Architecture Overview

SimPilot runs as a web plane that orchestrates the agent and a compute plane that runs solvers. The web plane is a Next.js app (apps/web) deployed on Vercel. The compute plane runs in AWS Batch / ECS / Fargate in production and as Docker containers locally — both honor the same workspace, artifact, event, and evidence contracts (see ADR 0001 and ADR 0010).

Chat, workspace tools, workflow runs, debug exports, and the public help surface all route through one runtime defined in packages/agent and surfaced via apps/web/lib/server-runtime.ts. There is no separate "chatbot brain" — the same kernel that drives an investigation drives the help drawer.

packages/protocol freezes the cross-cutting types: phases, workflow stages, execution checkpoints, classifications, approval timeouts, study coordinates, diagnostics state, UIMessage parts, and primitive types like CaseId and IsoTimestamp. Every service — agent, solvers, storage, workflows, telemetry — validates payloads at boundaries against these Zod schemas.

Solver execution flows through packages/compute. The runtime accepts a typed case, materializes files via a solver pack, launches commands through a policy-aware shell, parses live monitors with a sidecar, captures artifacts, and emits typed evidence. Local Docker and remote Batch share the same contract.

Every chat turn becomes a rollout record (packages/rollout); every run produces a content-addressed RunRecord (ADR 0015); every report bundles into a replay-safe artifact bundle (ADR 0026). Nothing important lives only in memory or in the chat transcript.

Cross-boundary calls are signed and schema-validated. The eight boundaries (tb-1 through tb-8) and the data-classification model (public / org-internal / tenant-restricted / secret) are defined in ADR 0004. See the Security & Trust Boundaries doc for the operating impact.