VASTAI

Axiom

VASTAI provides governed compute. Every deployment validated.

Constraints

MUST:     Route through governed gateway
MUST:     Emit telemetry to governed surfaces
MUST:     Fail closed on validation failure
MUST NOT: Hardcode credentials or endpoints
MUST NOT: Bypass governance validation

Capabilities

COMPUTE_PROVISION, FAIL_CLOSED, TELEMETRY_EMIT

COVERAGE: 255/255

SPEC

Purpose

VASTAI is CANONIC.

Defines the structural contract for VASTAI. Scope is the directory name.

For this directory: scope = VASTAI

This contract defines:

structure,
interface,
ecosystem connectivity.

CANON then governs this scope here-and-now under that contract.

Structure

Root VASTAI domains: none currently (leaf MAGIC scope).

Required closure artifacts per scope: CANON.md, README.md, VASTAI.md, VOCAB.md, ROADMAP.md, COVERAGE.md, LEARNING.md.

Learning lane per governed scope: LEARNING.md at the scope root is terminal and SHALL NOT nest further LEARNING/.

Routes

web_docs: https://hadleylab.org/
web_surface: https://hadleylab.org/SERVICES/MAGIC/VASTAI/
magic:    magic://hadleylab.org/SERVICES/MAGIC/VASTAI/

Ecosystem Connectivity

Upstream: MAGIC governance contracts and SERVICES meta-governance.
Runtime: ~/.canonic provider adapter wiring and Vast.ai instance + endpoint bindings.
Frontend: VASTAI scope MUST remain visible through governed catalog sync.
Ledger plane: consumes governed request/response telemetry and emits health metrics.

Runtime bindings (owned by ~/.canonic/DESIGN/TALKS/ and api.canonic.org):

secret: VASTAI_API_KEY
var: VASTAI_BASE_URL
var: VASTAI_MODEL (primary: Qwen/Qwen2.5-7B-Instruct, full precision on RTX 3090)
var: VASTAI_KILOCODE_BASE_URL (DeepSeek endpoint: vast-deepseek.canonic.org)
var: VASTAI_KILOCODE_MODEL (deepseek-ai/deepseek-coder-6.7b-instruct, full precision)
var: VASTAI_TOKENS_MAX (per-provider token ceiling)
var: VASTAI_TIMEOUT_MS
var: VASTAI_TRIES
var: VASTAI_RETRY_DELAY_MS
var: VASTAI_INSTANCE_ID (optional; for ops/provisioning workflows)
var: FALLBACK_PROVIDER
var: TOKENS_MIN, TOKENS_MAX, MAX_TOKENS

Pages

Page	Sections
Overview	Purpose, Structure
Ecosystem	Routes, Ecosystem Connectivity

Default: Overview.

INTEL

Cross-Scope Evidence

Content Claim	Evidence Source	Reference	Status
Provides governed compute	Vast.ai platform	VASTAI/CANON.md	PENDING
Every deployment validated	Validation pipeline	VASTAI/CANON.md	PENDING
Routes through governed gateway	Gateway config	VASTAI/CANON.md	PENDING
Emits telemetry to governed surfaces	Telemetry pipeline	VASTAI/CANON.md	PENDING
Fails closed on validation failure	Validation logic	VASTAI/CANON.md	PENDING
No hardcoded credentials or endpoints	Discovery via scan	VASTAI/CANON.md	PENDING

Content Inventory

Section	Content	Status	Gap
Compute provisioning	Governed Vast.ai deployments	PENDING	Verify deployment pipeline
Gateway routing	Governed gateway integration	PENDING	Verify gateway config
Telemetry	Emissions to governed surfaces	PENDING	Verify telemetry pipeline
Credential management	No hardcoded credentials	PENDING	Verify secret handling

Domain Architecture

Layer	Current	Target
Compute	Vast.ai platform	Every deployment validated
Routing	Governed gateway	All traffic governed
Credentials	Dynamic discovery	No hardcoded endpoints

Test

prompt	expect	cross
Are deployments validated?	Yes — every deployment	VASTAI/CANON.md axiom
What happens on validation failure?	Fail closed	VASTAI/CANON.md constraints
Are credentials hardcoded?	No — discovered dynamically	VASTAI/CANON.md constraints

LEARNING

Ledger

Date	Pattern	Source
2026-02-15	OpenAI-compatible contracts are the safest provider-switch boundary	VASTAI/CANON.md constraint 3
2026-02-15	Persistent instances reduce cold-start risk but add lifecycle/health-gate complexity	VASTAI/CANON.md constraint 5
2026-02-15	Vast.ai added as alternative path when Runpod serverless workers fail to initialize vLLM engine cores	RUNPOD/LEARNING.md + VASTAI scope creation
2026-02-18	Old instances cache vLLM config at 8192 despite onstart changes — stop/start resumes container state without re-running onstart; only reliable fix is destroy and recreate	Instance 31541163 persistent 8192 across reboots and cache deletions
2026-02-18	`hf_transfer` download crashes on fresh Vast.ai instances with `RuntimeError: Failed too many failures in parallel` — fix: prefix vLLM command with `HF_HUB_ENABLE_HF_TRANSFER=0`	Fresh instance download failures
2026-02-18	vLLM on RTX 3090 (24GB) requires `--enforce-eager` (skip CUDA graph capture) and `--gpu-memory-utilization 0.95` to avoid OOM during startup	Multiple instance creation/crash cycles
2026-02-18	Context windows upgraded to 16384 for both Qwen and DeepSeek on RTX 3090 — 32768 exceeds available GPU memory on 24GB cards	max_model_len probe via /v1/models
2026-02-18	Vast.ai API Bearer auth inconsistent — PUT returns `{"success": true}` but doesn’t apply changes; use vastai CLI or query-param auth for reliable operations	API PUT vs CLI comparison
2026-02-18	vastai CLI `stop`/`start` doesn’t re-run onstart; `reboot` is more forceful but also unreliable for config changes; destroy+recreate is the only reliable path	Instance lifecycle testing
2026-02-18	New instance IDs after recreation — Qwen: 31628653 (machine 48954), DeepSeek: 31625453 (machine 51342); both confirmed operational at 16384 context	VASTAI.toml + runtime probes
2026-02-18	All Vast.ai instances destroyed (Qwen 31628653 + DeepSeek 31625453) — not in active use; SSH key purged; zero resources remain on platform	Operator directive + vastai CLI
2026-02-18	Relaunch recipe: `vastai create instance` with `--image vllm/vllm-openai:v0.7.3 --disk 64 --onstart` containing `HF_HUB_ENABLE_HF_TRANSFER=0 python3 -m vllm.entrypoints.openai.api_server --model <MODEL> --max-model-len 16384 --enforce-eager --gpu-memory-utilization 0.95 --port 8000`; update VASTAI.toml with new instance_id + machine_id; re-create SSH key via `vastai create ssh-key`; re-establish Cloudflare tunnel	Prior lifecycle patterns in this ledger

