Project Aether — Universal Software Architectural Benchmark

Unified Computation Substrate

All Data Operations — One WASM Module, One Memory Space, One Pipeline

A single WASM-compiled module handles ALL data operations — CRUD, search, transformation, validation, analysis — in one continuous computation space. Entity types are schema-level distinctions, not boundaries. All data coexists in the same broadphase pipeline.

Key Requirements

• WASM computation module (C++ or Rust)
• SharedArrayBuffer for cross-thread state
• Unified: CRUD, search, transform, validate, analyze in one pipeline
• Entity type = schema distinction, not processing boundary
• Direct memory references for cross-entity ops

Deterministic State Engine

Every Application Flow Is a Formal State Machine. Impossible States Cannot Be Reached.

Every flow is a deterministic state machine. Layer 1: navigation/routes. Layer 2: workflow states (wizards). Layer 3: data lifecycle (create→review→approve→archive). Layer 4: composed states (parallel machines with synchronized transitions). Every state enumerated. Every transition specified. No "unexpected states" — they cannot be reached.

Key Requirements

• Formal FSM core (XState or hand-rolled)
• Machine composition with synchronized transitions
• Deterministic: same input → same state, same output, every device
• State visualization for debugging
• URL-synced states for deep-linkable workflows
• Migration path for versioning

Persistent Data Provenance Engine

Created, Modified, Accessed, Transformed, Related — The Entity IS Its History

Every significant entity spawns with a provenance tree: creation context, modification history, access log, relationship changes, state transitions, user interactions. This is first-class identity — not a compliance afterthought. The entity IS its history; current state is just the most recent node. Stored as deterministic knowledge graph. Optional LLM renders natural language summaries. Undo = tree traversal. Audit = tree reading.

Key Requirements

• Provenance graph schema (entity_id, event_type, timestamp, actor, delta, context)
• Automatic capture on every mutation — no opt-in
• LLM text rendering with deterministic template fallback
• Provenance query: "show me everything that happened to this entity"
• Exportable audit trail
• Size-bounded: configurable retention with summary compression

Event-Sourced Persistence

The Save File Is an Event Log. Loading Is Replaying. State Is Derived.

Every action generates an event. The persistence store is the event log — not a state snapshot. Loading = event replay against a fresh engine. Time is not a column, it is the substrate. Stores are tiny (binary-encoded), version-tolerant, shareable (email a file), forkable (diverge and merge). Checkpoint system for fast-forward replay. Undo = replay to point. Time-travel debugging = reading the log.

Key Requirements

• Binary event log with checksums and version markers
• Replay engine: state at any point in timeline
• Checkpoint system (snapshot every N events)
• Export/import as downloadable file — shareable, forkable
• Integrity verification at checkpoints (SHA-256)
• Version-tolerant: new events don't break old replay
• Undo/redo via inverse event or replay to point

Core-First AI Integration

Enhancement, Never Dependency. The User May Never Know It's Active.

Every AI-enhanced feature has a deterministic core that works offline. Templates produce valid output. Recommendations are algorithmic with AI as enhancement. Natural language has regex/rule-based fallback. AI is a parallel enhancement pipeline — like texture streaming swaps a blurry mip-map for a sharp one mid-frame. The user never waits. The deterministic core is the real application. AI is production value, not functionality. PATTERN: CP-4

Key Requirements

• Every AI system has deterministic fallback (complete, not placeholder)
• Non-blocking pipeline: fire → continue with fallback → crossfade when ready
• Crossfade transition (opacity + interpolation, not flash/replace)
• Offline mode: core features identical without AI
• API key encryption via CryptoVault (AES-256-GCM, key never leaves browser) CP-6
• Cost-aware: budgets, coalescing, caching, provider failover

Background Processing & Time-Independent Operations

The System Breathes Whether the User Is Active or Not. Compressed Time.

