Identity & the private contour
CMDOP’s trust model is built on three layers you own: a per-agent Ed25519 keypair (cryptographic identity), a fleet (the boundary around a set of machines), and a relay that can be entirely yours. Together they form the private contour — the perimeter inside which your machines, your agents, and the jarvis AI talk to each other. The cloud relay is optional; the contour does not depend on it.
Per-agent Ed25519 identity
On first start, each agent generates an Ed25519 keypair and persists
only the 32-byte seed — encrypted, mode 0600, in the CMDOP config
directory (agent_keypair.bin). The full keypair is derived from the
seed in memory; the private key never leaves the machine. The agent
advertises ed25519 as a supported auth capability when it connects to
the relay, and signs to prove it is the same agent across restarts and
renames.
| Property | Value |
|---|---|
| Algorithm | Ed25519 |
| Persisted material | 32-byte seed only (encrypted, 0600) |
| Derived in memory | Full public/private keypair |
| Fingerprint | Short, stable identifier for the public key |
| Private key exposure | Never transmitted — signing happens locally |
This is what makes the identity yours: the secret is generated and stored on the machine, not handed down by a cloud account. Losing the cloud does not lose the identity.
The Ed25519 key identifies the agent cryptographically. The server-issued UUID, hostname, and friendly name (see Machine identity) are the human-facing addressing layer on top of it.
Fleets — the boundary
A fleet is the boundary around a set of machines and the credential
scope for reaching them. (The backend route is /api/fleets; the
--workspace CLI flag still carries the legacy name — same concept.)
An API key is scoped to one fleet; an OAuth token can span the fleets
you belong to. A machine belongs to a fleet, and cmdop connect
operates within whichever fleet is active. See
Fleets & workspaces.
The private contour
Stack the layers and you get the contour:
┌──────────── your private contour ────────────┐
│ │
│ agent (Ed25519) ──┐ │
│ agent (Ed25519) ──┼──► relay ◄──┐ │
│ agent (Ed25519) ──┘ (yours or │ │
│ cloud) │ │
│ desktop / CLI (client) ────────────┤ │
│ jarvis (server-side AI) ───────────┘ │
│ │
└───────── fleet boundary ─────────────────────┘Everything inside speaks one protocol over a bidirectional relay stream. The relay can run on your own infrastructure, so the entire contour — identities, fleet, transport — stays under your control.
Cloud is optional
cloud.cmdop.com is a convenience relay. A local relay is
self-sufficient: point agents and clients at your own server and the
mesh works end to end, including air-gapped networks (see the
self-hosted deployment guide). Nothing
about identity or fleets requires the hosted plane.
Why it matters
- Ownership. The signing key is generated and kept on your machine.
- Boundaries. Fleets keep machines and credentials separated by environment or team.
- Independence. The contour is self-sufficient without the cloud.
Related
TAGS: identity, ed25519, private-contour, fleet, trust-model DEPENDS_ON: [agents, machine-identity]
Cmdop