512,000 lines of code, 1,906 files, and a 59.8 MB source map. In the early hours of March 31, Chaofan Shou from Solayer Labs discovered that Anthropic's flagship product, Claude Code, exposed its complete source code in a public npm repository. Within hours, the code was mirrored on GitHub, with over 41,000 forks.

This is not the first time Anthropic has made this mistake. When Claude Code was first released in February 2025, a similar source map leak occurred. This version number is v2.1.88, with the same reason for the leak, as the Bun build tool defaults to generating source maps, and this file was omitted from .npmignore.

Most reports are counting the easter eggs in the leak, such as a virtual pet system and a "stealth mode" allowing Claude to anonymously submit code to open-source projects. But the real question to unpack is why the same Claude model performs so differently in the web version compared to Claude Code? What exactly is the 512,000 lines of code doing?

The model is just the tip of the iceberg

The answer is hidden in the code structure. According to the reverse analysis of the leaked source code by the GitHub community, out of the 512,000 lines of TypeScript, only about 8,000 lines are directly responsible for calling the AI model interface, accounting for just 1.6% of the total.

What is the remaining 98.4% doing? The two largest modules are the query engine (46,000 lines) and the tool system (29,000 lines). The query engine handles LLM API calls, streaming output, cache orchestration, and multi-turn dialogue management. The tool system defines approximately 40 built-in tools and 50 slash commands, forming a plugin-like architecture, with each tool having independent permission control.

In addition, there are 25,000 lines of terminal UI rendering code (one file called print.ts is 5,594 lines long, with a single function spanning 3,167 lines), 20,000 lines of security and permission control (including 23 numbered Bash security checks and 18 masked Zsh built-in commands), and 18,000 lines of multi-agent orchestration system.

Machine learning researcher Sebastian Raschka, after analyzing the leaked code, pointed out that the reason Claude Code is stronger than the web version of the same model lies not in the model itself but in the software scaffolding built around the model, including repository context loading, dedicated tool scheduling, caching strategies, and sub-agent collaboration. He even believes that if the same engineering architecture were applied to other models like DeepSeek or Kimi, similar programming performance improvements could be achieved.

An intuitive comparison can help understand this gap. When you input a question in ChatGPT or the Claude web version, the model processes it and returns the answer, leaving nothing at the end of the conversation. However, Claude Code does something entirely different; it reads your project files first, understands the structure of your codebase, and remembers preferences such as "don't mock the database in tests" from your previous conversations. It can execute commands directly in your terminal, edit files, and run tests, breaking complex tasks into multiple sub-tasks assigned to different sub-agents for parallel processing. In other words, web-based AI is a Q&A window, while Claude Code is a collaborator residing on your computer.

Some compare this architecture to an operating system: the 42 built-in tools are akin to system calls, the permission system is akin to user management, the MCP protocol is akin to device drivers, and sub-agent orchestration is akin to process scheduling. Each tool is marked by default as "unsafe, writable" unless the developer explicitly declares it safe. The file editing tool enforces a check to see whether you have read the file beforehand, preventing changes if you haven't. This is not a chatbot with a few plugins; it is an environment with a complete security mechanism centered around LLM.

This signifies one thing: the competitive barrier of AI products may not be at the model level, but at the engineering level.

Every cache breakdown costs 10 times more

In the leaked code, there is a file called promptCacheBreakDetection.ts, which tracks 14 vectors that might cause the prompt cache to break. Why do Anthropic engineers invest so much effort in preventing cache breakdowns?

Looking at Anthropic's official pricing makes it clear. For instance, with Claude Opus 4.6, the standard input price is $5 per million tokens, but if it hits the cache, the read price is only $0.5, a 90% reduction. Conversely, each cache breakdown results in a 10-fold increase in inference costs.

This explains the numerous seemingly "over-engineered" architectural decisions in the leaked code. When Claude Code starts, it loads the current git branch, the latest commit records, and the CLAUDE.md file as context; these static contents are globally cached, with boundary markers separating dynamic content, ensuring that each conversation does not redundantly process existing context. The code also features a mechanism called sticky latches that prevents mode switches from disrupting established caches. Sub-agents are designed to reuse the parent process's cache rather than re-establish their context window.

There is a detail worth expanding upon. Anyone who has used AI programming tools knows that the longer the conversation, the slower the AI responds because each turn involves resending the previous history to the model. The conventional approach is to delete old messages to free up space, but the problem is that deleting any message breaks the continuity of the cache, requiring the entire conversation history to be reprocessed, causing delays and costs to soar.

