Every non-trivial architectural, security, or process decision in Tyrne is recorded here as an ADR (Architecture Decision Record) using a lightweight MADR (Markdown Architectural Decision Records) style.
- They preserve the why, not just the what. This is the information that decays fastest and is most expensive to re-derive years later.
- They make the evolution of the project readable: you can follow the numbered history and see how the design language developed, including the options that were rejected.
- They give future contributors (human or AI) a way to disagree with a decision by writing a new ADR that supersedes an old one, rather than silently changing code.
All ADRs live in this folder, named NNNN-short-kebab-slug.md, where NNNN is a zero-padded four-digit sequence number. Use template.md as the starting point for a new ADR.
Each ADR contains:
- Title (matches the filename, minus the number prefix).
- Status —
Proposed,Accepted,Deprecated, orSuperseded by NNNN. - Date — ISO-8601.
- Deciders — who signed off.
- Context — the question the project was facing and the constraints that applied.
- Decision drivers — the forces that influenced the choice.
- Considered options — the alternatives examined.
- Decision outcome — the option chosen, with a short justification.
- Consequences — positive, negative, and neutral effects, with mitigations where relevant.
- References — prior art, literature, upstream discussions.
Numbering gaps. Slot 0034 is intentionally reserved, not missing: 0034 (kernel-image section permissions —
.textRX /.rodataR /.bss+.dataRW at 4 KiB granularity) is a named-but-unallocated placeholder forward-flagged in ADR-0027. No file exists for it yet; it was deferred at B6 closure (B6 mapped everything as a coarse 2 MiB block; the hardening was not a functional blocker foruserland/hello) and is now a Phase C carry-forward. It opens with the first C-phase task whose threat model makes kernel W+X a meaningful surface. (Slot 0033 (high-half migration) was filedProposedon 2026-05-29 to open B6 andAcceptedon 2026-05-30, and is no longer a gap; slots 0030/0031 were filed andAcceptedon 2026-05-29 for B5.) ADR numbers are stable history and are never renumbered.
The authoritative, step-by-step procedure is the write-adr skill (and supersede-adr when overriding an old ADR). Read it in full before drafting; the summary below is a reminder, not a substitute.
- Copy template.md to the next available number:
NNNN-your-slug.md. - Fill it in. Start with status
Proposed. - For an ADR whose subject is a multi-step state machine (capability flows, IPC handshakes, scheduler dispatch, exception/IRQ entry, MMU/TLB transitions, syscall ABI handshakes), include a §Simulation table (3–5 rows walking the worst-case interaction) per ADR-0025 and the
write-adrskill; other ADR subjects use the one-line "Not applicable" note. Every ADR's §Decision outcome must also include a §Dependency chain grounding each forward-reference in a realT-NNN(per ADR-0025 §Rule 1). - Open a PR (once the PR process is established) or, in the solo phase, commit directly with a descriptive commit message referencing the ADR number.
- When the decision is settled, re-read end-to-end (per
write-adrskill §10) and change the status toAcceptedin a separate commit from the initialProposeddraft. - If a later ADR overrides this one, mark the old one
Superseded by NNNNand link forward to the new record. Do not delete or rewrite the old ADR — the historical reasoning is the point.