Content-Addressable Verified Streaming

Ship game updates
without re-downloading
the whole build.

CAVS is a content-addressed delivery layer for game builds, Godot PCKs, asset bundles and binary releases. It reconstructs the original file byte-for-byte while downloading only the chunks a player is missing.

Byte-identical reconstruction Warm re-fetch: 0 bytes Auto-route optimized delivery
bash — cavs delivery copy
# package two versions of a Godot build
$ cavs pack --raw game_v1.pck --profile auto --bootstrap -o game_v1.cavs
$ cavs pack --raw game_v2.pck --profile auto --prev game_v1.cavs -o game_v2.cavs
$ cavs-server game_v1.cavs game_v2.cavs
$ cavs-client fetch http://localhost:8990 game_v2 --cache ./cache
Full download247.60 MiB CAVS update1.64 MiB Saved−99.3% Warm re-fetch0 bytes
−99.3%
tps-demo update payload
247.60 MiB → 1.64 MiB
0 B
Warm re-fetch
persistent cache resolves locally
7 MiB
Peak client RAM
constant, streamed to disk
SHA-256
Verified output
byte-identical or it fails
Quick start

Integrate CAVS into
your pipeline in minutes.

Point CAVS at two builds and it tells you what the update will cost, produces a verifiable patch, and applies it byte-identically. Use the CLI in a shell step, or the Go / Kotlin / Node SDKs to drive the same Rust core from your release service — no shelling out.

bash — in CI, gate every release copy
# 1 · preview the update cost (fail the job if it's too big)
$ cavs preview Build_v2 --against Build_v1.cavssig --json
# 2 · build a portable, BLAKE3-sealed patch
$ cavs diff-plan Build_v1 Build_v2 -o update.cavsplan
# 3 · apply & verify (byte-identical or it fails)
$ cavs apply --old Build_v1 --plan update.cavsplan --out Build_v2_out --verify
RecommendedcavsPlan Update2.63 MiB Outputverified

Prefer code? The same check from your backend:

import { CavsClient } from "@orelvis15/cavs-sdk";

const cavs = new CavsClient();
const preview = await cavs.preview({
  oldPath: "Build_v1",
  newPath: "Build_v2",
});
if (preview.routes[0].networkBytes > budget) {
  throw new Error("update too large");
}
cavs.close();
What CAVS does

CAVS turns releases into
verified, reusable chunks.

CAVS packages a release into content-addressed chunks, signs and verifies the manifest, serves only the chunks a client is missing, and reconstructs the original file byte-for-byte on disk.

For cold installs, CAVS can use a full bootstrap artifact when it is cheaper. The client then seeds its chunk cache from that install, so the next update is incremental — without any extra download.

  • Package once per release; serve any version jump from one store.
  • Reuse the version already on disk as a local byte source.
  • Resumable downloads and self-repairing caches.
  • Immutable, CDN-cacheable object storage.
delivery flow
Original PCK / Bundle / Pack
cavs pack
Manifest + chunks + optional bootstrap
cavs-server
client asks: "what am I missing?"
only missing chunks or bootstrap
verified byte-identical reconstruction
How it works

How CAVS delivers less.

01

Package

cavs pack splits the release into content-defined chunks, hashes each with BLAKE3, stores a compact manifest, and optionally emits a bootstrap artifact.

02

Plan

At session open, the server compares the client's cache state with the manifest and picks the cheapest route: chunks, hybrid, plan, sidecar, bootstrap or no-op.

03

Transfer

Missing chunks are served in binary CVSP batches. Packfile-backed stores coalesce nearby chunk reads into a few range reads.

04

Verify

The client verifies chunk hashes, streams reconstruction to disk, checks the final SHA-256, then atomically promotes the result.

05

Reuse

The reconstructed file seeds the persistent cache — and the version already installed on disk is itself a source of verified ranges, so the next update reuses local bytes first.

Measured, not projected

Benchmarked on real Godot games.

Captured over real HTTP sessions using open-source Godot projects exported to PCK at two points in their git history. A player who already has the previous version downloads only the missing chunks.

Re-downloading the same version costs 0 bytes of payload. All reconstructions were SHA-256 verified and byte-identical.

The toolkit

One engine. Many surfaces.

A Rust core with a command-line toolkit, an HTTP origin and streaming client, a shipping Godot plugin, a SteamPipe-style build & update analyzer built into the CLI — and engine plugins on the way.

// cavs

CAVS CLI stable

Package, inspect, verify, diff, apply and benchmark. The offline toolkit and the delivery planner in one binary.

// cavs-server + cavs-client

Server & client stable

A stateful HTTP origin with a route planner, and a native streaming client with a verifying, self-repairing cache.

// addons/cavs

Godot plugin stable

A 100% GDScript client — no GDExtension, no native binaries. Reconstructs and mounts PCKs with load_resource_pack().

// cavs analyze · publish-preview

Build & Update Analyzer new in 0.9

SteamPipe-style update estimates, pack-layout diagnosis (churn, shuffling, TOC, compression), publish previews across every route, disk I/O estimates and a local depot/branch workspace — all inside the cavs CLI.

// cavs certify

Release Certification new in 1.0

One command answers "is this update ready to publish?" — byte-identical verification, route selection per client state, regression guard, Godot PCK checks and reproducible reports with CI-stable exit codes.

// unity

Unity plugin soon

CAVS delivery for AssetBundles and Addressables, backed by the Rust core over a stable C ABI.

// unreal

Unreal plugin soon

CAVS delivery for PAK / IoStore (.ucas / .utoc) containers.

Architecture

One package. Many jumps.

Original releasePCK / bundle / pak
cavs packprofile auto-sweep
ManifestCAVSMF2
Chunk store/ packfiles
Bootstrapoptional
cavs-serverroute planner
cavs-clientcache + verify
Final filebyte-identical

CAVS packages releases once, stores chunks by content hash, negotiates compact manifests, chooses bootstrap or chunk delivery per session, verifies every piece, and reconstructs the original artifact atomically.

FAQ

Questions.

No. CAVS does not compress pixels like AV1, H.264 or HEVC. It deduplicates and delivers already-built content-addressed chunks. For single videos or ABR ladders, savings are near zero — and reported honestly.

Pairwise delta tools can produce smaller patches for one exact version pair. CAVS is designed for version streams: package once per release, serve many version jumps, reuse cache across versions, resume safely, and expose immutable CDN-cacheable storage.

Yes. Pass --previous-artifact and the client copies verified ranges straight from the old file, downloading only what changed — even with an empty chunk cache. Every copied range is BLAKE3-checked before it is written, and a corrupt old install safely falls back to the network.

Yes. cavs diff-plan produces a deterministic, BLAKE3-sealed .cavsplan, and cavs apply reconstructs it locally with the same verified staged model as the online client — byte-identical or it fails. preview, verify-install, file and ls complete the offline workflow.

Yes. CAVS reconstructs the final artifact byte-for-byte and verifies it with SHA-256 before promotion. Reconstruction is byte-identical or it fails — never halfway.

No. cavs bench steampipe-style and cavs analyze steampipe use a public fixed-1MiB model based on Valve's documentation — an estimate, never Valve's exact implementation, and every report says so. There is deliberately no separate "steam-analyzer" product: it is a CAVS command family for diagnosing update behavior before you publish.

Get started

Try CAVS on your own build.

Run CAVS against two versions of your game build: compare update routes, inspect why updates are large, certify byte-identical reconstruction and export a reproducible report — all locally, in minutes.

Have a Godot game with frequent PCK updates? Open an issue or start a discussion — real-world test cases are welcome.