At a glance

Architecture

1. Core architecture

Dimension	KDCube ReAct v2	Claude Code
Paradigm	Timeline-first. All agent context — user messages, tool calls, results, plans, notes — is persisted as ordered blocks in an append-only timeline artifact. The timeline is the single source of truth.	Workspace-first. The agent operates directly on the user's filesystem. Conversation history is a flat message array; persistence is in files and git, not a structured timeline.
Runtime	Server-side Python service. chat-ingress (port 8010) handles HTTP/SSE/Socket.IO; chat-proc (port 8020) runs the agent loop. Communicates via Redis Pub/Sub relay.	Local Node.js CLI process. Uses the Ink framework (React in the terminal) for UI rendering. Streams directly to the Anthropic API.
State machine	Explicit ReactStateV2 in runtime.py: decision → tool_execution → decision loop, max 15 iterations by default. Exit conditions: complete, clarify, max_iterations, protocol_violation.	11-step pipeline per turn: Input → Message Creation → History Append → System Prompt Assembly → API Streaming → Token Parsing → Tool Detection → Tool Execution Loop → Response Rendering → Post-Sampling Hooks → Await.
Codebase	Multi-service Python monolith. Platform source under src/kdcube-ai-app/; SDK, tools, and agents as sub-packages.	~1,900 files, 519K+ lines of TypeScript. Key directories: utils/ (564 files), components/ (389), commands/ (189), tools/ (184), services/ (130).
Multi-tenancy	Built-in. Tenant → project → user → conversation hierarchy. Per-tenant PostgreSQL schemas, queue isolation, and budget scoping.	Single-user. No tenancy model — each CLI session is one user on one machine.

Agent Loop

2. The agent loop

Aspect	KDCube ReAct v2	Claude Code
Loop structure	Three-phase loop: Decision (LLM call) → Tool Execution → Observe & Update State. Results appended as timeline blocks. Loop repeats until exit condition.	LLM call → parse streaming tokens → detect tool use blocks → execute tools → append results to message history → loop back to LLM call. Continues until model produces a text-only response with no tool calls.
Iteration budget	Configurable max_iterations (default 15). Separate exploration_budget and exploitation_budget to balance research vs. action. Tracked per-turn via ReactState.	No explicit iteration cap. The model decides when to stop by not calling tools. Context window is the practical limit; /compact and auto-compaction manage overflow.
Decision validation	Explicit: actions must be call_tool, complete, or clarify. Tool IDs validated against catalog. complete requires all plan steps acknowledged. Invalid output emits protocol_violation and retries.	Implicit: the Anthropic API returns structured tool-use blocks. Claude Code parses and dispatches. Bash commands undergo safety analysis before execution.
Streaming	Multi-channel: model output wrapped in XML tags (<channel:thinking>, <channel:answer>, <channel:followup>). Per-channel citation replacement. Delivered via SSE or Socket.IO through Redis relay.	Single-stream: Anthropic API streams tokens directly to the Ink terminal renderer. Extended thinking is a separate content block. Output rendered as Markdown.

Tools

3. Tool system

Aspect	KDCube ReAct v2	Claude Code
Built-in tools	Infra tools (react.* namespace): react.read, react.pull, react.checkout, react.write, react.patch, react.memsearch, react.hide, react.plan, react.notes Bundled: web_tools.web_search, web_tools.web_fetch, rendering_tools.write_canvas, exec_tools.execute_code_python	53+ tools across 8 categories: File Ops (6): FileRead, FileEdit, FileWrite, Glob, Grep, NotebookEdit Execution (3): Bash, PowerShell, REPL Search (4): WebBrowser, WebFetch, WebSearch, ToolSearch Agents (11): Agent, SendMessage, Task*, Team* Planning (5): EnterPlanMode, ExitPlanMode, Worktree* MCP (4): mcp, ListMcpResources, ReadMcpResource, McpAuth System (11): AskUserQuestion, TodoWrite, Skill, Cron*, Snip, etc. Experimental (8): Sleep, LSP, Monitor, SubscribePR, etc.
Extension model	Bundles. Custom tools in tools_descriptor.py per bundle. Skills in skills_descriptor.py. MCP integration supported.	MCP + Plugins. Model Context Protocol servers add tools dynamically. Plugin system for extensions. Skills are loadable prompt modules. 95+ slash commands.
Permissions	Server-side enforcement. Tool catalog is bundle-scoped. Tools execute in server sandbox. No per-tool user approval.	Client-side permission system. User can auto-allow, prompt-per-call, or deny. Bash commands get safety analysis. Permission modes per-project.
File operations	Artifact-based. react.write(path, content) creates files under the current turn's fi: namespace. Historical files materialized on demand via react.pull().	Direct filesystem. FileRead, FileEdit (search/replace), FileWrite operate on real files. Changes are immediate — git is the safety net.

