Stop Wasting RAM on Bloated AI Assistants: nullclaw Runs on a $5 Board

Your AI assistant infrastructure shouldn't need more resources than the actual AI model. Yet here we are in 2026, watching developers deploy "lightweight" Python frameworks that guzzle 100+ MB of RAM, take 30 seconds to cold-start, and ship as 28 MB dependency nightmares. What if I told you there's a tool that makes all of that look embarrassingly wasteful?

Meet nullclaw — the smallest fully autonomous AI assistant infrastructure ever built. A static Zig binary weighing just 678 KB. Peak memory usage around 1 MB. Startup time under 2 milliseconds on Apple Silicon, under 8 ms on a 0.8 GHz edge core. This isn't a toy or a stripped-down demo. It's production-ready infrastructure with 50+ AI providers, 19 communication channels, 35+ tools, 10 memory engines, multi-layer sandboxing, voice support, MCP compatibility, subagents, streaming, and hardware peripheral control.

The secret? Zero runtime. Zero VM. Zero garbage collector. Zero framework overhead. Just pure Zig compiling down to machine code that runs on anything with a CPU and libc. While competitors demand $50-600 hardware, nullclaw deploys on any $5 board you can find.

If you're building edge AI, IoT deployments, or simply sick of infrastructure bloat, keep reading. This changes everything.

What is nullclaw?

nullclaw is an open-source autonomous AI assistant infrastructure written entirely in Zig, a systems programming language designed for optimal performance and explicit memory management. Created by the nullclaw organization, it represents a radical reimagining of how AI assistant infrastructure should be built — from first principles, with zero abstraction penalty.

The project's philosophy is brutally simple: Null overhead. Null compromise. 100% Zig. 100% Agnostic.

Unlike virtually every AI assistant framework that layers runtimes, interpreters, and dependency trees, nullclaw compiles to a single static binary. No Python environment. No Node.js installation. No Docker image pulling hundreds of megabytes. Just one file that you copy to any system and execute.

nullclaw is trending because it solves a problem the industry has normalized into invisibility: infrastructure obesity. We've accepted that "AI tooling" means gigabytes of dependencies, minute-long startups, and hardware requirements that exclude most of the world. nullclaw exposes this as a failure of engineering, not a law of physics.

The project uses CalVer versioning (YYYY.M.D), is pre-1.0 but battle-tested with 5,300+ tests, and ships with comprehensive documentation in both English and Chinese. It also integrates with the broader Null ecosystem including nullhub (UI configuration), nullboiler (orchestration), nullwatch (observability), and nulltickets (task tracking).

Key Features That Defy Physics

nullclaw's specifications read like a benchmark cheat code. Here's the technical reality behind the numbers:

Impossibly Small Binary: At 678 KB, nullclaw's ReleaseSmall build is smaller than most JPEG images. This isn't compressed or packed — it's the actual executable. Zig's compilation model eliminates runtime bloat by design: no allocator overhead, no garbage collector, no VM bytecode. The binary contains exactly what it needs and nothing more.

Near-Zero Memory Footprint: Peak RSS of ~1 MB means nullclaw runs comfortably on microcontrollers and the cheapest ARM single-board computers. Compare this to TypeScript-based OpenClaw (>1 GB), Python's NanoBot (>100 MB), or even Go's PicoClaw (<10 MB). nullclaw uses roughly 1/1000th the RAM of mainstream alternatives.

Instant Startup: <2 ms on Apple Silicon, <8 ms on 0.8 GHz edge hardware. This enables true serverless patterns where the assistant can spin up per-request without cold-start penalties. The daemon supervisor uses exponential backoff for resilience, not latency hiding.

True Portability: One self-contained binary across ARM, x86, and RISC-V. Drop it on any Linux system, embedded device, or edge node. It just runs. The only dependency is libc — universally available.

