ContextSync — Project Overview

Inspiration

We kept seeing the same problem everywhere. Companies are deploying AI agents across their organizations, and every single one of them is building some version of the same thing: a way to keep those agents in sync with what the company actually knows right now. A compliance policy changes. An agent makes a decision five minutes later based on the old version. Nobody catches it until something breaks.

MCP solved how agents connect to tools. But tools are not knowledge. There is no open standard for how agents stay synchronized with organizational context. Every company is duct-taping together RAG pipelines, webhook chains, and manual context injection. It is duplicated effort across thousands of organizations, and it produces fragile systems that break the moment you add a second agent or a second team.

We asked a simple question: what if this was a protocol? What if any organization, from a 5-person startup to a Fortune 500, could drop in a standard layer that keeps every human and every agent synchronized on the same organizational reality? That question became ContextSync.

What it does

ContextSync is an open protocol for synchronizing organizational context between human and AI actors. It provides five primitives:

Content-addressed artifacts give every piece of organizational knowledge a stable, permanent URI that survives edits, moves, and renames. Versioned state means every change creates a new version with a full diff, author attribution, and timestamp. Change subscriptions let agents and humans subscribe to domains and get push notifications the moment something changes. Permissioned access enforces a default-deny model where every actor, human or agent, only sees what they are explicitly granted access to. Provenance tracking records every read and every write in an immutable audit log, creating a complete chain from source document through agent action to downstream output.

The reference implementation includes a live protocol server, a real-time dashboard, a simulation theatre that runs industry scenarios as real protocol operations, and an AI playground where a live agent reads organizational context through the protocol and produces real provenance records with every tool call.

How we built it

The backend is an Express.js server with SQLite in WAL mode for the artifact metadata and version graph. Artifact payloads are stored as content-addressed blobs on the filesystem, keyed by SHA-256 hash. Real-time synchronization runs over Server-Sent Events. The permission layer is middleware that evaluates every request against a grant table supporting glob patterns and agent class matching.

The frontend is a Next JS application with a real-time dashboard, simulation theatre, protocol explorer, and AI playground. The simulation engine runs scripted industry narratives as actual API calls against the live server, producing real versions, change events, and provenance records.

The AI playground connects to Groq running a large language model with tool-use capabilities. The agent is registered as an actor on the ContextSync server and reads organizational context through the same REST API that the CLI and dashboard use. Every tool call produces a real provenance entry.

We designed the protocol spec first, then built the server, then the simulations, then the UI. The whitepaper was written in parallel with the implementation so the spec and the code stayed in sync.

Challenges we ran into

Getting the permission model right was harder than expected. The interaction between individual actor grants, agent class grants, and glob patterns on artifact URIs created edge cases we did not anticipate. A grant like "all compliance-monitor agents can read ctx://acme/compliance/*" sounds simple until you need to resolve it against a specific artifact request in under a millisecond while also logging the permission check in the provenance log.

The simulation engine was tricky because we wanted the narratives to feel realistic but also run as real protocol operations. Every beat in a simulation is an actual API call, which means timing, ordering, and error handling all matter. Getting the healthcare simulation to correctly enforce permission boundaries while also completing the full narrative in a reasonable time required several iterations.

Keeping the AI playground agent grounded was an ongoing challenge. The agent needs to use ContextSync tools to answer questions, not hallucinate answers from its training data. Prompt engineering the tool-use behavior to be reliable across different question types took more tuning than we expected.

Accomplishments that we're proud of

The protocol works. Not as a mockup or a slide deck, but as a live system that handles real concurrent operations across three simulated industries at different scales. The fintech simulation propagates a regulatory change across 11 actors in under 500 milliseconds. The enterprise simulation cascades a policy update across 550 actors with 100% permission enforcement and 100% audit completeness.

The AI playground is the piece that makes it real. Watching a live agent read organizational context through the protocol and produce provenance records with every tool call is the moment where the concept stops being theoretical. You can see exactly what the agent knew, when it knew it, and which version of which document it was working from.

The whitepaper and the implementation match. The protocol spec is not aspirational. Every primitive described in the paper is implemented and running in the reference server.

What we learned

Protocols are harder to design than products. A product can make opinionated choices about how things work. A protocol has to be general enough that anyone can implement it while being specific enough that implementations are actually interoperable. Finding that line for ContextSync, especially around the permission model and the provenance schema, was the hardest design work of the project.

Context synchronization is a bigger problem than we initially scoped. We started thinking about document versioning and ended up in territory that touches access control, real-time event systems, audit compliance, and agent coordination. Each of those is its own field. The protocol needs to be simple enough to adopt incrementally, but the problem space it addresses is genuinely deep.

The gap is real. Every time we described the problem to someone at DevFest, the reaction was the same: "Yeah, we are dealing with that right now." That signal, more than anything technical, tells us this is worth pursuing beyond the hackathon.

What's next for ContextSync

Federation is the most critical next step. Organizations with distributed infrastructure need multi-server sync. The protocol's URI scheme already supports multi-org addressing, and the append-only provenance log is designed for conflict-free replication. The federation layer will use CRDTs for the version graph and a gossip protocol for cross-node event propagation.

MCP integration is the fastest path to adoption. Publishing ContextSync as an MCP tool provider would let any MCP-compatible agent read and write organizational context without custom integration code. That turns ContextSync from something you build against into something you plug in.

Branching and merge support would enable draft policy proposals that can be reviewed, diffed, and approved before propagating to agents. This is especially important for regulated industries where changes need human sign-off before they go live.

We are publishing the protocol spec as an open RFC, release the reference implementation under Apache 2.0, and begin conversations with agent framework developers about native integration. The goal is not to build a company around ContextSync. The goal is to make it the standard.