Architecture.

Every node binary runs the same stack. Roles enable subsystems but the wire format is shared.

Interfaces  ─ Desktop, CLI, SDKs (Rust / TypeScript)
      │
JSON-RPC + REST
      │
tenzro-node ────────────────────────────────────────────┐
  ├ Network     libp2p, gossipsub, Kademlia, DCUtR        │
  ├ Consensus   HotStuff-2 BFT (TEE-weighted)            │
  ├ Multi-VM    EVM (revm) + SVM (rbpf) + DAML           │
  ├ Storage     RocksDB + Merkle Patricia Trie           │
  ├ Identity    TDIP (human + machine)                   │
  ├ Payments    MPP, x402, AP2, Visa TAP, Mastercard     │
  ├ Models      ONNX + llama.cpp + provider routing      │
  ├ Agents      A2A, MCP, lifecycle, memory tier         │
  └ Bridges     Wormhole NTT, LayerZero, CCIP, Canton    │

The settlement component (Tenzro Ledger) is a HotStuff-2 BFT chain. Validators with attested TEE hardware receive 1.5× weight in leader selection. All TNZO balances live here, even when consumed inside the EVM or SVM via the cross-VM pointer model.

One block contains transactions for any VM. MultiVmRuntime dispatches by VmType. Block-STM runs non-conflicting transactions in parallel; the EIP-1559 fee market burns base fees and routes priority fees to producers.

TDIP DIDs identify humans and machines. Every identity has an MPC-provisioned wallet. Payment rails (MPP, x402, AP2, cards, native) bind to identity through IdentityPaymentBinder and enforce a two-axis ceiling: protocol delegation scope plus runtime spending policy.

Providers register endpoints in the model registry. The router picks providers by price, latency, reputation, or weighted score. Agents are sovereign entities with their own DID, wallet, and persistent memory tier; they speak A2A to each other and MCP to tools.