The short version

PearList has no server. Your household's lists live only on the phones of the people you share them with. When those phones need to share a change, they talk to each other directly, encrypted end to end. No company, including PeerLoom, can read your lists because no company ever receives them.

What "peer to peer" actually means

In most apps, your phone talks to a central server and the server talks to other phones. The server reads everything. In a peer to peer app, two phones talk directly to each other. There is no server in the middle.

Think of email versus a handwritten letter. Email routes through several companies that could read it. A letter goes from your hand to your recipient's hand. PearList works more like the letter.

How the devices find each other

The obvious question: if there is no server, how do the phones in your household know how to reach each other?

PearList uses a distributed hash table, or DHT, the same technology that powers BitTorrent. A DHT is a phone book that no one company owns. It is spread across thousands of participating devices around the world. When your group's devices come online, they each ask the DHT "has anyone seen the rest of my group?" and the DHT helps them connect.

Crucially, the DHT only helps devices find each other. It never sees the data they exchange.

What data exists and where it lives

PearList stores the following locally on each device in your group:

  • Your lists and their items: names, checked state, quantities and notes.
  • Who each item is assigned to, when you use a list as a chore board.
  • The display name you chose for yourself.
  • The cryptographic keys that identify the members of your group to each other.

All of it is stored on the group's devices themselves. None of it is uploaded to PeerLoom or any third party.

How changes stay trustworthy

Two things protect the data flowing between your devices:

  • End to end encryption. Everything the devices exchange is encrypted with keys that only your group's devices hold. If someone intercepts the traffic on your Wi-Fi, your mobile carrier or anywhere else on the internet, they see scrambled bytes.
  • Cryptographic signing. Every change to a list is signed by the device that made it. Other devices only apply changes that carry a valid signature from a member of the group. A stranger cannot inject items or edits, even if they guessed your group's address.

How this compares to cloud list apps

Most shared-list apps ask you to create an account and upload your lists to the company's servers. That model has real costs:

  • The company can read everything you and your household put on your lists. Some sell that data to advertisers.
  • If the company gets hacked, your data leaks along with everyone else's.
  • If the company shuts down or pivots, your setup breaks.
  • Outages on the company's servers take your lists offline.

PearList trades the convenience of a cloud backend for privacy and independence. There is no account to hack, no server to leak, no subscription to cancel and no company to shut down.

What you trade off

Peer to peer is not magic. Honest tradeoffs:

  • Devices sync when they are online together. A change you make shows up on another member's phone the next time both are online. This is usually within seconds but can be longer if someone is offline. You can always read and edit your own copy in the meantime.
  • No web dashboard. There is no website where you can log in and see your lists, because there is no server to back one. Everything happens in the app on your device.
  • No cloud backup. Your lists are backed up by simply being on more than one member's device. If everyone in a group loses their device at once and no one had exported a backup, the lists are gone.

These are deliberate choices. A cloud backend would solve all three at the cost of everything the peer to peer design protects.

Open source

You do not have to take our word for any of this. PearList is fully open source. The complete code, including the sync layer and the encryption code, is published at github.com/peerloomllc/pearlist.

Learn more