ZERO MCP

4STDIOregistry active

Summary

This server gives you read-only inspection into ZERO's paper-mode autonomous trading runtime. It's built for self-custodial capital operations on Hyperliquid, where the default is paper execution and live trading requires explicit operator gates. You get access to runtime control packets, preflight check status, safety gate state, journal entries, and reconciliation reports without touching live capital. Useful when you want Claude to analyze risk posture, review execution logs, or audit safety boundaries before promoting a strategy from paper to live. The MCP interface exposes the same cockpit data the CLI surfaces, so you're inspecting the actual runtime state, not a dashboard approximation.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

ZERO

Open ZERO Runtime, Protocol, and Proof for self-custodial capital operations.

ZERO is the operating intelligence layer between humans and capital. This repository is the open substrate beneath that product: runnable Runtime, Protocol, and Proof software for engineers and self-custodial operators. The hosted product surfaces live at getzero.dev, app.getzero.dev, and the public developer entrypoint at getzero.dev/developers.

This repo stays focused on executable trust: paper-first execution, safety gates, local journals, Hyperliquid read-only/live boundaries, MCP-compatible readouts, public proof packets, and verification contracts. It does not host the customer app, founder admin, doctrine portal, or internal design system.

Not entry automation, a custody service, or an opaque agent. ZERO is operating intelligence; this repo is the open Runtime, Protocol, and Proof layer that keeps capital operations inspectable, interruptible, and self-custodial.

ZERO paper runtime terminal proof

The first proof is intentionally simple: the runtime boots in paper mode, live risk refuses closed, public proof packets verify, and no custody is required. The live proof bridge is separate: a redacted zero.live_trading_evidence.v1 packet proves operator-owned Hyperliquid live execution evidence exists without publishing raw venue records, wallet addresses, or private journals. Run the same checks locally with:

just paper-api-smoke
just public-proof

One-Click Paper Rollout

ZERO's public Railway template is live: Dockerfile build, railway.toml, /health, durable /data journal volume, Railway doctor, redacted deployment evidence packs, and paper-mode live-risk refusal.

Live public paper demo: https://zero-production-5214.up.railway.app

Railway template: https://railway.com/deploy/zero-paper-runtime

Use docs/railway-template.md as the marketplace configuration source of truth. The current Railway Template Publish Packet is tracked in contracts/distribution/railway-template.json. The Railway partner submission packet is tracked in docs/railway-partner.md.

scripts/railway_doctor.py https://zero-production-5214.up.railway.app

ZERO has three non-negotiable product rules:

The Runtime is open source and useful without a hosted ZERO app account.
Operators keep custody; live-capital paths are local, explicit, and gated.
Public reputation is built from redacted proof, not screenshots or claims.

Run ZERO In Two Minutes

ZERO's first-run path is local, paper-first, and does not need exchange credentials:

git clone https://github.com/zero-intel/zero.git
cd zero
just bootstrap
just paper-api

In another terminal:

cd zero/cli
cargo run -q -p zero-os -- --api http://127.0.0.1:8765

Inside the terminal, press Ctrl+5 or run /cockpit-mode for the read-only Runtime control packet. The /cockpit-mode command remains supported, but the preferred product term is Runtime control packet. In paper/default mode it should refuse live risk and show the reason:

runtime control
live_mode=refused  ready=false  risk_allowed=false  controls_ready=false
next: fix preflight check live_executor: live executor not configured

operator: handle=local-operator  role=owner  scope=local-private
preflight: passed=2/10 failed=8
immune: open=2 risk_blocking=2
reconciliation: not_configured risk_allowed=false
receipts: total=0 accepted=0 refused=0 exchange_error=0

actions: reduce=/pause-entries /kill /flatten-all  resume=/resume-entries

That refusal is the product boundary working: the public runtime can be inspected, rehearsed, and extended without pretending to be a hosted custody service or an unattended live-capital promise.

Launch Status

This repository is the open ZERO Runtime, ZERO Protocol, and ZERO Proof engineering home. It is launch-ready for paper runtime work, operator CLI development, safety-gate design, public proof contracts, self-evolution workflows, MCP contracts, and verification tooling.

For live capital, the public stance is exact: ZERO is a self-custodial local runtime, not a hosted custody service. Operators bring their own wallet, exchange account, limits, journals, kill switch, and disclosure policy. The runtime can only increase risk after local custody, reconciliation, immune, journal, dead-man, and operator-friction checks pass.

Live Operation Boundary

Question	Public answer
Can a new engineer run ZERO today?	Yes: clone, bootstrap, run the paper API, inspect it through the CLI, and verify proof packs.
Can ZERO trade live?	Operator-owned deployments have live Hyperliquid execution evidence represented by `zero.live_trading_evidence.v1`.
Does the public repo publish raw live records?	No. It publishes redacted evidence, hash-only proof, canary workflows, and verifiers.
Does ZERO custody funds?	No. Live mode is local, self-custodial, explicit, and gated.
Is unattended live trading the default?	No. Paper is default; live risk requires canary review and local operator responsibility.

Why ZERO Exists

Onchain markets are open 24/7. Leverage punishes attention failure. The old stack asks operators to stitch together dashboards, alerts, exchange tabs, copy-trading feeds, scripts, and private spreadsheets, then somehow stay disciplined under stress.

ZERO turns that workflow into an explicit operating-intelligence loop:

A runtime that evaluates, rejects, executes, and records decisions.
A CLI and local control packet that keep the operator in control.
A safety model that makes risk-reducing actions fast and risk-increasing actions deliberate.
A public Proof surface for profiles, replay, and verification.
Protocol contracts that apps and agents can inspect without reading private product doctrine.

The default mode is paper. Live operation is self-custodial, explicit, and guarded by preflight checks.