The leaked code contains a mechanism called cache_edits, which uses the method of not actually deleting messages but marking old messages as "skip" at the API level. The model can no longer see these messages, but the continuity of the cache remains intact. This means that for a conversation lasting several hours, after cleaning hundreds of old messages, the response speed for the next round is nearly as fast as the first round. For the average user, this is the underlying answer to "why Claude Code can support infinitely long conversations without slowing down."

According to leaked internal monitoring data (from comments in the autoCompact.ts code, dated March 10, 2026), before introducing a limit on automatic compression failures, Claude Code wasted about 250,000 API calls daily. There were 1,279 user sessions that experienced more than 50 consecutive compression failures, with the most severe session failing 3,272 times in a row. The fix involved simply adding a line limit: MAX_CONSECUTIVE_AUTOCOMPACT_FAILURES = 3.

So, for AI products, the cost of model inference may not be the most expensive layer, but rather the failure of cache management.

44 switches point in the same direction

The leaked code contains 44 feature flags—precompiled feature switches that were just not released to the public. Community analysis indicates that these flags are categorized into five functional domains, with the most dense being "autonomous agent" type (12 flags), pointing to a system called KAIROS.

KAIROS is referenced over 150 times in the source code; it is a daemon process that runs in the background. Claude Code is no longer just a tool that responds when called actively but is an agent that constantly runs in the background, monitoring, recording, and taking proactive actions at appropriate times. The premise is that it does not interrupt the user; any action that could block the user for more than 15 seconds will be delayed.

KAIROS also has built-in terminal focus awareness. There is a terminalFocus field in the code that detects in real-time whether the user is looking at the terminal window. When you switch to the browser or other applications, the agent determines you are "not present," switches to autonomous mode, proactively executes tasks, directly submits code, and does not wait for your confirmation. When you return to the terminal, the agent immediately reverts to collaborative mode: it first reports what it just did and then seeks your opinion. The level of autonomy is not fixed but fluid, adjusting in real-time based on your attention. This addresses the long-standing awkward issue with AI tools: fully autonomous AI is unsettling, while completely passive AI is too inefficient. KAIROS' approach allows the AI's proactivity to dynamically adjust according to the user's attention—being obedient when you focus on it and working independently when you step away.

KAIROS' another subsystem is called autoDream. After accumulating 5 sessions or a 24-hour interval, the agent initiates a "reflection" process in the background, carried out in four steps. First, it scans existing memories to understand what knowledge it currently possesses. Then it extracts new knowledge from the dialogue logs. After that, it merges new and old knowledge, correcting contradictions and removing duplicates. Finally, it simplifies the index by deleting outdated entries. This design is inspired by the memory consolidation theory in cognitive science. Just as humans organize memories from the day during sleep, KAIROS organizes project context when the user leaves. For regular users, this means the longer you use Claude Code, the more accurately it understands your project, going beyond just "remembering what you said."

The second major category is "anti-distillation and safety" (8 flags). Notably, there is the fake_tools mechanism. When four conditions are met simultaneously (the compile-time flag is activated, CLI entry is activated, first-party API is used, and GrowthBook remote switch is true), Claude Code will inject fake tool definitions into the API request to pollute datasets that might be recording API traffic for training competing models. This is a new form of defense in the AI arms race—not stopping you from copying, but making sure you get the wrong things.

Additionally, the code features codenames for the Capybara model (divided into standard, fast, and million context window versions), widely speculated by the community as the internal codenames for the Claude 5 series.

Easter egg: A digital pet hidden in 512,000 lines of code

Amid all the serious engineering architecture and security mechanisms, Anthropic's engineers quietly created a complete virtual pet system, internally codenamed BUDDY.

According to the leaked code and community analysis, BUDDY is a tangible terminal pet that appears next to the user input field in the form of an ASCII speech bubble. It comprises 18 species (including capybaras, salamanders, mushrooms, ghosts, dragons, and several original creatures like Pebblecrab, Dustbunny, and Mossfrog), divided into five rarity levels: common (60%), rare (25%), uncommon (10%), epic (4%), and legendary (1%). Each species also has "shiny variants," the rarest being the Shiny Legendary Nebulynx, which appears with a probability of only one in ten thousand.

Each BUDDY has five attributes: DEBUGGING, PATIENCE, CHAOS, WISDOM, and SNARK. They can also wear hats, including crowns, top hats, propeller hats, halos, wizard hats, and even a mini duck. The hash value of the user ID determines which pet you will hatch, with Claude generating its name and personality.

According to the leaked launch plan, BUDDY was scheduled for internal testing from April 1 to 7, with a formal release in May, starting with Anthropic employees.

512,000 lines of code, with 98.4% involved in hardcore engineering, still led someone to take the time to create a digital salamander that wears a propeller hat. This may be the most humanized line of code in the leak.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。