mirror of
https://github.com/ruvnet/RuVector.git
synced 2026-05-24 05:43:58 +00:00
10c25953fa
* docs: DrAgnes project overview and system architecture research Establishes the DrAgnes AI-powered dermatology intelligence platform research initiative with comprehensive system architecture covering DermLite integration, CNN classification pipeline, brain collective learning, offline-first PWA design, and 25-year evolution roadmap. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: DrAgnes HIPAA compliance strategy and data sources research Comprehensive HIPAA/FDA compliance framework covering PHI handling, PII stripping pipeline, differential privacy, witness chain auditing, BAA requirements, and risk analysis. Data sources document catalogs 18 training datasets, medical literature sources, and real-world data streams including HAM10000, ISIC Archive, and Fitzpatrick17k. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: DrAgnes DermLite integration and 25-year future vision research DermLite integration covers HUD/DL5/DL4/DL200 device capabilities, image capture via MediaStream API, ABCDE criteria automation, 7-point checklist, Menzies method, and pattern analysis modules. Future vision spans AR-guided biopsy (2028), continuous monitoring wearables (2040), genomic fusion (2035), BCI clinical gestalt (2045), and global elimination of late-stage melanoma detection by 2050. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: DrAgnes competitive analysis and deployment plan research Competitive analysis covers SkinVision, MoleMap, MetaOptima, Canfield, Google Health, 3Derm, and MelaFind with feature matrix comparison. Deployment plan details Google Cloud architecture with Cloud Run services, Firestore/GCS data storage, Pub/Sub events, multi-region strategy, security configuration, cost projections ($3.89/practice at 1000-practice scale), and disaster recovery procedures. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: ADR-117 DrAgnes dermatology intelligence platform Proposes DrAgnes as an AI-powered dermatology platform built on RuVector's CNN, brain, and WASM infrastructure. Covers architecture, data model, API design, HIPAA/FDA compliance strategy, 4-phase implementation plan (2026-2051), cost model showing $3.89/practice at scale, and acceptance criteria targeting >95% melanoma sensitivity with offline-first WASM inference in <200ms. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): deployment config — Dockerfile, Cloud Run, PWA manifest, service worker Add production deployment infrastructure for DrAgnes: - Multi-stage Dockerfile with Node 20 Alpine and non-root user - Cloud Run knative service YAML (1-10 instances, 2 vCPU, 2 GiB) - GCP deploy script with rollback support and secrets integration - PWA manifest with SVG icons (192x192, 512x512) - Service worker with offline WASM caching and background sync - TypeScript configuration module with CNN, privacy, and brain settings Co-Authored-By: claude-flow <ruv@ruv.net> * docs(dragnes): user-facing documentation and clinical guide Add comprehensive DrAgnes documentation covering: - Getting started and PWA installation - DermLite device integration instructions - HAM10000 classification taxonomy and result interpretation - ABCDE dermoscopy scoring methodology - Privacy architecture (DP, k-anonymity, witness hashing) - Offline mode and background sync behavior - Troubleshooting guide - Clinical disclaimer and regulatory status Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): brain integration — pi.ruv.io client, offline queue, witness chains, API routes Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): CNN classification pipeline with ABCDE scoring and privacy layer Co-Authored-By: claude-flow <ruv@ruv.net> * fix(dragnes): resolve build errors by externalizing @ruvector/cnn Mark @ruvector/cnn as external in Rollup/SSR config so the dynamic import in the classifier does not break the production build. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): app integration, health endpoint, build validation - Add DrAgnes nav link to sidebar NavMenu - Create /api/dragnes/health endpoint with config status - Add config module exporting DRAGNES_CONFIG - Update DrAgnes page with loading state & error boundaries - All 37 tests pass, production build succeeds Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): benchmarks, dataset metadata, federated learning, deployment runbook Co-Authored-By: claude-flow <ruv@ruv.net> * fix(dragnes): use @vite-ignore for optional @ruvector/cnn import Prevents Vite dev server from failing on the optional WASM dependency by using /* @vite-ignore */ comment and variable-based import path. Co-Authored-By: claude-flow <ruv@ruv.net> * fix(dragnes): reduce false positives with Bayesian-calibrated classifier Apply HAM10000 class priors as Bayesian log-priors to demo classifier, learned from pi.ruv.io brain specialist agent patterns: - nv (66.95%) gets strong prior, reducing