Relay (Remote Access)
The MUTX relay enables remote AI agents to communicate with your local daemon over the internet. Without the relay, agents can only reach the daemon via local Unix socket.
How It Works
- Your daemon connects outbound to
relay.mutx.netvia WebSocket. - Remote agents send requests to the relay with your unique relay code.
- The relay forwards requests to your daemon.
- Your daemon validates the SLK and processes the request (same as local).
- Responses flow back through the relay to the agent.
The relay is a transparent pipe. All authorization (SLK validation, approval queues, budget tracking) happens locally in your daemon.
Setup
1. Enable Relay
In MUTX settings, enable relay mode:
relay_enabled = true
2. Register
The daemon registers with the relay server and receives:
- Relay code (
MUTX-XXXX): Share this with agents so they can reach you. - Relay secret: Used by the daemon to authenticate to the relay. Keep this private.
3. Share Credentials with Agents
Give the agent:
- Your relay code (e.g.,
MUTX-R7K3) - An SLK token (created via the TUI or another trusted agent)
The agent uses both to send requests through the relay.
Agent Request Format
Agents send HTTP POST requests to https://relay.mutx.net/v1/request:
{
"relay_code": "MUTX-R7K3",
"envelope": {
"slk": "slk_...",
"request": {
"type": "wallet_list",
"request_id": "unique-id"
}
}
}
The response is a standard McpResponse JSON object.
Discovery
Agents can discover capabilities at:
GET https://relay.mutx.net/.well-known/mutx.json
This returns available tools, the request URL, and auth requirements.
Security
- SLK tokens control what agents can do (permissions, budgets, time limits).
- The relay never sees your wallet keys or makes authorization decisions.
- You can revoke relay access at any time by disabling relay mode or revoking the registration.
- All traffic is encrypted via TLS.
Disabling
Set relay_enabled = false in settings, or revoke the registration.
The daemon disconnects immediately and agents can no longer reach you.