chatixia-mesh // docs

The Decentralized
Agent Mesh

A Chatixia product — agents discover each other through a registry, communicate directly over DTLS-encrypted peer-to-peer channels, and are monitored from a real-time dashboard.

Get Started Architecture
Architecture

Four Components, One Mesh

A central registry handles signaling and discovery. Agent-to-agent data flows directly over DTLS-encrypted WebRTC DataChannels — the registry is never in the data path.

R

Registry

Signaling server, agent registry, task queue, and hub API. The control plane for the mesh.

Rust · axum · port 8080
S

Sidecar

WebRTC mesh peer and IPC bridge. One per agent. Handles all signaling and DataChannel complexity.

Rust · webrtc-rs
A

Agent

AI agent framework with skills, LLM integration, and mesh networking. Ships as the chatixia CLI.

Python · PyPI
H

Hub

Real-time monitoring dashboard. Glassmorphic UI for agent health, tasks, topology, and approvals.

React · Vite · TypeScript
Registry Server
Rust · axum
SignalingAgent RegistryHub API
WebSocket (SDP/ICE)
HTTP
Sidecar A
Rust · webrtc-rs
WebRTC DataChannel DTLS encrypted
Sidecar B
Rust · webrtc-rs
IPC (Unix socket)
IPC (Unix socket)
Agent A
Python · chatixia
Agent B
Python · chatixia
Quickstart

Up and Running in Three Steps

Build the Rust components, scaffold an agent, and connect to the mesh.

1

Build & Start Registry

Compile the Rust workspace and launch the signaling server.

# Build all Rust crates
cargo build --release

# Start registry on port 8080
cargo run --release -p chatixia-registry
2

Scaffold & Configure Agent

Install the CLI, scaffold a new agent, and fill in credentials.

# Install the chatixia CLI
cd agent && pip install -e .

# Scaffold a new agent
chatixia init my-agent
cd my-agent
cp .env.example .env
3

Pair & Run

Redeem an invite code from an admin, then start the agent.

# Pair with the mesh
chatixia pair <invite-code>

# Run the agent
chatixia run

# Hub dashboard (separate terminal)
cd hub && npm run dev
Protocol

Communication Layers

Four distinct communication layers, each with a specific responsibility and transport.

L1

Signaling — WebSocket + JWT

SDP offers/answers and ICE candidates relayed through the registry. JWT authentication with 5-minute expiry. Sender verification ensures JWT sub matches message peer_id.

L2

DataChannel — WebRTC P2P

Direct sidecar-to-sidecar, DTLS encrypted. Application protocol: MeshMessage JSON with types for task delegation, skill discovery, status broadcast, and ping/pong.

L3

IPC — Unix Socket, JSON Lines

Sidecar ↔ Python agent bridge. Commands: send, broadcast, list_peers, connect. Events: message, peer_connected, peer_disconnected.

L4

Registry REST API — HTTP

Agent registration and discovery, task queue management, mesh topology for dashboard visualization, and ICE server configuration (STUN + optional TURN).

API Reference

Registry Endpoints

All REST endpoints served by the registry on port 8080.

Authentication
POST /api/token Exchange API key for JWT
GET /ws?token=... WebSocket upgrade (signaling)
GET /api/config ICE server config (STUN + TURN)
Agent Registry
GET /api/registry/agents List all agents
POST /api/registry/agents Register or update agent
GET /api/registry/agents/{id} Get specific agent
DELETE /api/registry/agents/{id} Unregister agent
GET /api/registry/route?skill=... Find agent by skill
Task Queue
POST /api/hub/tasks Submit task
GET /api/hub/tasks/all List all tasks
GET /api/hub/tasks/{id} Get task status
POST /api/hub/tasks/{id} Update task result
POST /api/hub/heartbeat Agent heartbeat (upsert record)
GET /api/hub/network/topology Mesh topology for visualization
Agent Pairing
POST /api/pairing/generate-code Generate 6-digit invite code
POST /api/pairing/pair Redeem code, create pending entry
GET /api/pairing/pending List pending approvals
GET /api/pairing/all List all onboarding entries
POST /api/pairing/{id}/approve Approve pending agent
POST /api/pairing/{id}/reject Reject pending agent
POST /api/pairing/{id}/revoke Revoke approved agent
CLI

chatixia Command Reference

The chatixia CLI manages the agent lifecycle — from scaffolding to mesh participation.

chatixia init [name]

Scaffold a new agent directory with agent.yaml, .env.example, and .gitignore templates.

chatixia run [manifest]

Register with registry, spawn sidecar, connect to mesh, and begin heartbeat loop.

chatixia pair <code>

Redeem a 6-digit invite code to join a mesh network. Creates a pending approval entry.

chatixia validate [manifest]

Validate the agent manifest (agent.yaml) and print a summary of the configuration.

