GenosDB (GDB) – Decentralized P2P Graph Database
12 comments
·July 31, 2025catoAppreciator
Looks very promising. Do you have a vision for how we should build p2p apps more generally? I have recently found the holepunch libraries / pear runtime and am curious if you have any thoughts on those projects or how hypercore(?) compares to genosDB.
estebanrfp
GenosDB vs Holepunch
GenosDB is a distributed graph database built for the modern web—runs entirely in the browser, uses OPFS for storage, WebAuthn for authentication, and offers a minified production-ready P2P client. The client is the source of truth.
Holepunch, on the other hand, is a decentralized app platform built on the Hypercore Protocol—great for building custom peer-to-peer apps like Keet, but it doesn’t include a database layer or client-side persistence by default.
Feature GenosDB Holepunch Type Distributed graph DB Decentralized app platform Storage Browser (OPFS, IndexedDB) App-defined (Hypercore, etc.) Auth WebAuthn + RBAC Not included P2P Sync WebRTC (via Trystero) DHT + Hypercore Codebase Minified client lib (genosdb) Fully open (various repos) Use Case Structured data & relationships Custom P2P protocols & messaging
GenosDB is ideal if you need a client-side graph DB with real-time P2P sync. Holepunch is great for building from scratch with total flexibility, but higher complexity.
More at: https://genosdb.com | https://holepunch.to
estebanrfp
I'll send you the complete documentation, it's super easy to create applications with artificial intelligence, simply by pasting the official documentation to any assistant and asking it to build it for you and, as if by magic, you'll have it working thanks to the fact that GenosDB is loaded integrated from the CDN. https://github.com/estebanrfp/gdb/wiki/GDB-API-Reference And here's a post from the author on how to build a distributed todolist app in real time.https://genosdb.com/build-a-to-do-list-in-minutes-with-genos...
mttpwll
This seems like an impressive amount of work and an interesting way to combine RBAC + [realtime] Sync/Conflict Resolution + [local] Document Storage/Querying (and I'm personally interested in the geo module and am intrigued by the AI module to help with some async data pipelines); however, I'm having trouble seeing how this is graph database? Maybe I'm misunderstanding, but I don't see ways for traversing the graph.
I understand that you can create and store a node and then link that node to another node, but how could I query for nodes based on that link/relationship?
E.g.,
```
const alice = await db.put({ name: "Alice", age: 30 });
const bob = await db.put({ name: "Bob", age: 31 });
const cooper = await db.put({ name: "Cooper", age: 29 });
const dwight = await db.put({ name: "Dwight", age: 33 });
await db.link(alice, bob);
await db.link(alice, cooper);
await db.link(cooper, dwight);
const { results } = await db.map({
query: {
'edges.age': { $gt: 30 } // pseudo code
},
});
console.log(results[0].name); // 'Alice'
I see that an `edges` property is added on result nodes from one of the examples[1] and I'm not familiar with Mongo-style queries[2] to know if there's a better operator, but the query above is meant to find nodes that have connected/edge nodes that have an age greater than 30 (e.g., Bob).
(Also, I'm not sure what it'd look like to check against direct AND indirect edges? e.g., Bob and Dwight)
Anyways, my question/point is, is there support (or plans to support) querying and traverse a directed graph?
[1] https://github.com/estebanrfp/gdb/wiki/.map()#b-query-langua... [2] https://estebanrfp.github.io/gdb/examples/testlinks.html
estebanrfp
Exactly, it is clearly explained in the following link to the AI module. It shows you an example of how to make queries with natural language, of the type { "prompt": "Get post id 5" }, the link to the experimental module is https://estebanrfp.github.io/gdb/examples/AIQuery.html
estebanrfp
If you have any questions, we can comment on https://app.gitter.im/#/room/#GDB:gitter.im
null
splintercell
How does it relate to in comparison to gunDB?
r14c
I haven't heard about gun in a long time. Did they ever figure out their conflict resolution algorithm? I recall their hypothetical amnesia machine or whatever didn't have well defined behavior.
estebanrfp
They couldn't agree on how to solve many of the synchronization problems, GenosDB uses the Nostr network, out of the box, you don't need to add signaling servers, all the examples just work
estebanrfp
GenosDB just works... :-)
Role-Based Access Control (RBAC) in GenosDB — Summary
GenosDB integrates a robust Role-Based Access Control (RBAC) module designed to secure peer-to-peer distributed graph databases through cryptographically verifiable user identities and permissions.
Key Concepts: • Identity Management: Users are identified by their Ethereum addresses. Authentication supports WebAuthn (biometric or hardware key protection) and mnemonic phrase recovery. Private keys are securely managed to sign database operations. • Role Hierarchy and Permissions: Roles such as guest, user, admin, and superadmin define granular permissions (e.g., read, write, assignRole). Roles and assignments are stored within GenosDB itself as part of the synchronized distributed state. • Superadmins: One or more Ethereum addresses can be configured as superadmins with elevated privileges, including exclusive rights to assign roles to other users. • Secure P2P Operations: Every outgoing database operation is cryptographically signed by the active user’s private key. Incoming operations from peers are verified for valid signatures and checked against the user’s assigned permissions before acceptance. • Encrypted Local Data Storage: Data tied to users is compressed and encrypted using keys derived from their Ethereum identities, ensuring privacy even in distributed environments.
Operational Flow: 1. Initialization: RBAC is activated on a GenosDB instance by initializing a security context and optionally defining superadmin addresses. 2. Authentication: Users authenticate via WebAuthn or mnemonic phrases, activating local signing capabilities. 3. Role Assignment: Superadmins assign roles to user Ethereum addresses within the distributed database, with optional expiration of assignments. 4. Real-Time Enforcement: Signatures and roles are verified on all nodes for each operation, ensuring integrity before changes propagate across the network. 5. Security State Monitoring: Callbacks allow applications to dynamically respond to changes in authentication or permission states.
Benefits: • Decentralized and cryptographically secure permission management without a central server. • Natural integration of blockchain-based identities with real-time P2P synchronization. • Granular access control, ideal for complex distributed applications. • No requirement for traditional identity management protocols like SCIM, SAML, or SSO, simplifying architecture and user experience.