This is a highly opinionated and standards-noncompliant browser. It has its own APIs for decentralized software.
Please feel free to open usability issues.
git clone https://github.com/pfraze/beaker.git
cd beaker
npm install
npm start
If you are using a node version ealier than 6, you may receive an error about a module version mismatch.
If so, run the following command after npm install
, to have the modules rebuild into the version you need:
npm run rebuild
Lots of dev instructions and notes here
- 0001 Keybase, global userids and pubkey certs. An argument for integrating keybase.
- Related video: BlackHat USA 2011: SSL And The Future Of Authenticity. Discusses problems with the CA model of authentication, and suggests using network "notaries" to validate certificates.
- 0002 Hyperboot, application delivery safety.
- 0003 HTTP legacy. The argument for continuing to support HTTP/S.
If you have tech that needs a browser, make a fork, open an issue, try out your integration, and PR back to here.
dat (link)
Dat provides a data layer that is addressable across hosts, using public keys (for append-only logs) and hash-addresses (for file archives). It discovers peers with the Bittorrent DHT, centralized DNS servers and Multicast DNS simultaneously.
- hyperdrive - The file sharing network dat uses to distribute files and data. A technical specification / discussion on how hyperdrive works is available here
- hypercore - exchange low-level binary blocks with many sources
- discovery-channel - discover data sources
- discovery-swarm - discover and connect to sources
- bittorrent-dht - use the Kademlia Mainline DHT to discover sources
- dns-discovery - use DNS name servers and Multicast DNS to discover sources
IPFS. See beakerbrowser#2
Helpful links:
- Original spec
- WebSQL Database API, implemented for Node using sqlite3
- Cordova plugin impl of WebSQL
- A promises-based API for WebSQL
Question... do we want to maybe change the API? The basics are fine, but I hate having separate error and success callbacks.
Would there ever be a good usecase to share sqlite files between apps? SQLite is threadsafe, though there's more to consider (apps violating each others' invariants).
On runtime limits. "For many years, the default page size was almost always 1024 bytes, but beginning with SQLite version 3.12.0 in 2016, the default page size increased to 4096." Thus the max_page_count pragma can be used to limit the db sizes (as a multiple of 4kb).
libsodium (link)
Sodium is a modern and easy-to-use crypto library. Beaker will use node-sodium bindings to import the API into the JS environment.
- magic wormhole
- interledger
- keybase (discussion)
- node
fs
module - matrix (matrix-js-sdk, homepage)
- figure out why the browserify rebuild (in the watcher) takes 17x longer than the non-watch build
Basic browsing UI. Please feel free to open usability issues.
- un/happiness reporter
- ui to report that you're happy or unhappy, and why
- server to collect reports
- tabs
- favicons
- reordering
- pinning
- webview behaviors
- restore scroll-position on back btn electron issue
- restore session history on "re-open closed tab" electron issue
- zoom
- persist zoom on domains
- show current zoom in toolbar
- bookmarking
- bookmark btn on toolbar
- store bookmarks
- store favicons
- context menu
- save image as...
- video/audio element controls
- "Save dat archive..."
- view-dat://
- show item sizes
- render README.md ?
- dat://
- If index.html does not exist, but the archive was found, redirect to view-dat://
- solve issue causing slow sync
Some basic necessities
- block ads
- incognito mode only. add opt-in
- try HTTPS before trying
- try to remove things that make fingerprinting possible
- put webrtc (and other leaky apis) behind perms prompts
More advanced goals:
- site version control (https://github.com/substack/hyperboot)
- sandbox permission-trading: new features (such as FS access) are made available after other rights (such as XHR) are dropped
something close to (if not cloned from) mozilla's persona project. or, may consider using https://github.com/google/end-to-end. should work across devices
- naming/addressing (bob@foo.com ?)
- key management, store secrets safely
- look into supporting SSL client certificates
we need a data layer that is addressable and manipulable across different hosts. the way to do this is to use cryptographic referenced data structures (sha256 URIs for static content, and pubkey URIs for dynamic content)
https://github.com/mafintosh/hyperlog and https://github.com/mafintosh/hyperdrive provides 2 crypto-addressed data types (logs, file archives) with p2p syncing protocols
- hyperlog/hyperdrive APIs
- webrtc signalling. needs to integrate with user identity layer, so channels can be opened using another user's ID. (matrix protocol?)
- mail protocol. SMTP? not sure.
- local filesystem API
- remote filesystem API (nfs?)
- sqlite API
The MIT License (MIT)
Copyright (c) 2016 Paul Frazee
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.