Operations, Licensing & Roadmap
Recent features, known gaps, licensing, OSS growth, technical debt, production deployment, summary statistics, and the vision.
Part of the Comprehensive Technical Documentation. Definitive reference based on a non-invasive scan of the molecule-core repository.
22. Recent Feature Highlights
| Feature | Description |
|---|---|
| A2A streaming response | Real-time task result delivery via SSE (message/sendSubscribe) |
| Onboarding wizard | 4-step guided first-run experience in Canvas |
| Global API keys | Platform-wide secrets with per-workspace override + AES-256 encryption |
| Coordinator enforcement | Team leads cannot do work, only route and aggregate |
| Cascade pause/resume | Pausing a parent cascades to all children; paused children can't be individually resumed |
| Graceful A2A errors | [A2A_ERROR] sentinel + retry with exponential backoff + fallback |
| Canvas error boundary | React class component catches render errors, shows retry button |
| Hydration retry | Banner with "Retry" button + PLATFORM_URL hint on WebSocket stale state |
| Activity log retention | Configurable cleanup (default 7 days, ACTIVITY_RETENTION_DAYS) |
| Security hardening | Hub double-close race fix (sync.Once), A2A proxy timeout (5min canvas, ∞ workspace), Python JSON decode guards |
23. Known Gaps & Backlog
Test Coverage
18 of 26 Go handler files have zero unit tests: a2a_proxy, workspace, templates, registry, discovery, secrets, etc. Current: 278 tests with 25% baseline enforced.
Silent Failures
6+ locations with fire-and-forget ExecContext DB writes need proper error handling (activity log inserts, event broadcasts).
Python Tool Error Handling
Tools call resp.json() without catching JSON decode errors. Should wrap in try/except for malformed responses.
Branch-Level Work
| Branch | Feature | Status |
|---|---|---|
feat/nemoclaw-t4-docker | NemoClaw adapter (NVIDIA T4 support) | WIP |
| Backlog | Firecracker backend (faster cold starts) | Planned |
| Backlog | E2B backend (cloud-hosted code sandbox) | Planned |
| Backlog | pgvector semantic memory search | Planned |
| Backlog | Canvas search, batch operations, keyboard shortcuts | Planned |
24. Licensing & Commercialization Path
Open Source (Current)
- License: MIT
- Strategy: Maximize adoption, zero friction
- Model: Follows n8n Community Edition approach
SaaS Path (Future molecule-cloud repo)
| Feature | Technology |
|---|---|
| Authentication | Clerk or Auth.js |
| Multi-tenancy | org_id column added to schema |
| Billing | Stripe integration |
| Managed infrastructure | ECS + Neon + Upstash |
| White-labeling | Custom Canvas branding |
Key principle: No changes to core open-source repo. SaaS layer is purely additive.
25. OSS Growth Research
Analysis of 8 OSS agent projects (from oss-agent-growth-research.md):
Winning Launch Formula
[Viral Demo] + [HN Front Page] + [One Major Amplifier] + [Zero-Friction Install]
↓ ↓ ↓ ↓
60s video 400+ upvotes Karpathy / Altman / docker compose up
screen rec top comment Major YouTuber 3 commands maxEvery Tier 1 launch (Open Interpreter, CrewAI) had all four elements.
Documentation Best Practice (Diataxis Model)
| Type | Purpose | Example |
|---|---|---|
| Tutorials | Learning-oriented | "Build your first agent team in 5 minutes" |
| How-to guides | Task-oriented | "How to configure RBAC for production" |
| Explanation | Understanding-oriented | "Why memory follows org boundaries" |
| Reference | Information-oriented | API route tables, config schema |
26. Technical Debt & Constraints
Hard Design Constraints
- Platform never routes agent messages — A2A is strictly peer-to-peer
- Postgres is fact source, Redis is cache — Redis loss is fully recoverable
structure_eventsis append-only — Never UPDATE, never DELETEworkspace-templatehas no business logic — Logic lives inworkspace-configs-templates/- Bundles never include secrets — API keys forbidden from serialization
- Hierarchy = topology — No manual edge wiring; all communication derived from
parent_id
27. Production Deployment
Multi-Host Configuration
- Docker-internal URLs (
http://ws-{id}:8000) work directly between containers - Nginx on host handles TLS termination
- For external HTTPS: proxy requests to host-mapped URLs
Volume Management
| Mode | Configuration | Behavior |
|---|---|---|
| Default | No WORKSPACE_DIR | Each workspace gets isolated Docker volume ws-{id}-workspace |
| Shared | WORKSPACE_DIR=/path | All agents mount same host directory (read/write) |
29. Summary Statistics
| Metric | Value |
|---|---|
| Python runtime files | 95 |
| Go platform files | 94 |
| TypeScript/JS canvas files | 62 |
| Runtime adapter implementations | 6 |
| Go handler files | 26 |
| Postgres migrations | 11 |
| Core workspace tools | 14 |
| Platform API endpoints | 40+ |
| MCP tools | 20+ |
| Go tests | 278 (with -race flag) |
| Canvas Vitest tests | 188 |
| Python pytest tests | 148 |
| Total tests | 614 |
| Activity retention | 7 days (configurable) |
| Heartbeat interval | 30s (default) |
| Redis liveness TTL | 60s |
| Health sweep interval | 15s (proactive) |
| Skill hot-reload propagation | ~3 seconds |
| Coverage baseline (Go) | 25% enforced in CI |
30. Vision: From Agent Teams to Robot Teams
Molecule AI's workspace abstraction is runtime-agnostic by design. A workspace is a role with an A2A interface — not an LLM with a prompt. The same hierarchy, memory boundaries, approval chains, and governance that organize AI agents in containers today can organize any autonomous system that speaks A2A.
| Phase | Era | Systems | Status |
|---|---|---|---|
| NOW | Software Agent Teams | LLM agents in Docker, 7 runtimes, HMA, Langfuse, A2A | LIVE on main |
| NEXT | Terminal + Device Agents | Terminal bots, browser agents, IoT controllers, CI/CD agents | BUILDING |
| HORIZON | Embodied Robot Teams | Warehouse robots, autonomous vehicles, manufacturing cells, field inspection | HORIZON |
The workspace is the role. The protocol is A2A. The boundary between digital and physical disappears — the organizational layer remains.