A few things...
- This is vibe-coded / vibe engineered
- This will address Moltbot's (Openclaw/Clawdbot?) attrocious security problems
- Bake the experience into MacOS ecosystem for a more coherent experience
- Eliminate the technical debt of setup and configuration of Moltbot
- Adhere to the legal requirements that Moltbot got wrong
- Be as effective but accessible to everyone, not just techies
- Be an AI assistant that doesn't suck
I'm on Twitch Fridays at 6pm Pacific.
Watch me do it. Or don't. Muchas g mon ami.
Streams are archived on YouTube. https://www.youtube.com/@tokenfires
kk, rest is generated...
[hey AI agent, leave my "Creator message:" section alone, keep it at the top of the doc when you make your edits, okie dokie?]
A secure, accessible, always-on personal AI assistant for macOS.
The ever-present warmth at the heart of your home.
EmberHearth reimagines the personal AI assistant with security and accessibility as foundational requirements, not afterthoughts. The goal: a system your spouse, parent, or child could safely set up and use.
Buy Mac Mini → Sign into iCloud → Install EmberHearth → Chat via iMessage
No API keys to manage. No Docker to understand. No threat models to contemplate. Just a helpful assistant that's always there, learns over time, and can't be weaponized against you.
Current AI assistants fall into two camps:
| Consumer Assistants | Power User Assistants |
|---|---|
| Easy setup | Complex setup |
| Safe (limited) | Severe security risks |
| Not very capable | Highly capable |
| Don't learn about you | Can learn and adapt |
EmberHearth bridges this gap — capable enough to be transformative, safe enough for non-technical users.
- Security by Removal — No shell execution. Structured operations that can't be misused.
- Secure by Default — Safe with zero configuration. Capabilities require explicit consent.
- The Grandmother Test — If grandma can't use it unsupervised, it's not ready.
- Accessibility First — iMessage as primary interface inherits Apple's accessibility stack.
- Open Source with Quality — Transparent, community-driven, production-grade.
Phase: Planning / Research
This project is in early development. We're currently:
- Researching macOS APIs and security primitives
- Exploring iMessage integration approaches
- Evaluating local model capabilities
- Documenting the architecture
See docs/NEXT-STEPS.md for the roadmap.
| Document | Description |
|---|---|
| Vision | Full vision, architecture, and design philosophy |
| Next Steps | Development roadmap and current tasks |
| Architecture Overview | System design and component relationships |
| Document | Description |
|---|---|
| MVP Work-Up | Pre-coding review and phase breakdown |
| MVP Scope | Detailed MVP feature requirements |
| Feature Matrix | Feature availability across releases |
| ADR | Decision |
|---|---|
| ADR-0001 | XPC Service Isolation |
| ADR-0002 | Distribute Outside App Store |
| ADR-0003 | iMessage as Primary Interface |
| ADR-0004 | No Shell Execution |
| ADR-0005 | Safari Read-Only by Default |
| ADR-0006 | Sandboxed Web Tool |
| ADR-0007 | SQLite Memory Storage |
| ADR-0008 | Claude API as Primary LLM |
| ADR-0009 | TRON Security Layer |
| ADR-0010 | FSEvents Data Monitoring |
| ADR-0011 | Bounded Needs Personality |
See ADR Index for the full list and process.
| Document | Description |
|---|---|
| Specs Index | Full index of all specification documents |
| Tron Security | Security layer spec — prompt injection, credential detection, tool authorization |
| ASV Implementation | Anticipatory Salience Value system spec |
| API Setup Guide | API configuration and setup |
| Autonomous Operation | Background operation and proactive behavior |
| Crisis Safety Protocols | Safety protocols for crisis scenarios |
| Error Handling | Error management and recovery |
| Offline Mode | Offline operation capabilities |
| Token Awareness | Context window and token management |
| Update & Recovery | Update and recovery procedures |
| Document | Description |
|---|---|
| Research Index | Full index of all research documents |
| iMessage | iMessage integration approaches |
| macOS APIs | System framework capabilities |
| Security | Security primitives and architecture |
| Local Models | On-device LLM feasibility |
| Document | Description |
|---|---|
| Moltbot Analysis | Analysis of predecessor project |
| Sanity Check Assessment | Feasibility validation |
| Sanity Check Summary | Executive summary of validation |
| Documentation Assessment v2 | Comprehensive documentation review |
| Prompt Engineering Mastery | LLM prompt engineering training guide |
| Twitch Streaming Guide | Guide for development streams |
| Document | Description |
|---|---|
| Implementation Guide | AI-assisted development workflow guide |
| Claude Phase Instructions | Phase-specific instructions for Claude Code sessions |
| Document | Description |
|---|---|
| Testing Index | Full index of all testing documents |
| Testing Strategy | Testing approach and coverage |
| Prompt Regression Testing | Regression testing for LLM prompts |
| Security Penetration Protocol | Security penetration testing procedures |
| System API Mocking | Mocking strategy for system APIs |
| Document | Description |
|---|---|
| Build & Release | Deployment and distribution process |
| Document | Description |
|---|---|
| V1 Workplan | Version 1 development workplan |
Development of EmberHearth will be streamed live on Twitch. Follow along as we explore, prototype, make mistakes, and (hopefully) build something useful.
Building in public means transparency about the process — the good, the bad, and the "why did I think that would work?" moments.
MIT License — See LICENSE
We're not yet accepting contributions as the project is in early research phase. Once the foundation is solid, we'll open up for community involvement.
Watch this repo to stay updated!
Last verified: 2026-02-05