MCPcopy Index your code
hub / github.com/ConsortiumAI/Consortium

github.com/ConsortiumAI/Consortium @main

Chat with this repo
repository ↗ · DeepWiki ↗ · + Follow
309 symbols 735 edges 66 files 6 documented · 2%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Consortium

Consortium

Secure, remote AI coding sessions — encrypted end-to-end.

Consortium lets you run AI-powered coding sessions on remote machines and interact with them

from anywhere — your browser, your phone, or your tablet — without ever exposing your data to anyone in between.

Start Using Consortium →

Website  ·  What It Does  ·  How It Works  ·  CLI Reference  ·  API Reference  ·  Self-Hosting  ·  License


The Fastest Way to Get Started

The easiest way to use Consortium is with the official hosted platform at consortium.dev:

  1. Sign up at consortium.dev — we provide a free E2EE relay so you can get started instantly.
  2. Install the Consortium CLI on any machine you want to connect: bash npm install -g consortium
  3. Run the CLI and pair it with your account: bash consortium
  4. Open consortium.dev in your browser to view and control your sessions.

That's it. No servers to deploy, no databases to manage, no infrastructure to maintain. Consortium handles the relay — your data stays encrypted end-to-end.


What It Does

Consortium lets you run AI-powered coding sessions on remote machines and interact with them from anywhere — your browser, your phone, or your tablet — without ever exposing your data to anyone in between.

The problem: Claude Code is a powerful AI coding assistant, but it runs in a local terminal. If you want to start a session on a cloud server, a build machine, or a colleague's workstation, there's no built-in way to watch or control it remotely.

The solution: Consortium connects your machines to a secure relay. You view and manage every session through a clean interface. All communication is end-to-end encrypted — the relay only passes along data it cannot read.

Key capabilities

  • Remote access — Start a Claude Code session on any machine and interact with it from your browser, phone, or tablet.
  • End-to-end encryption — Messages, session metadata, and agent state are encrypted on-device with AES-256-GCM before transmission. The server stores only opaque encrypted blobs it cannot decrypt.
  • Real-time streaming — See Claude's responses, tool usage, and thinking process as they happen via WebSocket connections.
  • Zero-password authentication — Identity is based on public-key cryptography (Ed25519). No passwords, no OAuth providers, no email addresses. You hold your key; that's your identity.
  • Session management — View all active and past sessions, send follow-up prompts, abort running tasks, and manage machines from a single dashboard.
  • Self-hostable — This repo contains everything you need to run the entire stack on your own infrastructure.

Start Using Consortium →


How It Works

Consortium is made up of three components that work together:

  Your Machine                     Consortium                     Your Browser
┌──────────────┐             ┌──────────────────┐             ┌──────────────┐
│              │   Encrypted │                  │  Encrypted  │              │
│  Relay CLI   │◄───────────►│   Relay Server   │◄───────────►│  Consortium  │
│              │  WebSocket  │                  │  WebSocket  │   Web App    │
│  Claude Code │   + REST    │  Stores only     │   + REST    │  Decrypts    │
│  runs here   │             │  encrypted blobs │             │  locally     │
└──────────────┘             └──────────────────┘             └──────────────┘
Component What it does
Relay CLI Wraps Claude Code on your development machine. Encrypts everything locally and streams it to the relay server.
Relay Server A lightweight message broker. Receives encrypted data, stores it, and forwards it to connected clients. It never decrypts anything.
Web App A browser-based dashboard. Connects to the server, downloads encrypted session data, and decrypts it locally in your browser.

The encryption model

  1. When you first run the CLI, a cryptographic key pair is generated on your machine.
  2. A unique data encryption key is created for each session.
  3. All messages are encrypted with AES-256-GCM before leaving the device.
  4. Session metadata is encrypted with NaCl secretbox.
  5. The relay server only ever handles ciphertext — it cannot read your prompts, code, or Claude's responses.
  6. The web client decrypts everything locally in your browser using the same key material.

In short: Even if the relay server were compromised, an attacker would only find encrypted data they cannot read. This is true whether you use the hosted version or self-host.


