Rust-based personal AI agent engine — analyzed for Lyra comparison and pattern adoption
High-level module relationships and data flow
graph TD CH["Channels
REPL, HTTP, WASM, WS, Signal"] --> CM["ChannelManager
hot_add, select_all"] CM --> SESS["Session Manager
Session-Thread-Turn"] SESS --> LLM["LLM Providers
7 backends + decorators"] LLM --> TOOLS["Tool System
Built-in + WASM + MCP"] TOOLS --> MEM["Memory
Workspace + Dual DB"] SESS --> HOOKS["Hooks System
6 interception points"] HOOKS -.-> LLM RT["Routines
Cron, Event, Webhook"] -.-> SESS SAFE["Safety Layer
Multi-layer defense"] -.-> TOOLS SAFE -.-> LLM
Workspace module + dual database backend with hybrid search
Mirrors file hierarchy with read/write/append/delete operations. Persistent per-agent context.
pgvector + tsvector + JSONBlibSQL/Turso with FTS5, F32_BLOB vectorsk=60AGENTS.md, SOUL.md, USER.md, and IDENTITY.md for persistent agent persona.| Tool | Purpose |
|---|---|
memory_search | Hybrid search across workspace and database memory |
memory_write | Store new information to memory with embeddings |
memory_read | Retrieve specific memory entries by path or ID |
memory_tree | Browse memory hierarchy as a directory tree |
Channel trait with 5 implementations and hot-add runtime management
graph TD
subgraph Channels
REPL["REPL/TUI
Ratatui"]
HTTP["HTTP Webhook
Axum"]
WASM["WASM Channels
Telegram, Discord,
Slack, WhatsApp"]
WEB["Web Gateway
SSE + WebSocket"]
SIG["Signal"]
end
REPL --> MGR["ChannelManager"]
HTTP --> MGR
WASM --> MGR
WEB --> MGR
SIG --> MGR
MGR -->|select_all| STREAM["Merged
MessageStream"]
MGR -->|injection| BG["Background Tasks"]
start() returns MessageStreamrespond() sends reply to channelbroadcast() multi-target deliverysend_status() status indicatorname() channel identifier(user_id, channel, external_thread_id)pending_auth mode bypasses safety for credential inputNo central bus — hooks for interception, SSE for streaming, Observer for telemetry
Pass — continue unchangedModified(data) — altered payloadReject(reason) — block executionrecord_event()record_metric()7 backends wrapped in a decorator chain with smart routing
| Backend | Type |
|---|---|
NEAR AI | Primary (NEAR ecosystem) |
OpenAI | GPT models |
Anthropic | Claude models |
Ollama | Local inference |
OpenAI-compatible | Any compatible endpoint |
AWS Bedrock | AWS-managed models |
Tinfoil | Privacy-focused |
Keyed by (model, messages_hash) with configurable TTL. Avoids redundant LLM calls for identical prompts.
3 tool types with WASM sandboxing and dynamic tool generation
Native performance, full system access. File I/O, shell, HTTP, memory, database operations.
Third-party tools run in isolated WASM runtime with resource limits and security controls.
External tool servers connected via the MCP standard. Extensible without recompilation.
Dual-backend with 7 sub-trait supertrait and job state machine
deadpool| Sub-trait | Responsibility |
|---|---|
ConversationStore | Sessions, threads, turns, messages |
JobStore | Background job lifecycle and state |
SandboxStore | WASM sandbox state and permissions |
RoutineStore | Scheduled routines and triggers |
ToolFailureStore | Tool error tracking and retry data |
SettingsStore | Runtime configuration and preferences |
WorkspaceStore | Workspace file metadata and content |
Trigger-based automation with guardrails
graph TD
subgraph Triggers
CRON["Cron Schedule"]
EVT["Event Regex"]
WH["Webhook"]
MAN["Manual"]
end
CRON --> ENGINE["Routine Engine"]
EVT --> ENGINE
WH --> ENGINE
MAN --> ENGINE
ENGINE --> LP["LightweightPrompt
Single LLM call"]
ENGINE --> FJ["FullJob
Scheduler to Worker"]
subgraph Guardrails
MC["max_concurrent"]
TO["timeout_secs"]
MR["max_retries"]
end
ENGINE -.-> Guardrails
Multi-layer defense with 15+ leak detection patterns
Side-by-side architecture comparison for adoption planning
| Aspect | IronClaw | Lyra |
|---|---|---|
| Language | Rust (~99k LOC) | Python (asyncio) |
| Memory | Hybrid RRF search, dual DB (PostgreSQL + libSQL) | TBD |
| Channels | Channel trait + WASM sandboxed adapters (5 types) | Hub-and-spoke architecture |
| Events | Hooks (6 points) + SSE (10+ types) + Observer trait | TBD |
| LLM | 7 backends with decorator chain + smart routing | TBD |
| Tools | Built-in (45+) + WASM sandboxed + MCP servers | TBD |
| Database | PostgreSQL + libSQL dual-backend, 7 sub-traits | TBD |
| Safety | Multi-layer defense, 15+ leak patterns, credential detection | TBD |
Recommended adoption and study priorities from IronClaw analysis