Feature-Complete Architecture: Despite the minimal footprint, nullclaw ships with:

• 50+ providers: OpenRouter, Anthropic, OpenAI, Azure OpenAI, Gemini, Vertex AI, Ollama, Venice, Groq, Mistral, xAI, DeepSeek, Together, Fireworks, Perplexity, Cohere, Bedrock, and any OpenAI-compatible endpoint
• 19 channels: CLI, Telegram, Signal, Discord, Slack, iMessage, Matrix, WhatsApp, Webhook, IRC, Lark/Feishu, OneBot, Line, DingTalk, Email, Nostr, QQ, MaixCam, Mattermost
• 35+ tools: shell, file operations, memory management, browser control, web search, git, hardware interfaces (I2C, SPI), and more
• 10 memory engines: SQLite with hybrid vector+keyword search, PostgreSQL, Redis, ClickHouse, LanceDB, and others
• Multi-layer sandboxing: Landlock, Firejail, Bubblewrap, Docker with auto-detection
• Hardware peripherals: Serial, Arduino, Raspberry Pi GPIO, STM32/Nucleo
• MCP support: Model Context Protocol servers via stdio or HTTP
• Subagents and streaming: Full agent delegation with voice capabilities

Every subsystem is a vtable interface — swap implementations with a configuration change, zero code modifications required.

Use Cases: Where nullclaw Destroys the Competition

1. Edge AI on $5 Hardware

Deploy autonomous AI to Raspberry Pi Zero, ESP32-class devices, or repurposed routers. nullclaw's 1 MB RAM footprint and sub-10 ms startup make it the only viable option for true edge intelligence. Run local LLMs via Ollama integration with memory persistence on devices that can't spare 100 MB for a Python runtime.

2. Serverless AI Assistants

Cold starts kill serverless AI. nullclaw's 2 ms boot time eliminates this entirely. Deploy per-request AI processing on Cloudflare Workers, AWS Lambda, or any FaaS platform. The WASM runtime adapter enables edge deployment with host networking while keeping agent policy in a tiny Zig WASM module.

3. Secure Multi-Tenant ChatOps

Run multiple AI agents across Slack, Discord, Telegram, and Signal from a single 678 KB binary. Each channel supports multiple accounts with strict allowlists. Pairing-based authentication, ChaCha20-Poly1305 encrypted secrets, and automatic sandboxing make nullclaw ideal for security-conscious organizations.

4. IoT and Hardware Automation

Control Arduino, Raspberry Pi GPIO, STM32/Nucleo boards directly from AI agents. The peripheral vtable abstracts hardware interfaces while the agent loop handles decision-making. Build voice-controlled smart home systems or industrial monitoring that actually fits on the device.

5. Anonymous and Censorship-Resistant AI

Native Nostr support (NIP-17 gift-wrapped DMs, NIP-04 legacy) enables AI assistants that communicate over decentralized relay networks. No phone number required. No platform dependency. Encrypted private keys with automatic memory zeroing on channel stop.

Step-by-Step Installation & Setup Guide

Prerequisites

• Zig 0.16.0 (exact version — others unsupported)
• Git
• libc (standard C library, virtually universal)

Verify Zig version:

zig version  # Must print 0.16.0

Option 1: Homebrew Install (Recommended)

The simplest path for macOS and Linux users:

brew install nullclaw
nullclaw --help

No runtime dependencies. No configuration. Ready immediately.

Option 2: Build from Source

Clone and build the optimized release binary:

git clone https://github.com/nullclaw/nullclaw.git
cd nullclaw
zig build -Doptimize=ReleaseSmall
zig build test --summary all  # Run 5,300+ tests

Verify the binary size:

ls -lh zig-out/bin/nullclaw  # Should show ~678 KB

Benchmark startup and memory:

/usr/bin/time -l zig-out/bin/nullclaw --help
/usr/bin/time -l zig-out/bin/nullclaw status

Add to PATH

macOS/Linux (zsh/bash):

zig build -Doptimize=ReleaseSmall -p "$HOME/.local"
echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.zshrc
# or ~/.bashrc
source ~/.zshrc  # or ~/.bashrc

