# Lace-000 · Goal
Tags: overview, non-normative

Lace enables applications to describe a record set and converge on locally
validated records without inventing a new command protocol for each exchange.
This document is a short non-normative overview of why Lace is shaped around
records, lacegrams, and interlace. Protocol requirements live in the numbered
specs that follow.

This document is for new readers, contributors, and library designers. After
reading it, a reader should understand the core model well enough to place the
numbered specs and avoid push/pull or command-protocol framing.

## Goal

Lace is a substrate for local-first record sets. It should let applications
store signed or unsigned record bytes, describe which records belong in a local
context, and exchange those records with other laces without inventing a new
command protocol for every app.

The core goal is not “push this” or “pull that”. The core goal is:

```text
describe a record set, then interlace with another lace until the current
fixed point of that set is locally available as validated records.
```

## Records are the durable unit

A record is canonical bytes with a stable hash. In the public mental model,
validated records are immutable rows and fields are columns. A projection, or
table view, chooses field names and displays one row per record hash with those
fields as columns.

Some records carry coordinates:

- `Group`: the community, namespace, device, or local scope;
- `App`: the application or app-defined contract inside that group;
- `Name`: an app-local hierarchical name.

The record hash is identity. `Group`, `App`, and `Name` are indexed fields for
selection; many records may share the same coordinate. Extra headers let
applications attach small indexed facts without changing the record format.

## Laces describe record sets

A lace is a record-set machine. It has validated record facts, runtime facts,
peer advertisement facts during exchange, and lacegrams. A lacegram is a Datalog program
used to describe record membership: app views, support closures, membership
evidence, cache contents, outboxes, temporary operation sets, or exchange rules.

The preferred mental model is symmetric and set-oriented:

```text
these records belong in this context
```

Interlace normally begins by compiling one selector operand from each lace into a
faceted exchange plan. A selector module describes record-set criteria with
`SelectHave(P)` and `SelectAdvertised(P,S)`, while local query views control which
record facts peer-authored rules may inspect. The exchange plan binary-merges the
operands and lowers them to local enforcement predicates `MaySend(P)` and `MayRequest(P)`
for discovery and transfer. The directional predicates are exchange mechanics,
not the primary application model.

## Interlace is the primitive exchange

Interlace is the one exchange mechanism. Two laces advertise relevant validated
records, request missing records admitted by their rules, validate received
bytes, and repeat until a fixed point or close condition.

This replaces separate primitive commands such as remote list, get, write, push,
or pull. Public operations such as `get`, `list`, and `store` are local wrappers
that create temporary operation laces and run ordinary interlace.

This frames an app's relationship with other nodes primarily as record-set
convergence, not as a growing matrix of directional commands and permissions. In
normal application design, “should this record belong here?” should be the main
question; “who initiated the transfer?” should usually be an implementation
detail.

## Dynamic closures are first-class

Many useful record sets are recursive or evidence-dependent. A record may link to
support records; a chat message may belong only when its signer has member
evidence; a view may become visible only after authority records arrive.

Datalog gives Lace a compact way to express these closures. New validated records
become new facts, which may cause later interlace rounds to admit more records,
until the current fixed point is reached.

## Identity and authority are record-set problems

Cryptographic verifiers are useful, but applications often need higher-level
identity: membership, delegation, key rotation, names, and authority paths. Lace
intends these to be represented as ordinary records plus lacegram/profile rules,
not as hidden transport assumptions.

A transport may prove a peer verifier, but record membership and app authority
should be explainable from validated record facts and explicit runtime facts.

## Developer API direction

Developer APIs should preserve the same model:

- `open_interlace`: keep a merged record set synchronized over time;
- `bounded_interlace`: run the same algorithm with a close condition;
- `get` / `list`: temporary wrappers that add constraints to a local selector
  operand and return one-result or many-result local shapes;
- `store`: a temporary wrapper that adds local record bytes and selector
  constraints to a local selector operand.

Execution style — blocking, async, or callback — is a runtime choice over the
same interlace state machine.

## What Lace tries to avoid

Lace avoids making these core protocol concepts:

- push vs pull as a primary model;
- app-specific command surfaces for every exchange shape;
- trusting peer-advertised metadata before record validation;
- hidden wall-clock or transport identity assumptions inside rule evaluation.

The result should be a small protocol where records are durable, lacegrams
describe record sets, and interlace is the general way those sets converge.