Tycho on macOS Sonoma: How I Finally Got It Running

Hey, So, I was messing around last night with **Tycho (app)** on my Mac and figured I’d tell you what happened before you run into the same wall. I pulled it because I needed a lightweight system utility — something small, no bloat, just a focused tool. I came across it while browsing through OrchardKit references and related resources. It looked clean, minimal, exactly the kind of thing that should just work on macOS. Except it didn’t. The problem was classic: it wouldn’t launch because of Gatekeeper. The exact message was: “Tycho can’t be opened because Apple cannot check it for malicious software.” You’ve seen that one. It’s macOS basically saying, “This isn’t notarized, I don’t trust it.” Apple explains the whole mechanism here: [https://support.apple.com/en-us/HT202491](https://support.apple.com/en-us/HT202491) At first, I did what we all do. Right-click → Open → confirm. I approved the dialog. The icon bounced in the Dock once. Then it disappeared. No window. No crash report. Just… gone. My first reaction was wrong. I assumed corrupted download. So I deleted it, re-downloaded, moved it to Applications again. Same behavior. Then I tried the “Open Anyway” button under System Settings → Privacy & Security. It showed up after the first failed attempt. I clicked it. Same result. Bounce, vanish. That’s when I stopped treating it like a broken app and started treating it like a macOS security problem. I checked the extended attributes in Terminal: ``` xattr -l /Applications/Tycho.app ``` Sure enough, `com.apple.quarantine` was there. Which makes sense — it was downloaded from the web. For unsigned utilities, that flag sometimes does more than just warn you. Apple’s developer documentation on notarization actually explains why this stack of checks exists, and why unsigned builds behave this way: [https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution](https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution) So I removed the quarantine attribute: ``` xattr -dr com.apple.quarantine /Applications/Tycho.app ``` Relaunched. This time, it opened. Briefly. The UI rendered for maybe three seconds — then it froze. Spinning beachball. Force quit. Progress, weirdly enough. I opened Console.app and filtered by process name. That’s where the real clue showed up: file access denial errors tied to `~/Library` and `~/Documents`. The tool was trying to read system-level data and write logs, and macOS was blocking it. The thing is, it never prompted me for permission. It just silently denied access and crashed. Apple documents how privacy permissions work (Files and Folders, Full Disk Access, etc.) here: [https://support.apple.com/en-us/HT210595](https://support.apple.com/en-us/HT210595) So I went into: System Settings → Privacy & Security → Full Disk Access Added Tycho manually. Enabled the toggle. Relaunched. Instantly stable. No freeze. The dashboard loaded, system metrics populated, and it behaved exactly like a normal app should. For reference, I found this page useful while double-checking I had the correct macOS build — my notes here: [https://sznurkowo.com/systems/63736-tycho.html](https://sznurkowo.com/systems/63736-tycho.html) That confirmed I wasn’t accidentally running some outdated Catalina-only version. One more detail that might matter: I’m on a MacBook Pro M1 running macOS Sonoma 14.4. The binary is Intel-only. I verified with: ``` file /Applications/Tycho.app/Contents/MacOS/* ``` x86_64. So Rosetta 2 translation is involved. It had already been installed on my machine, but I forced a reinstall anyway: ``` softwareupdate --install-rosetta ``` After that, startup felt smoother. Could be placebo, but launch time dropped from about four seconds to under two. Apple’s Rosetta documentation is here if you want the official explanation: [https://support.apple.com/en-us/HT211861](https://support.apple.com/en-us/HT211861) So here’s the part where I admit what I did wrong initially. I treated the error literally. “Cannot check for malicious software” sounded like something fundamentally broken. In reality, macOS was just layering restrictions: 1. Gatekeeper blocked unsigned execution. 2. Quarantine flagged the binary. 3. Privacy controls denied file access. Individually, none of those are fatal. Together, they look like a dead app. What actually fixed it: * Remove quarantine via `xattr`. * Grant Full Disk Access manually. * Ensure Rosetta is properly installed (on Apple Silicon). That’s it. If I had known from the start, the install would’ve been five minutes: Move to Applications → clear quarantine → enable Full Disk Access → launch once. Instead, I lost half an hour reinstalling and pretending the binary was damaged. Now it runs fine. CPU usage sits around 3–5% while active. No crashes. No silent exits. Exactly what I expected from a small system utility. The lesson here isn’t that the app is flawed. It’s that modern macOS security is layered and unapologetic. If something dies instantly without a clear crash report, assume permissions or trust validation before assuming broken code. Anyway, just figured I’d write this up before you hit the same “why won’t this open” spiral. It wasn’t the app. It was macOS doing its cautious thing. Once you know the sequence, it’s predictable.