HuggingClaw-User-Deployment / docs /multi-agent-architecture.md
Claude Code
Claude Code: **Project: Internal Agent Bus & UI Integration**
90077e9
|
Raw
History Blame Contribute Delete
7.97 kB
# Multi-Agent Architecture for HuggingClaw World
## Overview
The HuggingClaw World multi-agent system enables coordinated operation of multiple specialized agents (Adam, Eve, Cain) with role-based access control (RBAC) and inter-agent communication via A2A protocol.
## Architecture
### Agent Roles
| Agent | Role | Responsibilities |
|-------|------|-------------------|
| **Adam** | Infrastructure | System-level operations, deployment, monitoring, HuggingFace Space management |
| **Eve** | UI Logic | Frontend rendering, display management, user interface |
| **Cain** | Interaction | User message processing, conversation handling, memory management |
### File Structure
```
.openclaw/
├── agents/
│ ├── registry.json # Agent registry with capabilities and status
│ ├── rbac.py # Role-based access control implementation
│ └── main/
│ └── sessions/ # Agent session data
├── workspace/
│ ├── state.json # Workspace state with multi-agent configuration
│ └── MULTI_AGENT.md # This documentation
├── cron/
│ ├── executor.py # Cron job executor with tool registry
│ └── jobs.json # Job configurations
└── openclaw.json # OpenClaw configuration
```
## State Management
### workspace/state.json
The workspace state file tracks:
- **Multi-agent mode**: Enable/disable multi-agent operation
- **Agent states**: Current status of each agent (active, idle, offline, error)
- **Active agent**: Which agent is currently running
- **Agent communication**: A2A peer endpoints
- **Permissions**: Role-based access control settings
### agents/registry.json
The agent registry tracks:
- **Agent metadata**: Name, role, workspace, description
- **Capabilities**: Allowed and forbidden tools per agent
- **Health status**: Last check time, status, failure count
- **Communication endpoints**: A2A JSON-RPC endpoints
## Role-Based Access Control
### TOOL_REGISTRY
The central `TOOL_REGISTRY` in `rbac.py` defines:
- **Tool metadata**: Description, required authentication level
- **Role mapping**: Which roles can use each tool
- **Permission level**: ALLOWED, FORBIDDEN, or ROLE_SPECIFIC
### Tool Categories
#### Infrastructure Tools (Adam only)
- `hf_space_status` - Check HuggingFace Space status
- `hf_restart_space` - Restart a HuggingFace Space
- `hf_create_space` - Create a new Space
- `hf_delete_space` - Delete a Space
- `deploy_agent` - Deploy a new agent instance
- `system_monitor` - Monitor system health
- `log_viewer` - View system logs
#### UI Tools (Eve only)
- `ui_render` - Render UI components
- `frontend_update` - Update frontend content
- `bubble_set` - Set speech bubble text
- `chatlog_post` - Post chat log entries
- `display_manage` - Manage display settings
- `theme_update` - Update UI theme
#### Interaction Tools (Cain only)
- `message_send` - Send messages via A2A
- `conversation_process` - Process conversation input
- `memory_read` - Read from agent memory
- `memory_write` - Write to agent memory
- `session_archive` - Archive old sessions
- `context_manage` - Manage conversation context
#### Shared Tools (All agents)
- `health_check` - Perform health check
- `get_status` - Get agent status
- `agent_ping` - Ping another agent
## Usage
### Initialize the RBAC System
```python
from .openclaw.agents.rbac import MultiAgentSystem, check_permission, filter_tools_for_agent
# Get the RBAC system instance
rbac = MultiAgentSystem()
# Check if current agent can use a tool
if rbac.check_tool_permission("hf_restart_space"):
# Execute the tool
pass
# Get allowed tools for current agent
allowed_tools = rbac.get_allowed_tools()
# Get peer agents for A2A communication
peers = rbac.get_peers()
```
### Permission Checking
```python
