Skip to content
Starfly
Search limited to v1.0. Switch to the latest version for up-to-date results.

Starfly Fabrics ecosystem

This content is for v1.0. Switch to the latest version for up-to-date documentation.

Starfly alone is enough. Everything on this page is optional — companions that extend the fabric when you are ready. None of them sit on the exchange or revocation hot paths.

The map

Section titled “The map”
     [ Reflector · SSF Relay · Reasoner · CALM Forge ]
                  async · sense · relay · judge
                            
           [ Graph · Dashboard · LPA Crypto Heart ]
                  memory · watch · signed policy
                            
                    ┌───────────────┐
                    │    Starfly    │  ← deploy this first
                    │  identity PEP │
                    └───────────────┘
                            
        [ Credential patterns · SPIFFE · K8s · Vault · cloud ]
                  upstream issuers (public) → private PEP (WIMSE)

Companion picker

Section titled “Companion picker”
CompanionWhy it existsStatus
StarflyExchange, revoke, MCP verify — the fabric coreShippedthis repo
Credential patternsSPIFFE, K8s, Vault, cloud WI feed exchangeShipped
CALM ForgeDesign-time graph — what workloads should doSatellite — project-calm-forge
Starfly GraphRuntime memory — lineage, blast radiusPreview
DashboardHuman NOC — metrics, SSE, federation watchPreview
ReflectoreBPF senses — observe MCP/tool traffic on the platformPreview — workload-ebpf-reflector
SSF RelayMotor layer — fan CAEP/SET to enterprise sinksPreview
ReasonerCoherence — design vs runtime drift, shadow agentsPreview
LPA Crypto HeartSigned policy bundles and provenance heartbeatsPreview

Layers (how to think about it)

Section titled “Layers (how to think about it)”
LayerQuestion it answersMembers
UpstreamWho attested this workload?SPIFFE/SPIRE, K8s, Vault OIDC, cloud WI → credential patterns
CoreWhat token may leave the fabric?Starfly PEP
Memory & opsWhat happened? What should have?Graph, Dashboard, CALM Forge
Sense & motionWhat does the platform see? Where do signals go?Reflector, SSF Relay
JudgmentDoes runtime match intent?Reasoner
ProvenanceIs policy tamper-evident?LPA Crypto Heart

Start here

Section titled “Start here”
  1. Getting started — first WIMSE JWT in 15 minutes
  2. How the fabric thinks — determinism, graphs, autonomic loop
  3. Integrators — wire agents and tools
  4. Pick one companion when you have a concrete need — not all at once
Section titled “Related”