roboNet Long-Term Roadmap
roboNet Long-Term Roadmap
Author: Joel Johnston Date: 2026-03-31 Domain: Product Architecture Stroke Timeline: Pre-stroke design
Abstract
690-line roadmap document for roboNet. The product vision: a distributed AI workforce that self-organizes, self-defends, and self-scales. The mesh IS the intelligence layer — not infrastructure for intelligence, but intelligence expressed as infrastructure. This document maps the phased development plan from current primitives through full autonomous operation.
Product Vision
roboNet is not a message broker. Not a container orchestrator. Not a workflow engine. Those are components.
roboNet is a neural net over hardware. Each node is a neuron. The mesh is the network. Intelligence emerges from the connections, not the nodes.
The architect's cognitive model maps directly to the system design:
| Cognitive Trait | System Design Pattern |
|---|---|
| Parallel processing (41+ threads) | Mesh scatter-gather, concurrent task execution |
| Breadth-first exploration | Capability-based routing, node discovery |
| Depth-first commitment | Leader election, quorum consensus |
| HSAM pattern library | Behavioral baselines, Sentinel immune system |
| Causal chain validation | HCTH trust accumulation, hash chain continuity |
| Cross-domain synthesis | MVC query engine, distributed reasoning |
This is not metaphor. The system was designed by someone who processes this way. The architecture reflects how the architect thinks.
Phase A — Core Mesh Primitives (Current)
Status: Complete. The foundation is built.
Delivered
- Custom TCP wire protocol (binary, msgpack, no HTTP)
- Leader election (Raft-derived, configurable quorum)
- Quorum consensus (multi-node approval for high-risk commands)
- Federation (cluster-to-cluster peering)
- HCTH trust handshake (no PKI, no CA)
- Plugin tier security model (5 tiers, defined blast radius)
- Sentinel behavioral immune system (distributed, no central authority)
- Capability-based task routing
- Colonize autonomous provisioning
- CLI composition (natural language to mesh commands)
- 120 use cases, 761 tests, 33,300 LOC
What Phase A Proves
The mesh can form, elect leaders, reach consensus, route tasks, defend itself, and grow autonomously. The infrastructure layer is complete. Every subsequent phase builds on this foundation without modifying it.
Phase B — Autonomous Intelligence Layer
The mesh stops being infrastructure. It starts thinking.
Chain-Builder — Autonomous Pentest Framework
Automated security assessment at mesh scale. Chain-Builder:
- Maps the mesh topology continuously
- Identifies attack surfaces (open ports, capability gaps, trust boundary weaknesses)
- Constructs attack chains (sequence of exploits that together achieve a goal)
- Executes in isolated simulation before live testing
- Reports findings through the standard mesh reporting pipeline
Chain-Builder does not require human direction per assessment. It runs continuously, reports when findings exceed threshold, and adapts its strategy based on what it learns about the mesh it's testing.
This is the security team that never sleeps, never misses a change, and never stops looking.
Query Engine — MVC (Minimum Viable Cognition)
The thinking mesh. Query enters one node. Executes on all capable nodes. Returns unified answer.
Full specification in the MVC Cognition research document.
MVC is the minimum threshold for calling the mesh intelligent: it can be asked a question and return an answer that no single node could produce alone.
Hardware Drone Track Integration
Physical nodes on wheels, wings, or tracks. roboNet extends to hardware that moves.
The same mesh primitives that coordinate software workers coordinate hardware drones:
- Capability declaration (flight, ground, underwater, sensor class)
- Task dispatch (go to location, collect sample, monitor perimeter)
- Result return (sensor data, visual, status)
- Sentinel adaptation (behavioral baselines for physical behavior — a drone that deviates from its flight plan is flagged)
The software and hardware worlds share the same mesh protocol. A query that needs a camera sends to a drone. A query that needs computation sends to a server. The routing layer does not distinguish.
Phase 1.0 — Full Autonomous Operation
The mesh operates without human direction. Humans set goals. The mesh achieves them.
What Autonomous Operation Means
| Operation | Phase A | Phase 1.0 |
|---|---|---|
| Node provisioning | Colonize automates | Colonize + self-directed (mesh decides when to grow) |
| Task execution | Human dispatches | Mesh identifies and self-dispatches |
| Security response | Sentinel detects, human decides | Sentinel detects, mesh decides (with quorum) |
| Capacity scaling | Human adds hardware | Mesh requests provisioning, Colonize executes |
| Failure recovery | Automated failover | Predictive (Sentinel + behavioral baselines) |
| Pentest | Chain-Builder continuous | Chain-Builder + self-patching recommendations |
The Quorum Constraint
Autonomous does not mean unconstrained. High-risk decisions still require quorum. The difference in Phase 1.0:
- Phase A: quorum gates human-initiated high-risk commands
- Phase 1.0: quorum gates mesh-initiated high-risk decisions
The human is not removed from the loop on destructive operations. The human's role shifts from operator to policy-setter. Define the rules. Let the mesh execute within them.
Architecture Principles (Invariant)
These do not change across phases. They are the load-bearing walls.
Zero external dependencies for core mesh: the mesh runs on stdlib Python. Adding a PyPI dependency to core requires architectural review and a very compelling reason.
No central authority: every system that works through centralized control has a single point of failure. HCTH, Sentinel, quorum consensus — all are designed around the assumption that any single node may be compromised or unavailable.
Protocol stability: the wire protocol is versioned. Backward compatibility is maintained. A Phase A node and a Phase 1.0 node can communicate. Mesh heterogeneity is a feature.
Test first for protocols: protocol changes require test updates before implementation. This is non-negotiable. Protocol drift is the failure mode that cannot be detected after the fact.
Blast radius by design: every component has a defined blast radius. If it fails, what breaks? The answer must be bounded. Unbounded blast radius is an architectural defect.
What roboNet Is Not
Explicitly not:
- Not Kubernetes: K8s orchestrates containers. roboNet orchestrates intelligence. Different abstraction level.
- Not Kafka: Kafka moves data. roboNet executes tasks. Different primitive.
- Not Ray: Ray distributes Python execution. roboNet distributes autonomous agents. Different scope.
- Not a blockchain: HCTH uses hash chains but has no distributed ledger, no consensus on chain state, no mining. The analogy is the mechanism, not the system.
The prior art comparison matters because it defines where the novel contributions are. roboNet is not a combination of existing tools. It is a different kind of system.
Timeline Assessment
The roadmap was authored March 31, 2026 — six weeks into the build. Phase A completed by April 3. The May 11 stroke interrupted Phase B planning. Phase B design resumes post-recovery.
The stroke timeline is documented because it is relevant to anyone assessing whether the architecture is coherent. It was designed before the stroke. The cognitive capacity to build it existed. The question of whether that capacity persists post-stroke is addressed elsewhere.
The roadmap stands as designed. The architecture does not change because the architect had a stroke.