evenn
/ netConstruyendo el shell confiable.
Identidad, pertenencia y clasificacion para el perimetro Mesh.
Escala 0 establece un borde enterprise-grade donde Auth0 certifica identidad y Evenn interpreta capa estructural, clearance y scope con deny-by-default real.
Evenn.net Shell // IAM Surface
Future IAM administrative surface.
EKO-IAM Canon
The canon exists. The index makes it readable. Runtime must consume it, not redefine it.
EKO asks. IAM decides. Mesh contextualizes.
EKO brings context. IAM brings authority. Mesh brings placement.
EKO failures fail closed. Public denial stays safe. Internal denial stays auditable.
Revocation beats context. Emergency lock beats normal access. EKO access cannot survive an active IAM/security lock.
Audit records evidence. Observability explains posture. Neither authorizes access.
Runtime must consume canon, not redefine it.
Evenn.net Shell // EKO Surface
Future human-facing EKO knowledge surface.
EKO Surface Notes
Access to this surface is governed by the EKO-IAM authority model (EKO-IAM-001 through EKO-IAM-005). EKO asks. IAM decides. Mesh contextualizes.
EKO-RECE is an external specialized repository. It is not mounted in the Evenn.net Shell. No runtime fetch. No snapshot sync. No knowledge query.
None. This surface is reserved and not activated. No EKO runtime exists in this shell.
RECE Bridge
EKO-RECE owns canonical entity existence. The Evenn.net Shell only displays bridge posture. No runtime fetch, no snapshot sync, no entity query.
Mesh Registry may bind operational nodes to RECE canonical refs via MeshReceRef. Mesh does not create or mutate RECE entities.
Snapshot Readiness
EKO-WEB-02 shows snapshot readiness. It does not fetch canon exports. When snapshotRef is null, no snapshot is connected. Format, generator, and access ceiling are declared by the export contract — the runtime client crosses the bridge when it exists.
RECE Client Probe
RECE export client is disabled by default. Shell remains operational.
EKO-WEB-04 shows export metadata. It does not render the canonical list yet. The shell renders regardless of probe status.
RECE Entity Catalog
Catalog unavailable. The shell remains operational.
RECE-ENTITY-READ-00 - shell impact: none
RECE Relation Catalog
Relation catalog unavailable. The shell remains operational.
RECE-REL-READ-00 - shell impact: none
Evenn.net Shell // Deployment Surface Map
Runtime / Stub
Deployed or stubbed surfaces1| surface | hostname / ref | owner | readiness | runtime | integration | audience |
|---|---|---|---|---|---|---|
| net.shell | evenn.net | platform | currentinternal | static_shell | none | operators · internal_humans |
Reserved Surfaces
Declared but not yet routed7| surface | hostname / ref | owner | readiness | runtime | integration | audience |
|---|---|---|---|---|---|---|
| mesh.web | mesh.evenn.net | mesh | reservedinternal | none | reserved | operators |
| iam.web | iam.evenn.net | iam | reservedinternal | none | reserved | operators · security |
| eko.web | eko.evenn.net | eko | reservedinternal | none | contract_only | internal_humans |
| eko.api | api.eko.evenn.net | eko | reservedapi | none | contract_only | agents · systems |
| security.web | security.evenn.net | security | reservedinternal | none | reserved | security · operators |
| clients.web | clients.evenn.net | clients | reserved | none | reserved | clients |
| platform.api | api.evenn.net | platform | reservedapi | none | reserved | systems · agents |
External Repositories
Specialized repos outside this monorepo1| surface | hostname / ref | owner | readiness | runtime | integration | audience |
|---|---|---|---|---|---|---|
| rece.external | eko-rece | external_specialized | reservedexternalinternal | external_specialized_repo | contract_only | systems · operators |
Scale 0 Identity Perimeter // Auth0 + EFS