Reploid is a browser runtime family. Its self-modifying agent modes use Seed,
Shadow, and Promote. Seed creates the recoverable self. Shadow stages candidate
changes. Promote writes an allowlisted candidate into the live self only after
its evidence passes. Zero starts from CreateTool; the root Reploid UI runs
receipt-backed browser inference under the internal Poolday contract.
The agent modes that expose Promote use these states:
| State | File mutation | Evidence | Activation boundary |
|---|---|---|---|
| Seed | Writes the recoverable identity, prompt, tools, VFS, objective, and Blueprint 0x000112. |
Boot manifest. | Establishes the self that can be restored. |
| Shadow | Writes candidates under /shadow; the active /self stays unchanged. |
RGR traces, scores, receipts, and rollback paths under /artifacts/rgr. |
Candidate code remains provisional. |
| Promote | Copies an allowlisted candidate from /shadow into /self. |
Anchored gate result, replay result, and candidate hash. | Changes /self; validator mutations enter quarantine instead. |
| Name | Role and boundary |
|---|---|
| Reploid | Public family name and shared browser substrate. |
| Poolday | Internal/docs name for the model-serving pool at /; the public UI remains Reploid. |
| X | Mature agent surface at /x with workers, memory, peer slots, verification, and promotion. |
| Zero | Minimal agent surface at /zero; it begins with CreateTool and has no pool dependency. |
The Zero and X intent contract owns their routes, boot profiles, modules, and tool surfaces. The root Poolday path is owned separately by the product boot modes, pool config, and pool claim boundary. Current support claims resolve to the machine-checked surface claim index.
npm install
npm startOpen http://localhost:8000. For the managed Gemini path, set GEMINI_API_KEY in .env before starting.
Awaken clears prior live VFS state, writes the generated self manifests, exposes canonical source through a copy-on-write /self overlay, mounts Capsule, and starts the runtime. Reploid-owned behavior stays in visible self files, prompts, blueprints, traces, and receipts.
The generated VFS manifest enumerates seeded files. The executable tool-surface contract enumerates tool membership. The RGR runtime contract defines candidate evidence, anchors, quarantine, rollback, and promotion.
The surface claim index owns these status lines and their evidence paths:
| Index row | Current boundary |
|---|---|
local-execution |
A configured local executor runs slots in the current browser. |
peer-slot-placement |
Opted-in slots may run on joined peers; enabling slots does not expose local inference unless this browser has an executor. |
browser-provider-roles |
Browser requester and provider clients exchange assignments, outputs, and receipts through peer rooms. |
signaling |
Same-browser rooms can use BroadcastChannel; cross-host WebRTC uses signaling for rendezvous. |
sealed-credentials |
npm start can build sealed access windows; client artifacts omit the plaintext key and the operator codebook stays ignored under .reploid-cloud/. |
public-mesh |
Blocked as a signaling-free claim while cross-host rendezvous still requires signaling. |
Users can bypass the managed access-window path and supply their own browser inference.
| Reader | Entry points |
|---|---|
| Operators | Quick start, configuration, and local models |
| Agent and runtime contributors | System architecture, RGR runtime contract, and tool surfaces |
| Security and claim reviewers | Security model, surface claim index, Poolday claims, and threat model |
| Inference integrators | Browser inference pool, receipt schema, and Doppler |
The documentation index owns the complete architecture, blueprint, API, and operator inventory.
package.json declares MIT. This repository does not currently include a
standalone LICENSE file.
Last updated: July 2026