Context

4. Context management

Aspect	KDCube ReAct v2	Claude Code
Context model	ContextBrowser renders the timeline into model-facing message blocks. Three cache checkpoints: previous turn, pre-tail, and tail. Blocks are typed with metadata.	System prompt assembly from multiple sources: base prompt, CLAUDE.md files, tool definitions, memory files. History is a flat message array with auto-compaction.
Compaction	Inline when context exceeds budget. Inserts conv.range.summary block at cut point. Older blocks archived but not deleted. Hooks: on_before_compaction(), on_after_compaction().	/compact command or automatic. Summarizes history and replaces older messages. Snip tool (feature-gated) for selective trimming.
Memory	Turn-level memories live within a turn. Cross-turn retrieval via react.memsearch — semantic search over past turns using pgvector embeddings. Source pools persist citation sources.	Persistent memory directory (~/.claude/projects/). File-based memory with typed entries (user, feedback, project, reference). Auto-indexed in MEMORY.md. Experimental Auto-Dream for between-session consolidation.
Artifact storage	Rich artifact system. Logical path families: fi: (files), ar: (artifacts), so: (sources), ks: (knowledge space), tc: (tool call metadata). Backed by S3 + PostgreSQL.	No structured artifact system. Outputs are files on disk. Conversation history in-memory. Session export via /export.

Planning

5. Planning

Aspect	KDCube ReAct v2	Claude Code
Model	Plan is a tool. The agent calls react.plan to create/update plan snapshots stored as timeline blocks. Plans have lineages — supersede-able with stable reread handles.	Plan is a mode. EnterPlanMode/ExitPlanMode tools switch the agent into planning mode. /plan command and /ultraplan (feature-gated, 30-min Opus sessions) available.
Step tracking	Append-only acknowledgements: ✓ [n] (done), ✗ [n] (failed), → [n] (in progress). Agent must acknowledge all steps before complete exit.	TodoWrite creates persistent to-do files. Task tools for background work. No enforced step completion — the model decides when it's done.
Persistence	Plans are first-class timeline citizens. Survive compaction as summarized blocks. Discoverable via ar:plan.latest:*.	Plans live in conversation context (ephemeral). TodoWrite files persist on disk. /resume to continue previous sessions.

Execution

6. Code execution

Aspect	KDCube ReAct v2	Claude Code
Model	Isolated. Code runs in ephemeral Docker containers (local) or AWS Fargate tasks (distributed). Input snapshot uploaded, output snapshot downloaded. Host merges results selectively.	Direct. Bash executes shell commands in the user's terminal. Optional sandboxing. Commands run with user's full environment and permissions.
Safety	Sandbox by design. Ephemeral containers have no access to host filesystem or network unless explicitly configured. Execution snapshots archived for audit.	Permission-based. Bash commands undergo safety analysis. User prompted for approval on risky operations. Auto-allow rules configurable per project.
Workspace	Two implementations: Custom (per-turn file trees, no git) and Git (sparse checkout with lineage tracking). Active workspace seeded via react.checkout().	User's actual filesystem. Git worktrees for isolated experimentation (EnterWorktree/ExitWorktree). Sub-agents can work in their own worktrees.
Distributed	Native. Fargate tasks for compute-heavy operations. Snapshot-based: upload workspace, run remotely, download results.	Local only. No built-in remote execution. Background tasks via local tmux. Remote control (Bridge) is for UI, not distributed compute.

