ἀκρόασις - attentive reception
Every tool for radio, mesh networking, spectrum monitoring, network security, or communications is a separate thing. Separate interfaces, separate data models, separate mental contexts. A mesh node goes offline while frequency activity spikes nearby and a network IDS fires an alert. Three tools. Three windows. No one connecting the dots.
Akroasis is the attempt to fix that.
One system. One signal model. Every domain produces typed signals into the same pipeline. Radio anomalies correlate with network threats correlate with proximity intelligence correlate with OSINT. The convergence is where the intelligence lives - not in any single domain but in the relationships between them.
6 crates shipped, 12 planned. 10 capability domains. Rust from the ground up.
| Domain | Crate | Status | What |
|---|---|---|---|
| Foundation | koinon | ✓ | Shared types, signal model (7 domains), entity index, temporal baseline engine (Welford's algorithm), tamper-evident logging. |
| Foundation | kryphos | ✓ | Encryption (ChaCha20-Poly1305), key management (Ed25519), credential vault, Argon2id derivation, identity segregation. |
| Radio Management | syntonia | ✓ | Frequency plans, channel programming, serial protocols - clean-room CHIRP replacement. Programs Baofeng UV-5R family directly. Yaesu FTM-510DR planned. |
| Mesh Networking | kerykeion | ✓ | Full Meshtastic protocol stack. Node management, topology awareness, message routing. Delay-tolerant networking with PACE automated failover. |
| Signal Intelligence | semaino | ✓ | Signal aggregation, convergence detection, anomaly baselines, alert pipeline with deduplication and severity classification. |
| SDR / Reception | dektis | ◻ | Spectrum monitoring, FM/AM/SSB demodulation, protocol decoding (APRS, ADS-B, P25). Jamming detection, direction finding, emitter fingerprinting. |
| Proximity Intelligence | engys | ◻ | WiFi, BLE, Zigbee, Z-Wave, NFC, RFID. Presence analytics, rogue device detection, counter-surveillance input. |
| Network Defense | aspis | ◻ | IDS/IPS - Suricata and Zeek orchestration with active response. CAN bus security for vehicle networks. IoT monitoring. |
| OSINT | skopos | ◻ | Feed aggregation, threat intelligence (STIX/TAXII), asset discovery. All collection routed through anonymization infrastructure. |
| Offensive Security | peira | ◻ | Penetration testing, vulnerability scanning, wireless security testing. Scope-locked with full audit trail. |
| Signal Intelligence | ichneutes | ◻ | Entity correlation, focal point synthesis, threat scoring. Forensic timeline reconstruction across all domains. |
| Automation | praxis | ◻ | Event-driven triggers, named playbooks, PACE communications, operational state machines. |
| Navigation | chorografia | ◻ | RF propagation modeling, infrastructure graphs, offline OSM navigation, space weather HF prediction. |
| Knowledge | pinax | ◻ | Offline knowledge repository - frequency databases, protocol specs, equipment manuals, topo maps. |
| Privacy | lethe | ◻ | VPN/proxy management, anonymization, IMSI catcher detection, OPSEC scoring. The etymological complement to Aletheia. |
| Interface | opsis | ◻ | TUI (ratatui), native app (Dioxus), web UI (Axum). Spectrum waterfall, mesh topology, intelligence dashboard. |
✓ = shipped, ◻ = planned
Collection Processing Action
┌─────────────────┐ ┌──────────────────┐ ┌─────────────┐
│ syntonia (radio) │ │ semaino │ │ praxis │
│ kerykeion (mesh) │ typed │ (aggregation, │ │ (playbooks, │
│ dektis (SDR/EW) │ signals │ convergence, │ │ triggers, │
│ engys (proximity)├────────►│ anomaly ├───►│ PACE, │
│ aspis (defense) │ │ baselines) │ │ state │
│ skopos (OSINT) │ │ │ │ machines) │
│ peira (offense) │ │ ichneutes │ │ │
└────────┬─────────┘ │ (correlation, │ └──────┬──────┘
│ │ focal points, │ │
┌────────▼─────────┐ │ threat scoring) │ ┌──────▼──────┐
│ koinon │ └──────────────────┘ │ opsis │
│ (signal model, │ │ (TUI, app, │
│ entity index, │ ┌──────────────────┐ │ web UI) │
│ temporal engine)│ │ chorografia │ └─────────────┘
│ │ │ (geo, nav, RF │
│ kryphos │ │ propagation) │
│ (crypto, keys, │ │ │
│ credentials) │ │ pinax │
│ │ │ (offline maps, │
│ lethe │ │ specs, manuals) │
│ (privacy, VPN, │ └──────────────────┘
│ OPSEC) │
└──────────────────┘
Every collection crate produces typed GeoSignal objects into koinon. Semaino aggregates domain-agnostically. Ichneutes analyzes domain-agnostically. Praxis acts. Opsis displays. Add a domain, add a crate - signals flow automatically.