over-classification of rare types - mel requires multiple simultaneous features (dark + blue + multicolor + high variance) to overcome its 11.11% prior - Added color variance analysis as asymmetry proxy - Added dermoscopic color count for multi-color detection - Platt-calibrated feature weights from brain melanoma specialist Co-Authored-By: claude-flow <ruv@ruv.net> * fix(dragnes): require ≥2 concurrent evidence signals for melanoma A uniformly dark spot was triggering melanoma at 74.5%. Now requires at least 2 of: [dark >15%, blue-gray >3%, ≥3 colors, high variance] to overcome the melanoma prior. Proven on 6 synthetic test cases: 0 false positives, 1/1 true melanoma detected at 91.3%. Co-Authored-By: claude-flow <ruv@ruv.net> * data(dragnes): HAM10000 metadata and analysis script Add comprehensive analysis of the HAM10000 skin lesion dataset based on published statistics from Tschandl et al. 2018. Generates class distribution, demographic, localization, diagnostic method, and clinical risk pattern analysis. Outputs both markdown report and JSON stats for the knowledge module. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): HAM10000 clinical knowledge module with demographic adjustment Add ham10000-knowledge.ts encoding verified HAM10000 statistics as structured data for Bayesian demographic adjustment. Includes per-class age/sex/location risk multipliers, clinical decision thresholds (biopsy at P(mal)>30%, urgent referral at P(mel)>50%), and adjustForDemographics() function implementing posterior probability correction based on patient demographics. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): integrate HAM10000 knowledge into classifier Add classifyWithDemographics() method to DermClassifier that applies Bayesian demographic adjustment after CNN classification. Returns both raw and adjusted probabilities for transparency, plus clinical recommendations (biopsy, urgent referral, monitor, or reassurance) based on HAM10000 evidence thresholds. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(dragnes): wire HAM10000 demographics into UI - Add patient age/sex inputs in Capture tab - Toggle for HAM10000 Bayesian adjustment - Pass body location from DermCapture to classifyWithDemographics() - Clinical recommendation banner in Results tab with color-coded risk levels (urgent_referral/biopsy/monitor/reassurance) - Shows melanoma + malignant probabilities and reasoning Co-Authored-By: claude-flow <ruv@ruv.net> * refactor(dragnes): move to standalone examples/dragnes/ app Extract DrAgnes dermatology intelligence platform from ui/ruvocal/ into a self-contained SvelteKit application under examples/dragnes/. Includes all library modules, components, API routes, tests, deployment config, PWA assets, and research documentation. Updated paths for standalone routing (no /dragnes prefix), fixed static asset references, and adjusted test imports. Co-Authored-By: claude-flow <ruv@ruv.net> * revert: restore ui/ruvocal to main state -- remove DrAgnes commingling Remove all DrAgnes-related files, components, routes, and config from ui/ruvocal/ so it matches the main branch exactly. DrAgnes now lives as a standalone app in examples/dragnes/. Co-Authored-By: claude-flow <ruv@ruv.net> * fix(ruvocal): fix icon 404 and FoundationBackground crash - Manifest icon paths: /chat/chatui/ → /chatui/ (matches static dir) - FoundationBackground: guard against undefined particles in connections Co-Authored-By: claude-flow <ruv@ruv.net> * fix(ruvocal): MCP SSE auto-reconnect on stale session (404/connection errors) - Widen isConnectionClosedError to catch 404, fetch failed, ECONNRESET - Add transport readyState check in clientPool for dead connections - Retry logic now triggers reconnection on stale SSE sessions Co-Authored-By: claude-flow <ruv@ruv.net> * chore: update gitignore for nested .env files and Cargo.lock Co-Authored-By: claude-flow <ruv@ruv.net> * docs: update links in README for self-learning, self-optimizing, embeddings, verified training, search, storage, PostgreSQL, graph, AI runtime, ML framework, coherence, domain models, hardware, kernel, coordination, packaging, routing, observability, safety, crypto, and lineage sections * docs: ADR-115 cost-effective strategy + ADR-118 tiered crawl budget Add Section 15 to ADR-115 with cost-effective implementation strategy: - Three-phase budget model ($11-28/mo -> $73-108 -> $158-308) - CostGuardrails Rust struct with per-phase presets - Sparsifier-aware graph management (partition on sparse edges) - Partition timeout fix via caching + background recompute - Cloud Scheduler YAML for crawl jobs - Anti-patterns and cost monitoring Create ADR-118 as standalone cost strategy ADR with: - Detailed per-phase cost breakdowns - Guardrail enforcement points - Partition caching strategy with request flow - Acceptance criteria tied to cost targets Co-Authored-By: claude-flow <ruv@ruv.net> * docs: add pi.ruv.io brain guidance and project structure to