GenosDB + GenosRTC: A Scalable Browser-Native P2P Graph Database with Cellular Mesh WebRTC Architecture
Engineering Excellence vs. Architectural Innovation in Browser P2P
Full Stack Developer - dWEB R&D
When comparing GenosDB + GenosRTC against the current browser-P2P ecosystem — Gun, PeerJS, simple-peer, Trystero, y-webrtc — it is important to distinguish between two very different things: exceptional execution of existing technologies and genuine architectural innovation.
GenosDB delivers both. This article breaks down exactly where each one lives, with architecture diagrams and links to the full technical documentation.
- 📦 npm: genosdb
- 🗂 Repository: github.com/estebanrfp/gdb
- 📖 Documentation index: docs/index.md
- 📄 Whitepaper: WHITEPAPER.md
- 🧠 Wiki: GitHub Wiki · DeepWiki
Table of Contents
- What is GenosDB?
- The Full Stack at a Glance
- Layer 1 — Production-Grade P2P Signaling (GenosRTC)
- Layer 2 — The Real Innovation: Cellular Mesh
- Layer 3 — The Database Engine: Delta Sync, HLC, CRDTs
- Layer 4 — Zero-Trust Security: RBAC, ACLs, Governance
- Market Comparison
- Why the Combination Is the Moat
- Getting Started in 30 Seconds
- FAQ
- Documentation Map
What is GenosDB?
GenosDB (GDB) is a distributed, modular, peer-to-peer graph database that runs entirely in the browser — no servers, no backend, no infrastructure. It combines:
- A graph data model (nodes + directed edges) with a rich query engine — see the GDB API Reference and Features overview
- Real-time P2P synchronization over WebRTC via GenosRTC
- A Zero-Trust Security Model with cryptographic identities, WebAuthn, RBAC, node-level ACLs, and rule-based governance
- Zero runtime dependencies and lazy-loaded optional modules (geo, radix tree, natural-language queries, audit)
Your Web App
│
│ await gdb("my-db", { rtc: true })
▼
GenosDB
│
├─► Query Engine (30+ operators, $edge)
│
├─► Security Manager (RBAC · ACLs · WebAuthn)
│
├─► Optional Modules (geo · nlq · rx · ii · audit)
│
└─► Sync Core (HLC · oplog · LWW)
│
├─► Persistence Worker (OPFS → IndexedDB)
│
└─► GenosRTC (WebRTC + Nostr + Cells)
│
▼
Other Peers (P2P)
The Full Stack at a Glance
The platform is built as four independent layers. The first one is excellent engineering on known ideas. The other three are where the architectural differentiation lives.
| Layer | Technology | Status vs. market |
|---|---|---|
| Signaling & transport | WebRTC + Nostr relays | Production-grade execution |
| Network topology | Cellular Mesh overlay | No browser-native equivalent |
| Data consistency | HLC + oplog delta sync + LWW CRDT | Rare in browser P2P |
| Security | Zero-trust RBAC + ACLs + signed governance | Unique vertical integration |
Layer 1 — Production-Grade P2P Signaling (GenosRTC)
Decentralized WebRTC signaling over Nostr is not new. The implementation details are what matter — and GenosRTC's details are production-grade (full architecture breakdown):
- Pool of 20 pre-generated WebRTC offers for near-instant connection establishment — no offer-generation latency on peer discovery
- Intelligent relay management: primary relays plus adaptive fallback strategies with dynamic scheduling
- Automatic detection and exclusion of relays demanding Proof-of-Work, keeping signaling latency predictable
- Connectivity-aware reconnection driven by browser
online/visibilityevents with exponential backoff - AES-GCM SDP encryption with
SHA-256(secret:appId:roomId)key derivation — signaling metadata is never readable by relays - 16KB chunked transfers with binary metadata and per-chunk progress tracking
- Audio/video streaming with track replacement and per-stream metadata (GenosRTC guide)
Nostr Relays
│
│ peer discovery only
▼
Peer A announces topic
│
▼
Peer B discovers Peer A
│
├─► OFFER (pooled, AES-GCM SDP)
│
└─► ANSWER (encrypted)
│
▼
Direct WebRTC channel (E2E, no relays)
│
├─► named channels
│
├─► 16KB chunks + progress
│
└─► audio/video streams
Libraries such as PeerJS or simple-peer do not even address the signaling problem — they assume you run your own signaling server. Finding all of these concerns solved together, in a dependency-free package, is rare.
However, the true differentiation is not the signaling layer.
Layer 2 — The Real Innovation: Cellular Mesh
Cellular Mesh was designed to solve the fundamental scalability problem of every traditional WebRTC full-mesh architecture: O(N²) connection growth.
