@@ -639,3 +639,103 @@ Example response:
639639## 5) Stop daemon
640640
641641Press ` Ctrl+C ` in the daemon terminal.
642+
643+ ---
644+
645+ ## 6) Terminal Dashboard (TUI)
646+
647+ The sidecar includes an interactive terminal user interface for real-time monitoring of authorization decisions.
648+
649+ ### Starting the Dashboard
650+
651+ ``` bash
652+ ./predicate-authorityd --policy-file policy.json dashboard
653+ ```
654+
655+ Or set a custom refresh rate (default 100ms):
656+
657+ ``` bash
658+ export PREDICATE_TUI_REFRESH_MS=50
659+ ./predicate-authorityd --policy-file policy.json dashboard
660+ ```
661+
662+ ### Dashboard Layout
663+
664+ ```
665+ ┌────────────────────────────────────────────────────────────────────────────┐
666+ │ PREDICATE AUTHORITY v0.4.1 MODE: strict [LIVE] UPTIME: 2h 34m [?] │
667+ │ Policy: loaded Rules: 12 active [Q:quit P:pause] │
668+ ├─────────────────────────────────────────┬──────────────────────────────────┤
669+ │ LIVE AUTHORITY GATE [1/47] │ METRICS │
670+ │ │ │
671+ │ [ ✓ ALLOW ] agent:web │ Total Requests: 1,870 │
672+ │ browser.navigate → github.com │ ├─ Allowed: 1,847 (98.8%)│
673+ │ m_7f3a2b1c | 0.4ms │ └─ Blocked: 23 (1.2%)│
674+ │ │ │
675+ │ [ ✗ DENY ] agent:scraper │ Throughput: 12.3 req/s │
676+ │ fs.write → ~/.ssh/config │ Avg Latency: 0.8ms │
677+ │ EXPLICIT_DENY | 0.2ms │ │
678+ │ │ ────────────────────────────── │
679+ │ [ ✓ ALLOW ] agent:worker │ TOKEN CONTEXT SAVED │
680+ │ browser.click → button#checkout │ ────────────────────────────── │
681+ │ m_9c2d4e5f | 0.6ms │ Blocked early: 23 actions │
682+ │ │ Est. tokens saved: ~4,140 │
683+ ├─────────────────────────────────────────┴──────────────────────────────────┤
684+ │ Generated 47 proofs this session. Run `predicate login` to sync to vault.│
685+ └────────────────────────────────────────────────────────────────────────────┘
686+ ```
687+
688+ ### Keyboard Shortcuts
689+
690+ | Key | Action |
691+ | -----| --------|
692+ | ` Q ` / ` Esc ` | Quit dashboard |
693+ | ` j ` / ` ↓ ` | Scroll down event list |
694+ | ` k ` / ` ↑ ` | Scroll up event list |
695+ | ` g ` | Jump to newest event (top) |
696+ | ` G ` | Jump to oldest event (bottom) |
697+ | ` P ` | Pause/resume live updates |
698+ | ` ? ` | Toggle help overlay |
699+
700+ ### Dashboard Features
701+
702+ - ** Live Authority Gate** : Real-time scrolling list of ALLOW/DENY decisions with agent IDs, actions, resources, mandate IDs, and latency
703+ - ** Metrics Panel** : Total requests, allowed/denied counts with percentages, throughput (req/s), average latency
704+ - ** Token Context Savings** : Estimated tokens saved by blocking unauthorized actions early
705+ - ** Status Indicators** : LIVE/PAUSED status, scroll position, uptime
706+
707+ ### Session Summary
708+
709+ When you quit the dashboard (press ` Q ` ), a session summary is printed to stdout:
710+
711+ ```
712+ ────────────────────────────────────────────────────────
713+ PREDICATE AUTHORITY SESSION SUMMARY
714+ ────────────────────────────────────────────────────────
715+ Duration: 2h 34m 12s
716+ Total Requests: 1,870
717+ ├─ Allowed: 1,847 (98.8%)
718+ └─ Blocked: 23 (1.2%)
719+
720+ Proofs Generated: 1,870
721+ Est. Tokens Saved: ~4,140
722+
723+ To sync proofs to enterprise vault, run:
724+ $ predicate login
725+
726+ ────────────────────────────────────────────────────────
727+ ```
728+
729+ ### When to Use the Dashboard
730+
731+ - ** Local development** : Watch authorization decisions in real-time while testing agents
732+ - ** Debugging** : See exactly what actions are being blocked and why
733+ - ** Demos** : Visual demonstration of the authorization layer intercepting actions
734+ - ** Monitoring** : Over SSH on headless servers (works in any terminal)
735+
736+ ---
737+
738+ ## Related Documentation
739+
740+ - [ sidecar-user-manual.md] ( ../../rust-predicate-authorityd/docs/sidecar-user-manual.md ) - Comprehensive user manual
741+ - [ how-it-works.md] ( ../../rust-predicate-authorityd/how-it-works.md ) - Architecture of IdP + Sidecar + Mandates
0 commit comments