Agent Skills

Built-in Mesh Skills

Skills available to every agent for inter-agent communication and task delegation.

delegate
Submit a task to the hub queue, optionally route by skill, and poll for the result.
list_agents
List all registered agents via the registry REST API.
mesh_send
Send a direct message to a specific agent via the hub task queue.
mesh_broadcast
Broadcast a message to all active agents via the hub task queue.
find_agent
Find the best agent for a given skill via the registry route endpoint.
Security

Threat Model

Key threats, existing mitigations, and residual risks for the mesh network.

T1

Unauthorized Signaling Access

Attacker connects to WebSocket and injects SDP/ICE messages.

  • JWT required for WebSocket upgrade
  • Sender verification: JWT sub must match peer_id
T2

API Key Compromise

Leaked key allows attacker to obtain JWT and impersonate a peer.

  • Keys map to specific peer_id + role
  • JWT TTL is 5 minutes
T3

Man-in-the-Middle

Intercept or modify agent-to-agent P2P traffic.

  • DataChannels are DTLS-encrypted by default
  • Fingerprints exchanged via signaling
T5

Task Queue Poisoning

Submit malicious tasks to execute harmful skills on target agents.

  • Skill-matching assignment only
  • TTL limits task lifetime (300s default)
T6

IPC Socket Hijacking

Local process connects to Unix socket and impersonates the agent.

  • Filesystem permissions (owner-only)
  • First-client-wins connection model
T8

Pairing Code Brute Force

Brute-force 6-digit codes to join without authorization.

  • Rate limit: 5 attempts per IP per 60s
  • Codes are single-use, expire in 5 min
  • Redemption requires admin approval
Glossary

Key Terms

Domain-specific terminology used throughout the system.

Agent
A Python AI process with skills, LLM integration, and mesh networking. Each agent has one sidecar.
Sidecar
A Rust process handling WebRTC signaling and DataChannels on behalf of a Python agent, via IPC.
Registry
Central Rust server providing signaling relay, agent discovery, task queue, and hub API.
Mesh
The network of WebRTC DataChannel connections between sidecars. Full mesh = every sidecar connected to every other.
DataChannel
WebRTC primitive for arbitrary data transfer. DTLS-encrypted, P2P. Carries MeshMessage JSON.
MeshMessage
Application-level JSON message: type, request_id, source_agent, target_agent, payload.
Skill
A named capability (Python function) that an agent can execute. Used for task routing.
Task
A unit of work in the hub queue. Lifecycle: pending → assigned → completed/failed.
Heartbeat
Periodic HTTP POST from agent to registry (~15s). Updates metadata and picks up pending tasks.
Peer ID
Unique identifier for a sidecar, derived from its API key entry.
JWT
JSON Web Token — short-lived (5 min) bearer token for WebSocket auth and sender verification.
IPC
JSON-line protocol over Unix domain socket between a sidecar and its Python agent.
STUN
Session Traversal Utilities for NAT — helps peers discover their public IP for connectivity.
TURN
Traversal Using Relays around NAT — relay server used when direct and STUN connections fail.
MCP
Model Context Protocol — standard for connecting LLMs to external tools and data sources.
Architecture Decision Records

Design Decisions

Key architectural decisions and their rationale.

ADR-001 accepted
Rust Sidecar Pattern for WebRTC
Python agents spawn a Rust sidecar for all WebRTC/signaling complexity. Communication via Unix socket IPC. Robust WebRTC via webrtc-rs; agents stay simple with no WebRTC dependencies.
ADR-002 accepted
Full Mesh Topology
Every sidecar connects to every other via WebRTC DataChannels. Direct P2P with lowest latency, no single point of failure for data. Practical limit of ~50 agents.
ADR-003 accepted
JWT for WebSocket Authentication
API key → JWT exchange. Short-lived tokens (5-min TTL) for stateless verification. Sender verification binds JWT sub to message peer_id.
ADR-004 accepted
In-Memory State (No Database)
All state in concurrent DashMaps. Zero deployment complexity — single binary, no external services. Migration path: add PostgreSQL when persistence is needed.
ADR-005 accepted
Hub Task Queue for Sync Skill Handlers
Sync Python skill handlers submit tasks via the registry REST API instead of async IPC. Centralized task queue with status tracking.
ADR-006 accepted
Ephemeral TURN Credentials
Coturn use-auth-secret mode with HMAC-SHA1 generated credentials (24h TTL). No long-lived TURN credentials exposed.
ADR-007 accepted
Atmospheric Luminescence UI
visionOS-inspired glassmorphic design system. Tonal surface layering, Space Grotesk + Manrope typography, frosted glass surfaces, Electric Cyan gradient accent.
ADR-009 accepted
Hybrid Pairing + Approval
Invite codes + admin approval for agent onboarding. Dynamic onboarding without config edits. Scoped visibility and revocation support.
ADR-010 accepted
chatixia CLI
PyPI package with init, run, validate, and pair subcommands. Standard onboarding path for external users — scaffold, pair, run.