Locara

Sandstorm.io

What it is: A self-hosted personal-server platform from 2014–2017, launched by Kenton Varda (formerly Google, designer of Protocol Buffers v2 and Cap’n Proto). The pitch was “self-host your apps on your own server, with each app sandboxed, capability-secured via Cap’n Proto, and one-click installable.” Apps were packaged as .spk files, ran in Linux containers, and used a per-grain (per-document) sandboxing model. Status: Sandstorm Oasis (the paid hosted service) shut down in 2017. The startup was effectively acquired by Cloudflare in March 2017, where Kenton Varda built Cloudflare Workers using lessons from Sandstorm. The open-source project continued in community hands; ownership formally moved to the Sandstorm Community (under Open Source Collective, led by Jacob “ocdtrekkie” Weisz) in January 2024. Sandstorm.io still exists as a project but is largely historical. Most relevant to Locara: The closest precedent that failed. Locara’s design — capability-based security, sandboxed apps, declared permissions, curated marketplace, one-click install, OSS-from-day-one — is recognizably descended from Sandstorm’s architecture. Read this twice. The differentiation has to come from somewhere Sandstorm couldn’t reach.

Background

Kenton Varda was already known in the systems community when he founded Sandstorm in 2013–14: he’d designed Protocol Buffers v2 at Google and was the principal author of Cap’n Proto, the capability-based RPC system that’s both faster than protobuf and structurally enables capability-secure programming. Sandstorm was the application of Cap’n Proto’s capability theory to a self-hosted app platform.

The project ran a successful crowdfunding campaign in 2014, raised VC money in early 2015, and grew the team to seven (Kenton plus five hires). The product had two surfaces: the open-source self-hosted platform anyone could install on their own Linux server, and Sandstorm Oasis — a paid hosted version for users who didn’t want to run their own infrastructure.

Sandstorm’s app model was novel and rigorous: every “grain” (instance of an app — e.g., one Wordpress site, one Etherpad document) ran in its own container. Apps could only access capabilities the platform explicitly handed them via Cap’n Proto handles. Inter-app communication was capability-typed. The sandboxing was real, the architecture was beautiful — and the user count was small.

By 2017 the team couldn’t sustain on the existing revenue. Cloudflare acquired the startup in March 2017; Kenton joined Cloudflare to build what would become Cloudflare Workers, which inherited Sandstorm’s capability-isolation philosophy applied to edge computing. Sandstorm Oasis (the hosted service) was wound down in the months after. The open-source project continued informally, with Jacob Weisz and others picking up maintenance over time. In January 2024, formal ownership moved to a community-run organization under Open Source Collective.

Key design decisions

  • Apps as packages (.spk). Plain-file packages, declared permissions, content-addressed.
  • Per-grain sandboxing. Each app instance got its own container — not just per-app, but per-document. A Wordpress site lived in its own grain; a separate Wordpress site in another. Total isolation between grains.
  • Capability-based security via Cap’n Proto. Apps could only call APIs they were granted handles to. No ambient authority. The runtime enforced; apps couldn’t fake capabilities.
  • One-click install from a curated marketplace. App browse + install was integrated into the host UI.
  • Hosted (Oasis) and self-hosted options. Same OSS code; Oasis was the paid managed option.
  • Apache 2.0 for the platform.
  • Backed by Y Combinator, raised seed funding in 2014–15.
  • Founder credibility was unusually high. Kenton Varda was known in the systems community before launch.
  • Ports of existing apps as the primary catalog. Wordpress, Etherpad, Roundcube, Mailpile, Davros, GNU MediaGoblin, etc., adapted to run in the grain model.

What worked

  • The architecture was rigorous. Per-grain isolation + capability-typed RPC was years ahead of contemporary self-host platforms. Some of these ideas only resurfaced mainstream years later (Cloudflare Workers, Wasmtime+WASI, Deno).
  • The pitch was clear and right. “Take back your data. Self-host. Apps that can’t escape their sandbox.” All true; all still true.
  • OSS from day one with permissive licensing.
  • Founder voice was credible. Kenton’s writing carried the project; his post-Sandstorm post-mortems are still cited.
  • Cap’n Proto came out of this. The infrastructure work — Cap’n Proto, the grain-isolation runtime, sandstorm-pkg packaging — is reusable and influenced subsequent capability-systems work.
  • Cloudflare Workers is the spiritual successor. Sandstorm’s capability-isolation philosophy lives on at edge-computing scale. Sandstorm’s ideas were vindicated, even though the product wasn’t.

