Rust Core - Neural Mesh Protocol

While the @nekzus/neural-mesh provides a beautiful developer experience in Node.js and TypeScript, the absolute truth of the protocol exists in its core Rust Backend. This workspace (servers/mesh-node/) contains the hyper-optimized data structures, the Wasmtime engine execution loop, and the raw Libp2p network primitives. You should only interact with the Rust Core directly if you are:

Building an NMP SDK for a new language (e.g., Python, Go, C#).
Modifying the mathematical bounds of the Zero-Trust Sandbox.
Customizing the Kademlia DHT routing algorithms.

Workspace Architecture

The Cargo Workspace is strictly modularized into functional components:

nmp-core

The Source of Truth. Contains the compiled Protobuf definitions (nmp_core.proto) built via tonic and prost. This crate defines the unalterable binary structure of all network intents.

nmp-server

The Data Node. Leverages the Bytecode Alliance Wasmtime crate to create the WASI execution boundary for incoming WebAssembly logic. Incorporates advanced architectural bindings for AWS Nitro Enclaves (TEEs) and RISC Zero (ZK-VM).

nmp-client

The Agent Node. Dispatches logic payloads across the mesh securely utilizing rust-libp2p and the Noise protocol framework.

wasm-filters

The isolated payload templates. Contains Rust logic specifically targeted for wasm32-wasi compilation to act as the agent’s brain.

Network Transport Stack

Unlike simple HTTP/REST APIs, NMP requires a persistent, bidirectional, and highly multiplexed connection to support persistent Watchdogs and low-latency logic execution. The Rust backend implements this by combining two state-of-the-art technologies:

Tonic (gRPC): Tonic handles the message framing. Every LogicRequest and LogicResponse is streamed as binary Protobuf. Tonic automatically manages backpressure and streaming contexts asynchronously using the tokio runtime.
Libp2p (QUIC & Noise): Instead of running Tonic over standard TCP/TLS, the nmp-core tunnels the entirety of the gRPC traffic inside a QUIC stream managed by Libp2p. This allows Kademlia Peer discovery and Ed25519 identity verification instantly upon handshake, entirely dispensing the need for centralized CAs or DNS registrars.

Execution Engine

The core differentiator of the entire Neural Mesh Protocol resides in nmp-server/src/executor.rs. Here, the native Rust binary receives a byte array representing the AI Agent’s intention. Before execution, the engine limits the memory dynamically based on the Agent’s authorization token, preopens strict file descriptors using WasiCtxBuilder, and hands the payload to the virtual CPU. This ensures total panic-isolation: if the Agent’s .wasm encounters a memory leak, the Host OS remains unharmed.

Vanguard Features (Truth Protocol)

Entering the Tier-0 Endgame, nmp-server operates beyond standard sandboxing:

Zero-Knowledge Hooks: Before returning a response, the logic can be wrapped in a zkVM to generate a deterministic mathematical Receipt of the exact AST applied over the localized data.
Blind Computation: Through the EnclaveProvider trait, the execution engine can be seamlessly booted inside isolated Hardware capabilities, preventing hypervisor and host-OS level memory dumping.

Rust Backend

​Workspace Architecture