peerd

peerd is an open-source browser extension that turns your existing Chrome or Firefox browser into a full AI agent workstation. Built by Ariel Deschapell and released under Apache 2.0, it runs the entire agent loop client-side — no backend server, no cloud component in the data path, and no telemetry. As of June 2026, it is shipping as a v0.x developer preview, installable from source on GitHub, with Chrome Web Store and Firefox AMO listings coming soon.

What It Is

peerd describes itself as "the first browser-native AI agent harness." Unlike AI browsers (Comet, Atlas, Dia) that ask you to switch browsers, or cloud browser-automation services (Playwright MCP, Browserbase) that drive a separate headless browser, peerd is a WebExtension that lives inside the browser you already use. The agent shares one process with your real tabs, sessions, cookies, and DOM — giving it access to your existing logins and page state without any OAuth dance or credential storage. It is explicitly positioned as the browser-native equivalent of terminal coding agents like Claude Code or Aider, but with the ability to see and interact with the pages you are actually looking at.

The Five-Module Architecture

The peerd wordmark is also the architecture — each letter maps to a top-level module:

• peerd-provider (p): Model adapters for Anthropic, OpenRouter, and Ollama, with streaming, caching, cost tracking, and retries.
• peerd-egress (e): The security layer — the encrypted vault, the egress chokepoint (safeFetch/webFetch), the denylist, and the audit log.
• peerd-engine (e): Sandboxed execution — WebVMs (CheerpX Debian in WebAssembly), JS Notebooks (sealed Web Workers), client-side Apps (sandboxed iframes), and a headless worker.
• peerd-runtime (r): The agent loop, tools, do/get/check runner, memory, skills, review, goal mode, voice (local Moonshine STT over WebGPU), and subagent support.
• peerd-distributed (d): The peer-to-peer dweb layer — Ed25519 identity (did:key), a Kademlia DHT for discovery, an N-peer WebRTC mesh with gossip, and genuinely-private 1:1 messaging. Ships in the preview channel only.

Security Model: Structural, Not Policy

peerd's security architecture is built around five structural commitments rather than filters. The agent that holds your API keys never reads raw page content — a disposable runner with no keys and no network tools does, and its output returns fenced as <untrusted_web_content>. This is peerd's answer to what the homepage calls the "lethal trifecta" (private data + untrusted content + outbound network path in one model context). Additional layers include:

• A hard provider allowlist (safeFetch) and a sensitive-site denylist (webFetch) covering banks, health portals, and password managers.
• V8 isolates, opaque-origin iframes, and WASM-confined Linux VMs as a spectrum of sandboxes matched to trust level.
• WebCrypto AES-GCM for the vault, WebAuthn passkeys to unlock it, and Subresource Integrity on every model and plugin download.
• The model API key lives only in the service worker, never touches disk, and is gone when the browser closes.
• No peerd cloud service exists in the data path at all.

Peer-to-Peer A2A with WebRTC

The d in peerd stands for distributed. The peerd-distributed module runs a real browser-to-browser network where stateless signaling nodes introduce peers and then drop out of the data path. Two browser agents can meet, exchange signed identities, discover each other's capabilities, and delegate work directly over WebRTC — without a cloud host or middleman. The homepage describes this as "true peer-to-peer A2A from the browser," contrasting with most A2A implementations that assume agents are hosted on a server or cloud platform. This module is experimental and ships on the preview channel today.

Update: v0.1.4 Preview Release

The latest release is v0.1.4 (peerd-preview-v0.1.4), published on June 24, 2026. The repository was created on June 22, 2026, and last pushed on June 25, 2026, indicating rapid early development. The project self-describes as "0.x experimental beta" — the initial feature buildout is complete and integrated, but breaking changes are likely and storage formats may shift. The codebase is vanilla JavaScript (ES2024+, no TypeScript, no bundler, no build step required to run the extension), with 100% // @ts-check JSDoc type coverage enforced by CI. Chrome Web Store and Firefox AMO store listings are pending approval.