phalus 0.6.0

Private Headless Automated License Uncoupling System — AI-powered clean room software reimplementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247

# phalus

**Private Headless Automated License Uncoupling System** — a self-hosted tool for AI-powered clean room software reimplementation. Feed it a dependency manifest and it runs a two-phase, isolation-enforced LLM pipeline: Agent A reads only public documentation and produces a formal specification, Agent B reads only that specification and implements the package from scratch.

No user accounts. No payments. No SaaS. You run it on your own machine with your own API keys.

[Documentation](https://docs.phalus.sh) | [Website](https://phalus.sh) | [crates.io](https://crates.io/crates/phalus)

![PHALUS Web UI](docs/images/web-ui.png)

## Install

### From crates.io

```sh
cargo install phalus
```

### Download binary

Pre-built binaries for Linux (x86_64, aarch64), macOS (Apple Silicon), and Windows are available from [GitHub Releases](https://github.com/phalus-sh/phalus/releases).

```sh
# Linux (x86_64)
curl -L https://github.com/phalus-sh/phalus/releases/latest/download/phalus-v0.6.0-x86_64-unknown-linux-gnu.tar.gz | tar xz
sudo mv phalus /usr/local/bin/

# macOS (Apple Silicon)
curl -L https://github.com/phalus-sh/phalus/releases/latest/download/phalus-v0.6.0-aarch64-apple-darwin.tar.gz | tar xz
sudo mv phalus /usr/local/bin/
```

### Docker

```sh
docker run -p 3000:3000 \
  -e PHALUS_LLM__AGENT_A_API_KEY=sk-ant-... \
  -e PHALUS_LLM__AGENT_B_API_KEY=sk-ant-... \
  ghcr.io/phalus-sh/phalus:latest
```

### Build from source

```sh
git clone https://github.com/phalus-sh/phalus.git
cd phalus && cargo build --release -j2
```

## Quick Start

Set your API keys:

```sh
export PHALUS_LLM__AGENT_A_API_KEY=sk-ant-...
export PHALUS_LLM__AGENT_B_API_KEY=sk-ant-...
```

Preview what would be processed:

```sh
phalus plan package.json
```

Run a single package through the full pipeline:

```sh
phalus run-one npm/left-pad@1.1.3 --license mit
```

Run all packages in a manifest:

```sh
phalus run package.json --license apache-2.0 --output ./reimplemented
```

Dry run (Agent A only, produce specs without implementation):

```sh
phalus run package.json --dry-run
```

Cross-language reimplementation:

```sh
phalus run package.json --license mit --target-lang rust
```

Inspect results:

```sh
phalus inspect ./phalus-output --audit
phalus inspect ./phalus-output --similarity
phalus inspect ./phalus-output --csp
```

Re-validate existing output:

```sh
phalus validate ./phalus-output --similarity-threshold 0.5
```

## Supported Ecosystems

| Ecosystem | Manifest | Registry |
|-----------|----------|----------|
| npm | `package.json` | registry.npmjs.org |
| Python | `requirements.txt` | pypi.org |
| Rust | `Cargo.toml` | crates.io |
| Go | `go.mod` | proxy.golang.org |

## How It Works

```
Manifest → Registry Resolver → Doc Fetcher → Agent A (Analyzer)
    → Isolation Firewall → Agent B (Builder) → Validator → Output
```

1. **Agent A** reads only public documentation (README, API docs, type definitions) and produces a Clean Room Specification Pack (CSP) — 10 documents describing what the package does, never how.
2. The **Isolation Firewall** enforces separation: Agent B never sees the original documentation or source code. Only the CSP crosses the boundary, logged with SHA-256 checksums.
3. **Agent B** reads only the CSP and implements the package from scratch under your chosen license.
4. The **Validator** checks syntax, runs tests, scores similarity against the original, and flags anything above threshold.

Every step is recorded in an append-only audit trail.

