## §SELF — miscsubjects (paste without context)

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `article_bundle` — **LLM article bundle**
Paste-ready package: body + claims + sources + voxels + provenance + manifest + constitution.
- **article slug:** `oip-what-is-a-proxy`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Paste entire block into Grok/GPT/Gemini. Section §SELF explains the system.
- **read:** https://miscsubjects.com/api/articles/oip-what-is-a-proxy/bundle?format=markdown

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-what-is-a-proxy/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **topology** — Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER. · https://miscsubjects.com/api/articles/oip-what-is-a-proxy/topology
- **voxels** — Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance. · https://miscsubjects.com/api/articles/oip-what-is-a-proxy/voxels
- **ask** — Answer only from topology; creates question_node with gaps and ingest_hint. · https://miscsubjects.com/api/articles/oip-what-is-a-proxy/prompts
- **ingest** — Parse pasted evidence → source ledger + claims + evidence_ingest node.
- **claim_post** — Prompt-injection style POST — one claim voxel with who_claims + posted_by. · https://miscsubjects.com/api/articles/oip-what-is-a-proxy/voxels
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*

---

# miscsubjects article bundle

> Paste this entire block into Grok, GPT, or Gemini. They can READ the ledger below and RETURN evidence via ingest (see § LLM manifest).

## Article
- **slug:** `oip-what-is-a-proxy`
- **title:** What Is a Proxy
- **url:** https://miscsubjects.com/a/oip-what-is-a-proxy
- **register:** oip_protocol
- **updated:** 2026-07-04T19:01:15.099Z
- **tags:** oip, protocol

## Body

## What It Is

**A proxy is an intermediary that receives a request, optionally modifies it, forwards it to a real target, receives the response, optionally modifies it, and returns it to the original caller.** It is the universal interception point. Nothing passes through a proxy without the proxy knowing.

## Why It Matters

Most systems are black boxes. A caller sends a request. A result comes back. What happened in between is invisible. The proxy destroys that darkness.

It makes the invisible visible. Every request, every response, every header, every body, every error — the proxy sees it all. That visibility is the foundation of audit. Without a proxy, you are guessing. With a proxy, you are observing.

It also makes the system controllable. A proxy can block, rewrite, cache, rate-limit, route, or transform. It turns a hardcoded pipe into a programmable surface.

The philosophical point is deeper. A system that cannot be observed cannot be audited. A system that cannot be audited cannot be trusted. The proxy is the minimal mechanism that converts an opaque interaction into an observable one. That is why it sits at the heart of every open, deterministic, auditable protocol.

## How It Works

Step 1: A caller makes a request. The caller thinks it is talking to the target. It is not. It is talking to the proxy.

Step 2: The proxy intercepts the request. It reads the headers, the body, the method, the path. It logs everything. It can modify anything.

Step 3: The proxy forwards the request to the real target. Or it does not. It might return a cached response. It might return an error. It might route to a different target entirely. The caller does not know. The caller should not need to know.

Step 4: The target processes the request and returns a response.

Step 5: The proxy intercepts the response. It reads, logs, and optionally modifies the response.

Step 6: The proxy returns the response to the caller. The caller receives the result, unaware that a proxy was ever involved.

Concrete example: A user sends an HTTP GET to `api.example.com/users`. The proxy at `proxy.example.com` receives the request. It logs the user agent, the auth token, the timestamp. It adds a trace ID header. It forwards to `api.example.com/users`. The API returns JSON. The proxy logs the response time, the status code, the response size. It strips an internal header. It returns the JSON to the user. The user got the same data. The system now has a complete record of the interaction.

## The Contract

A proxy honors this contract:

- **Interception**: Every request and response passes through the proxy before reaching its destination.
- **Transparency**: The proxy does not break the caller-target contract unless explicitly configured to do so. The caller and target should behave the same way with or without the proxy.
- **Observability**: The proxy produces a complete, timestamped record of every interaction.
- **Mutability**: The proxy may modify requests and responses according to declared rules.
- **Determinism**: Given the same input and the same rules, the proxy produces the same output. No hidden state, no magic.

In formal terms: `Proxy(Input, Rules) → (Log, Output)`. The same Input and Rules always produce the same Log and Output.

## Real Examples

**1. HTTP Proxy (Squid, Nginx, HAProxy)**
Intercepts web traffic. Caches responses. Blocks malicious sites. Logs every URL. This is the most common proxy. Millions of requests per second pass through proxies like this.

**2. Reverse Proxy / Load Balancer (AWS ALB, Cloudflare)**
Sits in front of a fleet of servers. Receives external requests. Routes them to healthy backends. Returns the backend response. The client sees one endpoint. Behind it are fifty servers, or five hundred, and the proxy decides which one answers.

**3. API Gateway (Kong, AWS API Gateway)**
A proxy with policy. Authenticates requests. Rate-limits. Transforms JSON to XML. Routes `/v1/users` to one service and `/v2/users` to another. Every API call is logged, metered, and auditable.

**4. Database Proxy (PgBouncer, ProxySQL)**
Sits between application and database. Pools connections. Routes read queries to replicas. Logs slow queries. The application thinks it is talking directly to Postgres. It is talking to a proxy that manages the real connections.