CLAUDE.md - When/how to use brain MCP tools during development - Brain REST API fallback when MCP SSE is stale - Google Cloud secrets and deployment reference - Project directory structure quick reference - Key rules: no PHI/secrets in brain, category taxonomy, stale session fix Co-Authored-By: claude-flow <ruv@ruv.net> * docs: Common Crawl Phase 1 benchmark — pipeline validation results Co-Authored-By: claude-flow <ruv@ruv.net> * fix(brain): make InjectRequest.source optional for batch inject The batch endpoint falls back to BatchInjectRequest.source when items don't have their own source field, but serde deserialization failed before the handler could apply this logic (422). Adding #[serde(default)] lets items omit source when using batch inject. Co-Authored-By: claude-flow <ruv@ruv.net> * feat: Common Crawl Phase 1 deployment script — medical domain scheduler jobs Deploy CDX-targeted crawl for PubMed + dermatology domains via Cloud Scheduler. Uses static Bearer auth (brain server API key) instead of OIDC since Cloud Run allows unauthenticated access and brain's auth rejects long JWT tokens. Jobs: brain-crawl-medical (daily 2AM, 100 pages), brain-crawl-derm (daily 3AM, 50 pages), brain-partition-cache (hourly graph rebuild). Tested: 10 new memories injected from first run (1568->1578). CDX falls back to Wayback API from Cloud Run. ADR-118 Phase 1 implementation. Co-Authored-By: claude-flow <ruv@ruv.net> * feat: ADR-119 historical crawl evolutionary comparison Implement temporal knowledge evolution tracking across quarterly Common Crawl snapshots (2020-2026). Includes: - ADR-119 with architecture, cost model, acceptance criteria - Historical crawl import script (14 quarterly snapshots, 5 domains) - Evolutionary analysis module (drift detection, concept birth, similarity) - Initial analysis report on existing brain content (71 memories) Cost: ~$7-15 one-time for full 2020-2026 import. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: update ADR-115/118/119 with Phase 1 implementation results - ADR-115: Status → Phase 1 Implemented, actual import numbers (1,588 memories, 372K edges, 28.7x sparsifier), CDX vs direct inject pipeline status - ADR-118: Status → Phase 1 Active, scheduler jobs documented, CDX HTML extractor issue + direct inject workaround, actual vs projected cost - ADR-119: 30+ temporal articles imported (2020-2026), search verification confirmed, acceptance criteria progress tracked Co-Authored-By: claude-flow <ruv@ruv.net> * feat: WET processing pipeline for full medical + CS corpus import (ADR-120) Bypasses broken CDX HTML extractor by processing pre-extracted text from Common Crawl WET files. Filters by 30 medical + CS domains, chunks content, and batch injects into pi.ruv.io brain. Includes: processor, filter/injector, Cloud Run Job config, orchestrator for multi-segment processing. Target: full corpus in 6 weeks at ~$200 total cost. Co-Authored-By: claude-flow <ruv@ruv.net> * feat: Cloud Run Job deployment for full 6-year Common Crawl import - Expanded domain list to 60+ medical + CS domains with categorized tagging - Cloud Run Job config: 10 parallel tasks, 100 segments per crawl - Multi-crawl orchestrator for 14 quarterly snapshots (2020-2026) - Enhanced generateTags with domain-specific labels for oncology, dermatology, ML conferences, research labs, and academic institutions - Target: 375K-500K medical/CS pages over 5 months Co-Authored-By: claude-flow <ruv@ruv.net> * fix: correct Cloud Run Job deploy to use env-vars-file and --source build - Use --env-vars-file (YAML) to avoid comma-splitting in domain list - Use --source deploy to auto-build container from Dockerfile - Use correct GCS bucket (ruvector-brain-us-central1) - Use --tasks flag instead of --task-count Co-Authored-By: claude-flow <ruv@ruv.net> * fix: bake WET paths into container image to avoid GCS auth at runtime - Embed paths.txt directly into Docker image during build - Remove GCS bucket dependency from entrypoint - Add diagnostic logging for brain URL and crawl index per task Co-Authored-By: claude-flow <ruv@ruv.net> * docs: update ADR-120 with deployment results and expanded domain list - Status → Phase 1 Deployed - 8 local segments: 109 pages injected from 170K scanned - Cloud Run Job executing (50 segments, 10 parallel) - 4 issues fixed (paths corruption, task index, comma splitting, gsutil) - Domain list expanded 30 → 60+ - Brain: 1,768 memories, 565K edges, 39.8x sparsifier Co-Authored-By: claude-flow <ruv@ruv.net> * fix: WET processor OOM — process records inline, increase memory to 2Gi Node.js heap exhausted at 512MB buffering 21K WARC records. Fix: process each record immediately instead of accumulating in pendingRecords array. Also cap per-record content length and increase Cloud Run Job memory from 1Gi to 2Gi with --max-old-space-size=1536. Co-Authored-By: claude-flow <ruv@ruv.net> * feat: add 30 physics domains + keyword detection to WET crawler Add