## Configuration

`~/.phalus/config.toml`:

```toml
[llm]
agent_a_provider = "anthropic"    # anthropic | openai | openrouter | ollama | any OpenAI-compatible
agent_a_model = "claude-sonnet-4-6"
agent_a_api_key = ""
agent_a_base_url = ""             # optional: override API endpoint
agent_b_provider = "anthropic"
agent_b_model = "claude-sonnet-4-6"
agent_b_api_key = ""
agent_b_base_url = ""

[llm.retry]
max_retries = 3
initial_backoff_ms = 500
timeout_secs = 120

[isolation]
mode = "context"    # context | process | container
docker_image = "alpine:3"
memory_limit = "256m"
cpu_limit = "1.0"
timeout_secs = 60
network_mode = "none"
pids_limit = 64

[limits]
max_packages_per_job = 50
max_package_size_mb = 10
concurrency = 3

[validation]
similarity_threshold = 0.70
run_tests = true
syntax_check = true

[output]
default_license = "mit"
output_dir = "./phalus-output"
include_csp = true
include_audit = true

[web]
enabled = false
host = "127.0.0.1"
port = 3000

[doc_fetcher]
max_readme_size_kb = 500
max_code_example_lines = 10
github_token = ""
```

All config keys can be overridden via environment variables with `PHALUS_` prefix and double-underscore nesting:

```sh
PHALUS_LLM__AGENT_A_API_KEY=sk-ant-...
PHALUS_LLM__AGENT_A_MODEL=claude-sonnet-4-6
PHALUS_ISOLATION__MODE=process
PHALUS_WEB__ENABLED=true
```

### Using OpenAI, OpenRouter, or Ollama

Any provider with an OpenAI-compatible `/v1/chat/completions` endpoint works:

```sh
# OpenAI
export PHALUS_LLM__AGENT_A_PROVIDER=openai
export PHALUS_LLM__AGENT_A_MODEL=gpt-4o
export PHALUS_LLM__AGENT_A_API_KEY=sk-...

# OpenRouter
export PHALUS_LLM__AGENT_A_PROVIDER=openrouter
export PHALUS_LLM__AGENT_A_BASE_URL=https://openrouter.ai/api
export PHALUS_LLM__AGENT_A_MODEL=anthropic/claude-sonnet-4
export PHALUS_LLM__AGENT_A_API_KEY=sk-or-...

# Ollama (local, no API key needed)
export PHALUS_LLM__AGENT_A_PROVIDER=ollama
export PHALUS_LLM__AGENT_A_BASE_URL=http://localhost:11434
export PHALUS_LLM__AGENT_A_MODEL=llama3
export PHALUS_LLM__AGENT_A_API_KEY=unused
```

Set `AGENT_B_*` equivalents for Agent B (can be a different provider/model).

## Output Licenses

| License | ID |
|---------|----|
| MIT | `mit` |
| Apache 2.0 | `apache-2.0` |
| BSD 2-Clause | `bsd-2` |
| BSD 3-Clause | `bsd-3` |
| ISC | `isc` |
| Unlicense | `unlicense` |
| CC0 1.0 | `cc0` |

## Web UI

Enable the optional local web UI:

```sh
PHALUS_WEB__ENABLED=true phalus run package.json
```

Or set `web.enabled = true` in config.toml. Serves on `http://127.0.0.1:3000` by default.

## Ethical Notice

This tool raises serious ethical and legal questions about open source sustainability. It exists for research, education, and transparent discourse — not to encourage license evasion. You are responsible for understanding the legal implications in your jurisdiction. The legality of AI-assisted clean room reimplementation is unsettled law.

## Background

This project replicates the core pipeline demonstrated by [Malus](https://malus.sh/), presented at FOSDEM 2026 by Dylan Ayrey and Mike Nolan. PHALUS strips the concept down to the essential machinery: the pipeline, the isolation, and the audit trail.

## License

0BSD