I’m an electrical engineering student. I built a protocol that lets any AI write strings to a SQLite database. A browser renders them. That’s it.
No framework. No npm. No build step. One dependency: uvicorn.
What it looks like
My AI just gave me a tour of my own database. It navigated between worlds using JavaScript injection, introduced each one, and rendered them — FPGA cheat sheets with markdown, circuit theory with inline SVG diagrams and KaTeX math, an interactive MNA circuit solver, digital logic gate references. All strings in SQLite.
41 worlds. 8 renderers. 2 plugins. ~200 lines of Python.
Youtube demo video:
Elastik: a protocol for human-AI interaction. Five rules. Three mailboxes. One SQLite file.
How it works
Five rules:
- Listen on a port
- Send and receive strings over HTTP
- Store them in SQLite
- Sign every write with HMAC
- Render in a browser
Three mailboxes per world:
-
stage— what you see (browser renders this) -
pending— commands (browser executes this) -
result— replies (browser writes back here)
Every path is a world. Visit /sensors and it exists. Write to it and the browser shows whatever you wrote. Plain text, HTML, JSON — the protocol doesn’t care.
Three AIs, one database
Claude connects through MCP. ChatGPT through OpenAPI. Ollama through curl. Three different protocols, one SQLite file. Switch AI, data stays.
Claude → MCP → mcp_server.py → elastik
ChatGPT → OpenAPI → openapi-gpt.json → elastik
Ollama → curl → HTTP POST → elastik
Renderers — front-end plugins without npm
Data and display are separate. A renderer is a complete HTML page stored as a world. Data worlds declare which renderer to use:
<!--use:renderer-markdown-->
# My Notes
- Item one
- **Bold item**
Browser detects the declaration, fetches the renderer, injects the data, renders in an iframe. No declaration means normal HTML rendering. Zero breaking change.
Renderers use ESM imports from CDN. No node_modules:
import { marked } from 'https://esm.sh/marked';
const data = window.__ELASTIK_DATA__;
document.getElementById('content').innerHTML = marked.parse(data);
A Service Worker caches CDN requests. Second load is instant. Works offline.
Renderers can fetch other worlds. One renderer pulls data from three worlds and combines them into a dashboard. URL is the component. fetch is the import.
Security — seven layers, Figma-style
The iframe has no allow-same-origin. Null origin. Iron box. Inspired by Figma’s split execution model.
All communication goes through a postMessage bus in index.html. An __elastik helper is injected into every iframe:
// Read another world (proxied by parent page):
const data = await __elastik.fetch('/sensors/read');
// Sync data back to current world only:
__elastik.sync(newContent);
Native fetch fails inside the iframe (null origin). Cross-world writes are physically blocked — the parent page hardcodes which world the iframe can write to.
Seven layers:
- CSP
connect-src 'self'— data cannot leave localhost - Null origin iframe — cannot escape sandbox
- postMessage bus — all communication controlled
- Current world check — cross-world writes blocked
-
X-Auth-Token— write authentication -
X-Approve-Token— constitutional changes (only human has this) - HMAC chain — immutable audit trail
Hot plug — load plugins at runtime
Plugins are Python files. Load and unload them without restarting the server:
python scripts/admin.py load fs # filesystem plugin activates
python scripts/admin.py unload patch # string operations deactivate
python scripts/admin.py list # show all plugins
The /admin/* routes require an approve token that only the human at the terminal has. AI cannot modify its own capabilities.
First run with an empty plugins/ directory auto-installs admin + auth from templates. Clone, run, works.
sync vs write — two tracks
POST /write bumps the version number. AI watches version changes.
POST /sync does not bump the version. AI doesn’t notice.
This means:
- Human edits via sync → AI sleeps (version unchanged)
- Human says “I’m done” → AI writes → version bumps → AI wakes up
- Ctrl+Z → sync old content → version unchanged → AI doesn’t know you undid anything
Draft and commit. Separated by one integer. Designed in week one, discovered in week three.
What I actually use it for
I’m not building a startup. I’m a student.
- FPGA lab workflow (Quartus + Questa command-line automation)
- Circuit theory cheat sheets with inline SVG diagrams
- An interactive MNA circuit solver (Gaussian elimination in vanilla JS)
- Digital logic gate reference
- Task management for my part-time engineering job
- Notes, knowledge base, daily logs
Every one of these is a string in a database. I write to them through AI. The browser renders them. That’s the entire workflow.
The numbers
Two weeks in:
- 235 clones, 175 unique visitors, 14 stars
- One day: 100+ clones but only 10 page views (people cloning without reading the README)
- YouTube referrals from an unknown source
- Someone shared it internally at a company (Teams in my referrer logs)
Try it
git clone https://github.com/rangersui/Elastik
cd Elastik
pip install -r requirements.txt
python server.py
Open localhost:3004. That’s it.
Connect Claude Desktop via MCP, ChatGPT via Custom GPT, or Ollama via curl. Or just write strings with curl:
curl -X POST localhost:3004/hello/write \
-H "X-Auth-Token: (printed in terminal)" \
-d "<h1>Hello World</h1>"
Open localhost:3004/hello. There it is.
MIT license. ~200 lines. One SQLite file. Any AI. Your data.
Top comments (0)