## §SELF — miscsubjects (paste without context)

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `article_bundle` — **LLM article bundle**
Paste-ready package: body + claims + sources + voxels + provenance + manifest + constitution.
- **article slug:** `oip-what-is-idempotency`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Paste entire block into Grok/GPT/Gemini. Section §SELF explains the system.
- **read:** https://miscsubjects.com/api/articles/oip-what-is-idempotency/bundle?format=markdown

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-what-is-idempotency/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **topology** — Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER. · https://miscsubjects.com/api/articles/oip-what-is-idempotency/topology
- **voxels** — Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance. · https://miscsubjects.com/api/articles/oip-what-is-idempotency/voxels
- **ask** — Answer only from topology; creates question_node with gaps and ingest_hint. · https://miscsubjects.com/api/articles/oip-what-is-idempotency/prompts
- **ingest** — Parse pasted evidence → source ledger + claims + evidence_ingest node.
- **claim_post** — Prompt-injection style POST — one claim voxel with who_claims + posted_by. · https://miscsubjects.com/api/articles/oip-what-is-idempotency/voxels
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*

---

# miscsubjects article bundle

> Paste this entire block into Grok, GPT, or Gemini. They can READ the ledger below and RETURN evidence via ingest (see § LLM manifest).

## Article
- **slug:** `oip-what-is-idempotency`
- **title:** What Is Idempotency
- **url:** https://miscsubjects.com/a/oip-what-is-idempotency
- **register:** oip_protocol
- **updated:** 2026-07-04T19:01:08.120Z
- **tags:** oip, protocol

## Body

## What It Is

**An idempotent operation produces the same result no matter how many times you run it.** The first execution changes state. The second, third, and thousandth change nothing. The system ends up in exactly the same place.

## Why It Matters

Networks fail. Retries fire. Timed-out requests get replayed. Without idempotency, every retry is a potential duplicate charge, a double-post, a corrupted record, or a data leak. Idempotency is the safety rail that makes distributed systems reliable. It is the difference between "maybe once" and "exactly once, guaranteed." In deterministic, auditable systems, you cannot tolerate ambiguity. Every operation must have a knowable outcome. Idempotency makes that possible.

## How It Works

Idempotency lives at the intersection of the operation itself and the system's handling of repeated attempts. Here is the step-by-step mechanism:

1. **The client sends a request with an idempotency key.** A unique key (UUID, hash, or composite) travels with the request. The key identifies the intent, not just the payload.
2. **The server checks the key.** Before acting, the server looks up the key in its idempotency store (a database, cache, or ledger).
3. **If the key is new, the server executes the operation.** It runs the work, records the result, and stores the key with the outcome.
4. **If the key is a duplicate, the server returns the stored result.** No new work happens. The client gets the same response as before.
5. **The key expires after a defined window.** The store keeps keys for a bounded period (hours, days, or a configurable TTL). After that, the key may be reused for a new operation.

This is the canonical pattern. Stripe, AWS, and every payment API worth using implement it exactly this way. The key is the contract. The store is the guard. The TTL is the cleanup.

## The Contract

- **Idempotency key:** A client-generated unique identifier for a specific intent. Must be included in every request that needs idempotency protection. Must be unique per intent, not per request.
- **Key storage:** The server must retain keys for a bounded window. The minimum window is 24 hours. The recommended window is 7 days.
- **Response replay:** On duplicate keys within the window, the server must return the exact stored response, not re-execute the operation.
- **Error handling:** If the first attempt failed, the client may change the request and use a new key. The server must not retry failed operations automatically on behalf of the client.
- **Key lifecycle:** Keys expire. After expiration, a duplicate key is treated as a new request. The client is responsible for generating fresh keys for fresh intents.
- **Side effect constraint:** An idempotent operation must not produce new side effects on replay. The system state after one execution must equal the system state after one hundred executions.

## Real Examples

**Payment processing.** A customer clicks "pay" once. The network hiccups. The client retries. Without idempotency, the card is charged twice. With idempotency, the retry hits the same key and returns the same success response. The charge happens once. The customer is not angry.

**Provisioning resources.** You send an API request to create a VM with a specific name. The request times out. You retry. Without idempotency, you get two VMs with the same name and a billing headache. With idempotency, the retry returns the already-created VM. You have one VM. The bill is correct.

**Webhook delivery.** Your system sends a webhook to a partner. The partner's server ACKs, but the ACK never arrives. Your retry fires. Without idempotency, the partner processes the same event twice and double-ships an order. With idempotency, the partner deduplicates by event ID and processes once.

**Database upserts.** You insert a row with an INSERT ... ON CONFLICT DO NOTHING. The first insert succeeds. The second insert conflicts, does nothing, and returns the same row. The table has one row. The result is identical.

