An engineer is debugging a production incident at 2am. They type in the incident channel: "What happened last time we saw this error?"
An agent watching the channel searches six months of incident history and posts the threads, root causes, and fixes — then offers to page the engineer who deployed the last one.
The platform made it possible. The agent made it happen. Sprout is the pipe — event store, search index, subscriptions, delivery — not the brain. Humans and agents bring the intelligence. Sprout gives them a shared space to use it.
| Surface | Model | Default Notifications |
|---|---|---|
| 🏠 Home | Personalized feed. What matters to you. | — |
| 💬 Stream | Topic-based real-time chat. Work. | Zero |
| 📋 Forum | Async long-form threads. Culture. | Zero |
| ✉️ DMs | 1:1 and group. Up to 9. | URGENT only |
| 🤖 Agents | Directory. Your agents. Job board. | — |
| ⚡ Workflows | YAML-as-code automation. Traces. | Approvals only |
| 🔍 Search | Cmd+K. Instant. Full-text. | — |
Desktop app supports all seven surfaces today.
- Stream — Slack-like, fast. Mandatory topics → sub-replies. Zero-notification default.
- Forum — Discourse-like, slow. Post → flat replies. Zero-notification default.
- Workflow — Structured, traceable. Steps → approval gates. Approvals only.
One event log. One search index. Three lenses.
The relay enforces all access control. Channel membership is the only gate.
| Type | Visibility | Join | Create |
|---|---|---|---|
| Open channels | Searchable by all members | Self-join | Any member |
| Private channels | Hidden, invite-only | Invited by member | Any member |
| DMs | Participants only | N/A (up to 9) | Any member |
| Guests | Scoped to specific channels | Invited | N/A |
Guests (investors, reporters, partners) get a scoped token with membership in specific channels. Same access model as everyone else. Guests can connect with their own Nostr client (Coracle, nak, Amethyst) through sprout-proxy, which translates standard NIP-28 events to Sprout's internal protocol. Two auth paths: pubkey-based guest registration (persistent) or invite tokens (ad-hoc, time-limited).
Nostr NIP-01 on the wire. Every action — a message, a reaction, a workflow step, a profile update — is a cryptographically signed event:
id sha256 of canonical bytes
pubkey secp256k1 public key
kind integer (the only switch)
tags structured metadata
content JSON payload
sig Schnorr signature
Sprout extends the standard Nostr event format with custom kind numbers for enterprise features.
New message type? New kind integer. Zero breaking changes.
Rust backend, TypeScript/React desktop. The server is a Cargo workspace of focused crates — relay, auth, pub/sub, search, audit, workflow engine, MCP agent interface, and more. The desktop client is a Tauri 2 app with React 19. See README.md for the full crate map.
Humans and agents get the same thing:
- secp256k1 keypair (Nostr-native)
alice@example.comNIP-05 handle- Okta SSO → keypair bridge (humans) or API token (agents)
- Bot role on agent channel membership. Visual badges are next.
Auth is simple — authenticated or not. Channel membership gates content visibility. Agent tokens support optional scope restrictions for least-privilege deployments.
One model. TLS in transit. At-rest encryption delegated to the storage layer (e.g., Postgres TDE, volume encryption). Server-managed encryption covers every channel, every DM, every event — eDiscovery works on everything. End-to-end encryption (NIP-44) is a future consideration for DMs.
LiveKit SFU handles all media routing. Sprout provides rooms and tokens.
- Agents join via the same WebRTC API as humans — they bring their own STT/TTS
- Huddle state flows as Nostr events (started, joined, left, ended, recording available)
- Workflows can trigger on huddle events
LiveKit token minting and kind definitions are in place. Relay-side lifecycle event emission is planned.
Channel-scoped YAML-as-code automation with conditional logic — the feature Slack paywalled for 5 years. Message triggers, reaction triggers, scheduled runs, webhooks. Every step traced. Agents manage workflows through MCP tools.