Background tasks run as low-priority Web Workers. Data syncs, scheduled operations, cache warming, cleanup, batch processing — all without blocking UI. Key insight: time is relative to the process, not the user. When away, the worker simulates in compressed time. On return, missed ticks replay at high speed. The system never sleeps.

Key Requirements

• Worker pool with configurable priority and concurrency
• Schedule-based execution (cron-like in browser)
• Compressed-time catch-up: hours of missed processing in seconds
• State serialization to IndexedDB between sessions
• Background sync via Service Worker (when registered)
• Task queue with persistence, retry, error handling

Sidecar Process

Dedicated Helper in Its Own Address Space. Own Tab. Own Memory. Own Lifespan.

A dedicated Sidecar Tab for AI processing, heavy computation, or long-running automation. Own memory budget, persistent context across sessions, local inference via WebGPU, communicates via BroadcastChannel. Persists when main app closes. On reopen, remembers everything. On multi-monitor, occupies second screen. Not a child — a peer process with its own lifecycle.

Key Requirements

• Tab bootstrap via window.open with injected initial state
• BroadcastChannel: app ↔ sidecar bidirectional
• Persistent context in IndexedDB — survives restarts
• Local inference via WebGPU
• Heartbeat + respawn: crash recovery
• Remote LLM as quality enhancement (parallel, non-blocking)

Service Worker — Always-On Background Process

Operates Without Rendering. Cache, Sync, Notify, Process — Zero UI Required.

A dedicated Service Worker runs continuous operations: cache warming, background sync, push notifications, scheduled processing. Operates without DOM, without rendering, without user attention. When UI tab is open, shares state via SharedArrayBuffer. When closed, continues independently. The autonomic nervous system.

Key Requirements

• Registration with install, activate, fetch handlers
• Cache strategies: cache-first, network-first, stale-while-revalidate
• Background sync for offline queue processing
• Push notification support (user-permitted)
• SharedArrayBuffer for real-time state sync when UI open
• IndexedDB snapshots at configurable intervals

CSS Compositor Pipeline — The Browser's Hidden GPU

CSS Effects Are Shaders for Free. Two Independent Frame Rates.

Two visual layers: primary content (canvas/DOM) and overlay (HUD, notifications, modals, tooltips) rendered by the browser's hardware compositor as independent GPU layers. CSS backdrop-filter for glass effects costs virtually nothing vs. shader equivalents. Independent frame rates — UI at 120fps while content at 30fps. Accessibility lives in DOM layer as first-class concern.

Key Requirements

• Overlays rendered as DOM with will-change: transform for compositor promotion
• backdrop-filter for glass/frost (compositor, not main thread)
• Shared state bridge: app state → DOM UI via BroadcastChannel/SharedArrayBuffer
• Event routing: DOM clicks → app logic via postMessage
• 46-category CSS architecture applied to overlay layer
• WCAG 2.1 AA built into DOM UI

Cache-First Predictive Architecture — Two-Pass, No Loading

Local Prediction in <50ms. Remote Enrichment Crossfades When Ready.

Two-pass pipeline for any data with latency. Pass 1: local cache, template, or computation generates output in <50ms. User sees it instantly. Pass 2: remote API, LLM, or compute-intensive process fires in parallel. When ready, output crossfades to richer version. User never waits because they never see blank state. Offline: Pass 1 handles everything. API down? Slightly less rich but fully functional.

Key Requirements

• Cache-first: Service Worker serves cached data instantly
• Background refresh: stale-while-revalidate — show cache, update behind
• Predictive precomputation: compute likely outputs before request
• Crossfade when rich data replaces local prediction
• Offline-first: cached data always sufficient for core function

Runtime Self-Optimization — Adaptive Configuration

Probe Hardware at Startup. Select Capability Tier. Reconfigure at Runtime.