**State machine transitions.** A request moves an order from "pending" to "shipped." The transition is idempotent because the target state is the same regardless of how many times the command is received. The order ships once. The warehouse is not confused.

## Common Mistakes

**Reusing keys across different operations.** An idempotency key identifies an intent, not a user or a session. Using the same key for "charge $10" and "charge $20" is a bug. The second request will return the $10 result.

**Storing only the key, not the response.** The server must cache the full response. If it only stores the key, the client gets a different answer on retry. The contract is broken.

**Using mutable data as a key.** A timestamp, a random number, or a hash of the payload if the payload changes between retries — these are not stable keys. Keys must be deterministic and client-controlled.

**Infinite key retention.** Keeping every key forever fills storage and degrades performance. Keys need a TTL. The window must be documented. The client must know when a key is stale.

**Assuming read operations are idempotent.** They are safe, but they are not the problem. Idempotency matters for mutations. A GET that returns a changing value is not idempotent in the strict sense because the result changes. The system is still safe, but the guarantee is weaker.

**Ignoring idempotency in internal systems.** Teams often implement it at the API gateway but skip it in backend services. A retry from service A to service B can still duplicate work if service B has no guard. Idempotency is a stack-wide property, not a gateway decoration.

## Connection to OIP

OIP is built on the principle that every operation must be open, deterministic, and auditable. Idempotency is the engine of determinism. It guarantees that a given input produces a known output, regardless of how many times the system receives it. In an open protocol, anyone can send a request. In an auditable system, every request must have a traceable, repeatable outcome. Idempotency makes both possible. Without it, the ledger is unreliable. With it, the ledger is a source of truth. Every operation in OIP is designed to be idempotent by default. Not as an afterthought. As a first principle. The protocol does not trust the network. It does not trust the client. It trusts the contract: same key, same result, every time. That is the foundation of a system that can be inspected, verified, and relied upon by anyone.

## Connection to the Grain Philosophy

This protocol is part of the [Open Inventory Protocol](/a/philosophy) — a living system of self-describing voxels that serves the Grain philosophy. The OIP is the interface. The philosophy is the core.


## Claims (0)


## Voxel graph (0 atoms · 0 edges)
- full graph: https://miscsubjects.com/api/articles/oip-what-is-idempotency/voxels

## Article constitution

- full: https://miscsubjects.com/api/articles/constitution

## Source ledger (0)
- chain valid: yes · head: `genesis`

## Provenance (0 model passes)
- chain valid: yes · head: `genesis`


## Question graph
- questions: 0 · evidence ingests: 0

## LLM manifest — how to communicate with this ledger

- system map: https://miscsubjects.com/api/articles/system-map?format=markdown
- topology (ranked): https://miscsubjects.com/api/articles/oip-what-is-idempotency/topology
- ingest: POST https://miscsubjects.com/api/protocol/ingest
- claim: POST https://miscsubjects.com/api/protocol/claim

### Quick actions for this article
- **Read live:** https://miscsubjects.com/api/articles/oip-what-is-idempotency/topology
- **Ask (API):** POST https://miscsubjects.com/api/protocol/ask `{"slug":"oip-what-is-idempotency","question":"..."}`
- **Ingest your findings:** POST https://miscsubjects.com/api/protocol/ingest or text `ingest oip-what-is-idempotency|your evidence`
- **Post one claim:** POST https://miscsubjects.com/api/protocol/claim or text `claim oip-what-is-idempotency|tier|assertion`
- **iMessage ask:** `oip-what-is-idempotency|your question`
- **System map:** https://miscsubjects.com/api/articles/system-map?format=markdown


---

## §SELF — miscsubjects (paste without context)

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `system_map` — **System map**
Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **article slug:** `oip-what-is-idempotency`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **read:** https://miscsubjects.com/api/articles/system-map

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-what-is-idempotency/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **constitution** — Binding rules: required article slots, claim/source rules, ontology anti-sprawl. · https://miscsubjects.com/api/articles/constitution
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest
- **oip_article_hub** — Public article-native Object Invocation Protocol docs: /a/oip root, generated shelf/system/capability articles, machine bundles, token boundary, and receipt loop. · https://miscsubjects.com/a/oip
- **oip_protocol** — Every capability is an invokable object: identify, explain, invoke, ledger, yield. · https://miscsubjects.com/a/oip
- **bundle** — Paste-ready package: body + claims + sources + voxels + provenance + manifest + constitution. · https://miscsubjects.com/api/articles/oip-what-is-idempotency/bundle?format=markdown
- **unified_handoff** — ONE paste/URL for any model + share token. Same self-explaining pattern as article bundle, but whole build. · https://miscsubjects.com/api/handoff?format=markdown

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*