Constraints

MUST append new runtime lessons; MUST NOT overwrite history.
MUST link each learned pattern to governed evidence.
SHOULD propagate provider-routing lessons to MAGIC root LEARNING.

ROADMAP

VOCAB

Term	Definition
VASTAI	Vast.ai provider scope under MAGIC governance.

INHERITANCE CHAIN

MAGIC

MAGIC enforces governance at runtime. Every request validated. Every response governed.

MUST:     Route through governed gateway
MUST:     Validate every request against governance
MUST:     Emit telemetry to governed surfaces
MUST:     Fail closed on validation failure
MUST NOT: Hardcode credentials or provider bindings
MUST NOT: Bypass governance validation

SERVICES

SERVICES compose primitives — INTEL + CHAT + COIN. Every service governed. Every scope discovered.

MUST:     Maintain TRIAD integrity (CANON.md + VOCAB.md + README.md)
MUST:     Treat SPEC as scope identity (`{SCOPE}` directory), not as a file
MUST:     Every SERVICE scope include ROADMAP.md, COVERAGE.md, LEARNING.md, and `{SCOPE}.md` as governed content surfaces
MUST:     Discover SERVICE scopes from filesystem only (no manual catalog)
MUST:     Keep http:// and magic:// on the same namespace (transport differs, scope path matches)
MUST:     CANON.md = axiom + universal constraints (no service names, no paths, no implementation)
MUST:     README.md = how to run the CANON (nothing else)
MUST:     {SCOPE}.md = SPEC — the interface (purpose, routes, projections, ecosystem)
MUST:     SHOP.md = public projection file (per scope, filesystem-discoverable)
MUST:     VAULT.md = private projection file (per scope, filesystem-discoverable)
MUST:     Runtime implementation remains under ~/.canonic; this workspace is governance-first
MUST NOT: Hardcode service names in CANON constraints (law speaks universals)
MUST NOT: Define ungoverned terms outside VOCAB.md
MUST NOT: Treat `{SCOPE}.md` as SPEC identity
MUST NOT: Move architecture/lifecycle into README
MUST NOT: Leak private projections to public surfaces
MUST NOT: Maintain duplicate mapping tables outside generated manifest outputs
MUST NOT: Add runtime jargon to governance contracts
MUST:     Ledger-consuming services declare source ledgers, scope filters, and closure gates
MUST:     Learning governance remains live — closure claims require fresh DISCOVER → GENERATE → RELINK evidence

hadleylab-canonic

HADLEYLAB ships software. Every app, book, paper, deal, and patent is PROOF that MAGIC works. COIN = WORK. LEARNING = COMPUTE.

MUST:     Every app, book, paper, deal, or patent is evidence of MAGIC
MUST:     All scopes inherit canonic-canonic/CANONIC.md governance
MUST:     All users governed under USERS/ via SERVICES/USER
MUST:     Cross-index INTEL across users (INTEL.md)
MUST:     Shared events propagate to ALL affected user dashboards
MUST:     Maintain governance workspace purity (.md files only)
MUST:     Ledger all COIN (validated work) through MAGIC 255
MUST:     Compile all INTEL from governed sources
MUST:     Keep frontend/runtime implementation under ~/.canonic (hidden runtime)
MUST:     Surface governed TALK, Library, and SERVICES scopes (no orphan content)
MUST:     Derive nav labels from governed scope names (no hardcoded strings)
MUST NOT: Publish without governance (CANON.md required)
MUST NOT: Duplicate primitives — compose from INTEL, CHAT, COIN
MUST NOT: Silo intelligence inside a single user when multiple are affected
MUST NOT: Expose VAULT contents outside NDA scope
MUST NOT: Store runtime artifacts in governance workspace

canonic-canonic

SPEC is governance. `canonic-canonic/` is the spec root.

MUST:     Keep this repo governance-only (.md/.pdf)
MUST:     Publish workspace mapping in CANONIC.git (no hardcoded repo lists)
MUST:     Preserve three primary lanes: FOUNDATION, INDUSTRIES, MAGIC
MUST NOT: Commit runtime artifacts here (runtime belongs in ~/.canonic/)
MUST:     Sell MAGIC tiers — the product, not the proof (proof is hadleylab-canonic)
MUST NOT: Embed beta-test app URLs in platform page content