Architecture

Users, model repositories, local or remote artifact storage, native or browser hosts, compute devices, and observability systems sit outside the core runtime boundary.

Loader and initialization, memory and resources, compute and dispatch, and results and observability form four independently testable layers.

Traits express the behavior required by the core. Concrete repositories, caches, hardware backends, and telemetry exporters adapt external systems.

The loader accepts explicit metadata, source revisions, integrity evidence, and artifact streams. It rejects ambiguity rather than guessing.

Backend selection records supported operators, precision, resource limits, and failure modes. Static specialization and dynamic application boundaries are separate decisions.

Host and device allocations, model residency, working buffers, reuse, mapping, eviction, and destruction are represented as explicit lifecycles.

Artifact, validation, resource, backend, execution, decoding, and policy failures remain distinguishable through typed errors.

Events, metrics, traces, benchmark identifiers, and source revisions propagate without leaking unapproved user data.

Native execution may use operating-system threads, filesystem-backed artifacts, platform accelerators, and native observability integrations.

Browser research must account for workers, sandboxed storage, memory ceilings, WebGPU availability, cross-origin isolation, and browser-specific failure behavior.

Untrusted artifacts, parsers, unsafe code, build-time dependencies, external sources, and uploaded raw data are treated as distinct trust boundaries.

New formats, repositories, backends, schedulers, decoders, and telemetry adapters should enter through focused contracts with documented invariants.