CANONIC survives any single point of failure.
| Failure | Impact | Recovery |
|---|---|---|
| Laptop loss | Local GOV + runtime lost | Clone from GitHub + restore runtime from backup |
| GitHub account compromise | Remote GOV repos at risk | Rotate tokens, restore from offsite backup, re-push |
| GitHub outage | CI/CD unavailable | Local magic validate continues; push when restored |
| LEDGER corruption | Economic history lost | Restore from backup; reconcile via CLOSE |
| VAULT breach | Private data exposed | Rotate keys, revoke access, audit LEDGER for unauthorized events |
GOV repos: ~/CANONIC/ (git bundle or mirror)
Runtime: ~/.canonic/ (encrypted archive)
LEDGER: ~/.canonic/LEDGER/ (append-only, versioned)
VAULT: ~/.canonic/VAULT/ (encrypted, auth-gated)
CI secrets: GitHub Actions secrets (documented, not backed up in tree)
RTO (Recovery Time Objective): 4 hours from fresh machine
RPO (Recovery Point Objective): last committed state (git push cadence)
Backup cadence: daily (automated) or per-push (manual)
Restore test cadence: quarterly
``
backup snapshot — encrypted tar.gz of VAULT, LEDGER, SERVICES, learning
backup restore
Encryption: gpg –symmetric –cipher-algo AES256 (passphrase from BACKUP_PASSPHRASE env var).
Monthly encrypted snapshot of LEDGER to offsite storage. Append-only — never prune active LEDGER.
` Schedule: 1st of each month Target: ~/.canonic/BACKUPS/LEDGER-{YYYY-MM}.tar.gz.gpg Retention: permanent (LEDGER is economic truth) `
Daily encrypted snapshot of VAULT directory.
` Schedule: daily (cron or CI) Target: ~/.canonic/BACKUPS/VAULT-{YYYY-MM-DD}.tar.gz.gpg Retention: 30 days rolling `
Quarterly SLA verification:
`
Create fresh temporary directory
Run: backup restore
| *RECOVERY | SPEC | COMPLIANCE* |