● Field notes — Amsterdam

The Sovereign Stack

Engineering autonomous AI from first principles. Architecture decisions, postmortems, benchmarks — the unglamorous infrastructure choices that decide whether AI products actually ship.

by Damir Radulić · Founder, RiNET · 1996 internet pioneer · Amsterdam
2026-07-19
DATA SOVEREIGNTY
6 min read
Encrypting Every Inference at Rest: A Storage Strategy for EU AI Act Compliance
The EU AI Act demands encryption of inference data at rest. Here's a concrete storage strategy using LUKS, dm-crypt, and Postgres pgcrypto to comply without killing latency.
2026-07-19
CASE STUDIES (ANONYMIZED)
5 min read
A 12-Hour Agent Run That Failed at Minute 11: Postmortem on a Silent Input Poison
An agent ran for 12 hours but failed silently at minute 11 due to a poisoned tool output. Here’s the full root cause analysis and the three fixes we deployed.
2026-07-19
LESSONS LEARNED
5 min read
Running 4 GPUs on a Consumer Board: PCIe Lane Starvation and What We Did About It
We tried to run 4 GPUs on a consumer board and hit PCIe lane starvation hard. Here's how we diagnosed it and the workarounds that actually worked.
2026-07-18
4 min read
The Unseen Cost of GPU Flaky Firmware: How ECC Memory Saved Our Inference Pipeline
When GPU firmware degrades silently, inference quality suffers. Here's how ECC memory and firmware validation caught corruption before it hit production.
2026-07-18
ARCHITECTURE
7 min read
Multi-Modal Memory: Merging Graph and Vector Stores for Agent Recall
Vector databases excel at semantic similarity but fail at relational reasoning. Merging a graph store (Neo4j) with a vector store (Qdrant) gives agents structured, queryable memory that supports both fuzzy recall and exa
2026-07-18
5 min read
Simulating Chaos: Property-Based Tests for Agent Swarm Consensus Protocols
Why unit tests fail to catch race conditions in agent swarms and how property-based simulation reveals subtle consensus violations before they hit production.
2026-07-18
DATA SOVEREIGNTY
6 min read
Air-Gapped Audits: Running Compliance Checks on a Sovereign AI Without Network
Auditing AI systems with no network access is possible. Here's a concrete methodology using log attestation, hardware-backed TPMs, and offline model scans.
2026-07-18
CASE STUDIES (ANONYMIZED)
5 min read
Why Our 6-Token Retrieval Beat a Full-Context LLM: A RAG Optimization Case Study
We replaced a 128K-context LLM with a 6-token retrieval pipeline and cut latency by 90% while improving accuracy by 12%. Here's exactly how.
2026-07-17
6 min read
The True TCO of Sovereign AI: Bare Metal vs. Spot Instances Over 6 Months
A no-fluff breakdown of total cost of ownership for running sovereign AI inference and fine-tuning on bare metal versus spot instances, covering hardware, networking, operational overhead, and data egress.
2026-07-17
ARCHITECTURE
8 min read
Coordinating Write-Quorum Across 50 Agent Instances Without a Central Coordinator
How to achieve safe concurrent writes across dozens of autonomous agents using a decentralized quorum protocol, with no single point of failure or coordinator bottleneck.
2026-07-17
7 min read
Abandoning DNS for Autonomous Agent Mesh: Why We Use Bloom-Filter Based Peer Discovery
DNS is a single point of failure for agent meshes. We replaced it with Bloom-filter-based peer discovery for resilience and zero-config operation.
2026-07-17
7 min read
Stochastic Property-Based Testing for Agent Swarm Behaviors Beyond Unit Tests
Unit tests can't verify emergent swarm behaviors. Here's how to use stochastic property-based testing with real tools like Hypothesis and state machines to catch regressions in autonomous agent systems.
2026-07-17
LESSONS LEARNED
5 min read
When Agent Memory Exceeds Postgres Row Size: Sharding Conversation History Across Partitions
Postgres rows cap at 1.6 TB. For agent conversation history that exceeds this, shard across partitions using a time- or token-based key to keep queries fast and storage linear.
2026-07-16
AGENT SWARMS
6 min read
Running Agent Swarms in Docker Without Kubernetes: An Egress-Only Networking Approach
Learn how to run autonomous agent swarms in Docker without Kubernetes by implementing an egress-only networking architecture. This approach simplifies deployment, reduces complexity, and maintains security.
2026-07-16
ARCHITECTURE
4 min read
Unifying Postgres, Qdrant, and Neo4j Under a Single-Query Interface for Agent Memory
How to combine PostgreSQL (pgvector), Qdrant, and Neo4j behind a single GraphQL interface for agent memory, with real code and trade-offs.
2026-07-16
7 min read
Designing a Self-Healing Control Plane for Agent Swarms
A practical guide to building a control plane that survives crashes by persisting agent state in Postgres and using deterministic recovery.
