout) plus optional logo. Public GET, admin-gated PUT. `custom_css` is HTML-sanitised server-side.

### 13.10 Cluster-Wide Webchat Dashboards
Admin (`/admin`) plus the new Knowledge Browser dashboard (~1118 LOC vanilla JS) for KB management. Wired under the Cluster nav group.

---

## 14. Edge

### 14.1 Public Gateway
TLS termination (443 / 80), API-key authentication, rate limiting (global, per-IP, per-key, sliding window). Routes requests to one or more routers. Health-checks upstreams.

### 14.2 Embedded Webchat
`/chat` serves a vanilla-JS single-page app — model selector, streaming chat, conversation history, modals (settings / model picker / tools / KB / share / theme), inline artifacts. Six modals, no right panel, Frost theme default. Mobile + keyboard-shortcut polish landed in alpha82+.

### 14.3 Embedded Login
`/login` when API-key auth is required. 2FA TOTP flow optional.

### 14.4 Plugin Host
Plugin types: Tool (Python subprocess via JSON-RPC), Filter (inlet pre-LLM, outlet post-LLM), Pipe (virtual model), Action / Widget (client-side JS). Plugins live under `${ELDRIC_DATA_DIR}/edge/plugins/`. Valves configurable per plugin.

### 14.5 Signed Share-Links
Conversations can be shared as read-only signed links (`/api/v1/conversations/{id}/share` → `/api/v1/share/{token}`). Share artifacts render in an iframe.

### 14.6 Farm Mode
Multiple edge servers can run as peers, syncing state every 5 s. Useful for horizontal scaling at the public boundary.

### 14.7 Error Sanitisation
Public error messages never reveal internal LAN IPs, hostnames, ports, or admin paths. Generic "not available here" is the safe baseline (feedback 2026-05-12).

---

## 15. Clients

### 15.1 Webchat (built-in)
Served at `/chat`. The canonical client. Vanilla JS, no bundler — load-bearing for 5.0; 6.0 plans a React + Vite rewrite.

### 15.2 macOS GUI
Native SwiftUI app under `gui/Eldric/`. Nine backends with full configuration UI. Native tool calling, RAG search, MCP, prompt library, voice chat.

### 15.3 iOS App (EldricMobile)
Streaming chat, KB browse, voice chat. Built and side-loaded via `xcodebuild`. Ephemeral URLSession per streaming request to dodge stale HTTP/2 pool connections.

### 15.4 CLI
`/usr/bin/eldric` (and the Linux RPM). Interactive REPL, single-prompt mode, MCP toggle, model selector. 5.0 CLI rewire is in progress.

### 15.5 Android / Windows (`WIP`)
Spec lives in EldricOS sections. Implementation gated on 5.0 client wiring (`project_5_0_client_wiring.md`).

---

## 16. Enterprise

### 16.1 Multi-Tenant Isolation
Every persisted artefact carries a tenant ID. Tenant guard enforces scope on every per-tenant path.

### 16.2 RBAC
Viewer, Developer, Admin, SuperAdmin. The webchat renders only the affordances a role may use. Server enforces the role on every call.

### 16.3 Licensing
Free, Standard, Professional, Enterprise, Custom. Ed25519 signature on the license file; SHA-512 payload hash; optional hardware binding via machine ID; grace period for hardware change. Hybrid validation — workers fall back to the local file when the controller is unreachable.

### 16.4 Feature Gates
Each module checks license features at call time (`load-balancing`, `rag`, `embeddings`, `agents`, `pki-management`, `webhooks`, `file-storage`, `themes`, etc.). The chat shell hides features the tenant can't use.

### 16.5 Compliance
GLP and FDA 21 CFR Part 11 modes on the science worker. SOC 2 audit-friendly audit ledger. Telecom CDR export. HIPAA-aware medical templates.

---

## 17. Developer / Operator Tooling

### 17.1 Cluster Dashboard
`/dashboard` on every daemon. Read-only cluster view on the controller plus deep dashboards for swarm, KB, jobs, chains, backends, NFS, vector, memory.

### 17.2 Smoke Suite
`scripts/aios-smoke.sh` — 27 end-to-end checks. First signal when 5.0 regresses (all green at alpha82).

### 17.3 Packaging
`scripts/docker-build-all.sh` for RHEL 9 / Fedora 40 / Ubuntu 24.04 / Debian 12 RPMs and `.deb`s. `scripts/deploy-rpm-fanout.sh` stages on `.180` then fans to GPU nodes (avoids the Mac→remote scp truncation issue).

### 17.4 Routine Scheduling
`/loop` and `/schedule` slash commands inside the webchat to repeat tasks. Cron-style remote agents (`routines`) handle infra checks.

### 17.5 LicenseManager.py
GUI for license creation and management against the Eldric license-validation service. Three-factor admin auth.

### 17.6 DevToolbox (`WIP`)
Planned dev toolkit — agent debugger, prompt playground, tool tester, performance profiler, integration builder, test generator.

---

## 18. xLSTM Daemon (Reserved, `WIP`)

Port `8884`. Hosts NXAI / xLSTM workloads for policy execution, robotics policy, vision encoding, and associative retrieval. TECH spec in flight 2026-05-14 (`PROMPT-MAIN-tech-xlstmd-coordination.md`). License feature names deferred to xlstmd section 5. CUDA target is `cu118` because `mamba_ssm==2.1.0` + `causal_conv1d==1.3.0.post1` pin the toolchain.

---

## Notes

- Documentation accuracy: this catalogue is derived from `~/Desktop/EldricOS/sections/` (113 section specs) plus the live 5.0 code (`cpp/src/modules/*/`, `cpp/src/distributed/*/`). EldricOS section files are authoritative where they disagree with CLAUDE.md or this page.
- This file is regenerated by the DOCS lane when MAIN forwards an alpha note or section update. See `MAIN-docs-orchestration.md`.