David Wolf · Project Use Case
AI SECURITY · PRODUCT SECURITY · INTERNAL PRODUCT
Internal Product
Tauri Rust AI Sidecar, Apple Bridge & Capability Mesh
A native AI sidecar architecture using Tauri, Rust, MITM proxying, WebSocket bridges, 160+ adapters, Apple-native APIs, VPN/network capabilities, and a...
Designed and built a native AI sidecar platform using Tauri and Rust, combining MITM proxying, WebSocket pub/sub bridges, 160+ schema normalizers/adapters, browser-extension coordination, Apple-native API access for...
Client
Internal Product / Native AI Sidecar Platform
Engagement Type
Internal product platform buildout
Period
2023–2026
Role
Principal Architect / Rust-Tauri Systems Architect / Native AI Automation Engineer
Focus Areas
Tauri/Rust Sidecar, MITM Proxy, WebSocket Bridge, Chrome Extension Coordination
The Research Narrative
Strategic Problem
The challenge was designing native authority as a controlled capability system. Mail, Notes, Messages, Calendar, browser traffic, CRM/ATS/social extraction, VPN/network flows, local files, and system...
What David Did
Built a Tauri/Rust native sidecar architecture to complement browser extension automation.
What Became Clearer
Created a native AI sidecar architecture that extends browser automation into OS-native and network-adjacent capabilities.
Consulting Proof
This is evidence of turning messy security telemetry into explainable dashboards, alert-quality improvements, and executive-ready operating views.
The Context
This project consolidates Tauri/Rust/native sidecar work. It overlaps with the earlier Tauri MITM and browser-native control-plane work, but this is the canonical native platform case. It includes a Rust/Tauri MITM proxy, WASM-first architecture, WebSocket communication with the Chrome extension, roughly 160 adapters/normalizers, Apple Bridge capabilities, VPN/network capability concepts, dynamic capability registration, and a mesh model where devices and clients expose their available actions.
The Challenge
The challenge was designing native authority as a controlled capability system. Mail, Notes, Messages, Calendar, browser traffic, CRM/ATS/social extraction, VPN/network flows, local files, and system monitoring are high-value but high-risk capabilities. The platform needed permission scoping, capability discovery, fallback routing, auditability, and clear separation between browser, native, and agent authority.
What I Did
- •Built a Tauri/Rust native sidecar architecture to complement browser extension automation
- •Implemented or designed MITM proxy capabilities for authorized local request/response inspection and structured processing
- •Created WebSocket pub/sub bridges between the Tauri app and Chrome extension so browser and native surfaces could coordinate
- •Built approximately 160 schema normalizers/adapters for extracting and structuring data from social, webmail, CRM, ATS, LinkedIn, and related workflow surfaces
- •Designed Apple Bridge capabilities for native access to Mail, Notes, iMessage, Calendar, and system monitoring where authorized
- •Explored WireGuard and OpenVPN-style networking capabilities as part of a broader local/network automation layer
- •Designed a capability mesh where clients, devices, or services register available capabilities and route work dynamically
- •Used capability fallback thinking inspired by CSS-style fallback: if one client lacks a capability, another registered surface may provide it
The Outcome
Created a native AI sidecar architecture that extends browser automation into OS-native and network-adjacent capabilities.
Research Outcomes
Signal Quality
Improved the trustworthiness of operational security signals
Operational Clarity
Translated complex security data into clearer operating views
Stakeholder Visibility
Made technical risk and status easier to explain
Operational Impact
Turned raw telemetry into actionable security intelligence
Capabilities Demonstrated
Security Analytics
Signal investigation and event analysis
Telemetry Normalization
Consistent and trusted data
IAM / Access Control
Identity telemetry and access insights
SIEM Alert Debugging
Noise reduction and signal validation
Dashboard Development
Operational and executive views
Executive Reporting
Security data translated for leadership
Operational Reporting
Actionable views for security operations
Public-Safe Evidence
Shareable insights without sensitive data
Key Deliverables
- •Tauri/Rust native AI sidecar architecture
- •MITM proxy architecture
- •WebSocket pub/sub bridge
- •Chrome extension to native sidecar coordination model
- •160+ schema normalizers/adapters
- •Social/webmail/CRM/ATS/LinkedIn structured extraction model
- •Apple Bridge architecture (Mail, Notes, iMessage, Calendar, system monitoring)
- •WireGuard/OpenVPN capability concept
Tools & Technologies
Consulting Translation
The reusable pattern is not Disney-specific: normalize fragmented security telemetry, debug low-signal alert behavior, build trusted operating views, and give leadership evidence they can act on without exposing sensitive systems.