# Check permission for a specific agent
from .openclaw.agents.rbac import check_permission
# Check if Cain can use a tool
can_use = check_permission("message_send", "cain")
# Check if Adam can use a tool
can_restart = check_permission("hf_restart_space", "adam")
```
### Filter Tools for Agent
```python
from .openclaw.agents.rbac import filter_tools_for_agent
all_tools = ["hf_restart_space", "ui_render", "message_send"]
# Filter for Cain
cain_tools = filter_tools_for_agent(all_tools, "cain")
# Returns: ["message_send"]
# Filter for Eve
eve_tools = filter_tools_for_agent(all_tools, "eve")
# Returns: ["ui_render"]
```
## A2A Communication
Agents communicate via A2A (Agent-to-Agent) JSON-RPC protocol:
```python
import requests
def send_a2a_message(agent_url, message):
"""Send message to another agent via A2A"""
payload = {
"jsonrpc": "2.0",
"id": f"msg-{int(time.time())}",
"method": "message/send",
"params": {
"message": {
"messageId": f"msg-{int(time.time())}",
"role": "user",
"parts": [{"type": "text", "text": message}]
}
}
}
response = requests.post(f"{agent_url}/a2a/jsonrpc", json=payload, timeout=90)
return response.json()
```
## Backward Compatibility
The system maintains full backward compatibility with single-agent workflows:
### Legacy Mode
```python
# Enable legacy mode for single-agent operation
rbac = MultiAgentSystem(legacy_mode=True)
# In legacy mode, all tools are available
allowed_tools = rbac.get_allowed_tools() # Returns all tools
```
### Convenience Functions
```python
from .openclaw.agents.rbac import can_use_tool, get_available_tools
# Single-agent compatible API
if can_use_tool("some_tool"):
# Execute tool
pass
# Get all available tools for current agent
tools = get_available_tools()
```
## Configuration
### Environment Variables
- `AGENT_NAME` - Name of the current agent (adam, eve, cain)
- `SPACE_ID` - HuggingFace Space ID (used for auto-detection)
- `A2A_PEERS` - Comma-separated list of peer agent URLs
### Multi-Agent Enable/Disable
Set in `workspace/state.json`:
```json
{
"multi_agent_enabled": true,
"legacy_mode": false
}
```
## Agent Detection
The system auto-detects the current agent based on:
1. `AGENT_NAME` environment variable
2. `SPACE_ID` environment variable
3. Defaults to "cain" if not found
## Health Monitoring
Agent health is tracked in the registry:
```json
{
"health": {
"last_check": "2026-03-14T00:00:00Z",
"status": "healthy",
"failures": 0
}
}
```
Status values: `healthy`, `degraded`, `error`, `unknown`
## Error Handling
- Permission denied: Tool execution is blocked with log message
- Unknown tool: Warning logged, execution blocked
- Agent not found: Returns empty info dict
- Invalid role: Defaults to INTERACTION role
## Security
- Infrastructure tools require authentication
- Dangerous tools (restart, delete) marked in registry
- Role-based isolation prevents cross-role tool access
- A2A communication uses token-based auth
## Future Extensions
Potential additions:
- Dynamic tool registration
- Agent capability discovery
- Load balancing across agents
- Agent migration and failover
- Resource quota management
- Audit logging
## Migration Guide
To migrate from single-agent to multi-agent:
1. Create `workspace/state.json` with multi-agent configuration
2. Create `agents/registry.json` with agent definitions
3. Update code to use `rbac.py` for permission checks
4. Add A2A communication for inter-agent messages
5. Test in legacy mode first, then enable multi-agent
## Troubleshooting
### Agent not detected
Check environment variables:
```bash
echo $AGENT_NAME
echo $SPACE_ID
```
### Permission denied
Verify tool is in agent's allowed list in `registry.json`
### A2A communication fails
Check peer endpoints are reachable:
```bash
curl https://peer-agent.hf.space/a2a/jsonrpc
```
### Multi-agent mode not working
Verify `multi_agent_enabled: true` in `workspace/state.json`