Skip to main content

CODITECT Flow Platform (CFP)

The enterprise workflow execution engine that turns AI-analyzed processes into governed, auditable production systems.

What It Is

CODITECT Flow is a multi-tenant, AI-first workflow workbench for designing, executing, and governing step-based workflow applications. Built in Rust for performance and Next.js for the visual console, it provides the execution engine for workflows that CODITECT AgentFlow (workflow.coditect.ai) discovers and analyzes.

One sentence: AgentFlow tells you what to automate; CODITECT Flow runs it.

The Problem

Pain PointWho Feels ItCurrent Workaround
Workflow tools lack enterprise governanceEngineering leads, CISOsManual audit logs, hope-based compliance
No audit trail for AI-driven automationCompliance teamsSpreadsheets, external logging
Vendor lock-in to single LLM providerCTOs, architectsAbstraction layers built in-house
Multi-tenant isolation is an afterthoughtPlatform teamsCustom middleware, tenant headers
Workflow builders are no-code toys OR raw codeFull-stack teamsCobble together Temporal + custom UI
Data residency is ignored or bolted onLegal, DPOsRegion-specific deployments, duplicated infra

Value Proposition

For engineering teams building AI-powered automation at scale, CODITECT Flow is the only workflow platform that combines a visual workbench, Rust-grade performance, immutable audit chains, and multi-LLM governance in a single multi-tenant system -- eliminating the gap between discovering automation opportunities and running them in production.

How It Fits in the CODITECT Suite

 CODITECT AgentFlow          CODITECT Flow            CODITECT Core
 (workflow.coditect.ai)      (THIS PRODUCT)           (Intelligence)
 ┌─────────────────┐        ┌─────────────────┐      ┌─────────────────┐
 │  DISCOVER        │───────>│  EXECUTE         │<─────│  INTELLIGENCE    │
 │                  │        │                  │      │                  │
 │  8 AI Analysts   │  feed  │  Rust Runtime    │ uses │  776 Agents      │
 │  Workflow → ROI  │  into  │  Visual Workbench│      │  445 Skills      │
 │  "What to        │        │  Audit Chain     │      │  377 Commands    │
 │   automate"      │        │  "How to run it" │      │  118 Hooks       │
 └─────────────────┘        └─────────────────┘      └─────────────────┘
ProductDomainQuestion Answered
AgentFlowAnalysis"Which processes should we automate and what's the ROI?"
CODITECT FlowExecution"How do we build, run, and govern those automated workflows?"
CODITECT CoreIntelligence"What AI capabilities are available to power both?"

Capabilities

Runtime Engine (Rust)

CapabilityDetail
Step ExecutionAPI, event, cron, stream, and background job steps with typed state
Multi-Language RunnersNode.js, Python (extensible to Ruby, Go)
Deterministic RetryPer-step timeout, concurrency semaphore, idempotency guarantees
Event SystemPub/sub with fan-out, dead-letter queues, strict input validation
Stream ProcessingReal-time data streams with typed adapters
Plugin SystemHot-reloadable plugins with filesystem watcher
WebSocket Live DebugReal-time step execution monitoring and log streaming

Control Plane (Rust + Actix-web)

CapabilityDetail
Multi-Tenant IsolationTenant → Team → Project hierarchy with strict data boundaries
10-Role RBACsystem_admin, tenant_admin/viewer, team_admin/viewer, project_admin/editor/viewer, auditor, support
Immutable Audit ChainHash-chained append-only blocks with periodic external anchoring and tamper detection
Data ResidencyPer-tenant region routing (US-East, US-West, EU-West, EU-Central, APAC)
Policy EngineConfigurable limits per tenant/project: request size, timeouts, concurrency, LLM quotas
Flow ManagementCRUD for flow definitions with versioning and environment promotion (dev → stage → prod)

Multi-LLM Governance

CapabilityDetail
Provider AbstractionFormal provider interface supporting Anthropic, Google Gemini, Moonshot Kimi
Tenant-Level RoutingPer-tenant LLM policies, quotas, and cost tracking
Model SelectionIntelligent routing based on task type, latency requirements, cost
Bring Your Own KeyCustomers use their own API keys with CODITECT governance overlay

Visual Workbench (Next.js)

CapabilityDetail
Flow DesignerVisual drag-and-drop workflow builder
Console DashboardTenant, team, user, project, contract, and session management
RBAC-Gated NavigationUI elements hidden/shown per role permissions
Mobile ResponsiveFull functionality on phone and tablet breakpoints
Cloud IDE AccessGCP Cloud Workstations in separate browser tab
Pricing & OnboardingSelf-service registration, plan selection, pilot access

Enterprise Security

CapabilityDetail
Zero-Trust EnforcementmTLS, token-based auth, no implicit trust
EncryptionAt rest (AES-256) and in transit (TLS 1.3) for all data and payloads
CORS HardeningOrigin allowlist with credential-safe validation
Endpoint GatingDev/diagnostic endpoints disabled by default, require auth + role
WebSocket HardeningInput validation, malformed message rejection
Secret ManagementGCP Secret Manager integration, no hardcoded credentials
Tamper-Evident AuditHash chain verification with external anchoring for compliance proof

Observability

CapabilityDetail
OpenTelemetryStructured logs, distributed traces, and metrics for all actions
SLO EnforcementPer-step latency and error budgets with automated alerts
CI/CL PipelineContinuous Integration + Continuous Learning feedback loop
Drift DetectionDaily infrastructure drift checks with auto-issue creation

Why This Is Essential

1. Completes the CODITECT Automation Loop

Without Flow, CODITECT can analyze workflows (AgentFlow) and provide intelligence (Core) but cannot execute them. Flow closes the loop: Discover → Design → Execute → Monitor → Learn.

2. Captures High-Value Enterprise Revenue

MetricValue
Enterprise workflow automation market$13.6B by 2028 (Gartner)
Average enterprise deal size$50K-500K/year
Switching cost once deployedVery high (audit chains, compliance evidence)
Expansion revenuePer-tenant, per-region, per-LLM-provider upsell

3. Creates Defensible Moat

  • Immutable audit chain = compliance lock-in (regulated industries can't leave)
  • Multi-tenant Rust runtime = performance advantage competitors can't match in Python/Node
  • Data residency = unlocks EU, APAC, and government markets
  • AgentFlow → Flow pipeline = unique discover-to-execute value chain

4. Differentiates vs. Competitors

CompetitorWhat They LackCFP Advantage
TemporalNo visual workbench, no audit chain, no multi-LLMFull workbench + audit + LLM governance
Prefect/DagsterData pipeline focus, not workflow executionGeneral-purpose workflow execution
WindmillNo multi-tenant isolation, no audit complianceEnterprise multi-tenant + audit chain
n8n/MakeNo-code toys, no enterprise governanceEnterprise-grade with code-level flexibility
AWS Step FunctionsAWS lock-in, no LLM governanceCloud-agnostic, multi-LLM

Technology Stack

LayerTechnologyWhy
RuntimeRust (Actix-web, Tokio)Memory safety, performance, deterministic execution
AuditRust (SHA-256 hash chains)Cryptographic tamper evidence
DatabasePostgreSQL + RedisMulti-tenant isolation, caching
FrontendNext.js 14, React 18, TypeScriptSSR, mobile-responsive, type-safe
InfrastructureGKE, Cloud SQL, OpenTofuProduction-grade, IaC
ObservabilityOpenTelemetry, PrometheusIndustry standard

Pricing Model

TierPriceIncludes
PilotFreeEarly adopter access, all features
Enterprise Bundle$149/moCODITECT Core + DMS + AgentFlow + Flow
Build Your OwnCustomSeat-based + usage-based runtime + region add-ons

Success Metrics

MetricTarget
p95 API latency< 300ms
p95 event processing< 2s
Monthly availability99.9%
Concurrent WebSocket connections10,000/cluster
Audit chain verificationZero tampering detected

Product Code: CFP | Repository: submodules/products/coditect-step-dev-platform Phase 1 (Build): 100% complete (96 tasks) | Phase 2 (Harden & Deploy): 0% (79 tasks) Track: AO | Owner: AZ1.AI INC | Lead: Hal Casteel