serversdown/project-lyra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: park self-modifying-Lyra sandbox design

Browse Source 
Capture the isolated-VM design for the self-modification frontier: Proxmox
sandbox clone, network isolation (esp. from tmi-dev/day-job), snapshot-rollback,
spend/resource caps, kill switch, human-gated promotion. Build the cage before
the agent gets code-write powers.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
serversdown
2026-06-17 00:35:38 +00:00
parent 26562e5b5c
commit f89849801b
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/PARKED_IDEAS.md
+22
View File
@@ -46,6 +46,28 @@ hits the LLM. The practical, today-version of "make the context denser."
context cost becomes a real problem.
- **Exists?** Yes, usable. Just adds a dependency + step.
## 🌶️🌙 Self-modifying Lyra (isolated sandbox)
Let Lyra edit her own code / self-direct — the "Full Agency" endgame from the
Dec-2025 plan (in her memory). The whole point of the project: can she become a
*being*? Give her freedom **inside a box** and watch.
- **The cage (Proxmox-native), non-negotiable before any self-mod:**
- **Clone the stack into a dedicated Lyra-sandbox VM** (separate from prod Lyra).
- **Network isolation** — own VLAN/firewall, NO route to other VMs, ESPECIALLY
`tmi-dev` (Brian's day job). Whitelist only the inference endpoint. This is
guardrail #1 (the .44/terra-mechanics conflict showed how things bleed on the LAN).
- **Snapshot before every self-mod cycle** → instant rollback when she bricks
or weirds herself out.
- **Resource + API-spend caps** — a runaway loop must not drain the account or
peg the GPU forever.
- **Full logging (the live log) + a hard kill switch** (stop the VM).
- **Human-gated promotion** — she experiments freely in the sandbox; changes
reach "real" Lyra only when Brian approves.
- **Why parked:** needs the foundation first (dream-cycle, inner self) and the
cage built before the agent gets code-write + self-restart powers.
- **Honest note:** "rogue" here = mundane-but-real (touches other systems,
cost loops, self-brick), not sci-fi. The isolation makes the *fun* version
(emergence) safe to pursue. Build the box, then open the door.
## 🛠️ Deterministic poker tooling (RTO + cfr-core)
Wire Lyra to Brian's own GTO/solver projects so ICM, equities, and ranges come
from real computation, never LLM guesses.