CrateStack

CrateStack is a schema-first Rust framework that turns one .cstack file into typed runtimes for three deployment shapes: a Postgres-backed server, an embedded SQLite ORM that works on mobile, desktop, and browsers via OPFS, and a HTTP client. One schema in, three role-specific macros out — each emits only what its target needs, no transitive sqlx in mobile builds, no rusqlite in server builds.
Define your service once in .cstack, then pick a macro: include_server_schema! for sqlx-backed Postgres servers, include_embedded_schema! for offline-capable apps (native sync, browser async via OPFS), or include_client_schema! for thin HTTP clients. Each emits a cratestack_schema module shaped for that one role.

Start with the quickstart

Stand up the smallest useful CrateStack service and see the generated runtime in a minimal Rust setup.

Check the verified scope

See what the framework implements today, where it is already strong, and which parts are still intentionally deferred.

Understand the auth boundary

Keep authentication host-owned while still using generated policy enforcement inside the service runtime.

Read the transport model

Learn how CrateStack thinks about codecs, route generation, client boundaries, and future transport seams.

Run the schema embedded

Use the same .cstack schema against a local SQLite database — sync on mobile/desktop, persistent OPFS in the browser via wasm32-unknown-unknown.

Why CrateStack

CrateStack is built for teams that want framework leverage without giving up Rust ownership. You define the data model and policy surface once, and the framework handles the repetitive service plumbing around it.
You write a .cstack schema that defines models, procedures, auth shape, mixins, and policy rules.

From Schema To Service

1

Define the contract

Model your auth principal, shared mixins, models, and policies in a .cstack file.
2

Pick your macro

Use include_server_schema!("…", db = Postgres) for the server, include_embedded_schema! for embedded ORM, or include_client_schema! for HTTP-only clients. Each validates the schema at compile time and emits a cratestack_schema module shaped for that role.
3

Wire your runtime

Server: build with a sqlx::PgPool and bind your application auth through the host-owned provider boundary. Embedded: open a RusqliteRuntime (native) or install OPFS first inside a Worker (browser). Client: construct a CratestackClient against the server’s URL.
4

Choose your surface area

Use the generated delegates directly, mount generated Axum routers (server only), or do both depending on how much API surface you want exposed.

What You Get Today

  1. compile-time schema validation, split into three role-specific macros (include_server_schema! / include_embedded_schema! / include_client_schema!)
  2. generated SQLx-backed model delegates (server) and rusqlite-backed delegates (embedded)
  3. generated Axum CRUD and procedure routes (server)
  4. generated policy enforcement for the supported subset (server only — embedded runtime is unauthenticated by design; clients are untrusted)
  5. generated Rust and Dart client surfaces
  6. reusable schema mixins for shared field sets
  7. banking-grade primitives: idempotency, optimistic locking, transactional audit, explicit transaction isolation, soft delete, rate limiting, validators, Decimal scalar, forward-only migrations
  8. embedded SQLite backend (cratestack-rusqlite) — sync API, bundled SQLite, exact-precision Decimal round-trip; works on native (mobile, desktop) and wasm32-unknown-unknown (browser, OPFS-backed) from the same source
CrateStack is usable today, but the public v0 track is narrower than the broader target architecture. COSE transport, parts of the client runtime, richer schema coverage, and some policy features are still deferred. Use Current State as the source of truth for adoption decisions.

Explore By Goal

Evaluate adoption

Start here if you need a realistic view of the current feature set, maturity, and implementation boundaries.

Ship a first service

Follow the minimal path from schema file to running Rust service with generated runtime pieces.

Adopt the banking-grade slice

Review the idempotency, audit, optimistic-locking, isolation, and rate-limiting primitives shipped for regulated workloads.

Integrate host auth

Understand how principal data enters the runtime and where authorization remains framework-managed.

Check the reference surface

Review the supported auth and policy combinations before designing around a capability that is not yet implemented.

Browse field attributes

The full .cstack field attribute surface, including exposure controls, validators, and @version.

Repository Note

This documentation tree is a standalone Mintlify project. The framework code itself lives in a separate CrateStack repository.

Rust API Docs

Generated Rust API documentation is published at https://rust-doc.cratestack.dev/.