Security

Layer Mechanism Purpose
Authentication Ed25519 challenge-response Proves identity without passwords
Session messages AES-256-GCM with per-session data keys Encrypts all prompts and responses
Session metadata NaCl secretbox Encrypts session names, paths, summaries
Transport WebSocket + HTTPS Encrypted in transit
Server access Zero-knowledge design Server stores only ciphertext it cannot decrypt

The server is intentionally designed as a zero-knowledge relay. It authenticates clients, stores encrypted blobs, and routes events — but it never possesses the keys needed to read the data passing through it.

This zero-knowledge architecture means your data is private whether you use Consortium's hosted infrastructure or deploy your own instance. We can't read your data either.


CLI Reference

The consortium CLI wraps Claude Code with end-to-end encryption and streams your sessions through the relay server.

consortium                     # Start a new encrypted session
consortium auth login          # Authenticate and pair this machine
consortium auth status         # Check authentication status
consortium daemon start        # Start the background service
consortium doctor              # Run system diagnostics
consortium notify -p "Done!"   # Send a push notification to your devices

The CLI supports multiple commands for authentication, session management, daemon control, multi-model AI sessions, diagnostics, and more. All Claude Code flags are also passed through automatically.

View All Commands →

First-run setup

When you run consortium for the first time:

  1. A cryptographic identity (Ed25519 key pair) is generated and stored locally on your machine.
  2. A QR code is displayed in the terminal for pairing with your Consortium account.
  3. Once paired, the CLI authenticates automatically on subsequent runs.

No passwords or email addresses are needed — your identity is your key.


API Reference

The relay server exposes a REST API and a WebSocket interface. All data payloads are encrypted by the client before transmission — the server only stores and forwards ciphertext.

Authentication

Consortium uses Ed25519 public-key challenge-response authentication. There are no passwords, no OAuth flows, and no email addresses.

Direct authentication (for clients that already have a key pair):

POST /v1/auth
Field Type Description
publicKey string Base64-encoded Ed25519 public key
challenge string Base64-encoded challenge bytes
signature string Base64-encoded signature of the challenge

Returns a JWT token on success.

Device pairing (for new CLI installations):

POST /v1/auth/request          # CLI creates a pairing request
GET  /v1/auth/request/status   # CLI polls for approval
POST /v1/auth/response         # Web dashboard approves the request

This flow lets you pair a new machine by scanning a QR code in the web dashboard. The CLI displays the code, the dashboard scans it, and the server issues a token once approved.

Sessions

All session endpoints require a valid authentication token.

Method Endpoint Description
GET /v1/sessions List all sessions (most recent first, up to 150)
POST /v1/sessions Create a new session
GET /v1/sessions/:id/messages Get messages for a session (most recent first, up to 150)
DELETE /v1/sessions/:id Delete a session and all its messages

Create a session:

POST /v1/sessions
Field Type Description
tag string Unique identifier for the session (prevents duplicates)
metadata string Encrypted session metadata (name, path, summary)
dataEncryptionKey string? Encrypted per-session data key (base64)

Machines

Method Endpoint Description
POST /v1/machines Register a machine
GET /v1/machines List all registered machines
GET /v1/machines/:id Get a specific machine by ID

WebSocket protocol

The relay server uses Socket.io for real-time communication. Connect to the WebSocket endpoint at /v1/updates.

Connection authentication:

const socket = io(serverUrl, {
  path: '/v1/updates',
  auth: {
    token: '<jwt-token>',
    clientType: 'user-scoped',    // or 'session-scoped', 'machine-scoped'
    sessionId: '<session-id>',    // required for session-scoped
    machineId: '<machine-id>'     // required for machine-scoped
  }
});

Client types:

Type Description
user-scoped Receives updates for all sessions and machines (used by the web dashboard)
session-scoped Receives updates for a specific session only (used by the CLI)
machine-scoped Receives updates for a specific machine only

Client → Server events:

Event Description
message Send an encrypted message to a session
update-metadata Update encrypted session metadata (with optimistic locking)
update-state Update encrypted agent state (with optimistic locking)
session-alive Heartbeat indicating a session is still active
session-end Signal that a session has ended
rpc-register Register an RPC method handler (CLI registers bash, readFile, etc.)
rpc-call Call a registered RPC method on another connected client

Server → Client events:

Event Description
update Persistent data update (new session, new message, metadata change)
ephemeral Transient status update (session activity, machine online/offline)
rpc-request Incoming RPC call to handle
rpc-registered Confirmation that an RPC method was registered

RPC (Remote Procedure Call)

The RPC system lets the web dashboard invoke commands on the CLI through the relay server. The server routes requests between connected clients of the same user — it never interprets the request contents.