2026-07-16
DATA SOVEREIGNTY
6 min read
Keeping Inference Logs on Local NVMe: A Storage Pattern for EU AI Act Audit Readiness
Store LLM inference logs on local NVMe drives to meet EU AI Act audit requirements while keeping data sovereign. A concrete pattern using systemd, logrotate, and parquet.
2026-07-16
ARCHITECTURE
7 min read
Action Replay Is Not Enough: Why Agent Memory Must Be Content-Addressable
Agents that rely on action replay—storing sequences of events—fail in debugging, audit, and long-term reasoning. Content-addressable memory is the fix.
2026-07-16
6 min read
Scheduling Inference Around CPU Thermal Throttling: A Practical Scheduler
A practical scheduler that monitors CPU temperature and reorders inference tasks to avoid thermal throttling, keeping throughput high and latency low.
2026-07-16
6 min read
Reproducing Agent Failures Locally: A Deterministic Replay Strategy
A practical strategy to capture all nondeterministic inputs of an agent run and replay them locally, making every failure reproducible.
2026-07-16
DATA SOVEREIGNTY
6 min read
Row-Level Security for Agent Swarms: Enforcing Tenant Isolation in Postgres
Learn how to enforce tenant isolation in multi-agent systems using PostgreSQL Row-Level Security. Includes audit triggers, connection pooling, and real-world benchmarks.
2026-07-16
8 min read
The Case Against Agent Self-Modification: Why We Lock the Core Loop
Self-modifying agents sound powerful but introduce catastrophic risks. Here's why we lock the core loop, how we implement it, and the concrete engineering tradeoffs.
2026-07-14
ARCHITECTURE
8 min read
Checkpointing at the Action Level: Why We Store Every Agent Step and How It Saves Runs
When an agent crashes mid-run, losing all progress is unacceptable. Action-level checkpointing saves every step so you can resume exactly where you left off.
2026-07-14
7 min read
Forensic Metrics for Swarm Behavior: Tracking Causality Not Just Outputs
Standard evaluation metrics miss what matters in agent swarms. Forensic metrics reconstruct causal chains from sensors to actions, revealing coordination failures and emergent behavior.
2026-07-14
CASE STUDIES (ANONYMIZED)
6 min read
Unifying Vector, Graph, and Relational Queries: A Real-World Agent Memory Deep Dive
We built a unified query layer over PostgreSQL that lets agents perform vector similarity, graph traversal, and relational joins in a single query. Here's the architecture, tradeoffs, and code.
2026-07-14
DATA SOVEREIGNTY
4 min read
Jurisdictional Inference Routing: Complying with the EU AI Act at the Proxy Level
A deep dive into implementing geo-aware proxy routing for LLM inference to comply with EU AI Act transparency and risk management requirements without sacrificing performance.
2026-07-14
AGENT SWARMS
5 min read
Why Your Agent Swarm Stalled: Silent LLM Backpressure and How to Handle It
Your agent swarm is stuck. The bottleneck isn't your code—it's LLM backpressure: silent, variable latency and rate limits that stall parallel agents. Here's how to measure, model, and break through it.
2026-07-13
6 min read
You Cannot Test Away Hallucination: Building a Statistical Guardrail Layer
Hallucination is a feature of autoregressive generation, not a bug you can fix with more tests. Here's how to build a statistical guardrail layer that catches lies before they hit production.
2026-07-13
CASE STUDIES (ANONYMIZED)
5 min read
The Chunk That Broke RAG: How 16 Tokens Wrecked Our Retrieval Pipeline
A single 16-token chunk containing only 'end of file' metadata caused a 40% drop in retrieval precision. Here's how we fixed chunking with semantic boundaries.
2026-07-13
DATA SOVEREIGNTY
5 min read
Where You Put Your Weights Matters: Jurisdictional Mapping for Sovereign AI
Model weights are not just bits—they are regulated assets. A practical guide to mapping weight storage to EU AI Act risk tiers, with code for automated compliance checks.
2026-07-12
AGENT SWARMS
4 min read
Distributed Locking for Agent Swarms: How We Prevented Two Agents from Editing the Same Postgres Row
When multiple agents race to update the same row, you need database-level coordination. Here's how we used Postgres advisory locks and row-level FOR UPDATE to prevent conflicts.
2026-07-12
ARCHITECTURE
6 min read
Durable Checkpointing Under Fire: How We Recover Agents After a GPU Hard Lock Without Lost Steps
When a GPU hard lock kills your agent mid-flight, you need more than periodic saves. Here's how we built crash-proof checkpointing with Postgres, systemd watchdog, and deterministic replay.
2026-07-12
5 min read
Beyond ROUGE and BLEU: A Forensic Metric for Grounded Answer Accuracy in Sovereign AI
ROUGE and BLEU measure n-gram overlap, not factual correctness. Here is a forensic metric for grounded answer accuracy built on entity extraction and relation validation.