The engine profiles hardware and environment at startup: GPU capabilities, CPU cores, RAM pressure, battery status, connection speed, display resolution, device type. Capability vector selects WASM module tier, worker count, processing intensity, rendering quality, feature set. If thermal throttling detected mid-session, hot-swaps to lightweight modules preserving state. Same file. Every device. No minimum requirements.

Key Requirements

• Detection: hardwareConcurrency, WebGPU features, RAM, battery, DPR, connection, deviceMemory
• Capability vector: intersection of all resources → optimal config
• Tiered WASM selection: compatible first, upgrade if supported
• WASM hot-swap with state preservation (no reload)
• Performance budget tracker with real-time adjustment
• Thermal/battery awareness: downclock when hot or on battery

Plugin & Extension System — Event Streams, Not Installation

Independent Processes That Inject Event Streams. No Install. No Conflict.

Extensions are independent processes (tabs, workers, isolated iframes) that inject event streams into shared state via BroadcastChannel. Each has its own context, memory, lifecycle. Multiple extensions = multiple processes contributing to one coherent state, merged via CRDT mathematics. Removing an extension = closing its process. Corrupted? CRDT merge rejects invalid state. No installation. No registry conflicts. No package manager.

Key Requirements

• Extension bootstrap protocol embedded in main HTML
• Event stream replay with CRDT-based state merging
• Extension context: load URL → spawn isolated process → inject event stream
• Sandboxed: no direct access to core state — structured events only
• CRDT conflict resolution (commutative, no rollbacks)
• Rewind-to-checkpoint for corruption recovery

AI as Agent — Genuine Agency, Verified Fallbacks

The AI Acts. It Automates. It Creates. Every Action Has a Verified Deterministic Alternative.

The AI has genuine agency within bounded capabilities. Controls application functions via function calling toolbox. Automates workflows via strategy generation → compiled behavior script → deterministic execution. Creates content tailored to user history. Every AI-driven action has a deterministic fallback that is not a loading state — it is a complete, functional alternative. Between AI cycles, deterministic functions maintain seamless continuity.

13a — Co-Pilot (Shared Control)

AI receives application state as structured data. Function calling access to controls. User delegates → AI computes → executes native functions → presents results. Fallback: scripted assistant if AI exceeds budget.

13b — Automation Agent (AI as Workflow Designer)

Full state → AI generates multi-step workflow → compiled behavior script → deterministic execution at full speed. Re-evaluates on significant state changes. Fallback: procedural rules engine between strategy updates.

13c — Content Generator (AI as Creator)

Reads user state, history, preferences. Generates content, summaries, reports. Fallback: procedural template generator produces complete output. Not a placeholder. PATTERN: CP-4

13d — Local Inference Pipeline

Small language model compiled to WebGPU compute. Lives in GPU memory. Inference = GPU dispatch, ~10–50ms. No network. No latency. Local handles real-time; remote LLM enriches quality in parallel.

Physical Hardware Bridge — The Browser IS the Driver Layer

USB · HID · Bluetooth · NFC — Zero Install, Zero Drivers, Browser-Native

The engine queries navigator.hid.getDevices() at startup. Reads input at native polling rates via raw HID reports. Sends output and feedback. No driver installation. No configuration utility. No platform-specific SDK. The browser exposes hardware directly — the application speaks HID reports. Graceful fallback: keyboard/mouse when no specialized hardware detected.

Key Requirements

• WebHID enumeration and permission at startup
• Native-rate HID report reading
• Output/feedback via HID output reports
• Web-Bluetooth: discover, connect, read/write characteristics
• Web-NFC: tap tags → trigger actions
• Graceful fallback: standard input when specialized absent

Performance Optimization Engine — Decouple Resolution from Quality

Render Internally at Reduced Resolution. Compute Upscale. Battery-Aware.

Render/process internally at reduced resolution → compute shader analyzes temporal data between frames → edge-preserving upscale to target. Compositor displays optimized output while compute engine calculates next frame. Mobile: halves GPU fill rate, preserving battery. Desktop: full quality. Internal resolution is a processing parameter, not a quality signal. Performance and quality are independently configurable.

