Skip to content

metisos/contextsync-protocol

Repository files navigation

ContextSync Protocol

The git for organizational context.

An open protocol for synchronizing versioned, permissioned, auditable organizational knowledge between human and AI actors.

Content-addressed. Versioned. Permissioned. Auditable. Real-time.


What is ContextSync?

ContextSync is a protocol specification — not a product, not a framework, not a library. It defines how organizational artifacts (policies, procedures, datasets, business intelligence) are addressed, versioned, permissioned, queried, and mutated across any number of human users and AI agents.

MCP solved how agents connect to tools. ContextSync solves how agents connect to organizational context.

Any organization can implement it. Any agent framework can speak it. Any tool vendor can integrate with it.


Why

Organizations deploying AI agents alongside human teams have no standard protocol for keeping both sides synchronized on the same organizational context. Knowledge lives fragmented across Slack, email, drives, wikis, and SaaS tools.

When a human updates a compliance policy at 09:00, the agent processing customer requests at 09:05 has no way of knowing the policy changed. When an agent writes a research brief, the human reviewing it cannot trace which source versions it used.

This produces three cascading failures:

  • Information decay — agents operate on stale context; in regulated industries this is a compliance risk
  • Coordination collapse — multiple actors writing to the same knowledge base with no protocol governing ordering, conflict detection, or attribution
  • Auditability gap — no audit trail that captures the full provenance chain across the human-AI boundary

The Five Primitives

1. Content-Addressed Artifacts

Every artifact gets a stable, unique URI:

ctx://{org}/{domain}/{id}

This address persists across edits, moves, and renames. The URI scheme is hierarchical: organizations contain domains, domains contain artifacts.

2. Versioned State

Every mutation produces a new version with a monotonically increasing version number, an author (human or agent), a timestamp, a change summary, and a content-addressable hash (SHA-256). Any actor can request a line-level diff between any two versions. Full rollback is supported.

3. Change Subscriptions

Actors subscribe to change feeds on specific artifacts, domains, or the entire context. Notifications are delivered via Server-Sent Events containing the diff, author, and version number. No polling. Millisecond propagation.

4. Permissioned Access

Permissions are expressed as tuples:

(actor | agent_class, artifact_pattern, operations)
  • Grants target a specific actor (human-alex-chen) or an entire agent class (compliance-monitor)
  • Patterns support glob wildcards: ctx://acme/compliance/*
  • Operations: read, write, suggest, approve, admin
  • The system is default-deny: no access unless explicitly granted

5. Provenance Tracking

Every read and write is recorded as an immutable provenance entry: who, what artifact, which version, when, and optionally what downstream artifact it informed. This is the layer that answers the question regulators ask.


Protocol Surface

See SPEC.md for the complete protocol specification including request/response schemas, error codes, and object models.

Summary

Resource Endpoints
Artifacts Create, read (with version), update, soft-delete, history, diff, list
Actors Create, list, get
Changes Global feed, domain-scoped feed
Subscriptions Create, stream (SSE), delete
Permissions Grant, list, explain
Provenance Query by artifact or actor

Object Models

Artifact

Field Type Description
uri string ctx://{org}/{domain}/{id}
name string Human-readable name
org string Organization identifier
domain string Functional domain (compliance, engineering, hr, etc.)
content_type string MIME type
head_version integer Current version number
created_at ISO 8601 Creation timestamp
updated_at ISO 8601 Last mutation timestamp

Actor

Field Type Description
actor_id string Unique identifier
actor_type enum human or agent
name string Display name
agent_class string (agents only) Class for permission grouping

Change Event

Field Type Description
event_id string Unique event identifier
event_type string artifact.created or artifact.updated
artifact_uri string The artifact that changed
version integer New version number
previous_version integer Prior version (null for creates)
author_id string Who made the change
summary string Human-readable change description
diff_json object Diff statistics
created_at ISO 8601 Event timestamp

Permission Tuple

Field Type Description
actor_id string Specific actor (mutually exclusive with agent_class)
agent_class string Agent class for bulk grants
artifact_pattern string Glob pattern (ctx://acme/compliance/*)
operations string[] read, write, suggest, approve, admin

Provenance Record

Field Type Description
prov_id string Unique record identifier
actor_id string Who performed the operation
operation enum read or write
artifact_uri string Target artifact
version_touched integer Version that was read or created
downstream_uri string (optional) Artifact this read informed
created_at ISO 8601 Timestamp

Documents

Document Description
SPEC.md Complete protocol specification
WHITEPAPER.md Problem statement, protocol design, evaluation
ENTERPRISE.md GCP and AWS production architectures
COMPETITIVE.md Competitive landscape analysis

Team

  • Christian Johnson
  • Vikas Badam
  • Sage Hart
  • Eswari Subbiah

License

Apache License 2.0 — see LICENSE


ContextSync | DevFest 2026 | WashU

About

No description, website, or topics provided.

Resources

License

Contributing

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors