Step-Graph Runner Built
apps/agents/runner/
Custom thin runner — ~400 lines. Each Step is a named class with declared input/output schemas. Honours all six §11.1 properties: explicit graph, deterministic transitions, introspectable state, declarative routing, replayability, localised failure.
Step, StepGraph, Run, RunStep
./manage.py replay_run <run_id> — deterministic replay
./manage.py render_graph falco_main — SVG of the graph
- ~2–3 s wall-clock per chat (Groq ~800–1000 ms, audit row writes ~1–1.5 s)
Drafter LLM Abstraction Built
apps/agents/llm/drafter.py
Vendor-neutral interface. Default path is a single Groq qwen/qwen3-32b call. When AGENTS_MODEL_RESOLUTION_ENABLED is on, the drafter resolves provider/model via the model registry with ordered fallback across Groq, Anthropic and OpenAI. Per §10, today's Groq-only behaviour is a configuration choice, not a code dependency.
Model Resolution + Fallback Built · flag-gated
apps/agents/llm/resolution.py
Multi-model provider resolution with ordered fallback over the existing model registry, behind AGENTS_MODEL_RESOLUTION_ENABLED · flag-gated (default off).
LLM Hook Seam Built · flag-gated
apps/agents/llm/hooks.py
Plugin hook seam exposing pre/post/session hooks around every LLM call, behind AGENTS_LLM_HOOKS_ENABLED · flag-gated (default off).
Context Compression + Lineage Built · flag-gated
apps/agents/llm/compression.py
Context compression with full ContextLineage and prompt-cache-stable prompts, behind AGENTS_CONTEXT_COMPRESSION_ENABLED · flag-gated (default off).
Learning Engine + Approval Queue Built · flag-gated
apps/learning/
Observation / ReflexionNote / CandidateLearning foundation with a human approval queue, behind LEARNING_ENABLED · flag-gated (default off).
Skill Loop (write_approval) Built · flag-gated
apps/learning/skills.py
Self-improving SKILL.md propose/approve loop guarded by a write_approval gate, behind LEARNING_SKILL_LOOP_ENABLED · flag-gated (default off).
ExpeL House-Rules + Voyager Built · flag-gated
apps/learning/expel.py · voyager.py
ExpeL self-pruning house-rules (HouseRule model) and Voyager-style skill growth, behind LEARNING_EXPEL_ENABLED · flag-gated (default off).
Multi-Agent Delegation Built · flag-gated
apps/agents/orchestration/delegate.py
delegate_task with multi-model routing (DelegatedTask model); the deterministic step-graph is retained as the analysis specialist, behind AGENTS_DELEGATION_ENABLED · flag-gated (default off).
FalcoDocs (Branch B) Partial
apps/agents/falco_docs/
Document retrieval active via Weaviate / RAPTOR chain. Typed structured handoff to a dedicated FalcoDocs Python agent in progress. Returns retrieved atoms with §3 metadata schema (event_time, ingest_time, source_id, source_kind, model_id).
- Neo4j cutover decided April 2026 — ingest half done; Django retrieval still on Weaviate
WebSearch tool (Branch C) Built
apps/agents/tools/web_search.py
Calls Perplexity sonar-pro with key from SSM. Returns sources with §3 metadata. Drafter LLM consumes results.
Calculation tool (Branch D) Built
apps/agents/tools/calculation.py
Restricted Python sandbox. Per §5, the LLM never produces numbers — calculation node does. Provenance attached to every numerical output.
Memory module — read+write Partial · hydrate + write live
apps/memory/
Step 02 hydrates context from
memory_user_profile and
memory_daily_log at session start. Step 14 dispatches async Celery write. Three memory types per Memory Architecture v1 —
semantic,
episodic,
procedural — specified but Phase 1 full deployment pending. The Supabase / MongoDB pattern from the n8n era is dropped. A curated always-on brain tier + distillation (
BrainTier/
BrainClaim,
apps/memory/brain.py) and a three-layer People model (Facts/Relationship/Synthesis,
apps/memory/people.py) now exist, flag-gated (
MEMORY_BRAIN_TIER_ENABLED /
MEMORY_PEOPLE_LAYERS_ENABLED).
- Now per-user (merged to main 25 Jun,
d2c4895): memory + learning are keyed by a stable user:<id> key from apps/memory/identity.py — every conversation a banker has shares one brain, and one user's memory is invisible to another. Today the owner is inferred from the conversation (model C); the authenticated chat endpoint makes it verified (model A).
Routing rules Built
apps/agents/routing/rules.yaml
Declarative YAML. One readable file. Decides which branch runs based on intent and confidence. Editable by Ilya without touching runner code.
FalcoMain endpoint — legacy/interim Built · live
POST /api/v1/agents/falco/main/
The live chat endpoint. Unauthenticated (model C) — accepts the n8n-shaped request, returns the n8n-shaped response, and lets the graph infer the owner from sessionId. Receives traffic via the n8n forwarder at backend.falconium.ai/n8n/webhook/df5cb261-…. Kept live as the safety net during iPad migration to the authenticated path; trusted-internal-devices only until then.
Authenticated chat endpoint — verified isolation Built · on branch, pending iPad
POST /api/v1/agents/falco/chat/ · branch feat/chat-path-auth
The production-grade chat path (model A). Requires
Authorization: Bearer <jwt>, runs as the
verified request.user (not inferred), and checks the conversation belongs to the caller —
403 on a cross-user attempt,
401 with no token. Same request/response wire shape as the legacy endpoint, so the iPad change is small: add the token + point the send here, dropping the anonymous n8n hop.
Built and tested on a branch; not yet on main — ships paired with the iPad change (PR + TestFlight). The login JWT now also carries
user_id/
email/
role claims (
UserTokenObtainPairSerializer).
- Still open before external use (separate backend hardening): wide-open
UsersViewSet, AccountSerializer Outlook-token leak, owner-less document/vector retrieval, unauthenticated audio WebSocket
Admin + User Dashboards Built · live
apps/dashboard/
Server-rendered Admin dashboard (superuser-only) and per-User dashboard, replacing the retired n8n/RAPTOR-era Django admin. Markdown-first config under a git-backed content/ root, routed through three thin stores so infrastructure can be repointed later. Now also hosts 7 Banker Brain control sections: Learning queue, Skill loop, Memory browser, House rules, Run monitor, Context & lineage, and Hooks & flags.
- ContentStore (filesystem+git, commit-on-save), RecordStore (Postgres), SecretStore (wraps secrets_admin/SSM)
- Config resolver: system default → product pack → user override
- Admin sections: system overview/health, users + audit-logged Open-as-user, models, agents, skills library, system style, databases, MCP toggles
- Dark shared web house style (also applied to secrets_admin + observability); admin/user view switcher
- Mounted at /dashboard/admin/ and /dashboard/ — live at backend.falconium.ai
API Payload Logging Built · live
apps/dashboard/request_logging.py
Middleware logging one structured JSON line per /api/* and /dashboard/* request — method, path, status, duration, user, IP, full request+response bodies. Sensitive fields (password, token, secret, authorization, cookie) redacted to ***; bodies size-capped 50KB; ships to CloudWatch /falconium/backend via the existing Vector pipeline. Controlled by API_LOG_* env vars.
Secrets Admin Built · live
apps/secrets_admin/
Superuser-only CRUD over /falconium/* SSM Parameter Store params; masked list, audited reveal/edit. Mounted at /admin/secrets/. Wrapped (not reimplemented) by the dashboard's SecretStore.