Blog

Engineering essays from the Beacons team.

Architectural decisions, failure postmortems, deep dives into the transports and identity model. Written by the people building it.

  • 2026-05-20

    Why we abandoned the NetBird fork

    An honest postmortem of the four weeks we spent trying to fork NetBird into Beacons — and the architectural moments that made us stop. Identity, ACLs, multi-tenancy, audit: each layer was a re-derivation, not a feature addition.

  • 2026-05-10

    A `did:oas` is not a username

    How cryptographic lineage replaces shared setup keys, OIDC subject claims, and tenant-scoped invite codes — in one model that works for humans, agents, servers, and SIMs alike.

  • 2026-04-22

    Eight transports, one identity

    Why Beacons treats WireGuard as one option among eight — and what that buys you when an ESP32, a browser tab, and a Vision Pro all need to be peers in the same fleet.

Open a fleet

The mesh that fits agents and humans.

A `did:oas`-rooted private mesh that ships peer configurations to any device, anywhere, by policy — not by hand.

Open consoleRead the quickstart