Appendix C – OrgBrain System Architecture Specification (v2.0 Rethink)

Document ID: MH-25-05-015 · Version: 2.0 · Last updated: 20 May 2025

Why a v2.0? A meta‑audit exposed coupling, single‑point bottlenecks, and missing data‑sovereignty guardrails. This rewrite embraces event‑driven resilience, zero‑copy context flow, and modular reflex extensibility.

1 Executive Summary

OrgBrain v2.0 is re‑architected around an Event Mesh Core that treats every context change as an immutable event. Caesar becomes a thin policy brain, not a traffic cop, unlocking horizontal scale and fail‑fast safety.

2 Logical Architecture

┌─────────────────────────────────────────────────────────────────────────┐

│ External Experience Plane (Slack • Notion • GitHub) │

├─────────────────────────────────────────────────────────────────────────┤

│ Edge Gateway Mesh (Wasm filters • API Gateway) │

├─────────────────────────────────────────────────────────────────────────┤

│ Event Mesh Core (NATS JetStream • Pulsar Streams) │

├──────────┬────────────┬──────────────┬─────────────┬─────────────────┤

│ Reflex │ Context │ Policy & │ Monetisation│ Storage & │

│ Runtime │ Graph │ Compliance │ Services │ Lakehouse │

└──────────┴────────────┴──────────────┴─────────────┴─────────────────┘

Figure 1 (v2) – Event‑Centric Logical Architecture.

3 Key Changes & Rationale

🔄 Change

Pain Addressed

Outcome

Event Mesh Core replaces RabbitMQ queues

Bottlenecks / back‑pressure cascade

Global ordering, horizontal fan‑out, replayable history

Edge Gateway Mesh with WebAssembly filters

Tight coupling of ingest code

Hot‑swap parsers, reduce deploy frequency

Temporal Workflow Engine for long tasks

Ad‑hoc retry logic

Deterministic, versioned workflows

OPA/Policy‑as‑Code everywhere

Scattered RBAC

Single source of truth, auditable decisions

Lakehouse (Iceberg on S3) backs Storage

Dual OLTP/OLAP split

Zero‑copy analytics, time‑travel queries

GraphQL Federation

Multiple REST services

Unified contract, self‑service consumer queries

Plugin Kernel for Reflex Packages

Core rebuilds for new packages

Adds/updates without redeploying kernel

Distributed Tracing (OpenTelemetry + Tempo)

Blind spots in event hops

95% reduction in MTTR

4 Layer Responsibilities (v2)

Layer

Core Tech

Responsibilities

Edge Gateway Mesh

Envoy + Proxy‑Wasm, OpenAPI

AuthN, rate limiting, schema validation

Event Mesh Core

NATS JetStream clusters (active‑active), Pulsar tier‑2

Idempotent pub/sub, at‑least‑once, replay

Reflex Runtime

Deno Deploy + V8 Isolate Pool

Sandboxed execution of Reflex code/prompt combos

Context Graph

Neo4j Aura + Async projection to Elastic Search 8

Entity relationships, full‑text search

Policy & Compliance

OPA, HashiCorp Vault

Real‑time decision engine, secrets management

Monetisation Services

Stripe Billing API v3 + License API

SKU issuance, metered usage, pay‑per‑reflex

Storage & Lakehouse

Apache Iceberg on S3, Postgres OLTP

Immutable facts, transactional context writes

5 Sample Event Flow

Capture – A Notion edit triggers an Edge Gateway webhook → notion.page.updated event.

Stream – Event published to JetStream subject ingest.notion with JWT‑signed claims.

Process – Reflex Runtime subscribes with durable consumer; Temporal workflow updateContextGraph hydrated.

Persist – Workflow writes to Context Graph & Lakehouse; emits context.graph.node_upserted.

Policy Gate – OPA evaluates monetisation potential; if true, emits reflex.package.candidate.

Monetise – License API creates draft SKU; Stripe Checkout link attached to marketing payload.

Notify – Edge Gateway pushes Slack ephemeral message with TimeToken reference.

6 Security & Sovereignty Enhancements

Event‑level MAC (Message Authentication Code) – Tamper‑evident context.

Per‑Tenant Encryption Keys (KMS‑sealed) – School deployments keep data sovereign.

GDPR R2T – Right‑to‑be‑forgotten executed via Tombstone events and Iceberg delete vectors.

7 Ops & Observability

4 Golden Signals per Reflex – Latency, Error, Saturation, Value (SAR generated).

Red/Black Deploys with automated rollback on P99 latency regression >20 %.

Chaos Mesh injected failures weekly in Trust Sentinel drills.

8 Roadmap Beyond v2.0

Edge Inference – Tiny LLMs at gateway to pre‑rank context relevance.

Marketplace SDK v2 – Self‑service payment splitter for external Algorithmists.

Zero‑ETL Analytics – DuckDB Lakehouse queries from BI dashboards.

End of Specification (v2.0 Rethink)"