CERN, INSPIRE-HEP, ADS, NASA, LIGO, Fermilab, SLAC, NIST, Materials Project, Quanta Magazine, quantum journals, IOP, APS, and national labs. Physics keyword detection for dark matter, quantum, Higgs, gravitational waves, black holes, condensed matter, fusion energy, neutrinos, and string theory. Total domains: 90+ (medical + CS + physics). Co-Authored-By: claude-flow <ruv@ruv.net> * feat: expand WET crawler to 130+ domains across all knowledge areas Added: GitHub, Stack Overflow/Exchange, patent databases (USPTO, EPO), preprint servers (bioRxiv, medRxiv, chemRxiv, SSRN), Wikipedia, government (NSF, DARPA, DOE, EPA), science news, academic publishers (JSTOR, Cambridge, Sage, Taylor & Francis), data repositories (Kaggle, Zenodo, Figshare), and ML explainer blogs. Total: 130+ domains covering medical, CS, physics, code, patents, preprints, regulatory, news, and open data. Co-Authored-By: claude-flow <ruv@ruv.net> * fix(brain): update Gemini model to gemini-2.5-flash with env override Old model ID gemini-2.5-flash-preview-05-20 was returning 404. Updated default to gemini-2.5-flash (stable release). Added GEMINI_MODEL env var override for future flexibility. Co-Authored-By: claude-flow <ruv@ruv.net> * feat(brain): integrate Google Search Grounding into Gemini optimizer (ADR-121) Add google_search tool to Gemini API calls so the optimizer verifies generated propositions against live web sources. Grounding metadata (source URLs, support scores, search queries) logged for auditability. - google_search tool added to request body - Grounding metadata parsed and logged - Configurable via GEMINI_GROUNDING env var (default: true) - Model updated to gemini-2.5-flash (stable) - ADR-121 documents integration Co-Authored-By: claude-flow <ruv@ruv.net> * fix(brain): deploy-all.sh preserves env vars, includes all features CRITICAL FIX: Changed --set-env-vars to --update-env-vars so deploys don't wipe FIRESTORE_URL, GEMINI_API_KEY, and feature flags. Now includes: - FIRESTORE_URL auto-constructed from PROJECT_ID - GEMINI_API_KEY fetched from Google Secrets Manager - All 22 feature flags (GWT, SONA, Hopfield, HDC, DentateGyrus, midstream, sparsifier, DP, grounding, etc.) - Session affinity for SSE MCP connections Co-Authored-By: claude-flow <ruv@ruv.net> * docs: update ADR-121 with deployment verification and optimization gaps - Verified: Gemini 2.5 Flash + grounding working - Brain: 1,808 memories, 611K edges, 42.4x sparsifier - Documented 5 optimization opportunities: 1. Graph rebuild timeout (>90s for 611K edges) 2. In-memory state loss on deploy 3. SONA needs trajectory injection path 4. Scheduler jobs need first auto-fire 5. WET daily needs segment rotation Co-Authored-By: claude-flow <ruv@ruv.net> * docs: design rvagent autonomous Gemini grounding agents (ADR-122) Four-phase system for autonomous knowledge verification and enrichment of the pi.ruv.io brain using Gemini 2.5 Flash with Google Search grounding. Addresses the gap where all 11 propositions are is_type_of and the Horn clause engine has no relational data to chain. Co-Authored-By: claude-flow <ruv@ruv.net> * docs: ADR-122 Rev 2 — candidate graph, truth maintenance, provenance Applied 6 priority revisions from architecture review: 1. Reworked cost model with 3 scenarios (base/expected/worst) 2. Added candidate vs canonical graph separation with promotion gates 3. Narrowed predicate set to causes/treats/depends_on/part_of/measured_by 4. Replaced regex-only PHI with allowlist-based serialization 5. Added truth maintenance state machine (7 proposition states) 6. Added provenance schema for every grounded mutation Status: Approved with Revisions Co-Authored-By: claude-flow <ruv@ruv.net> * feat: implement 4 Gemini grounding agents + Cloud Run deploy (ADR-122) Phase 1 (Fact Verifier): verified 2 memories with grounding sources Phase 2 (Relation Generator): found 1 'contradicts' relation Phase 3 (Cross-Domain Explorer): framework working, needs JSON parse fix Phase 4 (Research Director): framework working, needs drift data Scripts: gemini-agents.js, deploy-gemini-agents.sh Cloud Run Job + 4 scheduler entries deploying. Brain grew: 1,809 → 1,812 (+3 from initial run) Co-Authored-By: claude-flow <ruv@ruv.net> * perf(brain): upgrade to 4 CPU / 4 GiB / 20 instances + rate limit WET injector - Cloud Run: 2 CPU → 4 CPU, 2 GiB → 4 GiB, max 10 → 20 instances - WET injector: 1s delay between batch injects to prevent brain saturation - Deploy script updated to match new resource allocation Co-Authored-By: claude-flow <ruv@ruv.net> * docs: ADR-122 Rev 2 — candidate graph, truth maintenance, provenance Co-Authored-By: claude-flow <ruv@ruv.net>
22 KiB
22 KiB
DrAgnes Google Cloud Deployment Plan
Status: Research & Planning Date: 2026-03-21
Overview
DrAgnes leverages the existing pi.ruv.io Google Cloud infrastructure, extending it with dermatology-specific services. The deployment follows a multi-region, HIPAA-compliant architecture using Google Cloud's BAA-covered services.
