Architecture
Understanding MFT's architecture will help you make the most of its capabilities.
System Components
CLI (mftctl)
The command-line interface provides direct access to MFT functionality:
bash
mftctl send ./file.txt recipient@example.com
mftctl receive
mftctl statusServer (mftd)
The background daemon handles:
- Transfer queue management
- Connection pooling
- Retry logic
- State persistence
Agent (mft-agent)
Rust-based agent for:
- High-performance transfers
- Protocol handling
- Plugin execution
Plugin System
Extensible architecture supporting:
- Authentication providers
- Storage backends
- Transfer protocols
- Monitoring integrations
Transfer Flow
┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐
│ Client │ ──▶ │ Server │ ──▶ │ Agent │ ──▶ │ Recipient│
└─────────┘ └─────────┘ └─────────┘ └─────────┘
│ │
▼ ▼
┌─────────┐ ┌─────────┐
│ Queue │ │ Agent │
└─────────┘ └─────────┘Data Flow
- Initiation: Client sends transfer request
- Queuing: Server queues the transfer
- Processing: Agent handles the actual transfer
- Monitoring: Progress updates sent to client
- Completion: Final status persisted
Security Model
Zero-Trust Architecture
- mTLS authentication for all components
- End-to-end encryption for transfers
- Principle of least privilege
- Comprehensive audit logging
Step CA Integration
MFT integrates with Step CA for certificate management:
bash
mftctl certificates issue --ca-url https://ca.example.com
mftctl certificates renew --autoNext Steps
- Transfer Protocol - Deep dive into the protocol
- API Reference - Explore the API