Web Dashboard
Local read-only web dashboard. View portfolio, activity, alerts, tunnels, reports, and configuration from your browser. No write operations. Binds to localhost only.
Usage
# start on default port 3131
owl web
# custom port
owl web --port 8080| Flag | Description | Default |
|---|---|---|
| -p, --port | HTTP port to listen on | 3131 |
Opens at http://127.0.0.1:3131. Bound to localhost for security. Press Ctrl+C to stop.
Panels
Portfolio
All wallets with chain addresses and token balances. Auto-refreshes every 30 seconds.
Activity
Ledger feed with filters for tool, wallet, chain, and status. Stats summary with total operations and error count.
Alerts
Active alert rules and trigger history. Shows condition type, value, notification channel, and trigger timestamps.
Tunnels
Active tunnels with connected peers and transaction proposals with status badges (pending, approved, rejected, executed).
Reports
Daily, weekly, and monthly spending summaries. Operation breakdown, chain distribution, and recent write operations.
Config
Agent provider and model configuration. Notification channel setup (Telegram and webhook). API keys are redacted.
API Endpoints
All endpoints are GET-only. No write operations. JSON responses with CORS headers.
| Endpoint | Description |
|---|---|
| /api/wallets | All wallets with chain addresses |
| /api/portfolio | Balances across all wallets and chains |
| /api/ledger | Ledger entries (supports limit, tool, wallet, chain, since, status params) |
| /api/ledger/stats | Aggregated ledger statistics |
| /api/alerts | All alert rules |
| /api/alerts/history | Alert trigger history |
| /api/tunnels | Active tunnels and proposals |
| /api/reports/daily | Today's activity report |
| /api/reports/weekly | Last 7 days report |
| /api/reports/monthly | Last 30 days report |
| /api/config | Agent and channel configuration (secrets redacted) |
Security
- Binds to 127.0.0.1 only, not accessible from other machines
- All endpoints are read-only, no mutations possible
- API keys and bot tokens are redacted in /api/config responses
- No authentication required (localhost-only access is the boundary)