Decouple Node Execution Plane to Zero-Dependency Go Daemon

Dockerfile

@@ -51,29 +51,30 @@ COPY . .
 CMD ["bash", "scripts/setup.sh"]
 
 # ----------------------------------------------------------------------
-# Stage 3: Hardened Release runtime copy (Compiled C Binary Modules)
+# Stage 3: Builder stage to generate assembly and compile Go daemon
 # ----------------------------------------------------------------------
-FROM base AS release-hardened
+FROM base AS release-builder
 
-# Initialize sandboxed virtual environment
-RUN uv venv --python 3.10
-ENV PATH="/app/.venv/bin:${PATH}"
-
-# Copy the entire Project ORCHID repository
+WORKDIR /app
 COPY . .
 
-# Install Nuitka and compile the Python control plane
-RUN uv pip install nuitka && \
-    python3 -m nuitka --module orchid/assembler.py --no-pyi-file --output-dir=build_nuitka && \
-    python3 -m nuitka --module orchid/simulator.py --no-pyi-file --output-dir=build_nuitka && \
-    python3 -m nuitka --module orchid/aggregator.py --no-pyi-file --output-dir=build_nuitka && \
-    # Remove raw Python files to protect IP
-    rm orchid/assembler.py orchid/simulator.py orchid/aggregator.py && \
-    # Move compiled shared object binary modules into package namespace
-    mv build_nuitka/*.so orchid/ && \
-    # Purge compilation cache and packages to shrink image
-    rm -rf build_nuitka && \
-    uv pip uninstall nuitka -y
+# Generate assembly kernels from planning specs
+RUN python3 -c \
+    "import sys; from orchid.assembler import main; sys.exit(main())" \
+    locality/matmul.plan --out-dir cmd/orchid-daemon
 
-# Default container target (executes full diagnostics setup)
-CMD ["bash", "scripts/setup.sh"]
+# Compile Go daemon binary
+RUN go build -o /app/orchid-daemon ./cmd/orchid-daemon
+
+# ----------------------------------------------------------------------
+# Stage 4: Hardened Release runtime copy (Zero-Dependency distroless)
+# ----------------------------------------------------------------------
+FROM gcr.io/distroless/base-debian12:nonroot AS release-hardened
+
+WORKDIR /app
+
+# Copy the compiled Go daemon executable
+COPY --from=release-builder /app/orchid-daemon /app/orchid-daemon
+
+# Default container target (executes full sweeps diagnostics)
+CMD ["/app/orchid-daemon", "--mode", "all"]

Makefile

@@ -38,9 +38,11 @@ test:
 
 # Compile Go daemon core binary executable
 build:
+	@echo "[BUILD] Generating assembly modules..."
+	@python3 -c "import sys; from orchid.assembler import main; sys.exit(main())" locality/matmul.plan --out-dir cmd/orchid-daemon
 	@echo "[BUILD] Compiling Go scheduler executable daemon..."
 	@mkdir -p build
-	@go build -o build/orchid-daemon ./scheduler/...
+	@go build -o build/orchid-daemon ./cmd/orchid-daemon
 	@echo "✓ Successfully compiled Go binary at: build/orchid-daemon"
 
 # Build Python SDK distributable packages

README.md

@@ -128,9 +128,9 @@ Project ORCHID publishes two distinct, optimized container flavors to the GitHub
 ### 1. Hardened Production Image (`ghcr.io/digitalserverhost/orchid:latest`)
 
 - **Target Stage:** `release-hardened`
-- **Compiled Control Plane:** Compiles the `orchid` Python SDK plane into optimized C/C++ extension modules (`.so`) using **Nuitka**.
-- **Source Protection:** Purges raw `.py` scripts inside the package namespace to prevent code extraction.
-- **High Performance:** Execution loops for micro-kernels and role-scheduling simulators execute at native C speeds.
+- **Zero-Dependency Go-Native Architecture:** Package holds ONLY the compiled native Go daemon (`orchid-daemon`) on top of a minimal, hardened `distroless` Debian environment (`base-debian12:nonroot`).
+- **No Python Dependency:** Completely eliminates the Python interpreter runtime, virtual environment setup, standard library headers, and Nuitka modules to minimize runtime footprints.
+- **Maximum Security & Performance:** The image runs under a non-privileged user space and loads execution kernels at native compiled CPU speeds with minimized startup latency.
 
 ### 2. Developer Sandbox Image (`ghcr.io/digitalserverhost/orchid:dev`)