LlamaIndex + xLink: Identity-Based RAG

Install the Package

Install the LlamaIndex xLink adapter via npm:

npm install @private.me/llamaindex-xlink

Or using pnpm:

pnpm add @private.me/llamaindex-xlink

Dependencies are resolved automatically in monorepo workspaces:

@private.me/xlink
@private.me/xregistry
@private.me/crypto
@private.me/shared

Basic RAG Agent with Identity

Create a secure RAG system in four steps:

import { LlamaIndexXLinkAgent } from '@private.me/llamaindex-xlink';

// 1. Create RAG agent
const agent = new LlamaIndexXLinkAgent({
  name: 'ResearchAssistant',
  description: 'RAG system for scientific papers',
  chunkSize: 512,
  chunkOverlap: 50,
  similarityTopK: 3,
  verbose: true,
});

// 2. Initialize identity (zero-config)
await agent.initialize();
console.log('Agent DID:', agent.getDID());

// 3. Ingest documents (encrypted)
await agent.ingestDocument({
  documentId: 'paper-001',
  content: 'Quantum computing research paper...',
  metadata: { author: 'Smith et al.', year: 2024 },
  encrypted: true,
});

// 4. Query with secure retrieval
const result = await agent.query({
  queryId: 'query-001',
  agentDid: agent.getDID(),
  query: 'What are the latest advances in quantum error correction?',
  timestamp: Date.now(),
});

if (result.ok) {
  console.log('Response:', result.value.response);
  console.log('Sources:', result.value.sources);
}

Multi-Agent RAG Collaboration

Multiple specialized RAG agents can securely share query results:

import { LlamaIndexXLinkAgent } from '@private.me/llamaindex-xlink';

// Create specialized RAG agents
const legalAgent = new LlamaIndexXLinkAgent({
  name: 'LegalRAG',
  description: 'Legal document retrieval',
  chunkSize: 1024,
});

const medicalAgent = new LlamaIndexXLinkAgent({
  name: 'MedicalRAG',
  description: 'Medical research retrieval',
  chunkSize: 512,
});

// Initialize all agents
await Promise.all([
  legalAgent.initialize(),
  medicalAgent.initialize(),
]);

// Medical agent performs query
const medicalQuery = await medicalAgent.query({
  queryId: 'med-001',
  agentDid: medicalAgent.getDID(),
  query: 'Latest cancer treatment protocols',
  timestamp: Date.now(),
});

if (medicalQuery.ok) {
  // Share results with legal agent (for compliance review)
  const sharedResult = await medicalAgent.shareQueryResult(
    legalAgent.getDID(),
    medicalQuery.value.response,
  );

  // Legal agent receives and verifies
  const received = await legalAgent.receiveSharedResult(
    sharedResult.value.shares,
    sharedResult.value.hmacKeys,
    sharedResult.value.hmacSignatures,
  );

  console.log('Legal agent received:', received.value);
}

Encrypted Document Ingestion Pipeline

Ingest documents with XorIDA threshold sharing for information-theoretic security:

const agent = new LlamaIndexXLinkAgent({
  name: 'SecureIngestor',
  description: 'Encrypted document ingestion',
  chunkSize: 512,
  chunkOverlap: 50,
});

await agent.initialize();

// Ingest with XorIDA encryption
const documents = [
  { id: 'doc-001', content: 'Confidential report...' },
  { id: 'doc-002', content: 'Internal memo...' },
  { id: 'doc-003', content: 'Strategic plan...' },
];

for (const doc of documents) {
  const result = await agent.ingestDocument({
    documentId: doc.id,
    content: doc.content,
    encrypted: true, // XorIDA-split storage
  });

  if (result.ok) {
    console.log(`✓ ${doc.id} ingested securely`);
  }
}

// Query encrypted index
const queryResult = await agent.query({
  queryId: 'secure-001',
  agentDid: agent.getDID(),
  query: 'Summarize strategic objectives',
  timestamp: Date.now(),
});

console.log('Secure query result:', queryResult.value?.response);

Why xLink for LlamaIndex?

From Traditional LlamaIndex

Before (API keys):

import { VectorStoreIndex, OpenAI } from 'llamaindex';

const llm = new OpenAI({ apiKey: process.env.OPENAI_API_KEY });
const index = await VectorStoreIndex.fromDocuments(docs, { llm });
const queryEngine = index.asQueryEngine();
const response = await queryEngine.query('What is...?');

After (xLink identity):

import { LlamaIndexXLinkAgent } from '@private.me/llamaindex-xlink';

const agent = new LlamaIndexXLinkAgent({
  name: 'RAGAgent',
  description: 'Secure RAG system',
});

await agent.initialize(); // Zero-config identity

for (const doc of docs) {
  await agent.ingestDocument({
    documentId: doc.id,
    content: doc.content,
    encrypted: true,
  });
}

const result = await agent.query({
  queryId: 'q1',
  agentDid: agent.getDID(),
  query: 'What is...?',
  timestamp: Date.now(),
});

Key Differences

1. No API keys: Identity is cryptographically generated (Ed25519).

2. Encrypted storage: Documents are XorIDA-split by default.

3. Secure retrieval: Query results can be threshold-shared between agents.

4. Built-in audit: Every query and ingestion is logged with HMAC verification.

XorIDA Threshold Sharing

Query results split into n shares where any k can reconstruct:

2-of-3: Protects against 1 share compromise
3-of-5: Protects against 2 share compromises
Information-theoretic: Fewer than k shares reveal NOTHING

Encrypted Document Storage

Documents are split into chunks, each chunk is XorIDA-encrypted:

Document → Chunks → XorIDA Split → Encrypted Index

Retrieval requires reconstructing shares from multiple sources.

HMAC Verification

All shares have HMAC-SHA256 signatures. Verification happens BEFORE reconstruction (fail closed). If any share fails verification, the entire reconstruction is rejected.

Ed25519 DIDs

Agent identities use Ed25519:

256-bit security · Fast signing/verification · Standard DID format: did:key:z...

Next Steps

Package Documentation: @private.me/llamaindex-xlink README

xLink Core: xLink White Paper — Machine-to-machine identity layer

Pricing: 3-month free trial → $5/month Basic, $10/month Middle, $15/month Enterprise

Examples: See packages/llamaindex-xlink/examples/ for quickstart and production setups

Support: contact@private.me