Multi-Agent

7. Multi-agent orchestration

Aspect	KDCube ReAct v2	Claude Code
Coordination	Coordinator → React workers pattern. Both agents contribute to the same timeline. Coordinator manages task breakdown and delegation.	Coordinator Mode (feature-gated): lead agent spawns parallel workers in isolated git worktrees. Agent tool spawns sub-agents. SendMessage for inter-agent communication.
Isolation	Agents share the same timeline but run in separate state machines. Tool execution is per-agent. Isolation via process/container boundaries.	Sub-agents get their own conversation context. Worktree isolation for filesystem. Results communicated back to parent agent.
Communication	Via shared timeline. Coordinator and workers see the same block stream. Redis relay for async distribution.	SendMessage for direct agent-to-agent messages. ListPeers discovers sessions. UDS Inbox (hidden) for Unix domain socket communication.

Infrastructure

8. Infrastructure & economics

Aspect	KDCube ReAct v2	Claude Code
Auth	AWS Cognito (production), SimpleIDP (dev), Delegated/ProxyLogin (custom 2FA). JWT tokens via headers, cookies, query params. User types: privileged, paid, registered, anonymous.	Anthropic account OAuth. /login//logout commands. API keys for headless/CI use. No multi-user auth.
Data layer	PostgreSQL (pgvector) for conversations, artifacts, embeddings. Redis for queues, rate limiting, Pub/Sub relay. S3 for artifact blob storage.	Local filesystem. No database. Session history in memory, persisted to ~/.claude/. No server-side storage.
Cost tracking	Built-in economics engine. Per-turn cost accounting with reservation semantics. Plan-based quotas (requests/hour, tokens/month). Multi-lane funding. Ledger entries attributed to bundles.	/cost and /stats show session usage. /usage shows plan limits. Billing through Anthropic account. No per-tool cost attribution.
Deployment	Docker Compose (dev), AWS ECS Fargate (production), Kubernetes. Terraform-managed. Descriptor-driven: YAML defines full stack.	npm install -g @anthropic-ai/claude-code. Local CLI. Also VS Code extension, JetBrains plugin, desktop app, web app.

Security

9. Security

Aspect	KDCube ReAct v2	Claude Code
Execution isolation	Ephemeral Docker containers or Fargate tasks. No host filesystem/network access by default. Workspace snapshots uploaded/downloaded explicitly.	Runs in user's shell with full environment. Optional sandbox mode (/sandbox). Sub-agents can use isolated git worktrees.
Prompt injection mitigation	Server-side protocol validation. Invalid model output triggers protocol_violation and retry. Channeled streaming separates model output from operational state. Tool catalog is bundle-scoped (agents cannot discover tools outside their bundle).	System prompt instructs the model to flag suspected injection. Tool results marked as external. Safety analysis on Bash commands before execution. User approval for risky operations.
Tenant isolation	Per-tenant PostgreSQL schemas. Per-tenant queue isolation. Per-tenant budget scoping. Conversation artifacts scoped to tenant/project/user/conversation.	Not applicable — single-user local tool. Project-level .claude/ settings provide per-project config isolation.
Audit trail	Full audit via timeline. Every block (user input, tool call, tool result, plan update) is timestamped and persisted in S3 + PostgreSQL. Execution snapshots archived. Ledger entries for all spend.	Session history in local ~/.claude/. /export to save conversations. Git history tracks file changes. No structured server-side audit log.
File upload scanning	ClamAV antivirus scanning at the chat-ingress gateway for all user-uploaded attachments.	No file scanning — files are read directly from the local filesystem.
Network security	VPC-isolated services. WAF + CloudFront in production. Redis and RDS in private subnets. JWT token validation at every endpoint. Rate limiting per user/plan.	Direct HTTPS to Anthropic API. Upstream proxy available for request interception. OAuth for account auth. API keys for CI/headless.
Permission model	Role-based: privileged (admin), paid, registered, anonymous. Bundle-scoped tool catalogs. Server enforces all access control — no client-side trust.	Tool-level permissions: allow, prompt, deny. Configurable per-project. User approves each risky tool call. Hooks can inject custom checks before/after tool execution.

