--- id: PLN-0032 ticket: perf-runtime-introspection-syscalls title: DEC-0009 Host Debugger and Certification Alignment status: review created: 2026-04-19 completed: tags: [host, debug, certification, telemetry, desktop] --- ## Briefing Align the desktop host debugger and certification pipeline with `DEC-0009` so detailed inspection and certification outputs are consumed from host-owned telemetry/debug flows rather than from guest-visible runtime APIs. ## Decisions de Origem - `DEC-0009` - Host-Owned Debug and Certification ## Alvo Make the desktop host the canonical consumer of runtime telemetry, certification configuration, and detailed inspection data after the guest ABI cleanup. ## Escopo - review `crates/host/prometeu-host-desktop-winit/src/debugger.rs` for reliance on guest-facing inspection assumptions and document the intended host-owned data sources; - review `crates/host/prometeu-host-desktop-winit/src/cap.rs` and certification wiring in `runner.rs` so certification remains fully host-generated; - align any host-side contracts with the accepted spec and runtime ABI cleanup; - add or update tests that prove certification/debug behavior does not depend on guest-visible debug syscalls. ## Fora de Escopo - redesigning the external debugger client application; - changing unrelated desktop rendering or overlay presentation behavior; - adding new certification metrics beyond what existing telemetry already supports. ## Plano de Execucao ### Step 1 - Audit host data sources **What:** Identify where the desktop host already consumes telemetry and where it still implicitly depends on guest-oriented inspection concepts. **How:** Review `debugger.rs`, `runner.rs`, and supporting modules for state, telemetry, certification, and inspection flows; record which inputs come from atomic telemetry, crash reports, or direct host/runtime internals. **File(s):** `crates/host/prometeu-host-desktop-winit/src/debugger.rs`, `crates/host/prometeu-host-desktop-winit/src/runner.rs`, `crates/host/prometeu-host-desktop-winit/src/overlay.rs` ### Step 2 - Lock certification ownership in host code **What:** Ensure certification remains generated and configured exclusively in the host layer. **How:** Update certification setup and any related documentation/comments so host code owns report generation and consumes runtime telemetry snapshots rather than guest-facing diagnostic APIs. **File(s):** `crates/host/prometeu-host-desktop-winit/src/cap.rs`, `crates/host/prometeu-host-desktop-winit/src/runner.rs` ### Step 3 - Adjust debugger integration after ABI cleanup **What:** Keep rich inspection available to developer tooling after `PLN-0031` removes or narrows guest bank inspection syscalls. **How:** Move any remaining detailed inspection dependence onto host-owned runtime access paths or protocol messages that do not reintroduce guest ABI surface. **File(s):** `crates/host/prometeu-host-desktop-winit/src/debugger.rs`, related protocol or host integration files discovered during execution ### Step 4 - Prove the boundary in tests **What:** Add evidence that host tooling and certification still work without guest-visible debug syscalls. **How:** Extend host tests around debugger startup, telemetry streaming, and certification config loading, and add focused assertions that the host path depends on telemetry/internal access rather than guest ABI inspection. **File(s):** `crates/host/prometeu-host-desktop-winit/src/debugger.rs`, `crates/host/prometeu-host-desktop-winit/src/runner.rs`, `crates/host/prometeu-host-desktop-winit/src/cap.rs` ## Criterios de Aceite - The host debugger and certification pipeline are described and implemented as host-owned consumers. - No host feature requires `bank.slot_info` or JSON `bank.info` to remain exposed to guest code. - Certification configuration and report generation stay in host code. - Host-side tests cover the intended telemetry/debug/certification path after ABI cleanup. ## Tests / Validacao - run host crate tests covering debugger startup, command handling, and certification config loading; - targeted search in the host crate for references to guest-visible bank inspection APIs after implementation; - manual review that host comments and module responsibilities match `DEC-0009`. ## Riscos - host code may still rely on implicit runtime internals that are not clearly documented; - coupling host tooling migration to runtime ABI cleanup could stall both if sequencing is unclear; - lack of explicit host-side test coverage may hide regressions until manual debugger use. ## Dependencies - `PLN-0030` provides the published ownership model. - `PLN-0031` defines the final runtime ABI boundary that host tooling must stop depending on.