Pure Rust, Single Binary: Why Shakti Compiles at Build Time
Compile-time prompts, a single audit boundary, and why we rejected a Python shim.
Shakti is a single Rust binary. The server, the dashboard static assets (via rust-embed),
the agent prompts (via include_str!), the Temporal worker, the Axon workers, the migration
tool — one binary. One artefact to sign, one artefact to audit, one artefact to deploy.
That isn’t a stylistic choice. It’s a governance choice.
Every supply-chain surface is audit surface
When you add a Python shim, you add a Python interpreter, a requirements.txt, a dependency
resolver, and a runtime that can pip install at startup. Each of those is a supply-chain
surface. Your SOC 2 auditor will ask you to demonstrate every one of them is locked,
reproducible, and SBOM-covered. Every surface you add costs you weeks of audit prep.
A single Rust binary collapses that surface to cargo + its lockfile + the reproducible build chain. We publish signed release binaries; customers verify the signature with cosign and deploy the same bytes we tested.
Compile-time prompts
Agent prompts are source code. Shakti loads every prompt at build time via include_str! so
the binary ships with a deterministic prompt set. There’s no runtime prompt fetch, no
template-override service, no “production prompt drift” an attacker can exploit. Upgrading
the prompt library is a version bump, a rebuild, and a signed release.
This matters more than it sounds like it should. Most LLM-product architectures fetch prompts from a database or a remote service at runtime; that’s a silent dependency on your database availability and an injection vector for anyone who can write to that row. Shakti prefers slower iteration cycles and stronger guarantees.
What we give up
We give up runtime prompt hot-swap. We give up a Python SDK. We give up “deploy a new adapter without a rebuild.” For a governance-first product, those are trades worth making; everything we swap in (compile-time guarantees, a smaller audit boundary, a single signed artefact) is in service of the customer’s compliance position.
If you’ve built in-house platform tooling in Python or Node, you already know the audit tax of that choice. Shakti took the other branch on purpose.