Thunderclap is a native macOS web browser project built to turn WebKit into a more distinctive, more controlled, and more system-like browsing environment.
It is not intended to be a generic wrapper around a web view. Thunderclap aims to become a serious desktop browser with its own identity: custom interface design, GPU-assisted visual systems, browser-owned internal pages, layered security architecture, and a more deliberate approach to permissions, trust, and tab interaction.
Thunderclap is a macOS-first browser designed around Apple-native technologies rather than a cross-platform abstraction layer. It combines Objective-C, Objective-C++, Swift, Metal, and WebKit to create a browser that feels integrated, intentional, and architecturally ambitious.
Instead of relying on a single language or a single UI layer for everything, Thunderclap deliberately uses the strengths of multiple Apple technologies in one system.
Thunderclap is built around three primary goals:
Thunderclap is meant to feel like a real Mac application with its own visual and interaction language. It emphasizes custom browser chrome, tab systems, previews, internal pages, and a polished desktop feel rather than a stock embedded-web experience.
Thunderclap is designed with the idea that browser behavior should not be left entirely to default engine behavior. It introduces its own models for trust, permissions, policy decisions, diagnostics, and site evaluation so the app can make more deliberate decisions about browsing behavior.
Thunderclap is not just about opening websites. It is intended to become its own browsing environment with browser-owned tools and interfaces such as settings pages, downloads pages, history pages, diagnostics pages, site information surfaces, and future isolated security services.
Thunderclap is:
- a custom macOS browser
- a WebKit-based browser platform
- a native UI application
- a security-conscious browser architecture
- a browser with a custom tab and preview philosophy
- a project that treats browsing as a first-class desktop system, not merely a rendered webpage in a window
Thunderclap is built around a browser UI meant to feel distinct and native, with custom chrome, address and navigation handling, site information surfaces, and browser-specific internal pages.
One of Thunderclap’s strongest feature directions is its tab preview and carousel-oriented design.
This includes:
- captured tab previews
- preview refresh coordination
- snapshot invalidation logic
- GPU-assisted image processing
- richer visual tab interaction
Thunderclap uses Metal as a deliberate acceleration path for browser-adjacent visuals, especially around tab previews and custom graphics processing.
This supports:
- processed visual previews
- custom rendering effects
- GPU-assisted image workflows
- a more distinctive visual direction than a plain browser UI
Thunderclap is designed to support browser-owned internal routes such as:
thunderclap://settingsthunderclap://downloadsthunderclap://historythunderclap://bookmarksthunderclap://diagnosticsthunderclap://securitythunderclap://permissions
These pages are generated and controlled by the browser itself rather than loaded from the network.
Thunderclap places unusual emphasis on security architecture for a personal browser project.
It is designed around the idea that the browser should have its own models for:
- trust
- policy
- permissions
- origin identity
- security decisions
- evaluation context
- audits and diagnostics
Thunderclap aims to expose browsing state more clearly through site information and trust summaries, including:
- origin identity
- secure/insecure state
- certificate or trust summaries
- permission grants
- storage or content policy indicators
- injected compatibility script status
- diagnostics-visible security state
Thunderclap aims to handle permissions as a browser subsystem rather than a scattered set of prompts. Over time this supports cleaner handling for:
- microphone access
- camera access
- notifications
- per-origin decisions
- session-only decisions
- private browsing rules
Thunderclap also has a strong developer-facing side. Diagnostics pages and structured logging help inspect browser behavior around:
- current origin state
- permission flow
- trust evaluation
- preview pipeline health
- internal route state
- service status
- session mode
Thunderclap is structured around separate browser concerns such as:
- downloads
- history
- bookmarks
- settings
- trust and security
- tab management
- internal page routing
A natural next direction for Thunderclap is moving selected security analysis into an app-contained XPC service, enabling isolated analysis outside the main browser process.
Thunderclap combines several native Apple technologies:
- WebKit for page rendering and browser engine behavior
- Objective-C / Objective-C++ for app structure, browser glue, and subsystem wiring
- Swift for selected native components and modern implementation areas
- Metal for accelerated rendering and visual processing
- Foundation / AppKit for macOS-native application behavior
- custom browser services for state, settings, trust, permissions, and internal pages
Thunderclap is moving toward a cleaner browser architecture with:
- focused coordinators instead of oversized controllers
- service-layer ownership for browser subsystems
- unified permission handling
- browser-owned internal page routing
- stronger diagnostics and logging
- hardened tab preview and rendering contracts
- isolated security analysis through XPC where appropriate
Thunderclap can be summarized as:
A native macOS browser focused on custom browsing UX, visual tab interaction, and application-defined security architecture.
Or more broadly:
An advanced WebKit-based browser project that aims to transform the standard macOS browsing experience into a more visually custom, more internally structured, and more security-aware environment.
Thunderclap is not trying to be a minimal web-view shell. Its goal is to evolve into a browser environment with:
- native performance
- distinctive tab interaction
- browser-owned tooling
- structured subsystem boundaries
- explicit trust and permission handling
- room for future expansion in diagnostics, security services, and browser policy control
Thunderclap is an actively evolving project. The codebase reflects a browser that is already beyond the simple wrapper stage and is moving toward a more complete architecture with stronger subsystem boundaries, internal tooling, and product coherence.
This project is licensed under the Apache License 2.0. See the LICENSE file for details.
This README describes the project’s intended identity and direction as well as its current feature focus. As the architecture evolves, this document should be updated to reflect concrete subsystem changes, build instructions, and usage details.