Host Agent

The local B3IQ service for node identity, inventory, runtime probing, local APIs, receipts, heartbeats, and command polling.

The host agent is the local service that makes a machine usable as a B3IQ node. It owns local identity, machine inventory, setup APIs, runtime probes, model profile state, local auth, local API keys, receipts, heartbeats, and command polling.

Responsibilities

Local identity

Generates and uses the node identity for enrollment challenges, signed heartbeats, command results, and payout report access.

Runtime inventory

Reads OS, CPU, RAM, GPU, disk, runtime, model, queue, and benchmark posture from the machine instead of trusting browser estimates.

Local APIs

Serves local setup endpoints, /v1/models, /v1/chat/completions, model-profile readiness, receipt listing, and receipt submission.

Managed sync

Posts signed heartbeats and polls the control plane for narrow command workflows over outbound HTTPS.

Local Listener

The default local listener is:

text
http://127.0.0.1:8831

Loopback is the default because setup, local auth, and local API keys are operator-controlled local credentials. LAN-exposed appliance installs require explicit configuration and network controls.

Data The Host Agent Protects

Data class	Handling
Setup token	Bootstrap or recovery credential. Do not expose through public docs, logs, or remote support bundles.
Local API key	`b3iq_local_` secrets are shown once, stored hashed, revocable, scoped, and safe examples keep them out of argv.
Support grant	`b3iq_support_` secrets are expiring, revocable, hash-stored, and diagnostics-only.
Node private key	Never persisted in public payloads. Recovery flows must label secrets as one-time operator artifacts.
Prompts and outputs	Local request content stays local unless the operator sends it to a runtime or explicitly uses a routed workflow.

Common Commands

bash
b3iq-host wizard url --with-token

bash
curl --fail http://127.0.0.1:8831/health

bash
b3iq-host chat --api-key-file .secrets/b3iq-local-key

Avoid process argv secrets

Prefer --api-key-stdin, --api-key-file, or environment variables for local CLI testing. Do not place b3iq_local_ secrets directly into command argv.

Managed Node Behavior

The host agent does not need inbound networking for managed mode. It can:

Request and sign enrollment challenges.
Publish signed inventory and readiness heartbeats.
Poll for commands over outbound HTTPS.
Run narrow jobs such as benchmark smoke, tunnel health checks, model install, support bundle generation, and receipt submission.
Submit signed command results and receipts.

Setup wizard

Walk through the operator setup flow served by the host agent.

Learn More

Local API

Use the host agent as a local OpenAI-compatible endpoint.

Learn More

Security

Review local auth, support grants, secret handling, and public boundaries.

Learn More

Was this page helpful?

Previous Read a windowed treasury and protocol-fee report.

Next Setup Wizard