What failed / criticisms

  • The market wasn’t ready in 2014–17. Self-hosting was niche. Cloud SaaS was eating everything. “Take back your data” was a values pitch when most users hadn’t yet felt the pain of cloud lock-in.
  • The wedge wasn’t urgent. Privacy + ownership were virtues, not pains. Most users felt no acute discomfort that self-hosting would relieve. Pinokio’s “running AI repos is hellish” or Dropbox’s “syncing files is hellish” were pains; Sandstorm’s was a philosophy.
  • Developer ecosystem was too small. Few apps. Ports of existing apps (Wordpress, Etherpad) were most of the catalog. No “killer Sandstorm app” emerged — no app whose existence required Sandstorm.
  • App developer experience was painful. Porting existing apps to the grain model required substantial reworking — apps had to adapt to capability-handed APIs instead of system calls, multi-tenancy assumptions had to be unwound, etc.
  • Cap’n Proto, while elegant, was niche. Protobuf was the developer default; Cap’n Proto added a learning curve. Smart users embraced it; mainstream developers found it foreign.
  • Funding ran out. Couldn’t sustain the team after the 2015 raise. Cloudflare acquired in March 2017 not as a product win but as a hire-the-team-and-tech outcome.
  • Sandstorm Oasis never reached scale economies. Hosted user counts stayed small; pricing couldn’t sustain the infrastructure.
  • Self-hosted user counts were also small. Most users who wanted Sandstorm wanted it managed; most who wanted self-hosted wanted Linux + Docker + their own choices, not a curated platform.
  • Community took over but couldn’t drive forward. Without a commercial sponsor, the small principled community kept the lights on but couldn’t build new features at the cadence the product needed.

Specific learnings for Locara

  1. Read this note twice. Sandstorm had: capability-based security, sandboxed apps, declared permissions, curated marketplace, one-click install, OSS, principled founder, YC backing — and still didn’t make it. Locara’s architecture is recognizably the descendant. The differentiation has to come from somewhere else.
  2. A values pitch alone is not enough. “Privacy + ownership” was Sandstorm’s pitch; it didn’t move enough users in 2014–17. Locara’s pitch needs an acute capability (e.g., “private LLM with your data, no cloud subscription, runs offline”) that Sandstorm couldn’t offer in its era. The local-AI moment is exactly that capability — but the AI angle has to be the lead, not “by the way, also private.”
  3. Don’t ask app developers to rework existing apps. Sandstorm’s grain model required ports. Locara’s manifest + capability model should make Locara-shaped apps easier to write than alternatives, not harder. The DX bar matters more than the security bar — and the security bar still has to clear what users care about.
  4. Pick a wedge that’s painful, not virtuous. Pinokio’s wedge was “running AI repos is hellish.” Sandstorm’s was “self-hosting feels right.” Pinokio won; Sandstorm closed. Locara’s wedge — “trustworthy private local AI apps you can install in one click” — should be Pinokio-shaped (concrete capability), not Sandstorm-shaped (abstract value).
  5. Cap’n Proto / niche tech is a tax. Sandstorm’s reliance on Cap’n Proto added a learning curve. Locara on Tauri + Wasm + JSON Schema manifests + standard MCP/Skills formats keeps the substrate familiar. Don’t pick novel tech where standard tech suffices.
  6. Funding model directly caused the failure. Sandstorm had VC funding; runway ran out; team dispersed; product died. The Obsidian / Pieter Levels structural lesson: take less money, live longer. Locara should plan for indefinite runway, not Series A or die.
  7. Self-hosted backend is too much friction. Mac-as-server-of-one is the move. Sandstorm asked users to run Linux servers. Locara runs on the laptop the user already has. The “self-host” bar is implicitly cleared by the Mac being the server. This is structurally why Locara can succeed where Sandstorm couldn’t.
  8. The catalog is everything. Sandstorm had dozens of ports of existing apps; no apps were built for Sandstorm. Locara needs apps that exist because of Locara — apps that aren’t possible without local AI + capability-scoped execution. Phase 1 reference apps (Transcribe, DocVault) are the test of whether this works. If they could equally well be cloud apps, the wedge isn’t there.
  9. The post-Sandstorm community shows what happens. When the commercial sponsor stepped back, principled but small communities kept the lights on but didn’t drive forward. Locara needs to plan for a sustaining structure — single-author indie (Pieter Levels) or small-team profitable (Obsidian) — not “OSS with no business model.”
  10. Cloudflare Workers as positive proof. Sandstorm’s ideas were correct. They just needed a different product context (edge serverless, not personal server) and a different business model (cloud platform, not hosted self-host). Locara’s bet is that local-AI-on-the-user’s-own-Mac is the right context for these ideas. The architecture is ahead of its time; the wedge has to be of-its-time.

References