- Standalone. Runs without internet, without an LLM, without anything but the hardware in front of you. Grid-down capable.
- Sovereignty. Every protocol owned. No cloud dependencies, no subscriptions, no external trust.
- Security default. Encrypted by default. Unencrypted is the opt-in.
- Auditable. Tamper-evident logging with hash chains. Every action recorded. Evidence packaging with chain of custody.
- NixOS. Reproducible builds, systemd hardening, declarative deployment from day one.
| Language | Rust (edition 2024, MSRV in Cargo.toml) |
| Errors | snafu (context wrapping, not thiserror) |
| Async | tokio, native async traits |
| SDR runtime | FutureSDR (async block graph) |
| FFT | rustfft + realfft |
| SDR hardware | rtl-sdr-rs (RTL-SDR V4), soapysdr (multi-hardware) |
| Mesh | Clean-room Meshtastic (prost protobuf, not official crate) |
| IDS/IPS | Suricata + Zeek orchestration |
| Maps | OSM vector tiles, SRTM elevation |
| Search | tantivy (full-text indexing) |
| TUI | ratatui |
| Desktop | Dioxus |
| Web | Axum |
| License | AGPL-3.0-or-later |
- standards/STANDARDS.md: Coding standards (universal + per-language)
- docs/gnomon.md: Naming methodology
- docs/lexicon.md: Project name registry
Wave 1 (kryphos), Wave 2 (syntonia + kerykeion), and Wave 3 (semaino) are complete. 6 crates shipping ~25K LOC with 600+ tests. Architecture finalized. Active development ongoing.
The scope is massive. The architecture makes each domain independent: a crate with clear boundaries, producing typed signals into the shared model. The pieces don't need to arrive simultaneously. They just need to speak the same language when they do.
Developed against:
- SDR: RTL-SDR Blog V4, HackRF One
- Mesh: Lilygo T-Echo, T-Deck Plus, RAK Pi HAT gateway, WisBlock
- Radio: Baofeng HTs (UV-5R series), Yaesu mobile (FTM-510DR), Yaesu HF (FT-891)
- Compute: Linux server, ruggedized field laptop, Raspberry Pi
- Proximity: nRF52840 (BLE), Proxmark3 (NFC/RFID), WiFi monitor mode adapters
Hardware support is additive: if it speaks serial, USB, or IP, it can be integrated.
ἀκρόασις - from Aristotle's Physics, "Physike Akroasis" - learning through attentive reception. Not passive hearing but the disciplined act of listening that brings understanding to what is received.
Names follow gnomon - the naming philosophy where each name reveals its essential nature across four layers of reading.
Lethe (λήθη) and Aletheia (ἀ-λήθεια) share the same root. One unconceals truth. The other conceals the operator. Same word, opposite directions. Two systems, one for understanding and one for sovereignty, and the Greek already knew they were the same thing.
See docs/gnomon.md for the complete name registry.
This software is for research and educational purposes. See DISCLAIMER.md for details on user responsibility, licensing, and legal considerations. The authors accept no responsibility for any specific use of this software.