This project is a browser-based operating environment built from the ground up on a zero-trust security model. It's not just a web app; it's a private computing environment where you can run sandboxed applications and manage your files on a backend that never sees your unencrypted data.
The architecture features a client-side "microkernel" in React managing processes, IPC, and a virtual filesystem (VFS). The backend uses Python/Flask to handle authentication and orchestrate sandboxed execution of user code in Docker.
-
π True End-to-End Encryption (E2EE) Every API call and WebSocket message is encrypted with a session-specific key established via an ECDH key exchange. The server is authenticated using ECDSA to prevent MitM, and session keys are periodically ratcheted for post-compromise security. The server cannot read your traffic.
-
ποΈ Zero-Knowledge Encrypted VFS An optional, client-side encryption layer for your files. A master key is derived from your password using a strong PBKDF2 function, encrypting files in your browser before they are sent to the server. You, and only you, hold the key.
-
π‘οΈ Multi-Layer Sandboxing
- Frontend: All apps run in isolated
<iframe>s, communicating with the OS kernel via a securepostMessage-based syscall bridge. A malicious app can't touch the main UI or other apps. - Backend: User-installed backend logic is executed within hardened, ephemeral Docker containers with no network access, a read-only filesystem, and strict resource limits.
- Frontend: All apps run in isolated
-
𧩠Extensible App Platform Define app capabilities, permissions, and custom backend endpoints declaratively in a
manifest.jsonfile. Install third-party apps with a clear, auditable permission model before they can run.