Statically compiled to run natively with zero dependencies. Rusty safeguards your development environment using local directory sandboxing, OS keychain integration, and absolute privacy. No runtime, no telemetry, no backdoors.
Most coding tools require bloated Node/Python packages, continuous background sync processes, and loose telemetry streams. Rusty operates under an absolute privacy model.
Rusty features absolutely zero analytic instrumentation, tracing pipelines, or outbound metrics checks. Chat payloads transit strictly between your host and the verified LLM endpoint you configure.
Licensed entirely under AGPL-3.0-or-later copyleft protections. Every crate is distributed as open, verifiable source code. No compiled node packages, binary blobs, or obfuscated execution scripts.
Every single file write, read, and edit is checked recursively. System structures, configurations, and parent directories (`~/.ssh`, `/etc`) are isolated and blocked before any agent action is allowed.
Your API keys are stored in secure native hardware OS keychains (macOS Keychain, Linux Secret Service, Windows Credential Manager) instead of vulnerable plaintext `.env` configurations.
Compile Rusty instantly, then launch a session. On first run, the interactive offline configuration guide secures your credentials, maps presets, and mounts directories immediately.
~/.rusty/settings.jsonVerified diagnostics derived directly from static compilation targets. Pure, zero-overhead execution metrics.
Statically compiled inside Rust. Zero dynamically linked dependencies or bloated container nodes.
Instant start latency. Avoids interpreters, background runtime boots, or virtual environment parsing.
Eliminates compositor overhead. Zero rendering lag even with multiple workspace sessions active.
Runs on ultra-low memory footprints. No background Node engines or Python runtime leakages.
| Operational Aspect | Rusty (Static Crate) | Node/TS Harnesses | Python Frameworks |
|---|---|---|---|
| Primary Dependency | Statically linked bin | Node runtime + 100MB+ node_modules | Python + Pip packages dependency trees |
| Memory Footprint (Idle) | ~4.8 MB | ~60 MB - 120 MB | ~45 MB - 90 MB |
| macOS WindowServer Load | ~0.0% (99% Saved) | 25% – 50% CPU spikes (2+ sessions) | Variable (High on Tcl/Tk or Electron GUI) |
| API Key Encryption | Native hardware keyring | Plaintext environment logs | Plaintext .env configs on host disks |
| Path Boundary Locks | Strict workspace bounds | Full parent disk access | Arbitrary host access defaults |
| Third-Party Risk | Statically audited crates | Deep, shifting npm dependency trees | Nested pip supply chain packages |
Modern web-tech developer tools offload code visualization and rendering loops to local Electron or Chrome layers, forcing macOS WindowServer processes to continuously recompute compositing arrays. Opening just two Node/TS agent sessions often captures up to 50% of system CPU purely to draw the interface.
Rusty is architected directly around a hardware-supported console-driven ioctl buffer pipeline. Because it writes raw terminal character arrays natively to the active shell viewport, WindowServer rendering overhead is reduced by **99%**, leaving absolute CPU power available for local compilations and model token operations.
Rusty contains no obfuscated packages. Review every single source directory, crate boundary, and utility module cleanly.
Before performing file operations or searches, Rusty verifies that targeted directories map cleanly underneath your current workspace context. Access beyond designated boundaries is aborted instantly.
Commands map recursively to offline classifications. Low-risk actions (such as checking `git status` or running `cargo test`) process smoothly, while modifications to workspace packages demand an explicit confirmation.
Every module operates transparently under copyleft AGPL-3.0-or-later conditions. No proprietary tracking middleware, background phone-homes, or telemetry is permitted in the compilation stream.
Rusty does not establish network handshakes to any central telemetry servers. The codebase contains no trackers, telemetry instrumentation libraries, or telemetry toggles. Requests stream strictly and directly between your terminal and the endpoint you specify.
Inspect CLI parameters, sandbox agent capabilities, or TUI commands verified inside alpha builds.
Secure binary builds directly on any architecture with normal Cargo toolchains.
Download and assemble target sources from crates.io directly into standard cargo paths.
Perform a manual security audit of workspace source files, then assemble release binaries.