Vennbase

Build multi-user apps without writing a single access rule.

Vennbase is a TypeScript client-side database for collaborative, local-first web apps — with no backend to run, no server to pay for, and no access control rules to misconfigure. Users sign in with their Puter account. Your app only sees the user's subset of the data stored in Puter.
Write your frontend. Vennbase handles the rest.
  • Zero backend — no server to run, no infrastructure bill
  • No access rules to write — share a link, they're in; that's the whole model
  • Optimistic updates — instant writes built-in
  • Local-first support — app data syncs via CRDT automatically
  • NoSQL, open source
  • Auth, server functions — via Puter, one login for your whole app
  • User-pays AI — Puter's AI APIs are billed to the user, not you; build AI features with zero hosting cost
  • Agent-friendly — the explicit-grant model is simple enough that AI coding agents get it right first time
tsx
// Write
const board = db.create("boards", { title: "Launch checklist" }).value;
db.create("cards", { text: "Ship it", done: false, createdAt: Date.now() }, { in: board });

// Read (React)
const { rows: cards } = useQuery(db, "cards", {
  in: board,
  index: "byCreatedAt",
  order: "asc",
});

// Share
const { shareLink } = useShareLink(db, board);

For coding agents

Paste this into your coding agent so it uses Vennbase and pulls the package docs instead of inventing a backend.

How it works

Every piece of data in Vennbase is a row. A row belongs to a collection defined in your schema, holds typed fields, and has its own identity.

Rows can be nested. A card lives inside a board; a recentBoard lives inside the built-in user collection. The parent relationship defines visibility — gaining access to a parent automatically grants access to its children.

Access is explicit-grant only. To let someone into a row, generate a share link and send it to them. They accept it, they're in. There are no rule expressions to write and no policy surface to misconfigure.

Schema

Define your collections once. TypeScript infers field types throughout the SDK automatically.

ts
import { collection, defineSchema, field, index } from "@vennbase/core";

export const schema = defineSchema({
  boards: collection({
    fields: {
      title: field.string(),
    },
  }),
  recentBoards: collection({
    in: ["user"],
    fields: {
      boardRef: field.ref("boards"),
      openedAt: field.number(),
    },
    indexes: {
      byBoardRef: index("boardRef"),
      byOpenedAt: index("openedAt"),
    },
  }),
  cards: collection({
    in: ["boards"],
    fields: {
      text: field.string(),
      done: field.boolean(),
      createdAt: field.number(),
    },
    indexes: {
      byCreatedAt: index("createdAt"),
    },
  }),
});

export type Schema = typeof schema;
  • collection({ in: [...] })in lists the allowed parent collections.
  • field.string() / .number() / .boolean() / .date() / .ref(collection) — typed fields; chain .optional() or .default(value) as needed
  • index(fieldName) — makes a field queryable with ordering and range filters

Fields are for metadata that you want to query or index. The canonical CRDT pattern is: row fields hold metadata and row refs, while the CRDT document holds the collaborative value state for that row.

Querying

Vennbase queries always run within a known scope. For cards, that scope is a board, so you pass in: board. For collections declared as in: ["user"], omitting in means "use the current signed-in user's built-in user row."

Queries never mean "all accessible rows". If a collection is not declared as in: ["user"], omitting in is an error.

Imperative

ts
// `recentBoards` is declared as `in: ["user"]`, so the current user scope is implicit.
const recentBoards = await db.query("recentBoards", {
  index: "byOpenedAt",
  order: "desc",
  limit: 10,
});
ts
// Multi-parent queries run in parallel, then merge and sort their results
const cards = await db.query("cards", {
  in: [todoBoard, bugsBoard],
  index: "byCreatedAt",
  order: "asc",
  limit: 20,
});

With React

@vennbase/react ships a useQuery hook that polls for changes and re-renders automatically:

tsx
import { useQuery } from "@vennbase/react";

const { rows: cards } = useQuery(db, "cards", {
  in: board,
  index: "byCreatedAt",
  order: "asc",
});

rows is always a typed array — never undefined.

Sharing rows with share links

Access to a row is always explicit. There is no rule system to misconfigure — no typo in a policy expression that accidentally exposes everything. A user either holds a valid invite token or they don't.

In React, prefer useShareLink(db, row) for the sender and useAcceptInviteFromUrl(db, ...) for the recipient. Underneath, the flow is three steps:

ts
// 1. Generate a token for the row you want to share
const token = db.createInviteToken(board).value;

// 2. Build a link the recipient can open in their browser
const link = db.createShareLink(board, token.token);
// → "https://yourapp.com/?db=..."

// 3. Recipient opens the link; your app calls acceptInvite
const sharedBoard = await db.acceptInvite(link);

acceptInvite accepts either a full invite URL or a pre-parsed { ref, inviteToken? } object from db.parseInvite(input). In React, useAcceptInviteFromUrl(db, ...) handles the common invite-landing flow for you.

Users who join through an invite token are added as direct "editor" members by default. "viewer" members can view rows but cannot call update() or send CRDT messages.

Setup

Create one Vennbase instance for your app and pass it an appBaseUrl so that share links point back to your app:

ts
import { Vennbase } from "@vennbase/core";
import { schema } from "./schema";

export const db = new Vennbase({ schema, appBaseUrl: window.location.origin });

Auth and startup

tsx
import { useSession } from "@vennbase/react";

function AppShell() {
  const session = useSession(db);

  if (session.status === "loading") {
    return <p>Checking session…</p>;
  }

  if (!session.session?.signedIn) {
    return <button onClick={() => void session.signIn()}>Log in with Puter</button>;
  }

  return <App />;
}

Creating rows

ts
// Create a top-level row
const board = db.create("boards", { title: "Launch checklist" }).value;

// Create a child row — pass the parent row or row ref
db.create("cards", { text: "Write README", done: false, createdAt: Date.now() }, { in: board });
db.create("cards", { text: "Publish to npm", done: false, createdAt: Date.now() }, { in: board });

create and update are synchronous optimistic writes. Use .value on the returned receipt when you want the row handle immediately.

To update fields on an existing row:

ts
db.update("cards", card, { done: true });

Membership

Once users have joined a row you can inspect and manage the member list:

ts
// Flat list of usernames
const members = await db.listMembers(board);

// With roles
const detailed = await db.listDirectMembers(board);
// → [{ username: "alice", role: "editor" }, ...]

// Add or remove manually
await db.addMember(board, "bob", "editor").committed;
await db.removeMember(board, "eve").committed;

Membership inherited through a parent row is visible via listEffectiveMembers.

Real-time sync (CRDT)

Vennbase includes a CRDT message bridge. Connect any CRDT library to a row and all members receive each other's updates in real time.

Sending CRDT updates requires "editor" access, but all members can poll and receive them.

In React, here is the recommended Yjs integration:

tsx
import * as Y from "yjs";
import { createYjsAdapter } from "@vennbase/yjs";
import { useCrdt } from "@vennbase/react";

const adapter = createYjsAdapter(Y);
const { value: doc, flush } = useCrdt(board, adapter);

// Write to doc normally, then push immediately when needed
await flush();

@vennbase/yjs uses your app's yjs instance instead of bundling its own runtime, which avoids the multi-runtime Yjs failure mode.

Example apps

packages/todo-app is the code from this README assembled into a working app — boards, recent boards, cards, and share links. Run it with:

bash
pnpm --filter todo-app dev

For a fuller picture of how the pieces fit together in a real app, read packages/woof-app. It uses CRDT-backed live chat, user-scoped history rows for room restore, child rows with per-user metadata, and role-aware UI — the patterns you'll reach for once basic reads and writes are working.

bash
pnpm --filter woof-app dev