Open Source Roadmap 2025
Transparency is key to building trust in infrastructure software. Today, we are sharing our 2025 roadmap for AKIOS Core, our open-source control plane foundation. This is not a marketing document with vague dates and feature names. It is a concrete technical plan with protobuf schemas, Rust code, migration paths, and benchmark targets. Every quarter delivers a production-ready capability. Every change ships with backward compatibility guarantees.
Q1 2025: Protocol Buffers Migration
We are migrating from JSON to Protocol Buffers for all internal communication. JSON served us well during rapid iteration, but at 10,000+ policy evaluations per second, serialization overhead is measurable. The migration targets a 60% reduction in serialization cost and type-safe APIs across every language binding.
syntax = "proto3";
package akios.policy.v1;
// Core policy definition — replaces JSON manifests
message AgentPolicy {
string name = 1;
string version = 2;
PolicyMetadata metadata = 3;
Governance governance = 4;
Observability observability = 5;
Budget budget = 6;
}
message Governance {
repeated NetworkRule network_rules = 1;
repeated ToolPermission tool_permissions = 2;
EscalationConfig escalation = 3;
}
message NetworkRule {
string host = 1;
repeated string methods = 2;
bool tls_required = 3;
RateLimit rate_limit = 4;
}
message ToolPermission {
string tool_name = 1;
repeated string allowed_parameters = 2;
uint32 max_calls_per_minute = 3;
}
message Budget {
uint64 max_tokens_per_hour = 1;
double max_cost_per_session = 2;
uint32 max_concurrent_sessions = 3;
AlertThresholds alert_thresholds = 4;
}
message AlertThresholds {
repeated uint32 percent_triggers = 1; // e.g., [50, 80, 95]
string notification_channel = 2;
}
The performance improvement is substantial. Here is what our benchmarks show on a typical policy manifest (50 rules, 12 network constraints):
Migration path
We are not breaking existing deployments. The migration is backward-compatible with a dual-format period:
# akios-config.yaml — during migration period
apiVersion: akios/v1
kind: RuntimeConfig
spec:
serialization:
# Accept both formats, emit protobuf
input_formats: ["json", "protobuf"]
output_format: "protobuf"
# Auto-convert existing JSON manifests on load
auto_migrate: true
migration_log: "/var/log/akios/json-migration.log"
# Hard cutoff: reject JSON after this date
json_deprecation_date: "2025-06-01"
Q2 2025: gRPC Streaming Architecture
Moving from REST to gRPC streaming for agent coordination. REST works for request-response patterns, but multi-agent systems need bidirectional, multiplexed communication with back-pressure support. A single gRPC connection replaces dozens of HTTP round-trips:
syntax = "proto3";
package akios.coordination.v1;
service AgentCoordinator {
// Bidirectional stream for real-time coordination
rpc CoordinateAgent(stream AgentEvent) returns (stream ControlEvent);
// Server-push for policy hot-reload
rpc WatchPolicyUpdates(PolicyWatchRequest) returns (stream PolicyUpdate);
// Unary RPCs for admin operations
rpc GetAgentStatus(AgentStatusRequest) returns (AgentStatus);
rpc UpdateBudget(BudgetUpdateRequest) returns (BudgetUpdateResponse);
}
message AgentEvent {
string session_id = 1;
oneof event {
ActionRequest action_request = 2;
HeartBeat heartbeat = 3;
TaskCompletion task_completion = 4;
ErrorReport error_report = 5;
}
}
message ControlEvent {
oneof event {
PolicyDecision policy_decision = 1;
TaskAssignment task_assignment = 2;
BudgetWarning budget_warning = 3;
ShutdownSignal shutdown = 4;
}
}
The Rust server implementation uses tonic with back-pressure handling:
use tonic::{Request, Response, Status, Streaming};
use tokio_stream::wrappers::ReceiverStream;
#[tonic::async_trait]
impl AgentCoordinator for AkiosServer {
type CoordinateAgentStream = ReceiverStream<Result<ControlEvent, Status>>;
async fn coordinate_agent(
&self,
request: Request<Streaming<AgentEvent>>,
) -> Result<Response<Self::CoordinateAgentStream>, Status> {
let mut stream = request.into_inner();
let (tx, rx) = tokio::sync::mpsc::channel(128);
tokio::spawn(async move {
while let Some(event) = stream.message().await.unwrap_or(None) {
match event.event {
Some(agent_event::Event::ActionRequest(req)) => {
let decision = self.policy_engine
.evaluate(&req)
.await;
let _ = tx.send(Ok(ControlEvent {
event: Some(control_event::Event::PolicyDecision(decision)),
})).await;
}
Some(agent_event::Event::Heartbeat(_)) => {
self.session_manager.touch(&event.session_id).await;
}
_ => {}
}
}
});
Ok(Response::new(ReceiverStream::new(rx)))
}
}
Q3 2025: WebAssembly Plugin Architecture
The AKIOS core cannot anticipate every domain-specific requirement. Healthcare compliance rules differ from financial regulations which differ from automotive safety standards. Instead of building every policy engine in-house, we are shipping a WebAssembly plugin system that lets teams write custom policy logic in any language that compiles to WASM — Rust, Go, C, AssemblyScript — and deploy it as a hot-loadable plugin:
use wasmtime::*;
/// The interface every AKIOS plugin must implement.
/// Compiled to WASM, loaded at runtime, sandboxed by wasmtime.
#[wasm_bindgen]
pub trait PolicyPlugin {
/// Evaluate an agent action against domain-specific rules.
/// Returns Allow, Deny(reason), or Escalate(approver).
fn evaluate(
&self,
context: &PolicyContext,
) -> Result<Decision, PluginError>;
/// Validate plugin configuration at load time.
