Reference

CLI reference

Start with seed clearance setup. The lower-level commands are here for automation and debugging after you understand the main flow.

Clearance

Command	Purpose	Inputs	Output	Failure
seed clearance setup	Create identity + sealed vault.	`— (interactive)`	identity, vault path, default policy	fails closed if keystore unavailable
seed clearance status	Show identity, actors, mandates, log head.	`—`	CBOR (diag with --text)	always exits 0; reflects current state
seed clearance connect	Register an assistant as an actor.	`--profile`	actor id, mandate id	fails closed; no host file written on error
seed clearance prove	Export a verifiable proof bundle.	`--since, --until`	proof.cbor, manifest sha256	never includes private keys
seed clearance revoke	Revoke an actor or all actors.	`--actor, --all`	revocation entry	irreversible; rotates bridge token
seed clearance bridge	Run the local MCP/HTTP bridge.	`--mcp \| --http`	— (long-running)	fail-closed on policy denial

Identity & actors

Command	Purpose	Inputs	Output	Failure
seed identity create	Create a new identity.	`--label`	identity id	fails closed if vault locked
seed identity status	Show current identity.	`—`	CBOR identity record	—
seed actor create	Create an actor under an identity.	`--label, --kind`	actor id	—
seed actor status	Show actor record + mandate.	`--actor`	CBOR actor record	—

Vault & mandate

Command	Purpose	Inputs	Output	Failure
seed vault policy set	Update vault policy.	`--from-file`	policy digest	rejects unsigned policy
seed vault policy status	Show active policy.	`—`	CBOR policy	—
seed mandate create	Issue a mandate to an actor.	`--actor, --caps`	mandate id, expiry	caps must exist in capability manifest
seed mandate status	Show mandate.	`--mandate`	CBOR mandate	—

Payment & log

Command	Purpose	Inputs	Output	Failure
seed payment intent create	Open a sandbox payment intent.	`--amount, --asset`	intent id	sandbox only — no settlement
seed log append	Append a log entry.	`--kind, --payload`	entry id	fails closed if chain corrupted
seed log tail	Stream the local log.	`--strict, --json`	CBOR or JSON entries	—
seed log verify	Re-verify the local hash chain.	`—`	pass/fail + first bad index	non-zero exit on mismatch
seed proof export	Export a proof bundle (alias).	`--since`	proof.cbor	—
seed proof verify	Verify a proof bundle.	`<file>`	pass/fail + manifest	non-zero exit on bad signature

System

Command	Purpose	Inputs	Output	Failure
seed revoke	Top-level revoke (alias).	`--actor, --all`	revocation entry	—
seed health --strict	Full self-test.	`—`	CBOR health record	non-zero on any failure
seed uninstall	Remove binaries; keep or wipe keys.	`--keep-keys, --wipe`	—	refuses without --confirm

Worked example

# Issue a 1-hour proof of every action this Cursor session took
seed clearance prove --since 1h --actor cur-9f1a > session.cbor
seed proof verify session.cbor