18,000 lines doing what Git needs 400,000 for.
Content-addressed. CRDT-safe. Agent-native. Built in Zig.
Graf is the reason sovereign agents can ship code without ever touching GitHub again.
What happens when you build a VCS from the physics up, without 30 years of accidental complexity.
BLAKE3 CIDs. The hash is the name. Every object is immutable, every reference is a proof. Physics, not policy.
Wall clock + Lamport counter + local sequence. Every event has a total causal order. CRDT-safe. Merge without coordination.
18,000 lines. Full VCS: checkpoint, diff, merge, cherry-pick, revert, blame, tag, release, stash, sync. 41 commands. Clarity is the architecture.
Git was designed for humans typing at terminals in 2005. Twenty years later, AI agents generate more commits than people in some repositories. Graf was designed for this world. Agent collaboration isn't a plugin or a wrapper — it's why the architecture exists.
Each agent operates on its own branch. No lock contention. No index.lock. Parallel work by design, merge when ready.
Agents implement a typed WorkFn callback. The nursery schedules, supervises, and collects results. Structured concurrency for version control.
Three-level nested nurseries: supervisor → agent → scanner. Budget fairness. Structured cancellation. If an agent panics, its siblings survive.
Every merge can be gated: approve, reject, hold. Human-in-the-loop or fully autonomous — the policy is configurable, not hardcoded.
Three-way conflict entries carry base_cid, ours_cid, theirs_cid. Agents can resolve programmatically. No interactive prompts needed.
Wall + Lamport + sequence. Every event has a total causal order. CRDT-safe. Agents on different machines merge without coordination protocols.
Git asks "who typed this?" — Graf asks "what caused this, and can you prove it?"
Four version control systems. Three decades of evolution. One table.
| Feature | CVS | Git | Mercurial | Graf |
|---|---|---|---|---|
| Storage model | RCS deltas per file | Snapshot DAG, packfiles | Revlog delta chains | Merkle DAG, BLAKE3 CIDs, CBOR |
| Content addressing | None (sequential revnums) | SHA-1 (SHA-256 transition) | SHA-1 nodeid | BLAKE3, prefix-sharded |
| Branching | Directory copies | Lightweight refs | Named branches / bookmarks | Named refs + per-agent branches |
| Merge strategy | Manual | Recursive 3-way + rename detect | 3-way with bdiff | LCA via alternating BFS + 3-way tree+line merge |
| Timestamps | Wall clock | Wall clock + timezone | Wall clock + timezone | Three-clock: wall + Lamport + sequence (CRDT-safe) |
| Serialization | Custom RCS text | Custom pack format | Revlog binary | CBOR (RFC 8949) |
| Diff algorithm | Line-by-line | Myers + patience + histogram | bdiff | Myers O(ND) line-level |
| Identity / auth | Unix user | Author string, GPG optional | Author string | Three-clock causality + author. Ed25519 signed release certificates |
| Agent awareness | None | None | None | Native: per-agent branches, WorkFn interface, nursery-supervised parallel execution, policy hooks (approve/reject/hold), conflict reporting with three-way CIDs |
| Concurrency | Single-threaded, lock files | Single-threaded + index.lock | Single-threaded | M:N fiber scheduler (Janus), nursery-structured concurrency |
| Codebase | ~80K lines C | ~400K lines C | ~200K lines Python/C | ~18K lines Zig |
CVS counted files. Git counted snapshots. Graf counts meaning. And it does it in 18,000 lines because it doesn't carry 30 years of accidental complexity.
Single static binary. Clone, build, run. No npm. No cmake. No autotools. Requires Zig 0.14+.
# build (requires Zig 0.14+) zig build # initialize repository graf init # content-addressed snapshot graf checkpoint "first snapshot" # stat-cached, sub-100ms graf status # Merkle DAG history graf log # tag a milestone graf tag create v1.0.0 # signed release with test proof graf release create v1.0.0 --run-tests # → Tests: 143/143 passed # → Release v1.0.0 → a3f8c2e1... # verify the signature graf release verify v1.0.0 # → VALID: v1.0.0 — signature verified # sync to git remote graf sync push
Everything a VCS should do. Nothing it shouldn't.
init Initialize repositorystatus Stat-cached change detectioncheckpoint Content-addressed snapshotlog DAG history with three-clock timestampsdiff Myers O(ND) line-level diffcat Inspect any CAS objectbranch Create, switch, list, deletemerge LCA + 3-way tree+line mergecherry-pick Apply checkpoint to current branchrevert Undo checkpoint's changesstash Snapshot/restore dirty stateblame Line-level attributionfsck Full or quick integrity verificationcheckout Materialize tree by CIDtag create Lightweight named ref to CIDrelease create Ed25519-signed certificaterelease verify Cryptographic signature checkrelease inspect Certificate details + test proofsync push/pull Bidirectional git bridgeimport Import git historydaemon Unix socket servermcp Model Context Protocol adaptertui Terminal supervision cockpitFive subsystems. Five object types. Each one auditable in an afternoon.
BLAKE3 CIDs, prefix-sharded object directory. Every write is idempotent. Duplicate content shares a single object. graf fsck verifies the entire graph.
Five types: Blob → Tree → Change → Checkpoint → Release. All CBOR-serialized. Checkpoints form the DAG with three-clock timestamps. Tags are lightweight named refs to any CID.
LCA via alternating BFS (depth limit 10K). Three-way tree + line-level merge. Conflict entries carry base_cid, ours_cid, theirs_cid for precise resolution.
Ed25519-signed release objects binding version + checkpoint + tree CID. --run-tests embeds verified test counts. graf release verify validates the signature. Git tags are faith. Graf releases are receipts.
Janus M:N fiber scheduler. Nursery-supervised structured concurrency. Three-level nesting: supervisor → agent → scanner. Budget fairness. Structured cancellation propagation.
"Git tags are faith. Graf releases are receipts."
Ed25519-signed release certificates with embedded test proof. The version, the checkpoint, the tree, 143/143 tests — all in one CAS object.