Architecture Overview
┌─────────────────────────────────┐
│ Cloud CDN + LB │
│ (Global, HTTPS termination) │
└──────────┬──────────────────────┘
│
┌──────────────┼──────────────┐
│ │ │
┌─────┴─────┐ ┌─────┴─────┐ ┌─────┴─────┐
│ us-east1 │ │ us-west1 │ │ europe-w1 │
│ (primary) │ │ (failover)│ │ (EU data) │
└─────┬─────┘ └─────┬─────┘ └─────┬─────┘
│ │ │
┌──────────┴──────────────┴──────────────┴──────────┐
│ Service Mesh │
│ │
│ ┌────────────┐ ┌────────────┐ ┌────────────┐ │
│ │ DrAgnes │ │ Brain │ │ CNN Model │ │
│ │ API │ │ Server │ │ Server │ │
│ │ (Cloud Run)│ │ (Cloud Run)│ │ (Cloud Run)│ │
│ └─────┬──────┘ └─────┬──────┘ └─────┬──────┘ │
│ │ │ │ │
│ ┌─────┴───────────────┴───────────────┴─────┐ │
│ │ Data Layer │ │
│ │ │ │
│ │ Firestore │ GCS │ Memorystore │ BigQuery │ │
│ └────────────────────────────────────────────┘ │
│ │
│ ┌────────────────────────────────────────────┐ │
│ │ Event Layer │ │
│ │ │ │
│ │ Pub/Sub │ Cloud Scheduler │ Cloud Tasks │ │
│ └────────────────────────────────────────────┘ │
│ │
│ ┌────────────────────────────────────────────┐ │
│ │ Security Layer │ │
│ │ │ │
│ │ IAM │ Secret Manager │ CMEK │ VPC-SC │ │
│ └────────────────────────────────────────────┘ │
└────────────────────────────────────────────────────┘
Service Configuration
1. DrAgnes API Service (Cloud Run)
Primary API service for classification requests and practice management.
# dragnes-api.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: dragnes-api
annotations:
run.googleapis.com/launch-stage: GA
run.googleapis.com/ingress: internal-and-cloud-load-balancing
spec:
template:
metadata:
annotations:
autoscaling.knative.dev/minInstances: "2"
autoscaling.knative.dev/maxInstances: "100"
run.googleapis.com/cpu-throttling: "false"
run.googleapis.com/execution-environment: gen2
spec:
containerConcurrency: 80
timeoutSeconds: 300
containers:
- image: gcr.io/ruvector-brain-dev/dragnes-api:latest
ports:
- containerPort: 8080
resources:
limits:
cpu: "2"
memory: 2Gi
env:
- name: BRAIN_URL
value: "https://brain-server-internal.run.app"
- name: MODEL_BUCKET
value: "gs://dragnes-models"
- name: RUST_LOG
value: "info"
startupProbe:
httpGet:
path: /health
initialDelaySeconds: 5
periodSeconds: 5
2. CNN Model Server (Cloud Run)
Server-side CNN inference for practices without WASM capability.