Open Repository Surfaces

Surface	Role	Public status
ZERO Runtime	Python runtime for paper execution, production-parity OODA reports, live-readiness contracts, journals, safety gates, strategy adapters, venue adapter interfaces, CLI/TUI tooling, local evolution gates, and canary evidence.	Open source
ZERO Protocol	MCP-compatible schemas, tool permissions, mandates, evidence bundles, replay frames, audit entries, and local verification fixtures.	Open source
ZERO Proof	Redacted proof packets, replay/export fixtures, journal roots, verification commands, and public contract schemas.	Open source
Developers	Repo-local quickstarts, CLI/API docs, examples, release gates, contribution paths, and public education that starts at getzero.dev/developers.	Open source

The ZERO CLI is Runtime tooling, and ZERO Evolution is a local Runtime subsystem covering memory, genesis proposals, research reports, decision-stack review, guardian review, red-team, paper canaries, calibration, promotion plans, local apply receipts, rollback receipts, and evolve loops. They are not separate hosted public surfaces.

Hosted ZERO Studio, ZERO Control, and ZERO Registry are product surfaces outside this repository. This repo supplies their runnable Runtime, Protocol, and Proof contracts; it should not turn hosted UI, founder-admin, or doctrine machinery into public repo scope.

Capability Boundary

Capability	Public repo state
Paper Runtime	Runnable now with deterministic fixtures, local API, CLI, Docker, and Railway paths.
Live market data	Runnable now through read-only Hyperliquid public info calls when enabled.
Live readiness	Runnable now as local preflight, cockpit, certification, reconciliation, immune, receipt, evidence, and canary-policy contracts.
Live execution	Private operator deployments have live Hyperliquid execution evidence represented by the redacted public packet. New live capital remains operator-owned, self-custodial, and gated by local custody, preflight, journal, kill-switch, reconciliation, and canary policy.
Self-evolution	Local memory, genesis proposal core, research command chain, decision-stack lenses/layers/modifiers, production-parity OODA reporting, and paper-first evolve gates exist now with redacted extraction, append-only journals, guardian classification, hunt/edge/convergence/thesis/score/meta/sharpen reports, public evaluation surfaces, live-shadow fail-closed parity, red-team review, sandbox candidate mutation, paper canary, calibration, promotion plan, rollback plan, promotion verification, explicit local apply, rollback receipts, API readouts, and expanded read-only MCP snapshots for runtime status, parity, health, journal, rejection audit, memory stats, immune state, backtest summary, evidence bundle, and safety catalog. Protected live-code evolution remains human-reviewed.
Public Proof	Runnable now through deterministic demo proof packs, redacted contracts, `zero.live_trading_evidence.v1`, canary bundles, exchange-evidence normalization, recursive checksums, and operator report verification.
Developers	Public docs start at getzero.dev/developers; Proof starts at getzero.dev/proof.

flowchart LR
  A["Market data and strategy inputs"] --> B["ZERO Runtime"]
  B --> C["Safety gates and risk policy"]
  C --> D["Paper or self-custodial live execution"]
  B --> E["ZERO CLI"]
  B --> F["Audit journal"]
  F --> G["ZERO Proof"]
  G --> H["Public verification"]

What You Can Run Today

Run the local paper engine against bundled example candles.
Run a bounded paper OODA runtime cycle with durable cycle records.
Run a production-parity OODA report that mirrors paper intents through a disabled live executor, proves fail-closed behavior, and emits zero.runtime.production_parity.v1.
Extract local public-safe memory from paper decisions and generate knowledge.md.
Classify fixture-backed genesis proposals as accepted, rejected, or escalated without applying code changes.
Run the paper-first evolve harness for accepted genesis proposals; the default run path materializes a sandbox candidate tree, promotion plan, rollback plan, and promotion verification without mutating the checkout or pushing a branch.
Explicitly apply and roll back allowed docs/example evolve candidates in a local checkout with exact approval phrases, original/candidate hash checks, apply receipts, and rollback receipts.
Run the paper-only research command chain for hunt, edge, convergence, thesis, score, meta, and sharpen reports from public fixtures.
Inspect the public decision stack for lenses, layers, modifiers, and paper/live separation.
Add a declarative paper strategy runner with conformance output.
Start a local paper API and inspect operator state.
Use the Rust CLI for health checks, status, replay, and supervised actions.
Query Hyperliquid read-only market data without exposing funds.
Exercise live-readiness, immune, reconciliation, and certification contracts without placing capital at risk.
Keep the full-screen Runtime control packet open with Ctrl+5 or /cockpit-mode while the read-only /live/cockpit packet is polled from the Runtime.
Inspect public-safe local live execution receipts from the operator CLI, including accepted/refused/exchange-error counts and hash-only receipt proof.
Capture signed, public-safe live evidence packets for supervised canary rehearsal without leaking credentials or raw private journals.
Inspect the live canary policy lifecycle for readiness, arm/disarm, launch window, evidence, shadow review, qualification, follow-through, and next action through /live/canary-policy or the operator CLI.
Run the maintained live canary rehearsal collector in fail-closed public paper mode, or in explicit operator-owned canary mode when local live gates are ready.
Verify canary evidence bundles locally before sharing them as launch or incident evidence.
Verify the committed redacted live trading evidence packet that summarizes private operator Hyperliquid fills, trades, and live decisions without raw custody material.
Attach public-safe exchange-side order/fill evidence to canary bundles and verify it against ZERO live receipts without exposing raw venue payloads.
Run and verify a one-command live canary operator workflow that collects, attaches, verifies, checksums, and reports public-safe evidence.
Capture a read-only Runtime control drill bundle for preflight, immune, reconciliation, certification, receipt, evidence, metrics, and audit packets.
Package release assets with checksums.
Deploy the paper runtime on Railway or Docker.
Connect an operator-owned Runtime to the ZERO control plane through the optional Vibe Deploy proof chain.
Generate public-safe Proof profile, replay, and contract artifacts.

The self-evolving loop that makes ZERO adaptive operating intelligence is now implemented as a public-safe local Runtime subsystem: local memory, genesis proposal classification, paper-only research, public decision-stack review, production-parity OODA reports, sandbox candidate mutation, promotion/rollback evidence, explicit local apply, rollback receipts, and paper-first evolve gates exist. Protected live-code evolution remains human-reviewed. See Memory Core, Genesis, Research Command Chain, Decision Stack, Evolve Harness, and Private Engine Capability Gap Audit.

Operator Proof Path

ZERO should earn trust through behavior that another engineer can verify:

Run paper mode locally or on Railway.
If using Vibe Deploy, claim the Runtime and verify the first heartbeat before treating it as an owned deployment.
Run just public-proof to verify the demo proof pack, Proof chain, redacted live trading evidence, read-only MCP server, and committed MCP transcript together.
Verify docs/proof/network/network-proof-pack.json against its profile, leaderboard, deployment identity, and ingestion artifacts.
Generate a signed journal root from local JSONL streams with zero-journal-root, attach anchor metadata with zero-journal-anchor, and export a redacted proof pack with zero-journal-proof.
Inspect runtime, risk, Runtime control, immune, account, and reconciliation packets through the CLI/API.
Rehearse a live canary in fail-closed mode.
Attach public-safe exchange-side evidence when an operator-owned live canary is ready.
Verify the bundle, recursive checksums, privacy flags, live canary policy, and report with local scripts before publishing anything.

That flow is implemented for refusal-mode rehearsal and redacted live-evidence verification today. Raw accepted live canary records require an operator-owned Hyperliquid wallet and explicit local disclosure; they are not part of public CI.

See It Run

This is a shortened excerpt from scripts/demo_capture.sh, the maintained local paper-mode demo. It demonstrates the terminal flow without launching the interactive TUI:

$ zero --api http://127.0.0.1:8765 doctor
[   ok] engine_reachable       zero-paper-engine v0.1.2
[ warn] auth                   no token set — read-only endpoints only
[ warn] live_preflight         not ready: live_executor, wallet, key, journal

$ zero --api http://127.0.0.1:8765 run status
engine: regime=PAPER MARKET. Local deterministic demo.
equity=$10000.00  open=0  recovery=ephemeral

$ zero --api http://127.0.0.1:8765 run risk
risk: OK  equity=$10000.00  peak=$10000.00  dd=0.00%  open=0

$ curl -fsS -H 'content-type: application/json' -d '{...}' /execute
{"accepted": true, "coin": "BTC", "side": "buy", "simulated": true}

$ curl -fsS http://127.0.0.1:8765/network/profile
{"schema_version": "zero.network.profile.v1", "mode": "paper", "verification": {"status": "verified"}}

$ curl -fsS http://127.0.0.1:8765/deployment/heartbeat
{"schema_version": "zero.deployment.heartbeat.v1", "liveness": {"status": "paper_only"}}

$ curl -fsS http://127.0.0.1:8765/intelligence/snapshot
{"schema_version": "zero.intelligence.snapshot.v1", "access": {"class": "public_delayed", "delay_s": 900}}

$ curl -fsS http://127.0.0.1:8765/live/preflight
{"schema_version": "zero.live_preflight.v1", "live_mode": "refused", "ready": false}

$ zero --api http://127.0.0.1:8765 run live-cockpit
live-cockpit: live_mode=refused  ready=false  risk_allowed=false

$ zero --api http://127.0.0.1:8765 run live-receipts
live-receipts: status=empty  total=0  accepted=0  refused=0  exchange_error=0

$ zero --api http://127.0.0.1:8765 run live-canary
live-canary: ready=false  armed=false  qualified=false  publishable=false  accepted_live=false

$ zero --api http://127.0.0.1:8765 run runtime-parity
runtime-parity: ok=true  production_ooda=true  paper_only=true  live_trading_claimed=false

$ curl -fsS http://127.0.0.1:8765/operator/context
{"schema_version": "zero.operator_context.v1", "handle": "local-operator", "scope": "local-private"}

$ curl -fsS http://127.0.0.1:8765/memory
{"schema_version": "zero.memory.snapshot.v1", "stats": {"active_entries": 0}}

$ curl -fsS http://127.0.0.1:8765/genesis
{"schema_version": "zero.genesis.snapshot.v1", "mode": "plan-only"}

$ curl -fsS http://127.0.0.1:8765/evolve
{"schema_version": "zero.evolve.snapshot.v1", "mode": "paper-only"}

$ curl -fsS http://127.0.0.1:8765/research
{"schema_version": "zero.research.snapshot.v1", "mode": "paper-only"}

$ curl -fsS http://127.0.0.1:8765/hl/reconcile
{"schema_version": "zero.reconciliation.v1", "status": "not_configured", "risk_increasing_allowed": false}

$ curl -fsS http://127.0.0.1:8765/live/certification
{"schema_version": "zero.live_certification.v1", "mode": "dry_run", "passed": true}

$ curl -fsS http://127.0.0.1:8765/live/evidence
{"schema_version": "zero.live_evidence.v1", "live_mode": "refused", "evidence_hash": "sha256:..."}

$ curl -fsS http://127.0.0.1:8765/live/canary-policy
{"schema_version": "zero.live_canary_policy.v1", "summary": {"ready_for_canary": false, "next_step": "fix_live_preflight_before_canary"}}

