Orchestration framework for the Sovereign AI Stack — privacy-preserving ML infrastructure in pure Rust
Batuta coordinates the Sovereign AI Stack, a comprehensive pure-Rust ecosystem for organizations requiring complete control over their ML infrastructure. The stack enables privacy-preserving inference, model management, and data processing without external cloud dependencies.
- Privacy Tiers: Sovereign (local-only), Private (VPC), Standard (cloud-enabled)
- Model Security: Ed25519 signatures, ChaCha20-Poly1305 encryption, BLAKE3 content addressing
- API Compatibility: OpenAI-compatible endpoints for drop-in replacement
- Observability: Prometheus metrics, distributed tracing, A/B testing
- Cost Control: Circuit breakers with configurable daily budgets
cargo install batutaOr add to your Cargo.toml:
[dependencies] batuta = "0.1.3"# Analyze project structure and dependencies batuta analyze --languages --dependencies --tdg # Query the Sovereign AI Stack batuta oracle "How do I serve a Llama model locally?" # Model registry operations batuta pacha pull llama3-8b-q4 batuta pacha sign model.gguf --identity alice@example.com batuta pacha verify model.gguf # Encrypt models for distribution batuta pacha encrypt model.gguf --password-env MODEL_KEY batuta pacha decrypt model.gguf.enc --password-env MODEL_KEY
Live Demo: paiml.github.io/batuta | API Docs
Example Output (batuta analyze --tdg):
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📊 Technical Debt Gradient Analysis ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Project: my-project Language: Rust (confidence: 98%) Metrics: Cyclomatic Complexity: 4.2 avg (good) Test Coverage: 87% (A-) Documentation: 92% (A) Dependency Health: 95% (A+) TDG Score: 91.5/100 (A) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Batuta orchestrates a layered architecture of pure-Rust components:
┌─────────────────────────────────────────────────────────────┐ │ batuta v0.1.3 │ │ (Orchestration Layer) │ ├─────────────────────────────────────────────────────────────┤ │ realizar v0.2.2 │ pacha v0.1.1 │ │ (Inference Engine) │ (Model Registry) │ ├──────────────────────────┴──────────────────────────────────┤ │ aprender v0.14.1 │ │ (ML Algorithms & Formats) │ ├─────────────────────────────────────────────────────────────┤ │ trueno v0.7.4 │ │ (SIMD/GPU Compute Primitives) │ └─────────────────────────────────────────────────────────────┘ | Component | Version | Description |
|---|---|---|
| trueno | 0.7.4 | SIMD/GPU compute primitives with wgpu backend |
| aprender | 0.14.1 | ML algorithms: regression, trees, clustering, NAS |
| pacha | 0.1.1 | Model registry with signatures, encryption, lineage |
| realizar | 0.2.2 | Inference engine for GGUF/SafeTensors models |
| batuta | 0.1.3 | Stack orchestration and CLI tooling |
| Component | Description |
|---|---|
| trueno-db | GPU-accelerated analytics database |
| trueno-graph | Graph database for code analysis |
| alimentar | Data loading with encryption support |
| renacer | Syscall tracing for validation |
Analyze project structure, languages, and dependencies:
batuta analyze --languages --dependencies --tdg # Output: # Primary language: Python # Dependencies: pip (42 packages), ML frameworks detected # TDG Score: 73.2/100 (B) # Recommended: Use Aprender for ML, Realizar for inferenceQuery the stack for component recommendations:
# Natural language queries batuta oracle "Train random forest on 1M samples" # List all components batuta oracle --list # Component details batuta oracle --show realizar # Interactive mode batuta oracle --interactiveModel registry operations:
# Pull models from registry batuta pacha pull llama3-8b-q4 # Generate signing keys batuta pacha keygen --identity alice@example.com # Sign models for distribution batuta pacha sign model.gguf --identity alice@example.com # Verify model signatures batuta pacha verify model.gguf # Encrypt models at rest batuta pacha encrypt model.gguf --password-env MODEL_KEY # Decrypt for inference batuta pacha decrypt model.gguf.enc --password-env MODEL_KEYGenerate structured content with quality constraints:
# Available content types batuta content types # Generate book chapter prompt batuta content emit --type bch --title "Error Handling" --audience "developers" # Validate content quality batuta content validate --type bch chapter.mdThe stack enforces data sovereignty through configurable privacy tiers:
| Tier | Behavior | Use Case |
|---|---|---|
| Sovereign | Blocks ALL external API calls | Healthcare, Government |
| Private | VPC/dedicated endpoints only | Financial services |
| Standard | Public APIs allowed | General deployment |
use batuta::serve::{BackendSelector, PrivacyTier}; let selector = BackendSelector::new() .with_privacy(PrivacyTier::Sovereign); // Returns only local backends: Realizar, Ollama, LlamaCpp let backends = selector.recommend();Verify model integrity before loading:
use pacha::signing::{SigningKey, sign_model, verify_model}; let signing_key = SigningKey::generate(); let signature = sign_model(&model_data, &signing_key)?; // Verification fails if model tampered verify_model(&model_data, &signature)?;Protect models during distribution:
use pacha::crypto::{encrypt_model, decrypt_model}; let encrypted = encrypt_model(&model_data, "password")?; let decrypted = decrypt_model(&encrypted, "password")?;- The Batuta Book — Comprehensive guide
- Sovereign AI Stack Book — Complete stack tutorial with 22 chapters
- API Documentation — Rust API reference
- Specifications — Technical specifications
Batuta applies Toyota Production System principles:
| Principle | Application |
|---|---|
| Jidoka | Automatic failover with context preservation |
| Poka-Yoke | Privacy tiers prevent data leakage |
| Heijunka | Spillover routing for load leveling |
| Muda | Cost circuit breakers prevent waste |
| Kaizen | Continuous metrics and optimization |
# Clone repository git clone https://github.com/paiml/batuta.git cd batuta # Build cargo build --release # Run tests cargo test # Build documentation mdbook build bookContributions are welcome! Please follow these guidelines:
- Fork the repository and create your branch from
main - Run tests before submitting:
cargo test --all-features - Run lints:
cargo clippy --all-targets --all-features -- -D warnings - Format code:
cargo fmt --all - Update documentation for any API changes
- Submit a pull request with a clear description
See our CI workflow for the full test suite.
MIT License — see LICENSE for details.
Batuta — Orchestrating sovereign AI infrastructure.