Sideband is a layered communication stack for browser-to-daemon communication, designed to work reliably behind NAT with end-to-end encryption.
These specifications are implementation-neutral. You may implement them in any language or runtime, including proprietary systems, under CC BY 4.0 terms.
Start here: Protocol Architecture defines layering, frame wrapping rules, and dependency invariants. All specifications below must be consistent with the architecture document.
┌───────────────────────────────────────────────────┐
│ Application / SDK │
├───────────────────────────────────────────────────┤
│ RPC (semantic envelopes inside MessageFrame.data) │
├───────────────────────────────────────────────────┤
│ SBP (application framing, routing, correlation) │
├───────────────────────────────────────────────────┤
│ Session: SBRP (relay E2EE) or SBDP (direct P2P) │
├───────────────────────────────────────────────────┤
│ Transport (WebSocket, WebRTC, etc.) │
└───────────────────────────────────────────────────┘
| Layer | Protocol | Status | Purpose |
|---|---|---|---|
| App Framing | SBP | v1 | Framing, multiplexing, message routing |
| Relay Session | SBRP | Draft | E2EE sessions via relay server |
| Direct Session | SBDP | Design | P2P encryption (future) |
| Semantic | RPC | v1 | Typed request/response patterns |
::: info
RPC envelopes live inside MessageFrame.data. Session layers (SBRP/SBDP) encrypt entire SBP frames; they never inspect RPC content. See architecture for wrapping rules.
:::
Topology-agnostic framing used by all session layers. Defines frame types, message routing, and wire format.
Default transport: secure, relay-based sessions with E2EE. The relay never sees plaintext.
Future: direct P2P when both peers can establish a connection without relay.
Typed request/response/notification semantics inside SBP message frames.