$ scripts/live_canary_rehearsal.py http://127.0.0.1:8765 --mode refusal
zero live canary rehearsal: wrote artifacts/live-canary-rehearsal/... mode=refusal risk_ready=False attempted=True accepted=False

$ scripts/live_canary_exchange_evidence.py artifacts/live-canary-rehearsal/... hyperliquid-export.json
zero live canary exchange evidence: wrote artifacts/live-canary-rehearsal/.../exchange_evidence.json matched=0 accepted=0

$ scripts/live_canary_verify.py artifacts/live-canary-rehearsal/... --require-mode refusal --require-exchange-evidence
zero live canary verify: ok=True checks=... fail=0

$ scripts/live_canary_policy.py artifacts/live-canary-rehearsal/...
zero live canary policy: qualified=True publishable=False refusal_qualified=True next=keep_public_claim_at_refusal_proof

$ scripts/live_canary_operator.py http://127.0.0.1:8765 --mode refusal
zero live canary operator: ok=True bundle=artifacts/live-canary-operator/.../bundle exchange=True report=artifacts/live-canary-operator/.../operator_report.json

$ scripts/live_canary_operator_verify.py artifacts/live-canary-operator/...
zero live canary operator verify: ok=True checks=... fail=0

$ scripts/live_cockpit_drill.py http://127.0.0.1:8765
zero Runtime control drill: ok=True ready=False risk_allowed=False fail=0 output=artifacts/live-cockpit-drill/...

$ scripts/live_cockpit_drill_verify.py artifacts/live-cockpit-drill/...
zero Runtime control drill verify: ok=True checks=... fail=0

$ scripts/live_cockpit_drill_tamper_rehearsal.py artifacts/live-cockpit-drill/...
zero Runtime control drill tamper rehearsal: ok=True checks=3 fail=0

$ curl -fsS http://127.0.0.1:8765/immune
{"schema_version": "zero.immune.v1", "risk_increasing_allowed": false}

Install CLI

Install the latest release binary with checksum and attestation verification:

curl -fsSL https://raw.githubusercontent.com/zero-intel/zero/main/scripts/install.sh | bash
zero --version

The installer downloads the GitHub Release asset for your OS, verifies SHA256SUMS, verifies the GitHub artifact attestation, and installs zero to ~/.local/bin by default.

Or install the public Homebrew formula:

brew tap zero-intel/zero https://github.com/zero-intel/zero
brew install zero
zero --version

The formula installs the zero CLI from the checksummed GitHub Release asset. It does not use private package registries. Homebrew reinstall and rollback commands live in docs/release.md.

zero-engine is also published on PyPI for agent/MCP installs:

uvx zero-engine --smoke
uvx --from zero-engine zero-mcp --smoke

The Rust operator terminal is published as zero-os on crates.io. The package name is zero-os because zero is already taken on crates.io; the installed binary is still zero:

cargo install zero-os
zero --version

Container users can run the paper runtime directly from source:

docker build -t getzero/zero .
docker run --rm -p 8765:8765 -e PORT=8765 getzero/zero

Docker Hub is the primary public container path:

docker pull getzero/zero:0.1.2
docker run --rm -p 8765:8765 -e PORT=8765 getzero/zero:0.1.2

The runtime remains paper-first by default; live operation stays behind explicit preflight gates. See docs/registry-launch.md for publication state, digests, and anonymous-pull evidence.

No-Install Contributor Path

Use GitHub Codespaces or any devcontainer-compatible editor to open this repo without installing Python, Rust, or just locally:

The container installs the editable engine package, Rust CLI dependencies, and the local docs gate. See .devcontainer/README.md.

Source Quickstart

Requirements: Python 3.11+, Rust stable, Cargo, and just.

git clone https://github.com/zero-intel/zero.git
cd zero
just bootstrap
just demo
just paper-api-smoke

Run the paper API:

just paper-api

Run the CLI:

cd cli
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 doctor
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 run status
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 run risk

Run the full local gate:

just ci

Run one paper runtime cycle:

PYTHONPATH="$PWD/engine/src" zero-engine-run \
  --journal .zero/decisions.jsonl \
  --runtime-bus .zero/runtime-bus \
  --once \
  --interval 0

For the complete first-run path, see docs/first-10-minutes.md. For a reproducible terminal demo capture, run:

scripts/demo_capture.sh

Maintainers can also prove the publishable source tree works outside this checkout by copying it into a temporary directory, rerunning hardening, and smoking the paper API through the CLI:

just fresh-clone-rehearsal

Use an installed release binary for the same capture:

ZERO_BIN="$(command -v zero)" scripts/demo_capture.sh

Safety Model

ZERO is built around operational discipline, not activity.

Paper mode is the default.
Public examples must run without real funds.
Live execution requires explicit environment configuration and preflight checks.
Risk-reducing actions should remain low-friction.
Risk-increasing actions should require deliberate operator confirmation.
Journals and proof packets must be redacted before publication.
Hosted custody is not part of the product.

Read the full model in docs/safety-model.md, docs/threat-model.md, and docs/failure-modes-autonomous-loop.md. Incident response is covered by docs/incident-runbooks.md and the public postmortem policy.

Trust

CI, CodeQL, Secret Scan, and OpenSSF Scorecard run on public pushes.
Release assets ship with checksums, SBOM/provenance metadata, attestations, release evidence, and Homebrew formula drift checks.
just release-preflight verifies public proof, package dry runs, release rehearsals, registry readiness, and formula consistency before tagging.

Open Core Boundary

ZERO is open infrastructure plus free growth-mode intelligence. The future business model monetizes scale, retention, redistribution, support, and SLAs, not basic operator access while ZERO needs more verified operators.

Open	Commercial
ZERO Runtime, safety gates, paper mode, local API, CLI, Docker/Railway deployment, public profile contracts, leaderboards, delayed snapshots, growth-mode realtime Intelligence access, docs, tests, and release tooling.	Future higher limits, deeper history, cohorts, benchmarks, commercial connectors, bulk exports, redistribution rights, support, reliability commitments, and SLAs.

The open repository must stay useful without a ZERO-hosted app. The commercial product sells speed, scale, history, reliability, and intelligence access, not custody or basic runtime operation.

See docs/open-core-boundary.md and docs/zero-intelligence.md.

Repository Map

engine/        Python ZERO Runtime and paper API
cli/           Rust operator terminal
contracts/     Public API, Network, and Intelligence contract examples
examples/      Paper-trading examples and sample candles
docs/          Architecture, safety, deployment, release, and product docs
scripts/       Smoke tests, release packaging, Railway entrypoints, hardening gates
.github/       CI, CodeQL, secret scanning, Scorecard, issue and PR templates

Deployment

ZERO is local-first, Railway-first, and Docker-compatible. Operators own their deployment project, secrets, exchange credentials, and runtime state.

Contributor Paths

Start with the live Contributor Issue Board or the GitHub good first issue, agent-eligible, and help wanted queues.

Good first contribution areas:

Declarative strategy runners that stay paper-first.
Strategy examples that stay paper-first.
Strategy plugins that return signals but leave execution and risk checks to ZERO.
Market data adapters with deterministic tests.
Public Proof profiles, replay, and contract examples over redacted public contracts.
CLI diagnostics and replay views.
Safety gate tests.
Documentation and runbook improvements.
Public Protocol and Proof contract examples.

Before opening a pull request:

just ci

Read CONTRIBUTING.md, SECURITY.md, and GOVERNANCE.md.

Using a coding or design agent? Start with AGENTS.md and docs/agentic-contribution.md. Agent-authored changes should stay scoped, paper-first by default, and explicit about safety invariants.

For a 30-second agent smoke:

PYTHONPATH="$PWD/engine/src" python3 -m zero_engine.mcp --smoke
PYTHONPATH="$PWD/engine/src" scripts/mcp_transcript.py --check

Machine-readable entrypoints:

Documentation

License

Apache-2.0. See LICENSE.

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Registryactive

Packagezero-engine

TransportSTDIO

UpdatedMay 4, 2026

View on GitHub

ZERO

Open ZERO Runtime, Protocol, and Proof for self-custodial capital operations.

Not entry automation, a custody service, or an opaque agent. ZERO is operating intelligence; this repo is the open Runtime, Protocol, and Proof layer that keeps capital operations inspectable, interruptible, and self-custodial.

ZERO paper runtime terminal proof

just paper-api-smoke
just public-proof

One-Click Paper Rollout

Live public paper demo: https://zero-production-5214.up.railway.app

Railway template: https://railway.com/deploy/zero-paper-runtime

scripts/railway_doctor.py https://zero-production-5214.up.railway.app

ZERO has three non-negotiable product rules:

The Runtime is open source and useful without a hosted ZERO app account.
Operators keep custody; live-capital paths are local, explicit, and gated.
Public reputation is built from redacted proof, not screenshots or claims.

Run ZERO In Two Minutes

ZERO's first-run path is local, paper-first, and does not need exchange credentials:

git clone https://github.com/zero-intel/zero.git
cd zero
just bootstrap
just paper-api

In another terminal:

cd zero/cli
cargo run -q -p zero-os -- --api http://127.0.0.1:8765

runtime control
live_mode=refused  ready=false  risk_allowed=false  controls_ready=false
next: fix preflight check live_executor: live executor not configured

operator: handle=local-operator  role=owner  scope=local-private
preflight: passed=2/10 failed=8
immune: open=2 risk_blocking=2
reconciliation: not_configured risk_allowed=false
receipts: total=0 accepted=0 refused=0 exchange_error=0

actions: reduce=/pause-entries /kill /flatten-all  resume=/resume-entries

That refusal is the product boundary working: the public runtime can be inspected, rehearsed, and extended without pretending to be a hosted custody service or an unattended live-capital promise.

Launch Status

Live Operation Boundary

Question	Public answer
Can a new engineer run ZERO today?	Yes: clone, bootstrap, run the paper API, inspect it through the CLI, and verify proof packs.
Can ZERO trade live?	Operator-owned deployments have live Hyperliquid execution evidence represented by `zero.live_trading_evidence.v1`.
Does the public repo publish raw live records?	No. It publishes redacted evidence, hash-only proof, canary workflows, and verifiers.
Does ZERO custody funds?	No. Live mode is local, self-custodial, explicit, and gated.
Is unattended live trading the default?	No. Paper is default; live risk requires canary review and local operator responsibility.

Why ZERO Exists

ZERO turns that workflow into an explicit operating-intelligence loop:

A runtime that evaluates, rejects, executes, and records decisions.
A CLI and local control packet that keep the operator in control.
A safety model that makes risk-reducing actions fast and risk-increasing actions deliberate.
A public Proof surface for profiles, replay, and verification.
Protocol contracts that apps and agents can inspect without reading private product doctrine.

The default mode is paper. Live operation is self-custodial, explicit, and guarded by preflight checks.

Open Repository Surfaces

Surface	Role	Public status
ZERO Runtime	Python runtime for paper execution, production-parity OODA reports, live-readiness contracts, journals, safety gates, strategy adapters, venue adapter interfaces, CLI/TUI tooling, local evolution gates, and canary evidence.	Open source
ZERO Protocol	MCP-compatible schemas, tool permissions, mandates, evidence bundles, replay frames, audit entries, and local verification fixtures.	Open source
ZERO Proof	Redacted proof packets, replay/export fixtures, journal roots, verification commands, and public contract schemas.	Open source
Developers	Repo-local quickstarts, CLI/API docs, examples, release gates, contribution paths, and public education that starts at getzero.dev/developers.	Open source

Capability Boundary

Capability	Public repo state
Paper Runtime	Runnable now with deterministic fixtures, local API, CLI, Docker, and Railway paths.
Live market data	Runnable now through read-only Hyperliquid public info calls when enabled.
Live readiness	Runnable now as local preflight, cockpit, certification, reconciliation, immune, receipt, evidence, and canary-policy contracts.
Live execution	Private operator deployments have live Hyperliquid execution evidence represented by the redacted public packet. New live capital remains operator-owned, self-custodial, and gated by local custody, preflight, journal, kill-switch, reconciliation, and canary policy.
Self-evolution	Local memory, genesis proposal core, research command chain, decision-stack lenses/layers/modifiers, production-parity OODA reporting, and paper-first evolve gates exist now with redacted extraction, append-only journals, guardian classification, hunt/edge/convergence/thesis/score/meta/sharpen reports, public evaluation surfaces, live-shadow fail-closed parity, red-team review, sandbox candidate mutation, paper canary, calibration, promotion plan, rollback plan, promotion verification, explicit local apply, rollback receipts, API readouts, and expanded read-only MCP snapshots for runtime status, parity, health, journal, rejection audit, memory stats, immune state, backtest summary, evidence bundle, and safety catalog. Protected live-code evolution remains human-reviewed.
Public Proof	Runnable now through deterministic demo proof packs, redacted contracts, `zero.live_trading_evidence.v1`, canary bundles, exchange-evidence normalization, recursive checksums, and operator report verification.
Developers	Public docs start at getzero.dev/developers; Proof starts at getzero.dev/proof.

flowchart LR
  A["Market data and strategy inputs"] --> B["ZERO Runtime"]
  B --> C["Safety gates and risk policy"]
  C --> D["Paper or self-custodial live execution"]
  B --> E["ZERO CLI"]
  B --> F["Audit journal"]
  F --> G["ZERO Proof"]
  G --> H["Public verification"]

What You Can Run Today

Run the local paper engine against bundled example candles.
Run a bounded paper OODA runtime cycle with durable cycle records.
Run a production-parity OODA report that mirrors paper intents through a disabled live executor, proves fail-closed behavior, and emits zero.runtime.production_parity.v1.
Extract local public-safe memory from paper decisions and generate knowledge.md.
Classify fixture-backed genesis proposals as accepted, rejected, or escalated without applying code changes.
Run the paper-first evolve harness for accepted genesis proposals; the default run path materializes a sandbox candidate tree, promotion plan, rollback plan, and promotion verification without mutating the checkout or pushing a branch.
Explicitly apply and roll back allowed docs/example evolve candidates in a local checkout with exact approval phrases, original/candidate hash checks, apply receipts, and rollback receipts.
Run the paper-only research command chain for hunt, edge, convergence, thesis, score, meta, and sharpen reports from public fixtures.
Inspect the public decision stack for lenses, layers, modifiers, and paper/live separation.
Add a declarative paper strategy runner with conformance output.
Start a local paper API and inspect operator state.
Use the Rust CLI for health checks, status, replay, and supervised actions.
Query Hyperliquid read-only market data without exposing funds.
Exercise live-readiness, immune, reconciliation, and certification contracts without placing capital at risk.
Keep the full-screen Runtime control packet open with Ctrl+5 or /cockpit-mode while the read-only /live/cockpit packet is polled from the Runtime.
Inspect public-safe local live execution receipts from the operator CLI, including accepted/refused/exchange-error counts and hash-only receipt proof.
Capture signed, public-safe live evidence packets for supervised canary rehearsal without leaking credentials or raw private journals.
Inspect the live canary policy lifecycle for readiness, arm/disarm, launch window, evidence, shadow review, qualification, follow-through, and next action through /live/canary-policy or the operator CLI.
Run the maintained live canary rehearsal collector in fail-closed public paper mode, or in explicit operator-owned canary mode when local live gates are ready.
Verify canary evidence bundles locally before sharing them as launch or incident evidence.
Verify the committed redacted live trading evidence packet that summarizes private operator Hyperliquid fills, trades, and live decisions without raw custody material.
Attach public-safe exchange-side order/fill evidence to canary bundles and verify it against ZERO live receipts without exposing raw venue payloads.
Run and verify a one-command live canary operator workflow that collects, attaches, verifies, checksums, and reports public-safe evidence.
Capture a read-only Runtime control drill bundle for preflight, immune, reconciliation, certification, receipt, evidence, metrics, and audit packets.
Package release assets with checksums.
Deploy the paper runtime on Railway or Docker.
Connect an operator-owned Runtime to the ZERO control plane through the optional Vibe Deploy proof chain.
Generate public-safe Proof profile, replay, and contract artifacts.

Operator Proof Path

ZERO should earn trust through behavior that another engineer can verify:

Run paper mode locally or on Railway.
If using Vibe Deploy, claim the Runtime and verify the first heartbeat before treating it as an owned deployment.
Run just public-proof to verify the demo proof pack, Proof chain, redacted live trading evidence, read-only MCP server, and committed MCP transcript together.
Verify docs/proof/network/network-proof-pack.json against its profile, leaderboard, deployment identity, and ingestion artifacts.
Generate a signed journal root from local JSONL streams with zero-journal-root, attach anchor metadata with zero-journal-anchor, and export a redacted proof pack with zero-journal-proof.
Inspect runtime, risk, Runtime control, immune, account, and reconciliation packets through the CLI/API.
Rehearse a live canary in fail-closed mode.
Attach public-safe exchange-side evidence when an operator-owned live canary is ready.
Verify the bundle, recursive checksums, privacy flags, live canary policy, and report with local scripts before publishing anything.

See It Run

This is a shortened excerpt from scripts/demo_capture.sh, the maintained local paper-mode demo. It demonstrates the terminal flow without launching the interactive TUI:

$ zero --api http://127.0.0.1:8765 doctor
[   ok] engine_reachable       zero-paper-engine v0.1.2
[ warn] auth                   no token set — read-only endpoints only
[ warn] live_preflight         not ready: live_executor, wallet, key, journal

$ zero --api http://127.0.0.1:8765 run status
engine: regime=PAPER MARKET. Local deterministic demo.
equity=$10000.00  open=0  recovery=ephemeral

$ zero --api http://127.0.0.1:8765 run risk
risk: OK  equity=$10000.00  peak=$10000.00  dd=0.00%  open=0

$ curl -fsS -H 'content-type: application/json' -d '{...}' /execute
{"accepted": true, "coin": "BTC", "side": "buy", "simulated": true}

$ curl -fsS http://127.0.0.1:8765/network/profile
{"schema_version": "zero.network.profile.v1", "mode": "paper", "verification": {"status": "verified"}}

$ curl -fsS http://127.0.0.1:8765/deployment/heartbeat
{"schema_version": "zero.deployment.heartbeat.v1", "liveness": {"status": "paper_only"}}

$ curl -fsS http://127.0.0.1:8765/intelligence/snapshot
{"schema_version": "zero.intelligence.snapshot.v1", "access": {"class": "public_delayed", "delay_s": 900}}

$ curl -fsS http://127.0.0.1:8765/live/preflight
{"schema_version": "zero.live_preflight.v1", "live_mode": "refused", "ready": false}

$ zero --api http://127.0.0.1:8765 run live-cockpit
live-cockpit: live_mode=refused  ready=false  risk_allowed=false

$ zero --api http://127.0.0.1:8765 run live-receipts
live-receipts: status=empty  total=0  accepted=0  refused=0  exchange_error=0

$ zero --api http://127.0.0.1:8765 run live-canary
live-canary: ready=false  armed=false  qualified=false  publishable=false  accepted_live=false

$ zero --api http://127.0.0.1:8765 run runtime-parity
runtime-parity: ok=true  production_ooda=true  paper_only=true  live_trading_claimed=false

$ curl -fsS http://127.0.0.1:8765/operator/context
{"schema_version": "zero.operator_context.v1", "handle": "local-operator", "scope": "local-private"}

$ curl -fsS http://127.0.0.1:8765/memory
{"schema_version": "zero.memory.snapshot.v1", "stats": {"active_entries": 0}}

$ curl -fsS http://127.0.0.1:8765/genesis
{"schema_version": "zero.genesis.snapshot.v1", "mode": "plan-only"}

$ curl -fsS http://127.0.0.1:8765/evolve
{"schema_version": "zero.evolve.snapshot.v1", "mode": "paper-only"}

$ curl -fsS http://127.0.0.1:8765/research
{"schema_version": "zero.research.snapshot.v1", "mode": "paper-only"}

$ curl -fsS http://127.0.0.1:8765/hl/reconcile
{"schema_version": "zero.reconciliation.v1", "status": "not_configured", "risk_increasing_allowed": false}

$ curl -fsS http://127.0.0.1:8765/live/certification
{"schema_version": "zero.live_certification.v1", "mode": "dry_run", "passed": true}

$ curl -fsS http://127.0.0.1:8765/live/evidence
{"schema_version": "zero.live_evidence.v1", "live_mode": "refused", "evidence_hash": "sha256:..."}

$ curl -fsS http://127.0.0.1:8765/live/canary-policy
{"schema_version": "zero.live_canary_policy.v1", "summary": {"ready_for_canary": false, "next_step": "fix_live_preflight_before_canary"}}

$ scripts/live_canary_rehearsal.py http://127.0.0.1:8765 --mode refusal
zero live canary rehearsal: wrote artifacts/live-canary-rehearsal/... mode=refusal risk_ready=False attempted=True accepted=False

$ scripts/live_canary_exchange_evidence.py artifacts/live-canary-rehearsal/... hyperliquid-export.json
zero live canary exchange evidence: wrote artifacts/live-canary-rehearsal/.../exchange_evidence.json matched=0 accepted=0

$ scripts/live_canary_verify.py artifacts/live-canary-rehearsal/... --require-mode refusal --require-exchange-evidence
zero live canary verify: ok=True checks=... fail=0

$ scripts/live_canary_policy.py artifacts/live-canary-rehearsal/...
zero live canary policy: qualified=True publishable=False refusal_qualified=True next=keep_public_claim_at_refusal_proof

$ scripts/live_canary_operator.py http://127.0.0.1:8765 --mode refusal
zero live canary operator: ok=True bundle=artifacts/live-canary-operator/.../bundle exchange=True report=artifacts/live-canary-operator/.../operator_report.json

$ scripts/live_canary_operator_verify.py artifacts/live-canary-operator/...
zero live canary operator verify: ok=True checks=... fail=0

$ scripts/live_cockpit_drill.py http://127.0.0.1:8765
zero Runtime control drill: ok=True ready=False risk_allowed=False fail=0 output=artifacts/live-cockpit-drill/...

$ scripts/live_cockpit_drill_verify.py artifacts/live-cockpit-drill/...
zero Runtime control drill verify: ok=True checks=... fail=0

$ scripts/live_cockpit_drill_tamper_rehearsal.py artifacts/live-cockpit-drill/...
zero Runtime control drill tamper rehearsal: ok=True checks=3 fail=0

$ curl -fsS http://127.0.0.1:8765/immune
{"schema_version": "zero.immune.v1", "risk_increasing_allowed": false}

Install CLI

Install the latest release binary with checksum and attestation verification:

curl -fsSL https://raw.githubusercontent.com/zero-intel/zero/main/scripts/install.sh | bash
zero --version

The installer downloads the GitHub Release asset for your OS, verifies SHA256SUMS, verifies the GitHub artifact attestation, and installs zero to ~/.local/bin by default.

Or install the public Homebrew formula:

brew tap zero-intel/zero https://github.com/zero-intel/zero
brew install zero
zero --version

The formula installs the zero CLI from the checksummed GitHub Release asset. It does not use private package registries. Homebrew reinstall and rollback commands live in docs/release.md.

zero-engine is also published on PyPI for agent/MCP installs:

uvx zero-engine --smoke
uvx --from zero-engine zero-mcp --smoke

The Rust operator terminal is published as zero-os on crates.io. The package name is zero-os because zero is already taken on crates.io; the installed binary is still zero:

cargo install zero-os
zero --version

Container users can run the paper runtime directly from source:

docker build -t getzero/zero .
docker run --rm -p 8765:8765 -e PORT=8765 getzero/zero

Docker Hub is the primary public container path:

docker pull getzero/zero:0.1.2
docker run --rm -p 8765:8765 -e PORT=8765 getzero/zero:0.1.2

The runtime remains paper-first by default; live operation stays behind explicit preflight gates. See docs/registry-launch.md for publication state, digests, and anonymous-pull evidence.

No-Install Contributor Path

Use GitHub Codespaces or any devcontainer-compatible editor to open this repo without installing Python, Rust, or just locally:

The container installs the editable engine package, Rust CLI dependencies, and the local docs gate. See .devcontainer/README.md.

Source Quickstart

Requirements: Python 3.11+, Rust stable, Cargo, and just.

git clone https://github.com/zero-intel/zero.git
cd zero
just bootstrap
just demo
just paper-api-smoke

Run the paper API:

just paper-api

Run the CLI:

cd cli
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 doctor
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 run status
cargo run -q -p zero-os -- --api http://127.0.0.1:8765 run risk

Run the full local gate:

just ci

Run one paper runtime cycle:

PYTHONPATH="$PWD/engine/src" zero-engine-run \
  --journal .zero/decisions.jsonl \
  --runtime-bus .zero/runtime-bus \
  --once \
  --interval 0

For the complete first-run path, see docs/first-10-minutes.md. For a reproducible terminal demo capture, run:

scripts/demo_capture.sh

Maintainers can also prove the publishable source tree works outside this checkout by copying it into a temporary directory, rerunning hardening, and smoking the paper API through the CLI:

just fresh-clone-rehearsal

Use an installed release binary for the same capture:

ZERO_BIN="$(command -v zero)" scripts/demo_capture.sh

Safety Model

ZERO is built around operational discipline, not activity.

Paper mode is the default.
Public examples must run without real funds.
Live execution requires explicit environment configuration and preflight checks.
Risk-reducing actions should remain low-friction.
Risk-increasing actions should require deliberate operator confirmation.
Journals and proof packets must be redacted before publication.
Hosted custody is not part of the product.

Trust

CI, CodeQL, Secret Scan, and OpenSSF Scorecard run on public pushes.
Release assets ship with checksums, SBOM/provenance metadata, attestations, release evidence, and Homebrew formula drift checks.
just release-preflight verifies public proof, package dry runs, release rehearsals, registry readiness, and formula consistency before tagging.

Open Core Boundary

Open	Commercial
ZERO Runtime, safety gates, paper mode, local API, CLI, Docker/Railway deployment, public profile contracts, leaderboards, delayed snapshots, growth-mode realtime Intelligence access, docs, tests, and release tooling.	Future higher limits, deeper history, cohorts, benchmarks, commercial connectors, bulk exports, redistribution rights, support, reliability commitments, and SLAs.

The open repository must stay useful without a ZERO-hosted app. The commercial product sells speed, scale, history, reliability, and intelligence access, not custody or basic runtime operation.

See docs/open-core-boundary.md and docs/zero-intelligence.md.

Repository Map

engine/        Python ZERO Runtime and paper API
cli/           Rust operator terminal
contracts/     Public API, Network, and Intelligence contract examples
examples/      Paper-trading examples and sample candles
docs/          Architecture, safety, deployment, release, and product docs
scripts/       Smoke tests, release packaging, Railway entrypoints, hardening gates
.github/       CI, CodeQL, secret scanning, Scorecard, issue and PR templates

Deployment

ZERO is local-first, Railway-first, and Docker-compatible. Operators own their deployment project, secrets, exchange credentials, and runtime state.

Contributor Paths

Start with the live Contributor Issue Board or the GitHub good first issue, agent-eligible, and help wanted queues.

Good first contribution areas:

Declarative strategy runners that stay paper-first.
Strategy examples that stay paper-first.
Strategy plugins that return signals but leave execution and risk checks to ZERO.
Market data adapters with deterministic tests.
Public Proof profiles, replay, and contract examples over redacted public contracts.
CLI diagnostics and replay views.
Safety gate tests.
Documentation and runbook improvements.
Public Protocol and Proof contract examples.

Before opening a pull request:

just ci

Read CONTRIBUTING.md, SECURITY.md, and GOVERNANCE.md.

Using a coding or design agent? Start with AGENTS.md and docs/agentic-contribution.md. Agent-authored changes should stay scoped, paper-first by default, and explicit about safety invariants.

For a 30-second agent smoke:

PYTHONPATH="$PWD/engine/src" python3 -m zero_engine.mcp --smoke
PYTHONPATH="$PWD/engine/src" scripts/mcp_transcript.py --check

Machine-readable entrypoints:

Documentation

License

Apache-2.0. See LICENSE.