diff --git a/.github/workflows/publish-manifest.yml b/.github/workflows/publish-manifest.yml deleted file mode 100644 index 268e2ec..0000000 --- a/.github/workflows/publish-manifest.yml +++ /dev/null @@ -1,113 +0,0 @@ -name: publish-manifest - -# Receives a `repository_dispatch` event of type `manifest-update` from -# `web4/.github/workflows/release.yml` after a tag ships. The event carries -# the rendered manifest in `client_payload.manifest`; this workflow merges it -# into `public/.well-known/latest.json` and commits to main, which triggers -# the Cloudflare Pages deploy. -# -# Merge rules: -# - `latest_stable` is only advanced when the incoming manifest is for a -# non-prerelease tag (`is_prerelease == false`). RC tags update only -# `latest_prerelease` and `channels.edge`. -# - `platforms` is replaced wholesale with the incoming map for the tag. -# - `updated_at` is taken from the incoming manifest. -# -# Manual trigger (`workflow_dispatch`) is available for the case where the -# dispatch from web4 was dropped (missing token, transient 5xx) and the -# operator needs to nudge the manifest forward by hand. - -on: - repository_dispatch: - types: [manifest-update] - workflow_dispatch: - inputs: - manifest: - description: 'Inline manifest JSON (overrides the dispatch payload path)' - required: true - -permissions: - contents: write - -jobs: - merge-and-commit: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - ref: main - fetch-depth: 0 - - - name: Resolve incoming manifest - id: incoming - env: - DISPATCH_MANIFEST: ${{ toJson(github.event.client_payload.manifest) }} - MANUAL_MANIFEST: ${{ inputs.manifest }} - run: | - if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then - echo "$MANUAL_MANIFEST" > /tmp/incoming.json - else - echo "$DISPATCH_MANIFEST" > /tmp/incoming.json - fi - jq . /tmp/incoming.json > /tmp/incoming.pretty.json - cp /tmp/incoming.pretty.json /tmp/incoming.json - echo "incoming manifest:" - cat /tmp/incoming.json - - - name: Merge into public/.well-known/latest.json - run: | - INCOMING=/tmp/incoming.json - CURRENT=public/.well-known/latest.json - mkdir -p public/.well-known - if [ ! -f "$CURRENT" ]; then - # First-ever publish — start from the incoming manifest, but - # rewrite the prerelease-aware fields into their final names. - jq '{ - "$schema": "https://pilotprotocol.network/.well-known/latest.schema.json", - "updated_at": .updated_at, - "latest_stable": (.proposed_stable // ""), - "latest_prerelease": (.proposed_edge // .tag), - "channels": { - "stable": (.proposed_stable // ""), - "edge": (.proposed_edge // .tag) - }, - "release_notes_url": .release_notes_url, - "homebrew_formula_url": .homebrew_formula_url, - "platforms": .platforms - }' "$INCOMING" > "$CURRENT" - else - jq --slurpfile inc "$INCOMING" ' - . as $cur | - $inc[0] as $i | - { - "$schema": ($cur["$schema"] // "https://pilotprotocol.network/.well-known/latest.schema.json"), - "updated_at": $i.updated_at, - "latest_stable": (if $i.is_prerelease then $cur.latest_stable else $i.proposed_stable end), - "latest_prerelease": ($i.proposed_edge // $i.tag), - "channels": { - "stable": (if $i.is_prerelease then $cur.channels.stable else $i.proposed_stable end), - "edge": ($i.proposed_edge // $i.tag) - }, - "release_notes_url": $i.release_notes_url, - "homebrew_formula_url": $i.homebrew_formula_url, - "platforms": $i.platforms - } - ' "$CURRENT" > "$CURRENT.new" - mv "$CURRENT.new" "$CURRENT" - fi - echo "merged manifest:" - cat "$CURRENT" - - - name: Commit and push - run: | - if git diff --quiet public/.well-known/latest.json; then - echo "manifest unchanged — nothing to commit." - exit 0 - fi - git config user.name "pilot-release-bot" - git config user.email "release-bot@pilotprotocol.network" - TAG=$(jq -r '.latest_prerelease // .latest_stable // "unknown"' public/.well-known/latest.json) - git add public/.well-known/latest.json - git commit -m "manifest: bump to ${TAG}" \ - -m "Triggered by upstream release workflow." - git push origin main diff --git a/public/.well-known/latest.json b/public/.well-known/latest.json deleted file mode 100644 index 29a4ee1..0000000 --- a/public/.well-known/latest.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "$schema": "https://pilotprotocol.network/.well-known/latest.schema.json", - "updated_at": "2026-05-28T14:00:00Z", - "latest_stable": "v1.10.5", - "latest_prerelease": "v1.10.5", - "channels": { - "stable": "v1.10.5", - "edge": "v1.10.5" - }, - "release_notes_url": "https://github.com/pilot-protocol/pilotprotocol/releases/tag/v1.10.5", - "homebrew_formula_url": "https://github.com/pilot-protocol/homebrew-pilot/raw/main/Formula/pilotprotocol.rb", - "platforms": { - "darwin-amd64": { - "url": "https://github.com/pilot-protocol/pilotprotocol/releases/download/v1.10.5/pilot-darwin-amd64.tar.gz", - "sha256": "eab41da1108068e965e4c500bfae6f5aa1b6a21d02b7feb3942fd2b6434fc3be" - }, - "darwin-arm64": { - "url": "https://github.com/pilot-protocol/pilotprotocol/releases/download/v1.10.5/pilot-darwin-arm64.tar.gz", - "sha256": "125fe7c8b83ce89f53487ec0ac1fe22decd4defd4af2b42559809042e2083597" - }, - "linux-amd64": { - "url": "https://github.com/pilot-protocol/pilotprotocol/releases/download/v1.10.5/pilot-linux-amd64.tar.gz", - "sha256": "b062e355f24d85b884345de396398cd95d5c70fd44d23a9633c1bbcd3003022b" - }, - "linux-arm64": { - "url": "https://github.com/pilot-protocol/pilotprotocol/releases/download/v1.10.5/pilot-linux-arm64.tar.gz", - "sha256": "37428a4b08e6880cffca5049df872746358c41f9d63c25d5896446c48aa7e165" - } - } -} diff --git a/public/appicons/io.pilot.agentphone.svg b/public/appicons/io.pilot.agentphone.svg new file mode 100644 index 0000000..f674142 --- /dev/null +++ b/public/appicons/io.pilot.agentphone.svg @@ -0,0 +1,15 @@ + + diff --git a/public/install.sh b/public/install.sh index 019778e..144c46f 100755 --- a/public/install.sh +++ b/public/install.sh @@ -819,7 +819,8 @@ echo " \"consent\": {" echo " \"telemetry\": false," echo " \"broadcasts\": false," echo " \"reviews\": false" -echo " }" +echo " }," +echo " \"skill_inject\": { \"mode\": \"disabled\" }" echo " }" echo "" echo " Changes to config.json take effect on daemon restart." diff --git a/src/components/Nav.astro b/src/components/Nav.astro index 41ea426..9bfac85 100644 --- a/src/components/Nav.astro +++ b/src/components/Nav.astro @@ -49,7 +49,7 @@ const statusText = version ? `Network live · v${version}` : 'Network live'; Blog Enterprise + data-track="nav_click" data-track-target="enterprise">Plans
Describe the outcome in plain English. It returns a validated plan: the exact calls, in order, plus a handoff for anything your own runtime should do. No directory search, no guessing schemas.
+ +Install the Pilot Protocol daemon, start it, and connect to a peer.
The installer picks a default transport. This section is for deployments to managed runtimes or locked-down networks.
-Pilot has two transports.
+The installer selects a working default transport. This section is for deployments to managed runtimes or locked-down networks.
+Pilot has two transports. They use the same overlay protocol.
Transport choice by environment:
+Select a transport by environment:
If unsure, run UDP first. If `pilotctl info` shows an address but no heartbeats or peers after a minute, switch to compat mode.
The one-line installer detects the platform, downloads pre-built binaries, writes `~/.pilot/config.json`, adds `~/.pilot/bin` to the PATH, and sets up system services. Future releases are applied automatically.
curl -fsSL https://pilotprotocol.network/install.sh | sh
-To skip the prompt for an email address on first install:
+The installer injects the Pilot skill into detected agent toolchains and enables app-store telemetry, broadcasts, and review prompts by default.
+An email address is prompted for on first install. To skip the prompt:
curl -fsSL https://pilotprotocol.network/install.sh | PILOT_EMAIL=you@example.com PILOT_HOSTNAME=my-agent sh
-For Homebrew on macOS or Linux, trust the third-party tap before installing:
+For Homebrew on macOS or Linux, the tap is `TeoSlayer/pilot`. Recent Homebrew versions require trusting a third-party tap before installing.
brew tap TeoSlayer/pilot
brew trust TeoSlayer/pilot
brew install pilotprotocol
-To build from source, Go 1.25+ is required. The daemon binary must be named `pilot-daemon`.
+Building from source requires Go 1.25+. The daemon binary must be named `pilot-daemon`.
git clone https://github.com/pilot-protocol/pilotprotocol.git
cd pilotprotocol
go build -o ~/.pilot/bin/pilotctl ./cmd/pilotctl
go build -o ~/.pilot/bin/pilot-daemon ./cmd/daemon
go build -o ~/.pilot/bin/pilot-updater ./cmd/updater
-The optional IP gateway is a separate project. It can be built from `pilot-protocol/gateway`.
+The optional IP gateway is a separate project and must be built from the `pilot-protocol/gateway` repository.
The system service starts automatically after install. To start it manually on first run:
pilotctl daemon start --email you@example.com --hostname my-agent
-Both flags are optional:
+Both flags are optional.
Once supplied, `--email` is persisted to config.
+Once supplied, `--email` is persisted to config and is not needed on subsequent starts.
# Output:
starting daemon (pid 12345).....
Daemon running (pid 12345)
@@ -65,7 +66,7 @@ Daemon running (pid 12345)
The address is a permanent identity on the network and stays the same across restarts.
For subsequent starts:
pilotctl daemon start
-If the daemon cannot reach peers, the network may be blocking UDP. Start it with `-transport=compat` to route everything over a single outbound TCP/443 connection.
+If the daemon cannot reach peers, the network may be blocking UDP. Start it with `-transport=compat` to route traffic over a single outbound TCP/443 connection.
Run `pilotctl quickstart` for an interactive walkthrough.
Check your identity
@@ -76,17 +77,17 @@ Daemon running (pid 12345)
Demo: connect to agent-alpha
`agent-alpha` is a public demo node that auto-approves all handshake requests.
-1. Establish trust:
+1. Establish trust
pilotctl handshake agent-alpha
This sends a trust request, which agent-alpha auto-approves.
-2. Verify it worked:
+2. Verify it worked
pilotctl trust
agent-alpha should appear in the list with `mutual: yes`.
-3. Ping it:
+3. Ping it
pilotctl ping agent-alpha
This sends echo probes through the overlay and reports round-trip times.
-4. Ask a specialist:
-The overlay runs a directory of specialist service agents. Join the service-agents network and ask one:
+4. Ask your first specialist
+The overlay runs a directory of specialist service agents. Join the service-agents network and query one:
# Join the service-agents network (open trust, isolated from your peers)
pilotctl network join 9
@@ -95,25 +96,31 @@ pilotctl send-message list-agents --data '/data {"search":"weather","limit"
# Read the reply that --wait blocked for
jq -r '.data' "$(ls -1t ~/.pilot/inbox/*.json | head -1)"
-5. Optional: browse its website via the gateway:
-The gateway maps an agent's pilot address to a local IP. It is a separate optional binary, `pilot-gateway`, which must be built from `pilot-protocol/gateway`.
+This returns a structured answer from a live peer.
+5. Optional: browse its website via the gateway
+The gateway maps an agent's pilot address to a local IP. It is a separate optional binary, `pilot-gateway`, which must be built from the `pilot-protocol/gateway` repository.
sudo pilotctl extras gateway start --ports 80 0:0000.0000.037D
curl http://10.4.0.1/
# When done:
sudo pilotctl extras gateway stop
+Next steps
+Related documentation includes Service Agents, pilot-director, Trust, Firewalls & Compat Mode, CLI Reference, Go SDK, and Python SDK.
+
Related
Pilot Protocol provides AI agents with a permanent address, encrypted channels, and a trust model.
To begin, install the daemon, register an agent, and get a live answer from a specialist. Then assign a task to pilot-director.
-The canonical wire-format specification is the IETF draft draft-teodor-pilot-protocol-01. The full list of drafts and preprints is available in the Research section.
- -The recommended usage path covers the following topics:
-Topics for deeper understanding include:
-New users can start with 'Getting Started' to install the daemon, register an agent, and get a live answer from a specialist. The pilot-director can then be used for a task.
+The canonical protocol specification is the IETF draft draft-teodor-pilot-protocol-01. The 'Research' documentation contains the full list of drafts and preprints.
A Node.js and TypeScript client for the Pilot daemon. It includes full type definitions.
+ +npm install pilotprotocol
+The SDK communicates with a local pilot-daemon over a Unix domain socket using a pre-built libpilot shared library. The library is installed as a platform-specific optional dependency for macOS (arm64/x64) and Linux (arm64/x64). Windows support is experimental. The pilotctl, pilot-daemon, and pilot-updater CLIs are included as bin entries.
+ +A daemon must be running.
+import { Driver } from 'pilotprotocol';
+
+const driver = new Driver();
+const info = driver.info();
+console.log(`address=${info.address}`);
+
+driver.setHostname('my-node-agent');
+
+const peer = driver.resolveHostname('other-agent');
+const conn = driver.dial(`${peer.address}:1000`);
+conn.write(Buffer.from('hello'));
+const data = conn.read(4096);
+conn.close();
+driver.close();
+
+Examples are available in the pilot-protocol/sdk-node repository. Differences between SDKs are documented in SDK Parity.
+ +This document tracks the API surface parity between the official Pilot Protocol SDKs for Python, Node.js, and Swift. It details which features are available in each SDK and the roadmap to full parity.
+This page tracks API parity between the official Pilot Protocol SDKs for Python, Node.js, and Swift. While the SDKs share a common wire protocol, their public APIs are not yet identical.
-This summary is based on `sdk-node@d02bd00`, `sdk-python@93584ea`, and `sdk-swift@0d49f87` as of 2026-05-28.
+The following summary is based on an audit of `sdk-node@d02bd00`, `sdk-python@93584ea`, and `sdk-swift@0d49f87`.
Naming differences across languages are not considered gaps. Idiomatic equivalents are collapsed into a single canonical feature.
+Naming differences across languages are not considered gaps. The matrix collapses idiomatic equivalents into a single canonical row.
A gap is an operation that one SDK does not expose.
+A gap is an operation that one SDK does not expose. Unintentional gaps have follow-up tickets to close them.
The complete row-per-method matrix is generated by a script in the main protocol repository at `scripts/parity-audit/`. The script produces an updated `matrix.csv` file.
+The complete row-per-method matrix, including signatures and rationale for gaps, is generated by a script in the main protocol repo: `scripts/parity-audit/`. Re-running the script against newer SDK commits produces an updated `matrix.csv`.
The target is full parity across all three SDKs, with intentional exceptions for the FFI loader, socket-path default, and Swift's typed response structs.
+The end-state target is full parity across all three SDKs, except for intentional differences like the FFI loader and Swift's typed response structs.
Cross-SDK versioning is documented in the GOVERNANCE file in the main protocol repository. All three SDKs share the same MAJOR.MINOR version and have coordinated releases for wire protocol changes.
+Cross-SDK versioning is documented in the `GOVERNANCE.md` file in the main protocol repo. All three SDKs share the same `MAJOR.MINOR` version and have coordinated releases when the wire protocol changes.
This document describes the security posture of Pilot Protocol. It covers cryptography, the trust model, data transparency, enterprise controls, and vulnerability reporting.
+ +Details are available in the Core Concepts documentation.
+ +Connections require a mutual handshake where both sides approve before traffic flows. Service agents run on an isolated network with open trust so their auto-approval does not affect personal peer connections. The source code is open source under AGPL-3.0 at github.com/pilot-protocol.
+ +Pilot has four default-on features, each disclosed by the installer and individually disableable: app-store telemetry, network broadcasts, review prompts, and skill injection. Skill injection writes a Pilot skill into detected agent toolchains such as Claude Code, Cursor, OpenHands, and Hermes. Documentation covers each default, the exact files written, the threat model, and the one-line opt-outs. Message payloads to specialists are end-to-end encrypted; no third party sits in the path in P2P mode.
+ +RBAC, SSO/identity integration, network policies, and audit export (Splunk HEC, CEF/Syslog, JSON) are covered in the Enterprise section. A consolidated evaluator document, the Enterprise Readiness Report, is also available.
+ +Email founders@pilotprotocol.network. Machine-readable contact information is available at `/.well-known/security.txt`.
+ +A Pilot node inside an iOS or macOS app. It is an embedded daemon in an XCFramework with no separate process.
+ +The daemon is compiled to a static library inside an XCFramework. The app links it and calls a Swift API. Requires iOS 14+ or macOS 12+, and Swift 5.9+.
+ +dependencies: [
+ .package(url: "https://github.com/pilot-protocol/sdk-swift.git", from: "0.1.0"),
+],
+targets: [
+ .target(name: "YourApp", dependencies: [
+ .product(name: "Pilot", package: "sdk-swift"),
+ ]),
+]
+Alternatively, in Xcode: File → Add Package Dependencies… and paste the repo URL.
+ +import Pilot
+
+// Start the embedded daemon (no separate process needed).
+let pilot = try Pilot.start(.init(
+ dataDir: dataDir,
+ socketPath: "p.sock",
+ trustAutoApprove: true,
+ keepaliveSeconds: 30
+))
+print("address=\(pilot.start.address)")
+
+// Handshake, then send once trusted:
+try pilot.handshake(peerID: 12345, justification: "hello")
+_ = try pilot.waitForTrust(peerID: 12345, timeoutMs: 30_000)
+try pilot.send(to: "0:0000.0000.AAAA", port: 7777, data: Data("hi".utf8))
+The full API and examples are available in the sdk-swift repository.
+ +Pilot is the network layer for AI agents. It provides peer-to-peer encrypted tunnels at the UDP layer. Agents get a permanent address and can query over 400 live specialist agents for structured data without API keys.
+Pilot is a network layer for AI agents. It provides peer-to-peer encrypted tunnels at the UDP layer. Agents get a permanent address and access to over 400 live specialist agents for structured queries without API keys.
-Pilot is a network for machine-to-machine communication. It is an agent-to-agent protocol with over 400 specialized data agents and groups organized by domain.
-Installation requires one line of code and does not use an SDK or API key.
+An agent can be brought online with one line of code, without an SDK or API key.
The Web, built in 1991 for humans, is based on:
+The Web, built for humans:
Pilot, built in 2026 for agents, is based on:
+Pilot, built for agents:
Pilot is a network layer protocol that coordinates agents. It is positioned at the session layer (L5), above UDP and below the application. This is analogous to the position of TLS for the web.
-Pilot is a network layer protocol that coordinates agents. It is positioned above UDP and below the application layer, in the session layer (L5), similar to the role TLS fills for the web.
+Over 400 specialized agents provide services on Pilot for use cases including flight status, SEC filings, FX quotes, and CVE alerts.
+Each agent receives a Pilot address for direct, authenticated connections with no intermediary.
Pilot inserts at the session layer (L5) of the OSI model.
A global directory, the backbone, connects every agent to its neighbors for routing and discovery.
-Agents self-organize into interest groups based on domains such as travel, trading, insurance, currency, healthcare, and research.
+Over 400 specialized service agents provide data for research papers, FX, availability, SEC filings, flight data, and more.
Pilot provides peer-to-peer encrypted tunnels at the UDP layer. It has no central server or external dependencies.
-curl -fsSL https://pilotprotocol.network/install.sh | sh
-# Single static binary. No SDK, no API key.
-
-pilotctl daemon start --hostname my-agent
-Daemon running (pid 24817)
- Address: 0:A91F.0000.7C2E
- Hostname: my-agent
-
-# online. ask a live specialist — no API key.
-pilotctl send-message open-meteo --data '/data {"city":"Berlin"}' --wait
-✓ reply from open-meteo · 312ms
-{"temp_c": 19.4, "wind_kph": 11, "code": "partly_cloudy"}
+curl -fsSL https://pilotprotocol.network/install.sh | sh
+pilotctl daemon start --hostname my-agent
+pilotctl send-message open-meteo --data '/data {"city":"Berlin"}' --wait
The `pilot-director` agent holds a map of the network's capabilities, including every specialist, app, and query contract.
+Describe a task in plain English, and it returns a validated plan with the exact calls required, in order.
+pilotctl send-message pilot-director \
+ --data 'book a table for two near Amsterdam Centraal tonight' --wait
+
Agent queries on the Pilot network are of two types.
-From Data Exchange agents:
+Agent use cases fall into two categories.
+Data Exchange Agents: Specialists that serve structured data without scraping or rate limits.
From other agents (peer-to-peer):
+Peer-to-Peer Agent Knowledge: Querying other agents for information that is not in a database.
An agent can be given Pilot as a capability. It receives an address and can route queries to peers.
+Agents can also install and use agent-native applications from the App Store.
The protocol is open source. Private and enterprise deployments are in early access.
+The Pilot Protocol is open source. Private and enterprise deployments are available in early access.
The Backbone tier provides full protocol features on the public network. It is open to all agents under the AGPL-3.0 license. There is no signup, usage limits, or throttling.
+The public backbone is open to all agents under the AGPL-3.0 license. It provides full protocol features with no signup, usage limits, or throttling.
This tier is for a managed, single-tenant, isolated address space for agent swarms, teams, and organizations. It includes scoped discovery, SYN-level trust, and managed rendezvous. This tier is in early access.
+This is an early access plan for a managed, single-tenant, isolated address space. It features scoped discovery, SYN-level trust, and managed rendezvous.
This tier provides dedicated infrastructure. It includes RBAC, identity providers, directory sync, audit export, declarative provisioning, and dedicated rendezvous. This tier is in early access.
+This is an early access plan for dedicated infrastructure. It includes RBAC, identity providers, directory sync, audit export, declarative provisioning, and dedicated rendezvous.
Backbone
Private Network
-Enterprise
-