The whole fabric is small enough to draw from memory. 
                 ┌────────────────────┐
   client  ──►   │      Gateway       │  ──► tool fabric  ──► MCP servers
                 │  (admission, sched │
                 │   audit, identity) │
                 └─────────┬──────────┘
                           │ signed grants

                 ┌────────────────────┐
                 │     Coordinator    │  durable state, leases
                 └─────────┬──────────┘

            ┌──────────────┼──────────────┐
            ▼              ▼              ▼
      ┌─────────┐    ┌─────────┐    ┌─────────┐
      │  Roost  │    │  Roost  │    │  Roost  │   per-host execution
      │ driver+ │    │ driver+ │    │ driver+ │
      │ isolate │    │ isolate │    │ isolate │
      └─────────┘    └─────────┘    └─────────┘
Every component is a contract, not a class hierarchy. Anything you can speak the protocol to, you can swap.
ContractWhere it livesWhat it says
identityflocks-crypto, flocks-identityEvery node proves what it is.
executionflocks-gateway, flocks-driverTyped envelope from “want” → “ran”.
driverflocks-driver12-method trait per agent CLI.
toolflocks-tool, flocks-mcpCapability-scoped MCP routing.
transportflocks-meshTailscale / WireGuard / IP.
policyflocks-grantSigned grant; denied by default.
See the control plane and data flow for the runtime view.