# peerd

> A browser-native AI agent harness that runs a full agent loop inside your existing Chrome or Firefox browser as an extension, with no backend, no telemetry, and BYOK model support.

peerd is an open-source browser extension that turns your existing Chrome or Firefox browser into a full AI agent workstation. Built by Ariel Deschapell and released under Apache 2.0, it runs the entire agent loop client-side — no backend server, no cloud component in the data path, and no telemetry. As of June 2026, it is shipping as a v0.x developer preview, installable from source on GitHub, with Chrome Web Store and Firefox AMO listings coming soon.

## What It Is

peerd describes itself as "the first browser-native AI agent harness." Unlike AI browsers (Comet, Atlas, Dia) that ask you to switch browsers, or cloud browser-automation services (Playwright MCP, Browserbase) that drive a separate headless browser, peerd is a WebExtension that lives inside the browser you already use. The agent shares one process with your real tabs, sessions, cookies, and DOM — giving it access to your existing logins and page state without any OAuth dance or credential storage. It is explicitly positioned as the browser-native equivalent of terminal coding agents like Claude Code or Aider, but with the ability to see and interact with the pages you are actually looking at.

## The Five-Module Architecture

The peerd wordmark is also the architecture — each letter maps to a top-level module:

- **peerd-provider** (`p`): Model adapters for Anthropic, OpenRouter, and Ollama, with streaming, caching, cost tracking, and retries.
- **peerd-egress** (`e`): The security layer — the encrypted vault, the egress chokepoint (`safeFetch`/`webFetch`), the denylist, and the audit log.
- **peerd-engine** (`e`): Sandboxed execution — WebVMs (CheerpX Debian in WebAssembly), JS Notebooks (sealed Web Workers), client-side Apps (sandboxed iframes), and a headless worker.
- **peerd-runtime** (`r`): The agent loop, tools, do/get/check runner, memory, skills, review, goal mode, voice (local Moonshine STT over WebGPU), and subagent support.
- **peerd-distributed** (`d`): The peer-to-peer dweb layer — Ed25519 identity (`did:key`), a Kademlia DHT for discovery, an N-peer WebRTC mesh with gossip, and genuinely-private 1:1 messaging. Ships in the preview channel only.

## Security Model: Structural, Not Policy

peerd's security architecture is built around five structural commitments rather than filters. The agent that holds your API keys never reads raw page content — a disposable runner with no keys and no network tools does, and its output returns fenced as `<untrusted_web_content>`. This is peerd's answer to what the homepage calls the "lethal trifecta" (private data + untrusted content + outbound network path in one model context). Additional layers include:

- A hard provider allowlist (`safeFetch`) and a sensitive-site denylist (`webFetch`) covering banks, health portals, and password managers.
- V8 isolates, opaque-origin iframes, and WASM-confined Linux VMs as a spectrum of sandboxes matched to trust level.
- WebCrypto AES-GCM for the vault, WebAuthn passkeys to unlock it, and Subresource Integrity on every model and plugin download.
- The model API key lives only in the service worker, never touches disk, and is gone when the browser closes.
- No peerd cloud service exists in the data path at all.

## Peer-to-Peer A2A with WebRTC

The `d` in peerd stands for distributed. The `peerd-distributed` module runs a real browser-to-browser network where stateless signaling nodes introduce peers and then drop out of the data path. Two browser agents can meet, exchange signed identities, discover each other's capabilities, and delegate work directly over WebRTC — without a cloud host or middleman. The homepage describes this as "true peer-to-peer A2A from the browser," contrasting with most A2A implementations that assume agents are hosted on a server or cloud platform. This module is experimental and ships on the preview channel today.

## Update: v0.1.4 Preview Release

The latest release is v0.1.4 (peerd-preview-v0.1.4), published on June 24, 2026. The repository was created on June 22, 2026, and last pushed on June 25, 2026, indicating rapid early development. The project self-describes as "0.x experimental beta" — the initial feature buildout is complete and integrated, but breaking changes are likely and storage formats may shift. The codebase is vanilla JavaScript (ES2024+, no TypeScript, no bundler, no build step required to run the extension), with 100% `// @ts-check` JSDoc type coverage enforced by CI. Chrome Web Store and Firefox AMO store listings are pending approval.

## Features
- Browser-native AI agent loop with no backend or cloud component
- Runs inside your existing browser with your real tabs, sessions, and cookies
- Sandboxed Linux VMs via WebAssembly (CheerpX Debian) in a browser tab
- JS Notebooks in sealed Web Workers with OPFS file tree
- Client-side App builder with sandboxed iframe rendering
- Headless worker for ephemeral agent compute
- Local speech-to-text via Moonshine over WebGPU (audio never leaves the tab)
- Peer-to-peer agent-to-agent (A2A) communication over WebRTC
- Ed25519 identity (did:key) and Kademlia DHT for peer discovery
- Encrypted local vault unlocked by WebAuthn passkeys or passphrase
- Hard provider egress allowlist (safeFetch) and sensitive-site denylist (webFetch)
- Disposable runner architecture to prevent prompt-injection exfiltration
- BYOK: Anthropic, OpenRouter, and local Ollama supported
- No telemetry, no backend, no cloud service in the data path
- Confirm-before-actions mode for per-step approval
- Audit log for all egress and agent actions
- In-browser WebGPU local inference (Gemma-4-E2B, opt-in)
- Subresource Integrity verification on all model and plugin downloads
- Chrome and Firefox support via standard WebExtension APIs
- No build step required — load extension/ folder unpacked

## Integrations
Anthropic Claude API, OpenRouter, Ollama (local, keyless), CheerpX (WebAssembly Linux VM runtime), Moonshine (local speech-to-text), ONNX Runtime Web (WebGPU inference), Silero VAD (voice activity detection), Transformers.js / Hugging Face, WebRTC (peer-to-peer networking), WebCrypto (AES-GCM vault encryption), WebAuthn (passkey vault unlock), Chrome Extensions API (Manifest V3), Firefox WebExtension API, IndexedDB / OPFS (local storage)

## Platforms
WINDOWS, MACOS, LINUX, WEB, API, BROWSER_EXTENSION

## Pricing
Open Source

## Version
v0.1.4

## Links
- Website: https://peerd.ai
- Documentation: https://peerd.ai/docs/
- Repository: https://github.com/NotASithLord/peerd
- EveryDev.ai: https://www.everydev.ai/tools/peerd