# dragnes-cnn.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: dragnes-cnn
spec:
template:
metadata:
annotations:
autoscaling.knative.dev/minInstances: "1"
autoscaling.knative.dev/maxInstances: "50"
run.googleapis.com/cpu-throttling: "false"
run.googleapis.com/execution-environment: gen2
spec:
containerConcurrency: 20
timeoutSeconds: 30
containers:
- image: gcr.io/ruvector-brain-dev/dragnes-cnn:latest
ports:
- containerPort: 8080
resources:
limits:
cpu: "4"
memory: 4Gi
env:
- name: MODEL_PATH
value: "/models/mobilenetv3_small_int8.bin"
- name: SIMD_ENABLED
value: "true"
Performance Notes:
- Cloud Run gen2 provides AVX2 SIMD acceleration
- INT8 quantized model fits in <5MB memory
- Target: <50ms inference per image
- Concurrency limited to 20 (CPU-bound workload)
3. Brain Server (Existing)
The existing pi.ruv.io brain server at brain-server-*.run.app handles:
- Knowledge graph management (316K edges)
- HNSW search (128-dim, PiQ3 quantized)
- PubMed integration
- Sparsifier analytics (ADR-116)
- Witness chain management
DrAgnes-specific extensions:
- New memory namespace:
dragnes-dermatology - Custom similarity threshold for dermoscopic embeddings
- Dermoscopy-specific PubMed search templates
- Classification feedback ingestion endpoint
4. PWA Frontend (Firebase Hosting)
Firebase Hosting Configuration
│
├── Hosting
│ ├── SPA routing (all paths → index.html)
│ ├── CDN caching (immutable assets: 1 year)
│ ├── WASM files: Cache-Control: public, max-age=31536000
│ ├── Model weights: Cache-Control: public, max-age=86400
│ └── API proxy: /api/** → Cloud Run dragnes-api
│
├── Service Worker (Workbox)
│ ├── Precache: app shell, WASM module, model weights
│ ├── Runtime cache: brain search results (stale-while-revalidate)
│ ├── Background sync: diagnosis submissions
│ └── Offline fallback page
│
└── PWA Manifest
├── name: "DrAgnes"
├── display: "standalone"
├── orientation: "portrait"
├── theme_color: "#1a365d"
└── icons: 192x192, 512x512 (maskable)
Data Storage
Firestore (De-Identified Metadata)
Firestore Collections
│
├── /practices/{practiceId}
│ ├── name: string
│ ├── region: string
│ ├── modelVersion: string
│ ├── totalClassifications: number
│ ├── dpBudgetUsed: number
│ └── createdAt: timestamp
│
├── /classifications/{classificationId}
│ ├── practiceId: string (hashed)
│ ├── lesionClass: string
│ ├── confidence: number
│ ├── abcdeTotal: number
│ ├── sevenPointScore: number
│ ├── riskLevel: string
│ ├── clinicianAction: string
│ ├── fitzpatrickType: number (I-VI)
│ ├── bodyLocationCategory: string
│ ├── ageDecade: number
│ ├── witnessHash: string
│ └── createdAt: timestamp
│ NOTE: No patient identifiers. No raw images.
│
├── /feedback/{feedbackId}
│ ├── classificationId: string
│ ├── clinicianReview: string
│ ├── correctedClass: string (optional)
│ ├── histopathResult: string (optional)
│ └── createdAt: timestamp
│
└── /modelVersions/{versionId}
├── version: string (semver)
├── trainedOn: number (embedding count)
├── accuracy: number
├── sensitivityMelanoma: number
├── specificityMelanoma: number
├── fairnessScore: number
└── releasedAt: timestamp
Firestore Security Rules:
- Practice-level tenant isolation
- Write access: authenticated clinicians only
- Read access: same practice only
- Admin access: platform operators only
- No cross-practice data access
Google Cloud Storage (GCS)
GCS Buckets
│
├── gs://dragnes-models/
│ ├── mobilenetv3_small_int8.bin (INT8 model, ~5MB)
│ ├── mobilenetv3_small_fp32.bin (FP32 model, ~15MB)
│ ├── mobilenetv3_small.wasm (WASM module, ~2MB)
│ ├── lora_weights/{practiceId}/latest.bin (per-practice LoRA)
│ └── reference_embeddings/top1000.bin (offline cache)
│ Encryption: CMEK (AES-256)
│ Access: dragnes-api service account only
│
├── gs://dragnes-rvf/
│ ├── {contributorHash}/{memoryId}.rvf (RVF containers)
│ Encryption: CMEK (AES-256)
│ Access: brain server service account only
│ Lifecycle: Archive after 90 days, delete after 7 years
│
└── gs://dragnes-audit/
├── access_logs/YYYY/MM/DD/*.jsonl
├── classification_logs/YYYY/MM/DD/*.jsonl
└── security_events/YYYY/MM/DD/*.jsonl
Encryption: CMEK (AES-256)
Retention: 6 years (HIPAA minimum)
Access: Security team only
Memorystore (Redis) -- Optional Performance Layer
Redis Instance (Basic tier, 1GB)
│
├── Session cache (15-min TTL)
├── Rate limiting counters (per-practice, per-hour)
