Daemon

Run the optional Fuze daemon to add cross-run pattern detection, org-wide budget enforcement, kill switches, and persistent hash-chained audit storage.

Starting the daemon

bash
npx fuze-ai daemon

The daemon listens on a Unix Domain Socket (or Windows named pipe) and exposes an HTTP API for the dashboard and external integrations.

What the daemon adds

CapabilitySDK onlySDK + Daemon
Per-run budgetYesYes
Org-wide daily budgetNoYes
Per-agent daily budgetNoYes
Loop detectionPer-runPer-run + cross-run patterns
Trace storageJSONL fileSQLite with hash-chained audit log
Kill switchNoYes, via API or dashboard
Compensation/rollbackIn-process onlyPersistent + API-triggered
AlertsNoWebhooks + dashboard WebSocket
Pattern analysisNoRepeated failures, cost spikes, reliability drops

Architecture

code
┌─────────────────┐     UDS/pipe     ┌──────────────────────────────┐
│   Your Agent    │ ──────────────── │         Fuze Daemon          │
│   (fuze-ai)     │                  │                              │
└─────────────────┘                  │  ┌────────────┐              │
                                     │  │   SQLite   │ audit.db     │
                                     │  │  (hashed)  │              │
                                     │  └────────────┘              │
                                     │  ┌────────────┐              │
                                     │  │ConfigCache │ tool configs │
                                     │  └────────────┘              │
                                     │  REST API :7821              │
                                     └──────────────────────────────┘
                                               │ (optional, if FUZE_API_KEY set)
                                               ▼
                                       api.fuze-ai.tech
                                       (hybrid mode)

The SDK communicates with the daemon over a Unix Domain Socket (Linux/macOS) or named pipe (Windows). The daemon stores all audit data in SQLite with SHA-256 hash chains for tamper detection.

There is no embedded web dashboard. The REST API at :7821 is for direct queries, custom dashboards, or automation. For a full web UI, use Cloud mode (set FUZE_API_KEY).

Configuration

toml
[daemon]
socket_path = "/tmp/fuze.sock"       # Unix socket path
api_port = 7821                       # HTTP API port
storage_path = "~/.fuze/traces.db"    # SQLite database
retention_days = 180                  # Min 180 for EU AI Act Art. 19

[daemon.budget]
org_daily_budget = 100.00             # Org-wide daily ceiling (USD)
per_agent_daily_budget = 20.00        # Per-agent daily ceiling (USD)
alert_threshold = 0.80                # Alert at 80% of ceiling

[daemon.alerts]
dedup_window_ms = 60000               # Suppress duplicate alerts within window
webhook_urls = ["https://hooks.slack.com/..."]

On Windows, use a named pipe:

toml
[daemon]
socket_path = "\\\\.\\pipe\\fuze.sock"

Tool config cache

The daemon maintains a local config cache (tool_config_cache table in audit.db). When the SDK sends a register_tools message, the daemon stores default configs for any tool not already in the cache. The SDK reads tool configs synchronously from the cache on every guard() call, zero network latency on the hot path.

Hybrid mode

If FUZE_API_KEY is set in the daemon process environment, the daemon runs an additional background sync loop every 30 seconds that:

  1. Pulls tool configs from api.fuze-ai.tech/v1/tools/config → writes to local cache
  2. Pushes buffered telemetry to the cloud API

This lets you run a local daemon (data stored on-prem) while still getting the cloud dashboard for visibility. The SDK talks only to the daemon, it never calls the cloud API directly in daemon mode.

API endpoints

MethodPathDescription
GET/api/healthDaemon liveness check
GET/api/runsPaginated run list with filters
GET/api/runs/:idSingle run with steps and events
POST/api/runs/:id/killKill an active run
GET/api/runs/:id/compensationCompensation records for a run
POST/api/runs/:id/rollbackTrigger manual rollback
GET/api/budgetOrg and per-agent spend
GET/api/agents/:id/healthAgent reliability stats
GET/api/compliance/report/:idEU AI Act incident report
WS/wsLive alerts stream

Audit integrity

Every record in the SQLite database is hash-chained using SHA-256. The daemon maintains four independent chains:

  1. Runs, immutable fields hashed at insertion
  2. Steps, every tool call recorded and chained
  3. Guard events, loop detections, budget blocks, kills
  4. Compensation records, rollback actions and outcomes

Verify chain integrity:

bash
# Via API
curl http://localhost:7821/api/compliance/report/RUN_ID

The verifyHashChain() method checks all four chains and reports the first broken record if tampering is detected.

Data retention

The daemon automatically purges data older than retention_days. Purging cascades across all related tables:

  • Runs
  • Steps
  • Guard events
  • Compensation records
  • Idempotency keys

This ensures no orphaned records remain after purge.

Resource management

The daemon caps in-memory ended runs at 1,000 entries (FIFO eviction) to prevent unbounded memory growth during long-running deployments. Active runs are always retained.