Windows (PowerShell):

zig build -Doptimize=ReleaseSmall -p "$HOME\.local"

$bin = "$HOME\.local\bin"
$user_path = [Environment]::GetEnvironmentVariable("Path", "User")
if (-not ($user_path -split ";" | Where-Object { $_ -eq $bin })) {
  [Environment]::SetEnvironmentVariable("Path", "$user_path;$bin", "User")
}
$env:Path = "$env:Path;$bin"

Quick Configuration

Interactive wizard (recommended for first run):

nullclaw onboard --interactive

Or quick setup with API key:

nullclaw onboard --api-key sk-or-your-key-here --provider openrouter

Start the Gateway

nullclaw gateway         # Default: 127.0.0.1:3000
nullclaw gateway --port 8080  # Custom port

The gateway binds localhost only by default. Public exposure requires explicit tunnel configuration or allow_public_bind — security by default.

Systemd Service (Linux)

nullclaw service install
nullclaw service status

For secret injection in service mode, create executable ~/.nullclaw/service-env (e.g., using dotenvx or sops).

REAL Code Examples from nullclaw

Example 1: Basic Agent Chat

The simplest way to interact with nullclaw — single message mode and interactive REPL:

# Single message — perfect for scripts and automation
nullclaw agent -m "Hello, nullclaw!"

# Interactive mode — continuous conversation with memory
nullclaw agent

The agent command launches the core agent loop with auto-compaction and tool dispatch. Memory persists across sessions based on your configured backend. The -m flag bypasses interactivity for CI/CD integration or shell scripting.

Example 2: Configuration with Multiple Providers and Agents

This production-ready config.json demonstrates nullclaw's flexibility — multiple AI providers, specialized agent profiles, and Telegram routing:

{
  "default_temperature": 0.7,

  "models": {
    "providers": {
      "openrouter": { "api_key": "sk-or-..." },
      "groq": { "api_key": "gsk_..." },
      "vertex": {
        "api_key": {
          "type": "service_account",
          "project_id": "your-project",
          "client_email": "svc@your-project.iam.gserviceaccount.com",
          "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
        },
        "base_url": "https://aiplatform.googleapis.com/v1/projects/your-project/locations/global/publishers/google/models"
      },
      "anthropic": { "api_key": "sk-ant-...", "base_url": "https://api.anthropic.com" }
    }
  },

  "agents": {
    "defaults": {
      "model": { "primary": "openrouter/anthropic/claude-sonnet-4" },
      "heartbeat": { "every": "30m" }
    },
    "list": [
      {
        "id": "researcher",
        "model": { "primary": "openrouter/anthropic/claude-opus-4" },
        "system_prompt": "You are a deep research agent. Use web_search and web_fetch extensively."
      },
      {
        "id": "coder",
        "provider": "ollama",
        "model": "qwen2.5-coder:14b",
        "system_prompt": "You are the coding agent for this topic.",
        "workspace_path": "workspaces/coder"
      }
    ]
  },

  "channels": {
    "telegram": {
      "accounts": {
        "main": {
          "bot_token": "123456:ABCDEF",
          "allow_from": ["YOUR_TELEGRAM_USER_ID"],
          "binding_commands_enabled": true,
          "topic_commands_enabled": true,
          "commands_menu_mode": "scoped"
        }
      }
    }
  },

  "bindings": [
    {
      "agent_id": "coder",
      "match": {
        "channel": "telegram",
        "account_id": "main",
        "peer": { "kind": "group", "id": "-1001234567890:thread:42" }
      }
    },
    {
      "agent_id": "orchestrator",
      "match": {
        "channel": "telegram",
        "account_id": "main",
        "peer": { "kind": "group", "id": "-1001234567890" }
      }
    }
  ],

  "memory": {
    "backend": "sqlite",
    "auto_save": true,
    "embedding_provider": "openai",
    "vector_weight": 0.7,
    "keyword_weight": 0.3,
    "hygiene_enabled": true
  },

  "gateway": {
    "port": 3000,
    "require_pairing": true,
    "allow_public_bind": false
  },