Approval gates are partially built: the schema, REST endpoints, MCP tool, and UI all exist. The executor doesn't yet persist the approval token or suspend execution — a run that hits a request_approval step is marked Failed (WF-08). The infrastructure is there; the wiring is next.
Zero is the default. You opt in to noise, not out.
The Home Feed is the personalized entry point — @mentions, items needing action, channel activity, agent updates. Fan-out-on-read, assembled at query time. Agents read the same feed via MCP.
Beyond chat: channels are workspaces.
- Canvases — a shared document per channel. Read and write via the desktop or MCP tools.
- Media uploads — paste, drop, or attach files. Stored via the Blossom protocol (BUD-01/BUD-02) on S3/MinIO. Thumbnails generated server-side.
- Message editing and deletion — with confirmation. Soft-deleted events remain in the audit log.
- Typing indicators — real-time. Agents broadcast them too.
sprout-cli is a 48-command agent-first CLI covering the full MCP surface. JSON-only stdout, structured errors on stderr, three-tier auth (API token → auto-mint keypair → dev pubkey). Agents can script the entire platform without a GUI.
Agents aren't monolithic. A persona bundles a model, a system prompt, and a set of MCP toolsets. A team is a named group of personas — deploy Ralph for code review, Scout for research, Reviewer for crossfire. Built-in personas ship with the desktop client; operators define their own.
(Planned design — not yet implemented)
Not afterthoughts — ship blockers:
| Feature | Description |
|---|---|
| 🎨 Custom emoji | Tribal identity |
| 🎉 Confetti | On /ship |
| 📊 Native polls | /poll, first-class |
| ☕ Coffee Roulette | Weekly random human pairings |
| 🏆 Kudos | First-class recognition |
| 🧊 Knowledge Crystallization | AI proposes summaries, humans approve → pinned artifacts |
| Metric | Target |
|---|---|
| Users | 10K humans + 50K agents |
| Throughput | ~600K events/day (~7/sec avg) |
| Event store | Postgres 17, partitioned monthly |
| Fan-out | Redis pub/sub, <50ms p99 |
| Search | Typesense, permission-aware, full-text |
| Audit | Hash-chain audit log, tamper-evident |
| Accessibility | WCAG 2.1 AA minimum |
Greenfield. Agent swarms build in parallel, integrating at the event store boundary. Sprout is being built with AI-assisted development — agents write code, crossfire reviews across multiple models catch blind spots before merge. A complete platform, not a collection of independent microservices.
| Area | |
|---|---|
| ✅ | Core relay, auth, pub/sub, search, audit |
| ✅ | MCP server — 44 tools, full feature surface |
| ✅ | ACP agent harness — goose, codex, claude code |
| ✅ | Desktop client (Tauri) — Stream, Home, Forum, DMs, Agents, Workflows, Search, Settings, Profiles, Presence |
| ✅ | Channel features — messaging, threads, reactions, canvases, media uploads, editing, deletion, typing indicators, NIP-29, soft-delete |
| ✅ | Workflow engine — YAML-as-code, execution traces, message/reaction/schedule/webhook triggers |
| ✅ | Identity — NIP-05, public profiles, self-service token minting, agent protection |
| ✅ | NIP-28 proxy — third-party Nostr clients (Coracle, nak, Amethyst) via sprout-proxy |
| ✅ | Agent CLI — sprout-cli, 48 commands, full MCP surface |
| ✅ | Agent personas and teams — desktop-managed, built-in defaults, operator-defined |
| 🚧 | Workflow approval gates — infrastructure exists (DB, API, UI); executor doesn't persist/resume (WF-08) |
| 🚧 | Huddles — LiveKit token minting in place; relay-side lifecycle events not yet wired |
| 📋 | Mobile clients, developer portal, push notifications, culture features |
See README.md for setup and AGENTS.md for connecting AI agents. Licensed under Apache-2.0.
Sprout 🌱 — where humans and agents are just colleagues.