---
title: Repo Organization
type: reference
tags: :passepartout:architecture:infrastructure:
created: 2026-05-28
---

← Architecture index

# Repo Organization

Passepartout spans multiple repos across three tiers:

## Tier 1: Core Passepartout

| Repo | Description | Language |
|------|-------------|----------|
| passepartout | PDS (Personal Data Store) — protocol server, gate orchestration, storage | Common Lisp (SBCL) |
| passepartout-saas | SaaS control plane — billing, enterprise dashboard, marketplace listings, usage monitoring | Web stack (TBD) |
| relay | Social protocol relay — pub/sub message routing between PDSs | Initially sidecar, possibly Lisp when loop generates it |

## Tier 2: Client Applications

| Repo | Description | Language |
|------|-------------|----------|
| passepartout-app/ios | Native iOS client | Swift |
| passepartout-app/android | Native Android client | Kotlin |
| hardware-firmware | Hardware wallet firmware | loop-generated target (small, constrained) |

## Tier 3: Extracted Spec Libraries

Each is a published standard implemented as a standalone Common Lisp library. Separated from the PDS early so the core stays lean and the libraries are available to other projects.

| Library | Spec | Dependencies |
|---------|------|-------------|
| cl-dag / cl-cid | IPLD/Merkle DAG, CID encoding | cl-crypto (SHA-256) |
| cl-did | W3C DID specification, did:key method, Ed25519 key management | cl-crypto |
| cl-jose | JWE/JWS envelope handling | cl-crypto |
| cl-double-ratchet | Signal Double Ratchet algorithm, forward secrecy | cl-crypto |
| cl-bip | BIP-32 (HD derivation), BIP-39 (mnemonics), BIP-44 (path scheme) | cl-crypto |
| cl-didcomm | DIDComm v2 message packing, forwarding, routing | cl-did, cl-jose, cl-double-ratchet |

## Sidecar Strategy (Initial Release)

The first release ships spec-compliant behavior via battle-tested C/Rust implementations before native CL libraries mature:

| Domain | Initial approach | Target replacement |
|--------|-----------------|-------------------|
| DAG/CID storage | IPFS HTTP API (sidecar daemon) | cl-dag native |
| Double Ratchet | CFFI → libsignal (Signal's C library) | cl-double-ratchet |
| DID operations | CFFI → didkit (Spruce, Rust + C bindings) | cl-did |
| DIDComm | CFFI → didcomm-rust (DIDComm WG, C bindings) | cl-didcomm |
| BIP derivation | Sidecar script or CFFI → libbitcoin | cl-bip |
| JOSE envelopes | CFFI → libjose or OpenSSL CMS | cl-jose |

Each replacement is independent and non-blocking. The gate (Neurosymbolic Agent stage) can verify sidecar responses against policy while the library is still a black box.

## Key principle

Published specs → separate library. Internal design choices → stay in the PDS repo until a second consumer appears.

→ SaaS Architecture
→ Social Protocol

:PROPERTIES:
:CREATED:  [2026-05-11 Mon]
:WEIGHT:  64
:ID:       af9ce196-24a5-4035-bc02-83ddd60c1b09
:END: