A Ruby gem that boots YAML config into a Rack or CLI service and signs every operation as it happens.
A request comes in. The engine walks a chain of boundaries — small pieces of code with declared inputs and outputs. Each boundary produces a crossing: a record of what it did, signed by its identity, linked to the previous crossing by hash. The chain is a Merkle structure; tampering with any record breaks every signature that follows.
The same YAML configures the HTTP server and the command-line tool. Rack is the reference HTTP adapter; Commander is the reference CLI. The engine doesn't care which adapter brought the request in — it runs the chain and records the result.
Logging, tracing, audit trails, and scope-based authorization are work that services usually write on their own, partially, and at the edges. Wanderland builds them into the substrate. Every crossing is signed. Every context is append-only. Every request has a cryptographic provenance chain as a natural side effect of running it.
Sites opt into durable audit by declaring an :audits: mount and an injection. The result: one signed record per request, containing every crossing that occurred during execution, each still signed by its producer. Auditors pick any crossing out of the bundle, reconstruct its canonical payload, and verify against the producer's public key.
:pki:keys:{id})Active development. Ships with HTTP (Rack) and CLI (Commander) adapters. Apache 2.0 licensed.