MYKO

MYKO

SOVEREIGN·LIFE·OS

A local-first, decentralized Life OS where Goose is the brain, the user owns every key, and AI executes — never controls.

View on GitHub Install locally
  • 173 tests passing
  • Python 3.12+ · React 19 · Tauri 2
  • Keys never leave your machine
About

What MYKO is — and isn't.

What it is

MYKO is a sovereign operating layer for your digital life: an encrypted vault, a decentralized identity, and a programmable value rail, all wired together into a single desktop app that an LLM (Goose) can drive on your behalf via MCP tools.

Every sensitive byte is encrypted with a key derived from your passphrase (optionally bound to a hardware YubiKey). The bridge binds only to 127.0.0.1. Nothing phones home.

What it isn't

It isn't a cloud service, a hosted wallet, or a chat wrapper. There is no MYKO server, no MYKO account, no MYKO in the middle. The AI has tools, not authority — it can request an action, but the spend caps, the passphrase, and the hardware key live with you.

It isn't opinionated about your model either. Any LLM that speaks MCP stdio can drive it.

The user owns every key. The AI executes, never controls. The vault is encrypted at rest and in transit. Keys never touch the network in plaintext. Spend is capped, audited, and reversible in intent. Sovereignty is the default.

— MYKO Sovereign Manifesto
Architecture

Four sovereign layers. Two local processes. Zero servers.

01

Brain + Memory

MCP server (stdio JSON-RPC 2.0) + encrypted manifest vault (PBKDF2-600k → AES-256-GCM) backed by a local Kubo/IPFS node. Cross-process safe via fcntl.flock.

  • vault_store · vault_retrieve
  • vault_list · ipfs_pin_directory
02

Identity

Nostr with full BIP-340 Schnorr, NIP-01 canonical serialization, NIP-13 PoW, NIP-44 v2 encryption, and NIP-17 gift-wrapped DMs. Keypair auto-generated, stored encrypted in the vault.

  • nostr_broadcast
  • nostr_encrypt_dm
03

Value

Bitcoin Lightning via LND (macaroon + TLS) or LNbits (API key). Per-task and rolling 24h spend caps enforced on every call. Preimages intentionally discarded — only payment_hash surfaces.

  • lightning_balance · lightning_create_invoice
  • lightning_pay
04

Interface

Tauri desktop shell with a React 19 + Three.js dashboard. FastAPI bridge on 127.0.0.1:9473, 64-hex Bearer token at ~/MYKO/.session_token (0600), CORS locked to tauri://localhost.

  • Animated StateOrb · VaultExplorer 3D graph
  • Live audit feed · Goose heartbeat
┌─────────────────────────────────────────────────┐
│                   User's Machine                │
│                                                 │
│  ┌──────────┐    stdio     ┌──────────────────┐ │
│  │  Goose   │◄────────────►│  MCP Server      │ │
│  │  (LLM)   │              │  backend.main    │ │
│  └──────────┘              └────────┬─────────┘ │
│                                     │ imports   │
│  ┌──────────┐    HTTP      ┌────────┴─────────┐ │
│  │  Tauri   │◄────────────►│  Bridge Server   │ │
│  │  (UI)    │  :9473       │  backend.bridge  │ │
│  └──────────┘              └────────┬─────────┘ │
│                                     │ imports   │
│                         ┌───────────┴──────────┐│
│                         │   Shared Backend     ││
│                         │ crypto · storage ·   ││
│                         │ vault · nostr ·      ││
│                         │ lightning            ││
│                         └───────────┬──────────┘│
│                                     │           │
│                  ┌──────────────────┼────────┐  │
│                  ▼                  ▼        ▼  │
│              ~/MYKO/           Kubo IPFS   LND/ │
│              manifest.enc      :5001       LNbits│
│              logs/                              │
└─────────────────────────────────────────────────┘
Capabilities

Nine tools. One sovereign surface.

vault_storeEncrypt & pin a file to the IPFS-backed vault.
vault_retrieveFetch & decrypt a file by CID.
vault_listEnumerate vault entries.
ipfs_pin_directoryHash & pin an entire local directory.
nostr_broadcastSign & broadcast an event (NIP-13 PoW optional).
nostr_encrypt_dmNIP-17 gift-wrapped, NIP-44 encrypted DMs.
lightning_balanceCurrent balance in sats.
lightning_create_invoiceCreate a BOLT11 invoice.
lightning_payPay BOLT11 — gated by per-task & daily caps.
Security

Defense in depth, by default.

PBKDF2-SHA256 · 600k iterations

Unique salt per encryption. AES-256-GCM authenticates every byte.

Optional hardware binding

YubiKey challenge-response mixed into the master key via HMAC-SHA256. No YubiKey → no decrypt.

Memory hygiene

secure_wipe in finally blocks zeroes sensitive buffers as soon as they're spent.

Constant-time compares

Session-token & HMAC validation use hmac.compare_digest to neutralize timing side-channels.

Localhost only

Bridge binds to 127.0.0.1. CORS locked to tauri://localhost. Tauri CSP rejects external URLs.

No secrets in logs

Audit log stores SHA-256 hashes of tool inputs/outputs — never preimages, macaroons, or plaintext.

Install

Run it locally in four steps.

  1. 1  Clone & create a venv

    git clone https://github.com/SativusCrocus/MYKO.git
cd MYKO
python3 -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt

  2. 2  Configure secrets

    cp .env.example .env
# fill in MYKO_PASSPHRASE, LIGHTNING_*, etc.
chmod 600 .env

  3. 3  Verify

    pytest tests/ -v            # 173 passing

  4. 4  Run

    python -m backend.bridge &
cd frontend && npm install && npm run tauri dev