PearCal

PearCal has no server. Your calendar data, every event, every group, every reminder, lives only on the devices you use. When those devices need to share an update, they talk to each other directly, encrypted end to end. No company, including PeerLoom, can read your calendar because no company ever receives it.

In most calendar apps, your phone talks to a central server and the server talks to other phones. The server reads everything. In a peer to peer app, two phones talk directly to each other. There is no server in the middle.

Think of email versus a handwritten letter. Email routes through several companies that could read it. A letter goes from your hand to your recipient's hand. PearCal works more like the letter.

The obvious question: if there is no server, how do the devices in a shared group know how to reach each other?

PearCal uses a distributed hash table, or DHT, the same technology that powers BitTorrent. A DHT is a phone book that no one company owns. It is spread across thousands of participating devices around the world. When devices in a group come online, they each ask the DHT "has anyone seen my group?" and the DHT helps them connect.

Crucially, the DHT only helps devices find each other. It never sees the data they exchange.

PearCal stores the following locally on each device:

• Your profile name and optional avatar.
• Calendar events you create, including titles, times, locations and notes.
• The groups you belong to and the events shared inside them.
• The cryptographic keys that identify your device to others in your groups.

All of it is stored on the devices themselves. None of it is uploaded to PeerLoom or any third party.

Two things protect the data flowing between devices in a group:

• End to end encryption. Everything the devices exchange is encrypted with keys that only the group members hold. If someone intercepts the traffic on your Wi-Fi, your mobile carrier or anywhere else on the internet, they see scrambled bytes.
• Cryptographic signing. Every event or change is signed by the device that made it. Other devices in the group only apply changes that carry a valid signature from a known member. A stranger cannot inject events, even if they guessed your group address.

Most calendar apps ask you to create an account and upload your events to the company's servers. That model has real costs:

• The company can read every event on your calendar. Some build profiles for advertising from that data.
• If the company gets hacked, your calendar leaks along with everyone else's.
• If the company shuts down or pivots away, your calendar may be locked inside their service.
• Outages on the company's servers take your calendar offline for everyone at once.

PearCal trades the convenience of a cloud backend for privacy and independence. There is no account to hack, no server to leak, no subscription to cancel and no company to shut down.

Peer to peer is not magic. Honest tradeoffs:

• Both devices need to be online at the same time to sync in real time. Events you add apply to your peers the next time their device connects. This is usually within seconds but can be longer if a peer is offline.
• No web dashboard. There is no website where you can log in and see your calendar, because there is no server to back one. Everything happens in the app on your device.
• No cross device cloud backup. If you lose your device and had not exported a backup, you will need to rejoin your groups from a fresh install.

These are deliberate choices. A cloud backend would solve all three at the cost of everything the peer to peer design protects.

You do not have to take our word for any of this. PearCal is fully open source. The complete code, including the sync layer and the encryption code, is published at github.com/peerloomllc/pearcal-native.

• Full privacy policy
• Hypercore Protocol. The peer to peer technology that powers PearCal sync.