├── HNSW search result cache (5-min TTL)
└── Model version cache (1-hour TTL)
Event Architecture
Pub/Sub Topics
Pub/Sub Configuration
│
├── dragnes-classification (new classification events)
│ ├── Publisher: dragnes-api
│ ├── Subscriber: brain-server (brain ingestion)
│ ├── Subscriber: dragnes-analytics (BigQuery sink)
│ └── Subscriber: dragnes-alerts (monitoring)
│
├── dragnes-feedback (clinician feedback events)
│ ├── Publisher: dragnes-api
│ ├── Subscriber: brain-server (model improvement)
│ └── Subscriber: dragnes-analytics (accuracy tracking)
│
├── dragnes-model-update (model version events)
│ ├── Publisher: dragnes-training (Cloud Run job)
│ ├── Subscriber: dragnes-api (hot-reload)
│ └── Subscriber: dragnes-cnn (hot-reload)
│
└── dragnes-alerts (monitoring alerts)
├── Publisher: various services
└── Subscriber: Cloud Monitoring → PagerDuty
Cloud Scheduler Jobs
Scheduled Jobs
│
├── dragnes-model-retrain
│ ├── Schedule: Weekly (Sunday 02:00 UTC)
│ ├── Action: Trigger Cloud Run job for model retraining
│ ├── Input: New feedback + brain embeddings since last train
│ └── Output: New model version to GCS
│
├── dragnes-drift-check
│ ├── Schedule: Daily (06:00 UTC)
│ ├── Action: Brain drift analysis on dermoscopy namespace
│ └── Alert: If drift > 0.15, trigger early retrain
│
├── dragnes-fairness-audit
│ ├── Schedule: Weekly (Monday 08:00 UTC)
│ ├── Action: Compute accuracy by Fitzpatrick type
│ └── Alert: If disparity > 5%, flag for investigation
│
├── dragnes-privacy-audit
│ ├── Schedule: Daily (04:00 UTC)
│ ├── Action: Verify no PII in Firestore/GCS
│ └── Alert: Any PII detection triggers incident
│
└── dragnes-backup
├── Schedule: Daily (00:00 UTC)
├── Action: Firestore export to GCS
└── Retention: 30 daily + 12 monthly + 7 yearly
Security Configuration
Google Secrets Manager
Secrets (extending existing pi.ruv.io secrets)
│
├── dragnes-api-key (API authentication key)
├── dragnes-jwt-signing-key (JWT token signing)
├── dragnes-cmek-key-id (CMEK key reference)
├── dragnes-oauth-client-id (Google OAuth client)
├── dragnes-oauth-client-secret (Google OAuth secret)
├── dragnes-firebase-config (Firebase project config)
└── dragnes-pubmed-api-key (NCBI E-utilities key)
Existing secrets reused:
├── ANTHROPIC_API_KEY (for chat interface LLM)
└── huggingface-token (for model downloads)
IAM Configuration
Service Accounts
│
├── dragnes-api@ruvector-brain-dev.iam.gserviceaccount.com
│ ├── roles/run.invoker (invoke brain server)
│ ├── roles/datastore.user (Firestore read/write)
│ ├── roles/storage.objectViewer (model bucket)
│ ├── roles/pubsub.publisher (classification events)
│ └── roles/secretmanager.secretAccessor (secrets)
│
├── dragnes-cnn@ruvector-brain-dev.iam.gserviceaccount.com
│ ├── roles/storage.objectViewer (model bucket)
│ └── roles/secretmanager.secretAccessor (secrets)
│
└── dragnes-training@ruvector-brain-dev.iam.gserviceaccount.com
├── roles/storage.objectAdmin (model bucket, write new versions)
├── roles/datastore.viewer (read feedback data)
├── roles/pubsub.publisher (model update events)
└── roles/bigquery.dataViewer (analytics queries)
VPC Service Controls
VPC-SC Perimeter: dragnes-perimeter
│
├── Protected Services
│ ├── firestore.googleapis.com
│ ├── storage.googleapis.com
│ ├── bigquery.googleapis.com
│ └── secretmanager.googleapis.com
│
├── Access Levels
│ ├── Corporate network CIDR ranges
│ ├── Cloud Run service accounts (internal)
│ └── Emergency break-glass accounts
│
└── Ingress Rules
├── Allow: Cloud Run → Firestore/GCS (internal)
├── Allow: Cloud Scheduler → Cloud Run (internal)
└── Deny: All other access to protected services
Multi-Region Deployment
Region Selection
| Region | Role | Justification |
|---|---|---|
| us-east1 (South Carolina) | Primary | Low latency to East Coast US; HIPAA eligible |
| us-west1 (Oregon) | Failover | West Coast coverage; disaster recovery |
| europe-west1 (Belgium) | EU Data Residency | GDPR compliance for EU practices |
| asia-southeast1 (Singapore) | Future | APAC coverage (Phase 4) |
Cross-Region Data Flow
Data Residency Rules
│
├── Patient metadata: Region-locked (US data stays in US, EU in EU)
├── De-identified brain embeddings: Global (privacy-preserving)
├── Model weights: Global (no PHI)
├── Audit logs: Region-locked
└── WASM/PWA assets: Global CDN
Monitoring & Observability
Cloud Monitoring Dashboard
DrAgnes Operations Dashboard
│
├── Service Health
│ ├── API latency (p50, p95, p99)
│ ├── CNN inference latency
│ ├── Error rate by endpoint
│ ├── Active instances per region
│ └── Request volume (per hour, per practice)
│
├── Classification Metrics
│ ├── Classifications per hour (global)
│ ├── Distribution by lesion class
│ ├── Average confidence score
│ ├── Clinician override rate
│ └── Sensitivity/specificity (rolling 30-day)
│
├── Brain Health
│ ├── Memory count (dermatology namespace)
│ ├── Drift status
│ ├── Embedding quality score
│ └── Sync latency
│
├── Privacy & Compliance
│ ├── PII scan results (should always be 0)
│ ├── DP budget consumption per practice
│ ├── Access audit anomalies
│ └── Witness chain verification failures
│
└── Cost Tracking
├── Cloud Run cost by service
├── Storage cost by bucket
├── Network egress cost
└── Total monthly cost vs. budget
Alert Policies
| Alert | Condition | Severity | Action |
|---|---|---|---|
| API error rate > 1% | 5-min window | P2 | PagerDuty notification |
| CNN latency > 500ms (p95) | 15-min window | P3 | Slack notification |
| PII detected in cloud | Any occurrence | P1 | Immediate incident response |
| Melanoma sensitivity < 90% | 7-day rolling | P1 | Model freeze + investigation |
| Fairness disparity > 5% | Weekly audit | P2 | Investigation within 24 hours |
| Brain drift > 0.15 | Daily check | P3 | Trigger early retrain |
| DP budget > 80% for practice | Per check | P3 | Notify practice admin |
Cost Projections
Monthly Cost Estimates (by Scale)
| Component | 10 Practices | 100 Practices | 1,000 Practices |
|---|---|---|---|
| Cloud Run (API) | $50 | $200 | $1,500 |
| Cloud Run (CNN) | $30 | $150 | $1,000 |
| Brain Server (shared) | $150 (existing) | $150 | $300 |
| Firestore | $10 | $50 | $300 |
| GCS (models + RVF) | $5 | $20 | $100 |
| Cloud CDN | $10 | $30 | $150 |
| Firebase Hosting | $0 (free tier) | $25 | $100 |
| Memorystore (Redis) | $0 (skip) | $50 | $100 |
| Cloud Monitoring | $0 (free tier) | $50 | $200 |
| Secret Manager | $1 | $1 | $5 |
| Pub/Sub | $1 | $5 | $30 |
| Cloud Scheduler | $1 | $1 | $5 |
| BigQuery (analytics) | $0 (free tier) | $20 | $100 |
| Total Monthly | ~$258 | ~$752 | ~$3,890 |
| Per Practice/Month | $25.80 | $7.52 | $3.89 |
Revenue Model
| Tier | Price | Features |
|---|---|---|
| Starter | $99/mo/practice | 500 classifications/mo, WASM offline, basic brain |
| Professional | $199/mo/practice | Unlimited, LoRA adaptation, full brain, teledermatology |
| Enterprise | Custom | Multi-practice, EHR integration, dedicated support, SLA |
| Academic | Free | Research use, data contribution agreement |
| Underserved | Free | Qualifying community health centers |
Break-even: approximately 30 practices on Professional tier covers infrastructure costs at the 100-practice scale.
Deployment Pipeline
Deployment Pipeline (Cloud Build)
│
├── Source: GitHub (ruvector/dragnes)
├── Trigger: Push to main branch
│
├── Build Stage
│ ├── Rust compilation (--release --target x86_64-unknown-linux-gnu)
│ ├── WASM compilation (--target wasm32-unknown-unknown)
│ ├── Docker image build (distroless base)
│ └── SvelteKit build (npm run build)
│
├── Test Stage
│ ├── Unit tests (cargo test)
│ ├── Integration tests (against staging brain)
│ ├── WASM inference accuracy test (reference images)
│ ├── Security scan (cargo audit + npm audit)
│ └── HIPAA compliance checks (PII scanner)
│
├── Deploy Stage (Canary)
│ ├── Deploy to staging (full test suite)
│ ├── Canary deployment (5% traffic for 30 minutes)
│ ├── Monitor error rate and latency
│ ├── Auto-rollback if error rate > 0.5%
│ └── Promote to 100% if healthy
│
└── Post-Deploy
├── Smoke tests against production
├── Notify operations channel
├── Update model version registry
└── Archive previous version artifacts
Disaster Recovery
| Scenario | RTO | RPO | Recovery Procedure |
|---|---|---|---|
| Single region outage | 5 minutes | 0 (multi-region) | Automatic failover via Cloud LB |
| Firestore corruption | 1 hour | 24 hours | Restore from daily export |
| Model corruption | 10 minutes | N/A | Roll back to previous model version |
| Brain server outage | 5 minutes | 0 | Existing brain HA (pi.ruv.io) |
| Complete GCP outage | 4 hours | 24 hours | Multi-cloud DR (backup to AWS S3) |
| Security breach | 1 hour | N/A | Incident response plan activation |