Solutions such as Trystero, PeerJS, Gun, and y-webrtc all ultimately rely on topologies that become increasingly inefficient as peer counts grow. In practice, these architectures hit serious performance and stability limitations once networks reach dozens of simultaneous participants:
FULL MESH (market standard)
│
│ N·(N-1)/2 connections
▼
8 peers → 28 links
50 peers → 1,225 links
100 peers → 4,950 links 💥
CELLULAR MESH (GenosRTC)
│
│ ~O(N) connections
▼
Peers
│
├─► Cell A ● ● ● ◉
│
├─► Cell B ● ● ● ◉
│
└─► Cell C ● ● ● ◉
◉ bridge peer (health-score elected)
│
└─► forwards to neighbor cells
(cell → bridge → cell, TTL-bounded)
GenosRTC addresses this with a self-organizing Cellular Mesh overlay that currently has no direct equivalent in the browser-P2P market:
- Deterministic cell assignment — nodes are mapped to cells with no coordinator and no negotiation
- Adaptive cell sizing — with
cellSize: 'auto', cell size recalculates dynamically toward a configurabletargetCells, clamped between min and max bounds - Health-score bridge election — inter-cell bridges are selected using a composite score over real network metrics:
healthScore
│
├─► 0.25 · RTT (ping window)
│
├─► 0.25 · uptime (time in mesh)
│
├─► 0.30 · stability (reconnections)
│
└─► 0.20 · responsiveness (recent pings)
- Dynamic TTL — message propagation uses
TTL = min(150, cells + 3), so flood depth adapts to the actual topology instead of being a magic number - Ring-buffer deduplication — duplicate suppression over the last 5,000 message IDs, preventing routing loops at near-zero memory cost
- 2-second heartbeat with stale-peer cleanup — peers silent for 30s are evicted and bridges are re-elected automatically
The result is a structured, self-organizing overlay network running entirely on pure browser WebRTC. Live visualizations are available in the repository: D3 mesh monitor, Canvas lite, 3D particles.
Conceptually, the closest comparison is libp2p + gossipsub. But that approach requires substantially more infrastructure, a significantly heavier stack, and far greater operational complexity. No existing browser-native solution provides a comparable architecture as a lightweight, transparent overlay enabled with a single flag:
const db = await gdb("my-app", { rtc: { cells: true } })
To the best of our knowledge, Cellular Mesh is not an evolution of an existing browser-P2P pattern — it is a fundamentally different networking model, and today it remains unique to GenosRTC.
Layer 3 — The Database Engine: Delta Sync, HLC, CRDTs
A scalable transport is useless without a consistency model that survives it. GenosDB pairs Cellular Mesh with a sync engine designed for hostile network conditions:
Hybrid Delta Protocol
The Hybrid Delta Protocol is a dual-mode engine: delta updates for speed, full-state fallback for reliability.
Peer reconnects (watermark T)
│
▼
does the oplog still cover T?
│
├─► YES → DELTA SYNC
│ │
│ └─► only ops newer than T
│ (MessagePack + compressed)
│
└─► NO → FULL-STATE SYNC
│
├─► compressed graph snapshot
│
└─► reset oplog + watermark
Hybrid Logical Clocks + LWW
Every operation carries an HLC timestamp {physical, logical} guaranteeing causal ordering without trusting wall clocks. Conflicts resolve deterministically via Last-Write-Wins, with clock-skew capping so a peer with a broken clock cannot poison the graph.
Non-Blocking Persistence
A dedicated persistence worker writes through a tiered storage strategy — synchronous OPFS → async OPFS → IndexedDB — with cross-tab safety via the Web Locks API. Large graph saves never block the UI.
Query Engine
The map() query engine supports 30+ operators — comparison, logical, text/regex/like, cursor-based pagination (\(after / \)before / \(limit), and the recursive \)edge graph-traversal operator — all with real-time subscriptions. Full CRUD docs: put · get · link · remove · overview.
Layer 4 — Zero-Trust Security: RBAC, ACLs, Governance
This is where vertical integration becomes a moat. In a P2P network you cannot trust any peer — so GenosDB assumes none of them (Distributed Trust Model, Zero-Trust Security Model):
op arrives from the network
│
│ every peer verifies it
▼
verify ECDSA signature ✗ reject
│ (recover the signer)
▼
check RBAC role + expiry ✗ reject
│ (guest → superadmin)
▼
check node-level ACLs ✗ reject
│ (verified signer only)
▼
apply to graph
- Cryptographic identity: every user is an ECDSA keypair, protected by WebAuthn passkeys or recoverable via BIP39 mnemonic (SM API Reference, SM Architecture)
- Hierarchical RBAC with role expiry —
guest → user → manager → admin → superadmin, every grant signed by an authorized signer - Node-level ACLs — owner/collaborator permissions per node, enforced against malicious peers: the permission check uses the cryptographically verified signer, never a claimed identity (ACLs Module)
- Rule-based governance — automatic role promotion/demotion where rule conditions are native GenosDB queries, evaluated last-match-wins and signed by an online superadmin (Governance Guide)
- Async content moderation of the oplog via the Audit module
Every operation can be cryptographically validated. Every identity can be independently verified. Every node enforces ACL policy without centralized infrastructure and without assuming any other peer is trustworthy.
Market Comparison
| Capability | GenosDB + GenosRTC | Gun | Trystero | PeerJS / simple-peer | y-webrtc |
|---|---|---|---|---|---|
| Serverless signaling | ✅ Nostr | ⚠️ needs relays | ✅ Nostr et al. | ❌ own server | ⚠️ signaling server |
| Scalable topology (>100 peers) | ✅ Cellular Mesh | ❌ | ❌ full mesh | ❌ full mesh | ❌ full mesh |
| Graph data model + queries | ✅ 30+ operators, $edge |
⚠️ graph, limited queries | ❌ transport only | ❌ transport only | ❌ (Yjs CRDT docs) |
| Delta sync + full-state fallback | ✅ | ⚠️ | ❌ | ❌ | ⚠️ Yjs |
| Causal ordering (HLC) | ✅ | ❌ | ❌ | ❌ | ⚠️ vector-ish |
| Zero-trust RBAC + role expiry | ✅ signed, enforced | ❌ | ❌ | ❌ | ❌ |
| Node-level ACLs vs malicious peers | ✅ | ⚠️ SEA (different model) | ❌ | ❌ | ❌ |
| Rule-based governance | ✅ | ❌ | ❌ | ❌ | ❌ |
| Runtime dependencies | 0 | several | minimal | several | Yjs stack |
A note on Gun: its SEA layer provides cryptographic identity and encryption, but it has no equivalent to a zero-trust RBAC model with signed role grants, role expiry, rule-based governance, and node-level ACLs that remain enforced in the presence of malicious peers across the network.
Why the Combination Is the Moat
GenosDB's competitive advantage is not WebRTC itself. It is not Nostr. It is not decentralized signaling.
The defensible innovation is Cellular Mesh and its native integration with GenosDB's consistency, synchronization, and security model:
Cellular Mesh (scale)
+
Hybrid Delta + HLC (consistency)
+
Signed RBAC + ACLs (trust)
│
▼
a fully distributed, zero-trust,
browser-native data platform —
beyond the full-mesh ceiling,
with no servers at all
Each layer alone is valuable. Together they represent a unique architectural approach to browser-native distributed systems — one that, as of today, has no direct equivalent in the browser-P2P market.
Getting Started in 30 Seconds
import { gdb } from "genosdb"
// P2P database with cellular mesh, no servers
const db = await gdb("my-app", { rtc: { cells: true } })
// Write
const id = await db.put({ name: "Alice", role: "builder" })
// Real-time reactive query
const { unsubscribe } = await db.map(
{ query: { role: "builder" }, realtime: true },
({ id, value, action }) => console.log(action, id, value)
)
// Graph edges
await db.link(id, await db.put({ name: "Bob" }))
- 📦 Install:
npm install genosdb— bundler configuration for Vite, Webpack, Bun, esbuild, and CDN - 🧪 50+ live examples: examples catalog — chat, kanban, whiteboard, collaborative editors, video rooms, geolocation
- 🧯 Optional high-availability superpeer: Fallback Server
FAQ
Is GenosDB really serverless? Yes. Peer discovery uses public Nostr relays (or your own); all data flows peer-to-peer over encrypted WebRTC channels. An optional fallback superpeer can improve availability, but nothing requires it.
How many peers can a room handle?
Standard mesh is comfortable for small rooms; with { cells: true } the Cellular Mesh overlay replaces O(N²) connection growth with cell-local connectivity plus health-elected bridges, designed to scale to very large peer counts.
What happens when a peer goes offline and comes back? The Hybrid Delta Protocol sends only the missed operations; if the peer is too far behind, it transparently falls back to a compressed full-state snapshot.
How are conflicts resolved? Deterministic Last-Write-Wins ordered by Hybrid Logical Clocks, with clock-skew capping.
Can untrusted users join? That is the default assumption. The Zero-Trust Security Model starts everyone as a write-blocked guest; promotion happens through signed role grants or automatic governance rules, and node-level ACLs hold even against malicious peers.
Does it work offline? Yes — local-first by design. Data persists in OPFS/IndexedDB via a non-blocking worker and syncs when connectivity returns.
Documentation Map
| Area | Links |
|---|---|
| Core API | API Reference · Features · CRUD · put · get · map · link · remove · pagination |
| GenosRTC | API Reference · Architecture · Guide · Cellular Mesh · Nostr relay deployment |
| Security | Zero-Trust Model · Distributed Trust · SM API · SM Architecture · ACLs · Governance |
| Internals | Worker Architecture · Hybrid Delta Protocol · Hybrid Logical Clock · Fallback Server |
| Modules | Geo · NLQ · Radix Tree · Audit |
| Project | README · Whitepaper · Examples · Resources · Wiki · DeepWiki · npm |
Keywords: GenosDB, GenosRTC, P2P database, WebRTC mesh, decentralized database, browser database, Nostr signaling, CRDT, distributed systems, zero-trust security, real-time sync, serverless, local-first, offline-first, graph database, JavaScript P2P
Author
Esteban Fuster Pozzi (@estebanrfp) — Full Stack JavaScript Developer
🌐 estebanrfp.com · LinkedIn · Creator of GenosDB