  "autonomy": {
    "level": "supervised",
    "workspace_only": true,
    "max_actions_per_hour": 20
  },

  "security": {
    "sandbox": { "backend": "auto" },
    "resources": { "max_memory_mb": 512, "max_cpu_percent": 80 },
    "audit": { "enabled": true, "retention_days": 90 }
  }
}

Key insights from this config:

• Multi-provider resilience: OpenRouter for general use, Groq for speed, Vertex AI with service-account auth for Google ecosystem, Anthropic direct for reliability, Ollama for local/private models
• Agent specialization: Different models and prompts for different tasks — researcher gets Claude Opus with web tools, coder gets local Qwen with isolated workspace
• Telegram topic routing: Topic 42 routes to coder, everything else to orchestrator — dynamic /bind commands let operators reassign in real-time
• Memory hygiene: Automatic archival and purge of stale memories keeps SQLite performant
• Security layers: Pairing required, workspace scoping, resource limits, audit logging, auto-sandboxing

Example 3: A2A Protocol Agent-to-Agent Communication

nullclaw implements Google's A2A protocol v0.3.0, enabling autonomous agents to discover and collaborate:

# 1. Get a bearer token via pairing
# PAIRING_CODE is the 6-digit one-time code shown on gateway startup
TOKEN=$(curl -s -X POST -H "X-Pairing-Code: $PAIRING_CODE" http://localhost:3000/pair | jq -r .token)

# 2. Discover agent capabilities
curl http://localhost:3000/.well-known/agent-card.json

# 3. Send a message via A2A JSON-RPC
curl -X POST -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "message/send",
    "params": {
      "message": {
        "messageId": "msg-1",
        "role": "user",
        "parts": [{"kind": "text", "text": "Analyze the latest Linux kernel release and summarize security fixes"}]
      }
    }
  }' \
  http://localhost:3000/a2a

What this enables: Any A2A-compatible client — including other nullclaw instances, Google's agent ecosystem, or custom implementations — can programmatically interact with your agent. The protocol supports streaming responses, task lifecycle management, and cancellation. This is infrastructure for multi-agent systems, not just chatbots.

Example 4: MCP Server Integration

Model Context Protocol servers extend nullclaw's capabilities without code changes:

{
  "mcp_servers": {
    "filesystem": {
      "transport": "stdio",
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem"]
    },
    "remote": {
      "transport": "http",
      "url": "https://mcp.example.com/rpc",
      "timeout_ms": 10000,
      "headers": {
        "Authorization": "Bearer example-token"
      }
    }
  }
}

MCP servers run as separate processes (stdio) or remote services (HTTP), giving nullclaw access to filesystem operations, databases, APIs, and any capability with an MCP implementation. The stdio transport spawns the process on-demand; HTTP maintains persistent connections with configurable timeouts.

Example 5: Edge WASM Deployment Pattern

For Cloudflare Workers and similar edge platforms:

# See: examples/edge/cloudflare-worker/
# Pattern: Host networking/secrets in edge runtime
# Agent policy lives in tiny Zig WASM module
# Swap logic by replacing WASM, zero host changes

This hybrid architecture keeps sensitive operations in the trusted host while allowing rapid iteration of agent behavior. The WASM module compiles from the same Zig codebase, ensuring behavioral consistency between edge and native deployments.

Advanced Usage & Best Practices

Memory Optimization for Embedded: Use memory.backend: "lru" or "none" for pure stateless operation. The LRU engine keeps only recent context without persistence overhead. For devices with SQLite but tight storage, enable hygiene_enabled with aggressive archival policies.

Provider Fallback Strategy: Configure multiple providers with cost/performance tiers. nullclaw doesn't auto-failover between providers in a single request, but your bindings can route different agents to different providers based on workload. Use local Ollama for high-volume, low-latency tasks; reserve cloud APIs for complex reasoning.