Features

10. Feature matrix

A comprehensive checklist of capabilities — both shared and exclusive to each platform.

Capability	ReAct v2	Claude Code	Notes
Agent Core
Autonomous agent loop	Yes	Yes	Both run decide-act-observe loops
Tool calling	Yes	Yes	ReAct: custom protocol; CC: native Anthropic API
Streaming output	Yes	Yes	ReAct: multi-channel; CC: single stream
Iteration budget control	Yes	No	ReAct: configurable max + explore/exploit balance
Model-agnostic	Yes	No	ReAct: OpenAI, Anthropic, Gemini; CC: Claude only
Planning
Plan creation	Yes	Yes	ReAct: tool (react.plan); CC: mode toggle
Step acknowledgement tracking	Yes	No	ReAct: enforced before completion
Plan persistence across turns	Yes	Partial	ReAct: timeline blocks; CC: TodoWrite files
Long-running plan sessions	No	Yes	CC: /ultraplan (30-min Opus, feature-gated)
Context & Memory
Auto-compaction	Yes	Yes	Both summarize older history under pressure
Semantic memory search	Yes	No	ReAct: react.memsearch + pgvector
Persistent cross-session memory	Partial	Yes	CC: file-based memory dir; ReAct: timeline artifacts
Structured artifact storage	Yes	No	ReAct: fi:, ar:, so:, ks:, tc: path families
Citation system	Yes	No	ReAct: source pools, [[S:n]] format
Knowledge space (reference docs)	Yes	Partial	ReAct: ks: namespace; CC: CLAUDE.md files
Cache checkpoint management	Yes	Partial	ReAct: 3-tier checkpoints; CC: API prompt caching
Execution
Shell command execution	Partial	Yes	CC: direct Bash/PowerShell; ReAct: isolated Python
Sandboxed execution	Yes	Partial	ReAct: default; CC: optional /sandbox
Distributed execution	Yes	No	ReAct: Fargate tasks
Direct filesystem access	No	Yes	CC: reads/writes real files
Git worktree isolation	Yes	Yes	Both support isolated git workspaces
Multi-Agent
Sub-agent spawning	Yes	Yes	ReAct: Coordinator pattern; CC: Agent tool
Inter-agent messaging	Yes	Yes	ReAct: shared timeline; CC: SendMessage
Team management	No	Yes	CC: TeamCreate/TeamDelete (feature-gated)
Peer discovery	No	Yes	CC: ListPeers, UDS Inbox (feature-gated)
Infrastructure
Multi-tenancy	Yes	No	ReAct: tenant/project/user hierarchy
Per-turn cost accounting	Yes	No	ReAct: economics engine with reservations
Budget enforcement / quotas	Yes	No	ReAct: plan-based rate limiting
Antivirus file scanning	Yes	No	ReAct: ClamAV at ingress
Full audit trail	Yes	No	ReAct: timeline + ledger; CC: local session files
Database-backed state	Yes	No	ReAct: PostgreSQL + Redis + S3
Developer Experience
IDE integration	No	Yes	CC: VS Code, JetBrains extensions
Slash commands	No	Yes	CC: 95+ commands (/commit, /review, /plan, etc.)
Voice input	No	Yes	CC: /voice (feature-gated)
Remote control (phone/browser)	N/A	Yes	CC: Bridge with permission approvals
Scheduled/cron tasks	Partial	Yes	CC: CronCreate/Delete/List (feature-gated)
Background daemon mode	Yes	Yes	ReAct: server by nature; CC: --bg via tmux
Skills / prompt modules	Yes	Yes	Both support loadable skill modules
MCP server integration	Yes	Yes	Both support Model Context Protocol
Custom UI widgets	Yes	No	ReAct: bundle UI (React) + subsystem widgets
LSP code intelligence	No	Yes	CC: LSP tool (feature-gated)
Web search / fetch	Yes	Yes	Both have built-in web tools
Notebook editing	No	Yes	CC: NotebookEdit tool

When to use which