Protocol and CLI

Local proof first. Hosted console second.

Kelyra Core is the open execution boundary: SWD, receipts, policies, proof bundles, CI explanation, MCP, and a local console bridge.

Open Console

Execution model

What is real today.

The CLI can already run model-backed sessions when provider keys are configured, or model-free SWD applies when another agent provides file actions.

CLI core

Run chat, one-shot prompts, doctor checks, SWD apply, receipts, proof sharing, policy, skills, MCP, and CI verification locally.

Local console bridge

kelyra console serves the web console and connects it to the current project without exposing filesystem control to the public web.

Hosted console path

Hosted console access is controlled by wallet sessions, token tiers, quotas, job queues, and isolated runners once the KELYRA gate is enabled.

Commands

The product must stay inspectable from terminal.

kelyra doctorReadiness check for local setup, receipts, CI, providers, and hosted API.

kelyra providers checkShows which model-backed paths are available.

kelyra chatInteractive agent session with SWD verification.

kelyra run --file TASK.mdOne-shot prompt with bounded turns and receipts.

kelyra swd apply --stdin --jsonModel-free verified file actions from an external agent.

kelyra proof share latestPortable proof bundle plus static HTML review page.

kelyra ci explainExplains why the current diff passes or fails CI.

kelyra consoleLocal browser console connected to the current workspace.

Public architecture

The web product should not execute the user's filesystem directly.

A public Kelyra Console needs a real backend: authenticated sessions, holder-gated quotas, provider routing, receipt storage, and isolated job runners. The local bridge is useful for development and power users, but it must stay bound to localhost and explicitly launched from the project.

Public site Landing, docs, install, demo

Hosted API Auth, quota, jobs, receipts

Local bridge Explicit localhost proof runs