How does brrr work? 🤓
When you register a device, your app generates a unique webhook secret on-device and stores it in your private CloudKit data. That secret is used to authorize webhook requests for that specific device. You also get a shared user webhook that targets all your devices.
To deliver notifications, brrr stores:
- the device's Apple push token
- a digest derived from each device secret
- a digest derived from your shared user secret
The digest is used to validate incoming webhook requests. The raw secret is never stored by the backend. The push token is required to communicate with Apple Push Notification Service.
Rotating device or user webhook secrets is on-device-first. The app generates a new secret on-device and only the digest is synced.
When a webhook is invoked, the backend verifies the request using the stored digest, looks up the push token, and forwards the notification to Apple Push Notification Service. APNs handles delivery and retries.
Infrastructure
- A Cloudflare Worker verifies webhooks and sends pushes through Apple Push Notification Service.
- Cloudflare stores push tokens and secret digests used for verification and delivery.
- CloudKit is used for authentication and for each user's private data, including on-device metadata like device names.
Data in your CloudKit private database is tied to your iCloud account and is not accessible by the brrr backend.
brrr does not persist or log notification contents on the backend. The app can keep an on-device notification history for up to 14 days, including cached images for those notifications.
That history lives on your device, making it easy to find a notification you missed while keeping things privacy-friendly. Notification contents are not stored remotely, and that history is not synced to the backend.
1 An Apple push token is a unique, random code your device gives to an app so it knows exactly where to deliver notifications, without revealing who you are.