ZTS
ZAYAZ Technology Stack Specification
1. Purpose
This specification defines the approved technology stack for all ZAYAZ platform development.
The objective is to provide:
- Architectural consistency
- Agent-safe development
- Reduced technical debt
- Predictable operations
- Security standardization
- Compliance traceability
- Long-term maintainability
ZTS is the authoritative source for technology selection within the ZAYAZ ecosystem.
2. Core Principles
Principle 1 — Strategic Standardization
Prefer platform-wide standards over local optimization.
Principle 2 — AI-First Development
All technologies must be suitable for agent-assisted development.
Principle 3 — Cloud Neutrality
Avoid unnecessary vendor lock-in.
Principle 4 — Governance by Design
Every technology decision must support:
- Traceability
- Security
- Auditability
- Compliance
Principle 5 — Registry Driven Architecture
Applications consume:
ZIR
ZCT
ZRR
ZAR
HNC
rather than hardcoded relationships.
3. Approved Languages
Strategic
languages:
primary:
- TypeScript
approved:
- SQL
- GraphQL
- YAML
- JSON
specialized:
- Python
prohibited:
- PHP
- Ruby
- Perl
Rationale:
TypeScript becomes the universal platform language.
Python is permitted for:
- AI
- Data science
- Analytics
- Modeling
- Computation Hub
4. Frontend Stack
frontend:
framework:
technology: Next.js
language:
technology: TypeScript
ui:
technology: ShadCN
styling:
technology: Tailwind
forms:
technology: React Hook Form
visualization:
technology: Apache ECharts
state_management:
technology: Zustand
authentication:
technology: Keycloak
5. Backend Stack
backend:
runtime:
technology: Node.js
framework:
technology: NestJS
language:
technology: TypeScript
validation:
technology: Zod
api:
primary:
- GraphQL
secondary:
- REST
eventing:
pattern:
- Event Driven
6. Database Architecture
Transactional Store
transactional_store:
technology: PostgreSQL
purpose:
authoritative business data
Vector Store
vector_store:
technology: pgvector
purpose:
semantic retrieval
agent context
ontology search
Graph Store
graph_store:
technology: Neo4j
purpose:
dependency graph
blast radius analysis
ontology traversal
lineage analysis
Analytics Store
analytics_store:
technology: ClickHouse
purpose:
ESG analytics
KPI computation
reporting acceleration
Object Store
object_store:
technology: S3 Compatible
purpose:
reports
evidence
DAL artifacts
workflow outputs
7. Workflow Orchestration
Strategic Standard
workflow_engine:
technology: Temporal
Temporal SHALL orchestrate:
Hecate
ZARA
MICE
TrustGate workflows
Verification workflows
Report generation
Computation Hub jobs
No custom orchestration engines should be introduced without architecture approval.
8. Event Platform
event_platform:
technology: Kafka
Usage:
Domain Events
Workflow Events
Audit Events
Assurance Events
Agent Events
Mandatory patterns:
patterns:
- transactional_outbox
- schema_registry
- idempotent_consumers
9. Search Platform
search:
technology: OpenSearch
Usage:
Document Search
Ruleset Search
Schema Search
Component Search
Evidence Search
10. Identity & Access
iam:
technology: Keycloak
Capabilities:
SSO
OIDC
RBAC
ABAC
External Federation
Future:
TrustGate Integration
Verifier Federation
11. Agent Platform
Strategic Agents
agents:
intake:
- Hecate
architecture:
- ZARA
orchestration:
- ACP
coding:
- OpenAI Codex
- Claude Code
validation:
- Workflow Test Engine
governance:
- FAGF
12. Agent Development Policy
Agents MAY:
allowed:
- code generation
- unit tests
- integration tests
- workflow tests
- documentation
Agents SHALL NOT:
prohibited:
- approve contracts
- approve rulesets
- approve schemas
- bypass workflow tests
- deploy directly to production
13. CI/CD
cicd:
platform:
GitHub Actions
deployment:
GitOps
infrastructure:
Terraform
Mandatory gates:
required:
- lint
- unit tests
- contract tests
- workflow tests
- security scan
- blast radius validation
14. Observability
observability:
metrics:
Prometheus
dashboards:
Grafana
tracing:
OpenTelemetry
logging:
Loki
All services SHALL emit:
required:
- metrics
- traces
- structured_logs
15. Security Standards
Mandatory:
security:
secrets:
Vault
encryption:
AES256
transport:
TLS 1.3
dependency_scanning:
required
sbom:
required
16. Technology Maturity Model
Every technology SHALL be classified.
maturity:
strategic
approved
experimental
deprecated
prohibited
Example:
technologies:
PostgreSQL:
maturity: strategic
Neo4j:
maturity: strategic
MongoDB:
maturity: prohibited
Redis:
maturity: approved
17. Hecate Integration
Hecate SHALL use ZTS when generating implementation plans.
Example:
implementation_guidance:
language:
TypeScript
database:
PostgreSQL
workflow_engine:
Temporal
eventing:
Kafka
18. ACP Integration
Agent Control Plane SHALL validate generated code against ZTS.
Checks:
validation:
language_allowed
framework_allowed
database_allowed
workflow_engine_allowed
security_compliant
Non-compliant code SHALL be rejected.
19. Future Technologies
Candidate technologies:
evaluation_pool:
WASM
Rust Services
Lakehouse Analytics
Agent Swarms
Digital Twins
GraphRAG
These may not be used in production until promoted.
20. Normative Statement
ZTS is the authoritative implementation architecture specification for ZAYAZ.
All human developers, coding agents, CI/CD pipelines, Hecate, ACP, ZARA, and future automation systems SHALL treat this specification as the canonical source for approved technology selection and implementation governance.
APPENDIX A - Technology Decision Records (TDR)
- TDR-001 PostgreSQL
- TDR-002 Neo4j
- TDR-003 Temporal
- TDR-004 Kafka
- TDR-005 Next.js
- TDR-006 NestJS
Future TDRs: 7. TDR-007 ClickHouse 8. TDR-008 OpenSearch 9. TDR-009 Keycloak 10. TDR-010 Vault 11. TDR-011 pgvector 12. TDR-012 GitHub Actions 13. TDR-013 Terraform 14. TDR-014 Prometheus 15. TDR-015 Grafana 16. TDR-016 OpenTelemetry 17. TDR-017 Codex 18. TDR-018 Claude Code 19. TDR-019 ACP 20. TDR-020 Hecate
Link: Technology Decision Records (TDR).