Obsidian Sentinel is a Rust-native real-time abuse signal clearinghouse prototype that ingests, normalizes, correlates, scores, and routes high-risk telemetry using the Obsidian Lattice™ correlation engine.
This first pass includes:
- Axum API (
/health,/signals) - Mock ingestion stream producing live signals
- Obsidian Lattice™ correlation stub and scoring pipeline
- Native Iced desktop console with live feed + heat indicator
- Local development scaffolding (
docker-compose.yml,k3s,flake.nix, migrations)
cargo runExpected behavior:
- Desktop console opens and updates in real time
- API serves on
127.0.0.1:3000
/obsidian-sentinel
├── Cargo.toml
├── src/
│ ├── main.rs
│ ├── lib.rs
│ ├── ingestion/
│ ├── normalization/
│ ├── lattice/
│ ├── scoring/
│ ├── orchestration/
│ ├── audit/
│ ├── console/
│ └── api/
├── migrations/
├── docker-compose.yml
├── k3s/
├── README.md
├── .env.example
└── flake.nix
The Obsidian Lattice™ module is the canonical correlation layer. In this bootstrap implementation it performs:
- Temporal spike extraction from observation timing
- Adaptive edge weighting from entity metadata shape
- Probabilistic soft matching from normalized confidence
- Composite lattice scoring for downstream suspicion prioritization
All future production correlation improvements should remain centralized in src/lattice/.