Architecture#
opendesk separates what a computer can do (the capability surface) from where that computer lives (local vs. remote) and how agents talk to it (via tools, MCP, etc.). Each layer is independently importable.
┌──────────────────────────────────────────────────────────────┐
│ Integrations MCP · Claude Code · OpenAI · LangChain │
├──────────────────────────────────────────────────────────────┤
│ Tools screenshot · mouse · keyboard · ui · │
│ clipboard · ocr · app · learn · schedule │
├──────────────────────────────────────────────────────────────┤
│ Computer Computer ABC │
│ ├─ LocalComputer (the machine we're on) │
│ └─ RemoteComputer (via the wire protocol) │
│ ComputerDispatcher (server-side router) │
├──────────────────────────────────────────────────────────────┤
│ Remote opendesk serve · pair · discover · connect │
│ mDNS advertisement & browsing │
├──────────────────────────────────────────────────────────────┤
│ Protocol frames · msgpack codec · peer (call-id mux) │
│ transports: WebSocket (TCP) — future: QUIC │
│ auth: X25519 + ChaCha20-Poly1305, pairing PSK│
└──────────────────────────────────────────────────────────────┘
Three load-bearing properties:
Tools never know whether a Computer is local or remote. The same tool code runs against
LocalComputerorRemoteComputer.Bytes are bytes. msgpack
bincarries pixmaps, file contents, and process output natively — no base64 anywhere on the wire.Trust is keys, not certs. No CA-signed certificates required. Both peers hold long-lived X25519 keypairs that authenticate each connection.
Layer guide#
Layer |
Guide |
|---|---|
Computer & Tools |
|
Protocol |
|
Remote & Integrations |
|
Data Flow |
|
Custom Tools |