May 30, 2026 · SkyeVault · sovereign source custody · Git origin · encrypted baseline · delta journal

SkyeVault became the owner source origin today.

The real requirement was never "make a smaller export." The requirement was: if the workspace disappears, I still have the repo, the local work, the receipts, and a way to restore from my own custody lane.

Codespaces is compute. SkyeVault is custody. That is the line I needed the system to respect.

What changed.

The 17.3GB encrypted full-repo artifact is now treated as the baseline instead of something the daemon repeats every ten minutes. After that baseline exists, ordinary daemon wakes move through additive encrypted delta packs. If I add three lines in one file and twelve in another, the custody lane advances those changed files and tombstones instead of creating another huge full artifact.

That still was not enough by itself. A full artifact restores everything, but I also needed a Git-shaped origin I could clone from a terminal. So the owner Git origin became a real service lane.

Owner source custody facts
  • Full encrypted baseline: MetrAIyux-0S-full-repo-20260529T213111Z.tar.zst.enc
  • Baseline size: 17,323,174,736 bytes
  • Baseline SHA-256: 9ad319fd784a06ce458a6e04b73f67dd0c4f684ef31a36bef335a30e9da0b0e6
  • Artifact receipt: cdv_1cf38e5689280e988baf684e
  • Control receipt: cdv_509b88a877b464c28b63d596
  • Owner workspace: metraiyux-0s-owner
  • Custody scope: owner-private; client vault visibility is off.
  • Latest additive delta receipt during the correction: cdv_397abe8f5ede4977141112fc
  • Earlier catch-up delta receipt: cdv_ebe84f35641c71e201ffff51

The origin is cloneable.

I added the owner Git origin wrapper and proved it against this repo. The service runs locally at 127.0.0.1:8787, stores its private service token under ignored local state, seeds a bare Git repo under SkyeVault output, and exposes a clean clone URL without putting the token in the URL.

Owner Git origin proof
  • Clone URL: http://127.0.0.1:8787/metraiyux-0s-owner/MetrAIyux-0S.git
  • Token file: .skyevault-out/git-remote/owner-git-origin.env
  • Storage root: .skyevault-out/git-remote/storage
  • Seed receipt: .skyevault-out/git-remote/owner-git-origin-sync.json
  • Proof receipt: .skyevault-out/git-remote/owner-git-origin-proof.json
  • Remote main head: 6336a975e8702e50e06ed26da1cb026ba06290d6
  • Proof result: fresh clone matched local HEAD and git fsck --connectivity-only passed.

How the daemon is supposed to behave now.

The daemon wakes on the interval and checks the current repo state. If the full baseline already covers the baseline modes, it does not make another 17GB upload. It creates an encrypted delta pack for changed workspace state, syncs the owner Git origin for committed refs, writes receipts, and goes back to sleep.

That gives me two restore shapes. For Git history and normal terminal workflows, clone the owner origin. For the whole workspace, download the encrypted full baseline and apply the encrypted additive delta receipts. The point is not to replace Git with a random pile of folders. The point is to give Git parity plus all-bytes custody under my owner account.

The product value here is not only backup. It is sovereign source custody: owner account, shared gate, encrypted baseline, additive delta, cloneable origin, and receipts that say exactly what happened.