Every article I read has words I half-know. The kind where I understand the sentence but miss the texture — the specific meaning that would make the next three paragraphs click. Opening a new tab to look it up works once. It doesn't work as a habit. By the time you're back on the original page, the thread is gone.
So I built rabbitholes: a Chrome extension where highlighting any text renders an explanation inline, in a shadow-DOM tooltip next to your cursor. You can click any word in that explanation to go deeper, or drag across a phrase. Every answer surfaces two suggested rabbit-hole topics. A counter tracks how many hops you've taken.
When I started thinking about architecture, the default move for a tool like this is to proxy requests through your own server. You handle the API keys server-side, you get an audit trail, you can monetize later. The problem is that every reading session — every word you highlight, every concept you chase — passes through infrastructure I control. That's a surveillance surface whether I intend it that way or not.
rabbitholes doesn't work that way. Requests go directly from your browser to api.anthropic.com and api.search.brave.com. There's no intermediary. I can't see what you're reading or what you're curious about because the traffic never touches my servers.
The tradeoff is that you supply your own Anthropic API key. It's stored in chrome.storage.sync — Chrome's encrypted, profile-scoped storage — and never leaves the browser. Manifest V3 enforces the constraint: no remote code execution, no eval, no sneaking in behavior after install.
The shadow DOM piece matters too. A lot of extensions inject markup directly into the host page, which means your tooltip styles bleed into the site's styles and vice versa. Shadow DOM gives the tooltip its own isolated render context. It doesn't pollute what's already there.
The globe icon in the tooltip re-runs your query enriched with Brave Search results — source chips you can click. That call also goes direct, browser to Brave's API. Same key storage model.
Privacy-native here isn't a marketing claim. It's just what falls out of the architecture: no server means no logs, no retention, no breach surface for reading behavior. The tool is more trustworthy because there's structurally less to trust.
Top comments (0)