2026-07-11
7 min read
Silent OOMs on Consumer GPUs: Detecting VRAM Fragmentation in Long-Running Inference
Consumer GPUs silently run out of VRAM over hours of inference due to fragmentation. Here's how to detect it, measure it, and prevent it with real tools.
2026-07-11
ARCHITECTURE
7 min read
No Public Endpoints: WireGuard-Meshing Every Service in a Sovereign AI Stack
How to use WireGuard to create a full mesh network for your self-hosted AI stack, eliminating public endpoints and reducing attack surface to zero.
2026-07-11
6 min read
Unit Tests for Agent Behavior: Validating Swarm Actions Before They Hit Production
Testing agent swarms is hard. Here's how we unit-test individual agent decisions and validate multi-step swarm actions before deployment, with real code and tradeoffs.
2026-07-11
LESSONS LEARNED
7 min read
Checkpointing Agent Conversations to Postgres: A Format That Survived a GPU Crash
After a GPU crash wiped 12 hours of agent work, we designed a Postgres-based checkpoint format that serializes full conversation state, tool calls, and LoRA context in under 50 ms.
2026-07-11
AGENT SWARMS
4 min read
When Agents Loop: Detecting and Breaking Infinite Cycles Without a Kill Switch
Infinite loops in agent swarms waste compute and stall pipelines. Here's how we detect them using cycle detection algorithms and break them gracefully without a hard kill switch.
2026-07-10
4 min read
Navigating Nvidia's Crippled NVLink: Why Our Multi-GPU Inference Tanked Without Peer-to-Peer
Our multi-GPU inference stack hit a wall when NVLink peer-to-peer failed. Here's how we diagnosed the bottleneck and recovered throughput with explicit GPU-to-GPU communication.
2026-07-10
CASE STUDIES (ANONYMIZED)
8 min read
Postgres Full-Text vs. pgvector Hybrid Search: What Our Civic Intelligence App Actually Needed
We compared PostgreSQL full-text search, pgvector embedding search, and a hybrid approach for a civic intelligence app. Here's what we learned and what we shipped.
2026-07-10
AGENT SWARMS
6 min read
When Agents Loop: Detecting and Breaking Infinite Cycles in Swarm Orchestration Without a Kill Switch
Infinite loops in agent swarms are not just bugs—they're a failure mode that can waste compute and corrupt state. Here's how to detect and break them without a kill switch.
2026-07-10
ARCHITECTURE
4 min read
The Three-Headed Memory: Resolving Conflicts Between Vector, Graph, and Relational Stores for Agent Recall
Building agents that remember means reconciling three fundamentally different storage paradigms. Here's how we designed a unified memory layer that resolves conflicts between vector, graph, and relational stores without
2026-07-10
DATA SOVEREIGNTY
5 min read
Pre-filtering Inference Requests at the Proxy: GDPR-Compliant Guard Against Personal Data in Prompts
How to build a transparent proxy that scans every prompt for PII before it reaches the model, logs violations, and blocks requests — all without touching training data or model weights.
2026-07-09
LESSONS LEARNED
5 min read
Documentation Drift in Autonomous Systems: Keeping Specs Alive When Agents Change Fast
Autonomous agent systems evolve faster than docs can keep up. Here's how we detect, measure, and fight documentation drift with automated validation and living specs.
2026-07-08
7 min read
No Public DNS: Operating a Sovereign AI Stack with mDNS and Peer Discovery
Eliminate dependency on public DNS by using mDNS and peer discovery for your on-prem AI infrastructure. Practical guide with systemd, WireGuard, and Avahi.
2026-07-08
5 min read
Designing Audit Logs for the EU AI Act: A Schema That Survives a Regulator Visit
A practical guide to building audit log systems compliant with the EU AI Act, with a concrete PostgreSQL schema that supports forensic analysis and regulator scrutiny.
2026-07-08
6 min read
Sovereign AI Is Not a Product: Why We Built an OS, Not a Platform
We built a sovereign AI operating system from scratch because platforms extract value; an OS lets you own the stack end-to-end. Here's the architecture, tradeoffs, and lessons learned.
2026-07-08
CASE STUDIES (ANONYMIZED)
5 min read
Postgres as Autonomous Memory: Why Our AI Crashed When Indexing 10M Vectors
Indexing 10 million vectors in pgvector crashed our autonomous agent. Here's the full postmortem: what broke, why, and how we rebuilt it to handle 100M+ vectors without a hiccup.
2026-07-05
DATA SOVEREIGNTY
5 min read
Why we reject GDPR consent tokens at the proxy layer: a sovereign AI's data minimization pattern
Consent tokens leak user intent and violate data minimization. We block them at the proxy before they reach inference, preserving privacy and compliance.
2026-07-05
5 min read
Simulating Daylight Savings Chaos: Stress-Testing Agent Swarms Against Temporal Edge Cases
Daylight savings shifts break cron, timeouts, and order-by timestamps. Here's how we systematically simulate temporal edge cases in agent swarms using PostgreSQL, systemd, and custom time-warp scripts.