**5. Transparent Interception (mitmproxy, Charles, Wireshark)**
Captures traffic without the caller's knowledge. Used for debugging, security audits, and testing. The proxy proves what was actually sent and received. It removes the ambiguity of "the server said..."

## Common Mistakes

**Mistake 1: Thinking a proxy is just for caching.**
Caching is one feature. The real power is interception, control, and audit. A proxy that only caches is like using a race car to drive to the grocery store.

**Mistake 2: Believing the proxy is invisible.**
It is not. Latency increases. Headers may change. Timeouts may differ. A proxy that is not accounted for in debugging is a hidden variable that destroys reproducibility.

**Mistake 3: Using a proxy without logging.**
A proxy that intercepts but does not log is a missed opportunity. The whole point is to make the system observable. If you do not capture the data, you have built a black box with a window that you never look through.

**Mistake 4: Treating the proxy as a trusted boundary.**
A proxy can be compromised. It can be misconfigured. It can be bypassed. It is not a security silver bullet. It is a control point. Control points must themselves be audited.

**Mistake 5: Not versioning proxy rules.**
A proxy that modifies requests must do so deterministically. If the rules change without documentation, the system becomes unpredictable. Version your proxy rules the same way you version your code.

## Connection to OIP

The Open, Deterministic, Auditable Protocol demands three things from every component: the system must be open (its behavior is inspectable), deterministic (the same input produces the same output), and auditable (every action leaves a trace).

The proxy is the mechanical realization of all three.

**Open**: The proxy makes the flow of data visible. You can read the request. You can read the response. You can read the rules that transformed them. Nothing is hidden.

**Deterministic**: A proxy governed by explicit rules produces the same output for the same input, every time. The rules are code. Code is versioned. Versioned code is deterministic.

**Auditable**: Every request and response is logged with a timestamp and a trace ID. The log is immutable. The log is the proof. If you need to know what happened, you read the proxy log. You do not ask the server. You do not ask the caller. You ask the proxy. The proxy knows because the proxy was there.

In OIP, the proxy is not optional infrastructure. It is the mechanism by which opacity becomes transparency. It is the guardrail that turns an uncontrolled system into a controlled one. Without it, you have faith. With it, you have evidence.

## Connection to the Grain Philosophy

This protocol is part of the [Open Inventory Protocol](/a/philosophy) — a living system of self-describing voxels that serves the Grain philosophy. The OIP is the interface. The philosophy is the core.


## Claims (0)


## Voxel graph (0 atoms · 0 edges)
- full graph: https://miscsubjects.com/api/articles/oip-what-is-a-proxy/voxels

## Article constitution

- full: https://miscsubjects.com/api/articles/constitution

## Source ledger (0)
- chain valid: yes · head: `genesis`

## Provenance (0 model passes)
- chain valid: yes · head: `genesis`


## Question graph
- questions: 0 · evidence ingests: 0

## LLM manifest — how to communicate with this ledger

- system map: https://miscsubjects.com/api/articles/system-map?format=markdown
- topology (ranked): https://miscsubjects.com/api/articles/oip-what-is-a-proxy/topology
- ingest: POST https://miscsubjects.com/api/protocol/ingest
- claim: POST https://miscsubjects.com/api/protocol/claim

### Quick actions for this article
- **Read live:** https://miscsubjects.com/api/articles/oip-what-is-a-proxy/topology
- **Ask (API):** POST https://miscsubjects.com/api/protocol/ask `{"slug":"oip-what-is-a-proxy","question":"..."}`
- **Ingest your findings:** POST https://miscsubjects.com/api/protocol/ingest or text `ingest oip-what-is-a-proxy|your evidence`
- **Post one claim:** POST https://miscsubjects.com/api/protocol/claim or text `claim oip-what-is-a-proxy|tier|assertion`
- **iMessage ask:** `oip-what-is-a-proxy|your question`
- **System map:** https://miscsubjects.com/api/articles/system-map?format=markdown


---

## §SELF — miscsubjects (paste without context)

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `system_map` — **System map**
Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **article slug:** `oip-what-is-a-proxy`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **read:** https://miscsubjects.com/api/articles/system-map

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-what-is-a-proxy/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **constitution** — Binding rules: required article slots, claim/source rules, ontology anti-sprawl. · https://miscsubjects.com/api/articles/constitution
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest
- **oip_article_hub** — Public article-native Object Invocation Protocol docs: /a/oip root, generated shelf/system/capability articles, machine bundles, token boundary, and receipt loop. · https://miscsubjects.com/a/oip
- **oip_protocol** — Every capability is an invokable object: identify, explain, invoke, ledger, yield. · https://miscsubjects.com/a/oip
- **bundle** — Paste-ready package: body + claims + sources + voxels + provenance + manifest + constitution. · https://miscsubjects.com/api/articles/oip-what-is-a-proxy/bundle?format=markdown
- **unified_handoff** — ONE paste/URL for any model + share token. Same self-explaining pattern as article bundle, but whole build. · https://miscsubjects.com/api/handoff?format=markdown

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*