Sandbox Hardening: The auto sandbox backend detects the strongest available: Landlock (kernel-native, no overhead), Firejail (user-space, flexible), Bubblewrap (minimal dependencies), or Docker (full isolation). For maximum security, explicitly set backend: "landlock" on supported kernels. Always pair with workspace_only: true and explicit allowed_paths.

Secret Management: API keys are encrypted at rest with ChaCha20-Poly1305 using a local key file. For team deployments, use the ~/.nullclaw/service-env hook with sops or dotenvx to inject secrets at service start. Never commit config.json with plaintext keys to version control.

Channel Allowlist Discipline: Empty allowlist = deny all. Explicitly enumerate allowed users with Telegram user IDs, Discord snowflakes, or Nostr pubkeys. The "*" wildcard is an explicit opt-in, not a default. This prevents accidental public exposure of powerful agent capabilities.

Comparison with Alternatives

Why nullclaw wins: It's not just smaller — it's architecturally different. Zig's explicit memory management eliminates hidden costs. The vtable-based plugin system enables swapping any subsystem without recompilation. The security model is defense-in-depth by default, not bolted-on. And the $5 hardware target democratizes AI infrastructure globally.

FAQ

Q: Is nullclaw production-ready despite being pre-1.0? A: With 5,300+ tests, CI/nightly automation, and active community, nullclaw is used in production by early adopters. CalVer releases (2026.2.20 format) provide clear versioning. Just expect config/CLI evolution — pin your deployments to specific versions.

Q: Why Zig instead of Rust, Go, or C? A: Zig's explicit allocator model, cross-compilation simplicity, and zero hidden control flow enable the extreme size and speed metrics. No async runtime, no standard library bloat, no surprise allocations. The 678 KB binary speaks for itself.

Q: Can I run nullclaw without any cloud dependencies? A: Absolutely. Use Ollama provider with local models, SQLite memory, and CLI or local network channels. The Nostr channel enables fully decentralized communication without centralized services.

Q: How does nullclaw handle multiple users securely? A: Pairing-based authentication (6-digit one-time codes), per-channel allowlists, workspace scoping, encrypted secrets, and automatic sandboxing. Each channel account is isolated. Gateway binds localhost by default — no accidental public exposure.

Q: What's the catch with the 678 KB size? A: No catch, but understand the tradeoff: nullclaw is infrastructure, not a model. You still need API keys for cloud providers or local compute for Ollama. The 678 KB is the control plane — incredibly efficient, but you'll connect to external AI for heavy lifting (or run local models via Ollama).

Q: Can I extend nullclaw with custom tools or channels? A: Yes — implement the vtable interface in Zig and submit a PR. The architecture is designed for this: Provider, Channel, Tool, Memory, Tunnel, Sandbox, Peripheral, Observer, and RuntimeAdapter are all swappable interfaces. No monkey-patching or plugin systems — just clean interfaces.

Q: How do I migrate from OpenClaw? A: Built-in migration: nullclaw migrate openclaw --dry-run to preview, then nullclaw migrate openclaw to execute. Config structures are compatible (snake_case). Memory and conversation history transfer with full fidelity.

Conclusion

nullclaw isn't just another AI assistant framework — it's a fundamental repudiation of infrastructure bloat. While the industry normalizes gigabyte-scale deployments and 30-second cold starts, nullclaw delivers the full autonomous AI stack in 678 KB, 1 MB RAM, and 2 milliseconds.

The implications are staggering. AI assistants on $5 hardware. Serverless AI without cold-start penalties. Secure multi-tenant deployments that fit in email attachments. Edge intelligence that actually runs at the edge, not in a data center pretending to be close.

If you're building the next generation of AI infrastructure — or simply exhausted by the resource waste of current tools — nullclaw demands your attention. The codebase is clean, the documentation is comprehensive, and the community is growing fast.

Stop accepting overhead as inevitable. Start with null.

👉 Get nullclaw now: https://github.com/nullclaw/nullclaw

Star the repo, join the Discord, and experience what AI infrastructure should have been all along.

nullclaw — Null overhead. Null compromise. Deploy anywhere. Swap anything.