Key Requirements

• OffscreenCanvas at configurable internal resolution
• Temporal data analysis via compute shader between frames
• Edge-preserving upscale to target display resolution
• Dynamic resolution scaling based on frame time budget
• Battery-aware: reduce resolution and compute on battery
• Quality presets: Performance → Balanced → Quality → Ultra

Procedural/Computed Content Engine — Nothing Is Stored. Everything Is Generated.

Zero Asset Files. Zero Storage for Detail. Complexity Costs Nothing.

Every piece of derivative content — generated from mathematical functions, not stored as assets. Graphics: procedural patterns, generated textures, computed effects. Data: synthetic datasets, test fixtures, placeholder content upgrading seamlessly to production data. Key insight: storage is irrelevant to detail. A mountain of visual complexity costs the same bytes as a flat plain. Complexity is a function parameter, not a resource budget.

Key Requirements

• Procedural generation via compute shaders or Web Worker
• Seed-based deterministic output: same seed = same result on every device
• Level-of-detail: complexity scales with processing power, not storage
• Synthetic data generation for test/dev/placeholder
• Placeholder-to-production pipeline: generated upgrades seamlessly to authored

Internet as Native Integration Layer — The Web Is Not External

The Application IS the Browser. User Sessions Are Present. The Internet Is the Same System.

Because the application IS a browser context, the user's existing sessions, cookies, and logins are already present. In-app views render real web content via iFrame — authenticated services, streaming platforms, productivity tools. AI agents have web awareness: search, summarize, discuss current information. The "browser tax" becomes an architectural advantage: native apps can't touch user sessions; browser apps inherit them. Permission scaffolding ensures transparency.

Key Requirements

• iFrame portal system: embedded views render real content, inheriting sessions
• AI web awareness: scrape → summarize → inject with consent
• Third-party API integration via OAuth2 with transparent permission
• Permission scaffolding: opt-in per service, transparent data flow
• Offline fallback: all web integrations degrade to local equivalents

Peer-to-Peer Collaboration — Serverless, Accountless, Pure Protocol

No Server. No Account. Direct Browser-to-Browser. State Is Merged Mathematically.

Users discover each other via lightweight signaling (no server in data path). WebRTC DataChannels form direct mesh — browser-to-browser, zero intermediaries. State reconciled via CRDTs — merged mathematically, no locking, no "server says no." Any participant can freeze a snapshot: a deterministic file recreating exact state on any other browser. The application IS the protocol — no company owns the infrastructure.

Key Requirements

• WebRTC DataChannel mesh for direct browser-to-browser communication
• Lightweight signaling for handshake only (no server in data path)
• CRDT state reconciliation: conflict-free, commutative, no rollbacks
• Snapshot protocol: freeze state → export file → import on any browser → exact state
• Federated identity via OpenID Connect for optional reputation (no mandatory accounts)
• Real-time cursor/selection awareness (when applicable)

Agentic Automation Bridge — App Actions → Real-World Outcomes

Play in the Application. Produce Value Outside It. Every Session Creates External Artifacts.

An Agent Worker receives the application event stream. An LLM interprets events and maps them to real-world actions via authorized API connections. User achieves a milestone → agent creates a document, sends a notification, updates a CRM, triggers an automation. Every action is opt-in, configurable, transparent. The agent never acts without explicit permission. Key insight: the application is not a container for value — it is a generator of value extending beyond its own UI.

Key Requirements

• Agent Worker: event stream → LLM interpretation → authorized API execution
• Authorized integrations (webhooks, Zapier, IFTTT, Notion, Calendar, CRMs, etc.)
• Permission architecture: user sees, approves, denies, or automates every action
• Transparency log: every agent action recorded and reviewable
• Opt-in only: zero external activity without explicit configuration