rederive
v0.3.1
Published
The trust-nothing package manager. A rederive package ships its CONTRACT (spec + held-out oracle), not trusted bytes — verify the shipped code against it, or re-derive it locally from the spec.
Maintainers
Readme
rederive — the trust-nothing package manager
A SIR package ships its contract — a structural spec (sir/) + a held-out oracle (oracles/) —
not bytes you have to trust. A consumer either verifies the shipped implementation against that
contract, or rebuilds it locally from the spec. Either way, the thing you trust is an independent
oracle the publisher can't move, not the publisher's binary.
npm registry: you install a prebuilt artifact and TRUST the publisher (and everyone upstream).
rederive: you get a spec + a held-out oracle. You verify the bytes, or regenerate them yourself.Open core, for real. The CLI, the SIR format, the verified-recompose loop, and the public catalog are Apache-2.0 and stay that way. What's open and what we'll ever charge for — and the things we promise never to do to the community — are written down and binding in The rederive Promise.
The two operations
| command | what it does | tokens |
|---|---|---|
| rdv check <pkg> | re-run each unit's held-out oracle against src/, and verify the recorded content hashes. Deterministic. | none |
| rdv vis <pkg> | (re)generate vis.html — what's in the package, each unit's kind/signature/proof, provenance, limitations. | none |
| rdv resynth <pkg> | rebuild src/ locally from sir/ + oracles/ via N isolated quorum workers (original deleted), then re-verify. | torches tokens |
check is the load-bearing trust primitive — and it's deterministic and free. The oracle is held-out
(the implementation never saw it), so passing it is evidence of behavior, not of matching a snapshot.
A second mode: verified normalization (rdv normalize)
The catalog re-derives a unit from a compact contract. But some code has no compact contract — a 2,000-line promise machine, a stateful HTTP client, a concurrent coordinator. For those you don't delete the original; you keep it running as the oracle, propose a firewall-clean factoring, and verify the new structure reproduces the original on generated, held-out scenarios it never saw. You modernize a tangle and prove you didn't change its behavior. (Mode 1 guards against hallucination; Mode 2 guards against an incomplete refactor.)
It reaches the parts that defeat a compact contract: timers verify on virtual time, the event loop is injected and replayed, and genuinely concurrent code is verified by owning the message scheduler and checking the space of interleavings — exhaustively for small inputs, partial-order-reduced beyond.
Status (honest): the method is validated on real modules — debug, q, request's redirect state
machine (256/256 on generated + held-out scenarios), p-map (concurrency contract verified across the whole
interleaving space for small inputs, POR-scaled beyond). rdv normalize as a one-command workflow is being
built — it is not a shipping CLI command yet.
Why it's a supply-chain defense
The oracle is an independent source of truth nobody upstream can edit. Tamper with the shipped
src/ — a sabotage, a malicious patch, a subtle regression — and check catches it two ways at once:
$ rdv check packages/colors # after flipping one character in src/strip.js
✗ FAILED strip
held-out 5/10 miss=[ho_combined_sgr_leading,ho_csi_clear_screen,…] hashes MISMATCH (src:false …)
VERIFICATION FAILED — do not trust this src; rebuild with: rdv resynth packages/colorsThe behavioral oracle catches what changed; the content hash catches that anything changed at all.
First package: @rederive/colors
A verified-recompose of [email protected] — the last release before the Jan-2022 maintainer
sabotage of colors/faker that broke thousands of builds.
The exact case this model is for: an abandoned-but-load-bearing package you can't trust to a maintainer.
strip— zero-dependency, quorum-verified (3/3), 10 frozen / 10 held-out. Behavior-locked to the original including its limitation: it removes only single-parameter SGR codes — CSI/OSC terminal-injection escapes survive (seepackages/colors/README.md). The oracle documents that, so the contract is honest about what the code does and doesn't do.
npm install # tsx
npm run check # rdv check packages/colors → ✓ VERIFIED
npm run vis # writes packages/colors/vis.htmlPackage layout
packages/<name>/
sir.manifest.json provenance (source + sha256), units[], per-unit oracle/src/sir hashes, verify status
sir/<unit>.sir the spec skeleton (kind, signature, oracle pointer; original deleted)
oracles/<unit>.json frozen (in-prompt) + held-out (graded) vectors — expecteds stamped by EXECUTION
src/<unit>.js the verified, quorum-passed, zero-dep implementation
vis.html generated by `rdv vis`
package.json zero-depStatus (honest)
check+vis— deterministic, done, self-contained (needs onlytsx).resynth— the local token-torching rebuild. The re-emit substrate is not wired into this CLI: a plain CLI can't spawn Claude Code subagents. Drive it via thesir-verifyskill from thesirClaude Code plugin (/plugin marketplace add rederive/sir-toolkit→/plugin install sir@sir-toolkit), or a direct Messages-API worker; thenrdv checkmust pass and the manifestsrcSha256is updated.rdv build(AOT/native) is reserved.- Built on the SIR verified-recompose toolkit (decompile → kind-graph → held-out oracle → quorum re-emit).
The ecosystem
| artifact | what | where |
|---|---|---|
| rdv (this repo) | the trust-nothing verifier | npm rederive |
| sir-factory | the build orchestrator | npm · repo |
| sir plugin | Claude Code skills & agents (sir-verify, preflight) | repo |
| SIR Schema | the normative spec (v0.4) | repo · narrative |