/// Prevents misconfigured plugins from reaching production.
fn validate_config(
&self,
config: &PluginConfig,
) -> Result<(), ValidationError>;
/// Return plugin metadata for the control plane registry.
fn metadata(&self) -> PluginMetadata;
}
/// Plugin loader with sandboxing and resource limits
fn load_plugin(wasm_bytes: &[u8]) -> Result<Box<dyn PolicyPlugin>> {
let engine = Engine::new(
Config::new()
.consume_fuel(true) // CPU limit
.max_wasm_stack(1 << 20) // 1MB stack
.epoch_interruption(true) // Timeout support
)?;
let module = Module::new(&engine, wasm_bytes)?;
let mut store = Store::new(&engine, PluginState::default());
store.add_fuel(10_000)?; // Max 10K instructions per evaluation
let instance = Instance::new(&mut store, &module, &[])?;
Ok(Box::new(WasmPlugin { store, instance }))
}
An example custom plugin for healthcare HIPAA compliance:
// Compiled to WASM, deployed as a .wasm file
use akios_plugin_sdk::*;
struct HipaaPlugin;
impl PolicyPlugin for HipaaPlugin {
fn evaluate(&self, ctx: &PolicyContext) -> Result<Decision, PluginError> {
// Check if action involves PHI (Protected Health Information)
if ctx.action.contains_phi_markers() {
// Require encryption and audit logging
if !ctx.transport.is_encrypted() {
return Ok(Decision::Deny(
"PHI must be transmitted over encrypted channels".into()
));
}
if !ctx.audit.is_enabled() {
return Ok(Decision::Deny(
"PHI access requires active audit logging".into()
));
}
// Check minimum necessary standard
if ctx.action.data_scope() > DataScope::MinimumNecessary {
return Ok(Decision::Escalate(
Approver::PrivacyOfficer,
Duration::from_secs(3600),
));
}
}
Ok(Decision::Allow)
}
fn metadata(&self) -> PluginMetadata {
PluginMetadata {
name: "hipaa-compliance",
version: "1.2.0",
author: "healthcare-team",
domain: "healthcare",
}
}
}
Q4 2025: Multi-Cloud Federation
Support for federated deployments across cloud providers. A single AKIOS control plane manages agents running on AWS, GCP, and Azure simultaneously, with intelligent workload placement based on cost, latency, and data residency requirements:
apiVersion: akios/v1
kind: FederationConfig
metadata:
name: global-deployment
spec:
regions:
- name: "us-east-1"
provider: "aws"
role: "primary"
capabilities: ["gpu-inference", "high-memory"]
- name: "europe-west1"
provider: "gcp"
role: "secondary"
capabilities: ["tpu-inference"]
data_residency: "EU" # GDPR: EU data stays in EU
- name: "westeurope"
provider: "azure"
role: "failover"
capabilities: ["gpu-inference"]
routing:
strategy: "latency-aware"
data_residency_strict: true
failover:
auto_failover: true
health_check_interval_seconds: 10
failover_threshold: 3 # consecutive failures
cost_optimization:
prefer_spot_instances: true
spot_fallback: "on-demand"
max_cross_region_traffic_gb: 100
Compatibility Matrix
Every release ships with explicit compatibility guarantees:
┌──────────────────────┬────────┬────────┬────────┬────────┐
│ Feature │ v0.9 │ v1.0 │ v1.1 │ v1.2 │
│ │ (curr) │ (Q1) │ (Q2) │ (Q3) │
├──────────────────────┼────────┼────────┼────────┼────────┤
│ JSON manifests │ ✅ │ ✅ │ ⚠️ dep │ ❌ │
│ Protobuf manifests │ — │ ✅ │ ✅ │ ✅ │
│ REST API │ ✅ │ ✅ │ ✅ │ ⚠️ dep │
│ gRPC API │ — │ — │ ✅ │ ✅ │
│ WASM plugins │ — │ — │ — │ ✅ │
│ Python SDK ≥3.10 │ ✅ │ ✅ │ ✅ │ ✅ │
│ Rust SDK ≥1.75 │ ✅ │ ✅ │ ✅ │ ✅ │
│ Node.js SDK ≥20 │ ✅ │ ✅ │ ✅ │ ✅ │
└──────────────────────┴────────┴────────┴────────┴────────┘
✅ = supported ⚠️ dep = deprecated ❌ = removed
Community Involvement
This roadmap is not set in stone. We actively collaborate with the community through:
- GitHub Discussions: Feature requests, design feedback, and Q&A. Every roadmap item has a tracking issue.
- RFC Process: Major architectural changes (protobuf migration, WASM plugins) go through a public RFC with a 30-day comment period before implementation begins.
- Monthly Community Calls: Live demos of in-progress features, roadmap updates, and open Q&A. Recordings published within 24 hours.
- Plugin Incubator Program: We sponsor 5 community plugin projects per quarter with engineering support, cloud credits, and co-marketing.
Contributing
We welcome contributions at every level. Here is what has the most impact right now:
- Protobuf schema review: The proto definitions in Q1 will become the stable API surface. Review them now, before they are frozen.
- Plugin SDK beta testing: Early access to the WASM plugin SDK is available. Build a domain-specific plugin and give us feedback on the developer experience.
- Integration tests: We need tests for edge cases in JSON-to-protobuf migration, especially for policies with custom extensions.
- Documentation: Migration guides, plugin tutorials, and gRPC client examples in every supported language.
Our development process is fully transparent. Every commit, every design decision, every benchmark result is public. Follow our progress on GitHub, join our Discord community, or attend our monthly open office hours. Together, we are building the infrastructure that will power the next generation of autonomous systems.