What is webAI?
webAI is a desktop and browser application that brings AI, collaboration, and productivity tools together in a single workspace — all running locally on your device. Instead of sending your data to cloud providers, webAI runs large language models directly on your hardware using , MLX, or llama.cpp. Your prompts, conversations, files, and context never leave your machine. Privacy isn’t a policy — it’s the architecture.webAI runs on macOS. A native desktop shell powered by Tauri provides the richest experience, while a browser-only mode works on any platform with WebGPU support.
Why webAI?
Traditional AI tools require you to send your data to someone else’s servers. webAI inverts that model. Your device becomes the AI server, and a peer-to-peer network lets you collaborate and share intelligence without a centralized platform.Private by architecture
Your data never leaves the device. Privacy is structural — there’s nothing to breach because there’s nothing sent.
Runs locally, works offline
AI models execute on-device via WebGPU, Apple MLX, or llama.cpp. No cloud API keys, no internet required.
Peer-to-peer collaboration
Create or join spaces to collaborate in real time over . Share workspaces, chat, voice call, and exchange files directly between devices.
What can you do with webAI?
Collaborate in real time
Create or join spaces to whiteboard, co-edit documents, share files, and voice chat — all with no central server.
Browse the web with AI
An embedded browser lets you research alongside your AI — summarize, explain, and extract key points from any page.
Build and share custom apps
Load or build lightweight HTML apps that run inside webAI and sync automatically when collaborating in a space.
Own your setup
Everything — AI, data, conversations, files — lives on your device. No accounts required, no cloud dependency.
Architecture
webAI is structured as three independent layers connected by contracts, not hard dependencies. Each layer can be replaced without modifying the others.Oasis (AI Runtime)
The browser-native JavaScript AI engine. Handles model loading, tokenization, WebGPU inference, the agent kernel, 40+ built-in tools, and the persona system. Runs in an iframe with no build step required.
Apogee Shell (Application Layer)
The frontend application layer built with React and TypeScript. Provides the launcher, settings, collaboration UI, window management, theming, identity, and file storage. Hosts Oasis and custom apps in iframes.
Key capabilities
| Capability | Description |
|---|---|
| On-device inference | Run LLMs locally via WebGPU, MLX, or llama.cpp with automatic backend selection based on your hardware. |
| Personas | Create and swap AI personalities — each with its own system prompt, capabilities, and tool policies. |
| Agent system | An autonomous agent runtime that can plan multi-step tasks, use tools, automate browser actions, and execute workflows locally. |
| P2P collaboration | Host or join spaces over WebRTC with -synced state, chat, voice, and file sharing. |
| Custom apps | Build and upload HTML or JSX apps that run inside the platform with access to AI, collaboration, and storage APIs. |
| Intelligence Delivery Network | Every device is a node. Share AI solutions across your network without a centralized platform. |
Safety & privacy
Privacy and safety aren’t add-ons in webAI — they’re built into the architecture. Your data stays on your device, your AI runs locally, and every action that could affect something outside your machine requires your explicit approval.Identity and encryption
Every device generates a unique cryptographic identity called an . This is your identifier on the network — no email, no username, no account required.- Generated locally using RSA key pairs
- Used for signing messages and authenticating peer connections
- Never transmitted to a central server
End-to-end encryption
All private communication in webAI is end-to-end encrypted:| What’s encrypted | How |
|---|---|
| Direct messages | Encrypted with the recipient’s public key before sending. Only they can decrypt it. |
| File transfers | Encrypted in transit over the connection. |
| Offline messages | Queued messages are encrypted at rest and delivered when the recipient comes back online. |
Contacts added through the pairing code method have full cryptographic trust from the start — both sides exchange and pin each other’s keys during the pairing process.
Key pinning
When you add a contact via the 6-digit pairing code, both devices exchange signing and encryption keys. These keys are pinned — meaning future communication is verified against the original exchange. If a key changes unexpectedly, you’ll be alerted.Peer-to-peer security
Connections between devices are secured at multiple levels:- Authenticated handshakes — Every peer connection starts with an ODID-based authentication handshake.
- Session encryption — Data channels are encrypted for the duration of the session.
- Connection limits — A maximum of 15 concurrent connections prevents resource exhaustion.
- Idle teardown — Inactive connections are automatically closed after 5 minutes.
What webAI does not do
- Does not send your data to a cloud server for AI inference
- Does not require an account to use core features
- Does not track your conversations, prompts, or files
- Does not share your identity without your explicit consent