Start
What is Viewport
The pitch, the runtime shape, and the privacy story. In one page.
Viewport is a remote control plane for AI coding agents. Three pieces, two of which you can run yourself.
The pieces
Rendering diagram...
- Daemon (
@viewportai/daemon). Runs on your machine. Listens to agent hook events. Streams metadata over a WebSocket. Open source. Stored in~/.viewport/, mode0o600. Source on GitHub. - Relay. Stateless WebSocket router. Per-process state only. The relay sees encrypted envelope frames; it cannot read payloads. Self-hostable via the Docker image at
ghcr.io/viewportai/relay. Source on GitHub. - Control plane. Laravel + React. Authentication, workspaces, members, audit, inbox routing, workflow definitions. Hosted today at
app.getviewport.com. Full-stack on-prem is on the roadmap.
The loop
Every Viewport interaction reduces to one loop:
- Agent starts a session in a registered directory.
- Daemon announces the session to the platform.
- Platform sees activity. You see the session in
/sessions. - Agent hits a decision point. Generates a plan, requests permission for a risky operation, proposes new context to remember.
- Decision lands in your inbox.
- You approve, deny, or steer from your phone, the app, or a Slack/webhook delivery.
- Daemon receives the decision over the WebSocket. Agent continues.
Every decision writes an immutable row to the audit log (90-day default retention, configurable per workspace).
What's persisted, what isn't
The privacy claim hinges on what the control plane stores at rest.
| Object | Stored at rest? |
|---|---|
| Session frames (prompts, tool calls, transcript) | No. The daemon owns them. The platform has no table to store them in. |
| Plans | Yes. They're reviewable artifacts shared with humans. |
| Inbox items | Yes. They're decision queues. |
| Context Vault entries | Yes, but encrypted. HPKE-encrypted on the client; the platform stores ciphertext. |
| Workflow definitions | Yes. They're declarative YAML committed to your repo, mirrored to the DB. |
| Audit events | Yes. That's the point. |
| Daemon identity keypair | Local only. Never sent. |
| Relay envelope payloads | No. In-flight only. |
Read more in Trust and privacy.
How it compares to what you might know
- Not a chat interface. Viewport doesn't replace the agent's UX. It shadows the agent and gives you a remote-control surface.
- Not a hosted agent. The agent runs on your machine, with your credentials, against your repo. Viewport doesn't proxy LLM calls.
- Not a CI replacement. Workflows in Viewport are agent-shaped, not pipeline-shaped. They include human approval steps as first-class.
Where to go next
- Mental model for the five concepts.
- Developer quickstart for the 5-minute install.
- Concepts: Trust and privacy for the security posture.