Let the little guys in: A context sharing runtime for the personalised web (arjun.md)

The piece pitches a new, privacy-first “context sharing” runtime for the personalized web: a lightweight execution environment (an attestable image/runtime) that lets many small, third‑party tools safely use your browser, email, bank statements and chat history — not by giving them raw access, but by strictly controlling where they can send data. The author argues OAuth and current permission models are inadequate, and that trust — specifically controlling data egress — is the real bottleneck stopping community-built, highly personalized apps from flourishing alongside big, closed platforms. Technically, the proposal sketches a practical stack: secure ingestion of bank statements (via emailed statements or scraping/APIs like Yodlee), email search to disambiguate purchases, a SQL-backed classification store so heavy work isn’t repeated, a browser extension with a small local model to parse page HTML and render overlays (e.g., “remaining balance” badges), and optional ChatGPT integration to map life events into financial context despite current API limitations for chat history. The key idea is attested runtimes that prove they don’t exfiltrate data except to approved endpoints, enabling composability of open-source and third‑party mini‑apps while preserving privacy. For AI/ML, this could unleash more granular, context-rich LLM applications tailored to individuals — if the technical and legal challenges around attestation, revocation, and centralized data vaults can be solved.