PearGuard

PearGuard has no server. Your family's data, every policy, every activity log, every time request, lives only on the parent and child devices you pair. When those devices need to share an update, they talk to each other directly, encrypted end to end. No company, including PeerLoom, can read your data because no company ever receives it.

In most apps, your phone talks to a central server and the server talks to other phones. The server reads everything. In a peer to peer app, two phones talk directly to each other. There is no server in the middle.

Think of email versus a handwritten letter. Email routes through several companies that could read it. A letter goes from your hand to your recipient's hand. PearGuard works more like the letter.

The obvious question: if there is no server, how does the child's phone know how to reach the parent's phone?

PearGuard uses a distributed hash table, or DHT, the same technology that powers BitTorrent. A DHT is a phone book that no one company owns. It is spread across thousands of participating devices around the world. When your paired devices come online, they each ask the DHT "has anyone seen my partner?" and the DHT helps them connect.

Crucially, the DHT only helps devices find each other. It never sees the data they exchange.

PearGuard stores the following locally on each paired device:

• The policies you have set, such as which apps are allowed, time limits and bedtime windows.
• Activity logs from the child device: what apps were used and for how long.
• Time requests and your approvals or denials.
• The cryptographic keys that identify the parent and child devices to each other.

All of it is stored on the paired devices themselves. None of it is uploaded to PeerLoom or any third party.

Two things protect the data flowing between your paired devices:

• End to end encryption. Everything the devices exchange is encrypted with keys that only your devices hold. If someone intercepts the traffic on your Wi-Fi, your mobile carrier or anywhere else on the internet, they see scrambled bytes.
• Cryptographic signing. Every policy update is signed by the parent device. The child device only applies policies that carry a valid signature from a paired parent. A stranger cannot impersonate you, even if they guessed your pairing address.

Most parental control apps ask you to create an account and upload your child's activity to the company's servers. That model has real costs:

• The company can read every app your child opens. Some sell that data to advertisers.
• If the company gets hacked, your child's activity leaks along with everyone else's.
• If the company shuts down or pivots away from parental controls, your setup breaks.
• Outages on the company's servers knock enforcement offline.

PearGuard trades the convenience of a cloud backend for privacy and independence. There is no account to hack, no server to leak, no subscription to cancel and no company to shut down.

Peer to peer is not magic. Honest tradeoffs:

• Both devices need to be online at the same time to sync in real time. Policies you set on the parent device apply the next time the child device connects. This is usually within seconds but can be longer if one device is offline.
• No web dashboard. There is no website where you can log in and see your child's activity, because there is no server to back one. Everything happens in the mobile app on your device.
• No cross device cloud backup. If you lose the parent device and had not exported a backup, you will need to pair again from a fresh install.

These are deliberate choices. A cloud backend would solve all three at the cost of everything the peer to peer design protects.

You do not have to take our word for any of this. PearGuard is fully open source. The complete code, including the sync layer, the enforcement layer and the encryption code, is published at github.com/peerloomllc/pearguard.

• Full privacy policy
• Hypercore Protocol. The peer to peer technology that powers PearGuard sync.