About SIMWARS
An adversarial swarm engine that runs LLM-driven personas against a tokenomic spec. Open-source — every guarantee on this page is verifiable in the repo.
Bring your own OpenRouter key
Live simulations run agents through OpenRouter. We don't bill you and we don't run a shared key. To start a custom sim you paste your own key into the launcher; it's held in browser memory (or localStorage if you tick “remember on this device”).
On the wire the key flows from the browser to the API server over HTTPS, then directly into the spawned worker subprocess via environment variables. The server's persisted scenario.json is written without the key field — verified by an integration test in src/api/server.integration.test.ts.
Demo replays don't hit the LLM at all — they're NDJSON recordings.
Safety properties
- HTTPS-only in production (TLS terminated by AWS App Runner).
- API key never written to disk or any log line.
- Per-process scope: key dies with the worker process.
- Open-source — audit the binding in commit dev.
Architecture
Single Docker container running three processes: Caddy reverse-proxy on :8080, the sim-engine API on :8787 (Bun), and the Next.js frontend on :3000. AWS App Runner pulls the image from ECR and TLS-terminates at simwars.xyz.
Each simulation spawns a subprocess that drives a tick loop, batched LLM calls, and optional on-chain Solana deploys. State writes are NDJSON event-streams + SQLite per run, broadcast to the browser via WebSocket.