Web Dashboard                  Relay Server                  CLI
     │                              │                          │
     ├─ rpc-call(method, params) ──►│                          │
     │                              ├─ rpc-request(method) ───►│
     │                              │◄── response ─────────────┤
     │◄── callback(result) ────────┤                          │

RPC calls have a 30-second timeout. If the target client disconnects, all its registered methods are automatically cleaned up.


Self-Hosting

This repository contains the complete source code for Consortium Relay. If you prefer to run everything on your own infrastructure, you can.

Note: For most users, the hosted version at consortium.dev is the fastest way to get started — no servers, no databases, no maintenance. Self-hosting is available for teams that require full infrastructure control.

Prerequisites

1. Clone and install

git clone https://github.com/ConsortiumAI/consortium-relay.git
cd consortium-relay
yarn install

2. Set up the database

cp .env.example packages/consortium-server/.env

Edit packages/consortium-server/.env with your database connection string and a random server secret:

DATABASE_URL=postgresql://user:password@localhost:5432/consortium
CONSORTIUM_MASTER_SECRET=your-random-secret-at-least-32-characters
PORT=3005

Then run the database migration:

cd packages/consortium-server
npx prisma migrate dev --name init
cd ../..

3. Start the relay server

cd packages/consortium-server
yarn start

The server will start on http://localhost:3005.

4. Start the CLI on your development machine

cd packages/consortium-cli
CONSORTIUM_SERVER_URL=http://localhost:3005 yarn start

On firs

Extension points exported contracts — how you extend this code

ImportMetaEnv (Interface)
(no doc)
packages/consortium-web/src/vite-env.d.ts
Settings (Interface)
(no doc)
packages/consortium-cli/src/persistence.ts
Context (Interface)
(no doc)
packages/consortium-server/sources/context.ts
ImportMeta (Interface)
(no doc)
packages/consortium-web/src/vite-env.d.ts
QueueItem (Interface)
(no doc)
packages/consortium-cli/src/utils/MessageQueue2.ts
TokenCacheEntry (Interface)
(no doc)
packages/consortium-server/sources/app/auth/auth.ts
AuthContext (Interface)
(no doc)
packages/consortium-web/src/App.tsx
ServerToClientEvents (Interface)
(no doc)
packages/consortium-cli/src/api/types.ts

Core symbols most depended-on inside this repo

debug
called by 47
packages/consortium-cli/src/ui/logger.ts
push
called by 31
packages/consortium-cli/src/utils/MessageQueue2.ts
emit
called by 22
packages/consortium-server/sources/app/events/eventRouter.ts
log
called by 21
packages/consortium-server/sources/utils/log.ts
encodeBase64
called by 18
packages/consortium-cli/src/api/encryption.ts
error
called by 16
packages/consortium-cli/src/claude/sdk/stream.ts
decodeBase64
called by 11
packages/consortium-cli/src/api/encryption.ts
decrypt
called by 10
packages/consortium-cli/src/api/encryption.ts

Shape

Function 135
Method 100
Interface 44
Class 30

Languages

TypeScript100%

Modules by API surface

packages/consortium-server/sources/app/events/eventRouter.ts21 symbols
packages/consortium-cli/src/claude/sdk/types.ts18 symbols
packages/consortium-cli/src/claude/sdk/query.ts18 symbols
packages/consortium-cli/src/utils/MessageQueue2.ts17 symbols
packages/consortium-web/src/lib/encryption.ts16 symbols
packages/consortium-cli/src/ui/logger.ts16 symbols
packages/consortium-cli/src/utils/PushableAsyncIterable.ts14 symbols
packages/consortium-cli/src/api/encryption.ts13 symbols
packages/consortium-cli/src/api/apiSession.ts12 symbols
packages/consortium-cli/src/api/rpc/RpcHandlerManager.ts11 symbols
packages/consortium-web/src/lib/api.ts10 symbols
packages/consortium-cli/src/claude/sdk/stream.ts9 symbols

Datastores touched

consortiumDatabase · 1 repos

For agents

$ claude mcp add Consortium \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact