Send in your ideas. Deadline February 1, 2025

Decentralised solutions

Decentralised solutions, including blockchain/distributed ledger

This page contains a concise overview of projects funded by NLnet foundation that belong to Decentralised solutions (see the thematic index). There is more information available on each of the projects listed on this page - all you need to do is click on the title or the link at the bottom of the section on each project to read more. If a description on this page is a bit technical and terse, don't despair — the dedicated page will have a more user-friendly description that should be intelligible for 'normal' people as well. If you cannot find a specific project you are looking for, please check the alphabetic index or just search for it (or search for a specific keyword).

Blink RELOAD — Secure P2P real-time communications with RELOAD

REsource LOcation And Discovery specification (RELOAD) is a standard produced by the IETF standard to (as the name indicates) describe how people can search within a local network to discover other people and devices they can then exchange video and voice calls with, send messages etc. Why make every discovery depend on the availability of a global DNS system, if you are actually near each other...

Blink is a mature open source real-time communication application that can be used on different operating systems, based on the IETF SIP standard. It offers audio, video, instant messaging and desktop sharing. Blink RELOAD aims to implement RELOAD (RFC 7904) , which describes a peer-to-peer network that allows participants to discover each other and to communicate using the IETF SIP protocol. This offers an alternative discovery mechanism, one that does not rely on server infrastructure, in order to allow participants to connect with each other and communicate. In addition, the RELOAD specification describes means by which participants can store, publish and share information, in a way that is secure and fully under the control of the user, without a third party controlling the sharing process or the information being shared.

>> Read more about Blink RELOAD

Briar — A secure messaging app with offline capabilities

Briar is a secure messaging app designed for activists, journalists and civil society groups. Instead of using a central server, encrypted messages are synchronized directly between the users' devices, protecting users and their relationships from surveillance. This project will enable users of Briar to delete their private messages. Giving users control of what information their devices retain will allow them to practice defence in depth, managing their exposure if their devices are lost or compromised.

>> Read more about Briar

Briar Desktop — E2EE online and offline messaging and discussion

Briar Desktop is a client for the peer to peer messenger Briar that runs on the typical desktop operating systems Windows, macOS and Linux. With the emergence of multiple Linux-based operating systems for phones, it will also become possible to adapt it to run on operating systems such as Manjaro, PureOS and postmarketOS. A basic version of Briar Desktop has just been implemented and released to the public, but its features are still limited to one-to-one communication. The main goal of this project is to implement the additional group-oriented modes of communication that Briar's Android client supports: groups, forums and blogs. While the first iteration of development focused on Linux, publishing for macOS and Windows are going to be stabilized from experimental to production stage within this project. To keep up with the development of the Android client, support for the upcoming Mailbox feature is also going to be implemented.

>> Read more about Briar Desktop

Discover and move your coins by yourself — A safe way to explore and work with cryptocurrency forks

The numerous technologies behind cryptocurrencies are probably the most difficult to understand compared to any other networks, even for technical experts - and especially bitcoin based networks. Most users, even those familiar with the technology for years, have to rely on wallets or run/sync full nodes. Empirically we can see that they usually get lost at a certain point of time, especially when said wallets dictate the use of new "features", like bip39 and alike, multisig, segwit and bech32. Most users don't understand where their coins are and on what addresses, what is the format of these addresses and what are their seeds and what they need to unlock their coins. This situation pushes users to give their private keys to dubious services, resulting to the loss of all of their coins. The alternative is to let exchanges manage their coins, which removes their agency and puts them at risk. The goal of this project is to correct this situation allowing people to simply discover where are their coins and what are their addresses, whatever features are used. It will allow them to discover their addresses from one coin to another, rediscover their seed if they lost a part, sign/verify addresses ownership, discover public keys from private keys and create their hierarchical deterministic addresses. In fact, all the tools needed to discover and check what is related to their coins - and this for any bitcoin based network, in addition it allows them to create their transactions by themselves and send them to the networks, or just check them. The tool is a standalone secure open source webapp inside browsers that must be used offline, this is a browserification of a nodejs module that can be also used or modified for those that have the technical knowledge.

>> Read more about Discover and move your coins by yourself

Privacy Infrastructure for Corteza Federations — Allow users to locate and browse their private data wherever

The project summary for this project is not yet available. Please come back soon!

>> Read more about Privacy Infrastructure for Corteza Federations

CryptPad Auth — Implement external identity mechanisms to E2EE collaborative editor

CryptPad is a real-time collaboration environment that encrypts all user-generated content in users' browsers, making it illegible to the host of the service. In this project we'll develop optional extensions to the platform to provide additional layers of protection for such data by pursuing two broad strategies in parallel. For the first, we'll take a top-down approach to security through integration with identity provider services like LDAP or SSO, allowing organizations to apply centrally managed access control policies. For the second, more bottom-up approach, we'll offer tighter control of user accounts through various secondary authentication methods like app-based TOTP or email "magic-links". These new features will provide more choices for the protection of data stored in CryptPad, while also making the platform more approachable for conventional organizations by leveraging their existing points of trusted infrastructure.

>> Read more about CryptPad Auth

CryptPad for communities — Collaborative web editor with client-side encryption

CryptPad is a secure and encrypted open-source collaboration platform, that allows people to work together online on documents, spreadsheets and other types of documents. The amazing thing is that while the participants can work with these web applications as they would with any normal tool, the server has no way of telling what it is they are working on. Everything is encrypted on the device of the user, before it is sent to the server. The "CryptPad for communities" project will improve the experience of users adopting the platform for community management tasks. We'll spend time solving the issues most commonly reported by our users as obstacles to their broader adoption of the platform as an alternative to proprietary services. Document review is as important to many as collaborative editing, so we'll implement comment workflows that integrate our recently introduced social features into our text editors. Our Kanban and spreadsheet apps will both receive some crucial updates to better facilitate project management tasks without compromising on privacy. We'll develop extra access control features based on users' public keys for documents that require stricter protection than is currently offered. Those hosting their own CryptPad instance will benefit from new functionality for their admin panel as well as detailed documentation to make server management more accessible. Finally, we'll implement extra controls permitting admins to limit access to their instance by requiring invites for registration. Altogether we hope these tools will allow communities more determination when it comes to their data, their processes, and their ability to work together productively.

>> Read more about CryptPad for communities

DeltaBot — Social discovery over mail-based chat

Why make humans be the only ones to search new content that is relevant to you, if bots can be made to do the same on your behalf? The DeltaBot project will research and develop decentralized, e2e-encrypting and socially trustworthy bots for Delta Chat (https://delta.chat). Bots will bridge with messaging platforms like IRC and Matrix, offer media archiving for its users and provide ActivityPub and RSS/Atom integration to allow users to discover new content. Our project is not only to provide well tested and documented Chat Bots in Python but also help others to write and deploy their own custom bots. Bots will perform e2e-encryption by default and we'll explore seamless ways to resist active MITM attacks.

>> Read more about DeltaBot

Encoding for Robust Immutable Storage (ERIS) — Encrypted and content-addressable data blocks

The Encoding for Robust Immutable Storage (ERIS) is an encoding of content into a set of uniformly sized, encrypted and content-addressed blocks as well as a short identifier (a URN). The content can be reassembled from the encrypted blocks only with this identifier (the read capability). ERIS is a form of content-addressing. The identifier of some encoded content depends on the content itself and is independent of the physical location of where the content is stored (unlike content addressed by URLs). This enables content to be replicated and cached, making systems relying on the content more robust.

Unlike other forms of content-addressing (e.g. IPFS), ERIS encrypts content into uniformly sized blocks for storage and transport. This allows peers without access to the read capability to transport and cache content without being able to read the content. ERIS is defined independent of any specific protocol or application and decouples content from transport and storage layers.

The project will release version 1.0.0 after handling feedback from security audit, provide implementations in popular languages to facilitate wider usage (e.g. C library, JS library on NPM), perform a number of core integrations into various transport and storage layers (e.g. GNUNet, HTTP, CoAP, S3), and deliver Block Storage Management (quotas, garbage collection and synchronization for caching peers).

>> Read more about Encoding for Robust Immutable Storage (ERIS)

Earthstar — P2P protocol and APIs for collaborative and social applications

Your data is stuff you care about. But a lot of the time, you only get to interact with it in places owned by corporations. It’s a bit like living in someone else's house. One consequence is that you don't get to choose who can see your stuff: malicious actors can follow your activities and harass you, and the owners of the space can record what you do and sell that information on. And because the space isn't yours, you don't get any say over how anything works: features you like can disappear overnight, and your data can be changed or deleted without your consent.

What if you and the people you care about could band together and have your own place for your data to live? Where the only people who see your stuff are people you trust, and no-one is selling your privacy? And where you decide how things works and when it should change?

Earthstar is a pocket-sized toolkit to help users build a place of their own. Easily create user-owned infrastructure that holds the data you care about, in formats which suit your needs, and write your own applications to interact with it — or use ones from the community!

>> Read more about Earthstar

Federated Timesheets — Interoperable machine-readable time tracking

This project brings together developers from WikiSuite, m-ld.io, Muze and Ponder Source in a collaboration to deliberately research how federated machine-readable data can work between independent software projects on the user-operated internet. We want to showcase how our vision of Federated Bookkeeping can make internet users "connected but sovereign".

Each project’s timesheet system that tracks billable hours will be extended with time tracker apps (locally or on a self-hosted server) to expose machine-readable timesheet data through a query endpoint (reader pull) or through a webhook (writer push).

Furthermore a W3C interest group “federated timesheets” was started that will contain and maintain a repository of time tracker schemas and extend this continuously in an orderly fashion to enable developers to import recipients’ schemas as well as add their own to the repository.

>> Read more about Federated Timesheets

Fix the Pitch Black Attack in Freenet routing — A decentralized distributed platform for private communication

Hyphanet (previously: Freenet) is a peer-to-peer platform with academic roots, offering censorship-resistant publication and privacy by design. It uses a decentralized distributed data store to store and forward information of its users, and is one of the oldest privacy related infrastructures - having been in continuous development for two decades, and predating the alpha version of TOR with several years. This project solves a published theoretical denial-of-service attack on the friend-to-friend structure of its routing, which has been a looming threat since it was discovered a number of years ago.

>> Read more about Fix the Pitch Black Attack in Freenet routing

GNU Taler — Advanced electronic payment system for privacy-preserving payments

GNU Taler is an advanced electronic payment system for privacy-preserving payments. Unusual for such a system, the entire Taler system is ethical, free/libre software, so there are no dependencies on third parties and no black boxes. Taler can support digital payments in any currency - existing or new, mainstream or private. Unique to the GNU Taler system is that it provides anonymity for customers, while delivering various anti-fraud measures necessary to curb abuse.

If you are a central bank, you can use Taler to provision a CBDC. If you are a regular bank or payment provider, you can use it as a mature digital payment method instead of various proprietary solutions which are opaque and come with many restrictions and high costs. The technology behind Taler fully supports local or community currencies too. Taler was designed to meet all the usual regulations for electronic money issuers, and supports regulations like PCI-DSS and GDPR out of the box. The work done within this grant delivered a key regulatory requirement, an independent audit of the payment service operator (the "exchange"). With the third party security audit of the GNU Taler codebase completed, banks and payment providers can now switch to this new system with confidence. GNU Taler finally brings us a transparent, trustworthy and truly private payment ecosystem that operates independent from vendors.

>> Read more about GNU Taler

Layer-2-Overlay — Generalising the GNUnet Layer-2 Overlay for broader usage

Layer-2-Overlay is a P2P connectivity layer that allows decentralized applications to establish communication with peers. The current Internet architecture is strongly biased in favor of client-server applications. To regain data sovereignty from tech oligopoly, citizens must be able to communicate directly without a few gatekeepers. Therefore decentralized applications need to overcome network obstacles of the existing Internet infrastructure without the need to setup a costly alternative infrastructure. An additional benefit is the effective usage of existing resource, to lower the environmental damage big centralized systems are doing to our planetary ecosystem. The Layer-2-Overlay will achieve this goal by utilizing a variety of existing protocols and infrastructure (Ethernet/WLAN, TCP/UDP, QUIC, Satellite) and an effective flow- and congestion-control to distribute traffic through different channels. After reconnecting the edges (e.g. PCs at home or mobiles) of the existing Internet among each other again, traffic can be forwarded directly to known peers and existing infrastructure will be preserved. The API of Layer-2-Overlay will be usable by all kinds of decentralized application use cases. For a first showcase Layer-2-Overlay will be integrated into GNUnet, an alternative network stack for building secure, decentralized and privacy-preserving distributed applications.

>> Read more about Layer-2-Overlay

GNUnet Messenger API — API for decentralized instant messaging using CADET

Communication is one of the most valuable goods, but it requires confidentiality, integrity and availability to trust it. The GNUnet Messenger API implements an encrypted translation layer based on Confidential Ad-hoc Decentralized End-to-End Transport (CADET). Through CADET the API will allow any kind of application to set up a fully decentralized form of secure and private communication between groups of users. The service uses e2e-encryption and does not require any personal information from you to be used.

You are able to send text messages, share files, invite contacts to a group or delete prior messages with a custom delay. Messages and files will both be stored decentralized being only available for others in the group. GNUnet provides the possibility to use this service without relying on the typical internet structures, with a turnkey optional DHT for sharing resources.

Unlike many other messengers out there the GNUnet Messenger service focuses on privacy. You decide who can contact you and who does not. You decide which information gets shared with others and which stays a secret. The whole service and its API is free and open by design to be used by many different applications without trusting any third party.

>> Read more about GNUnet Messenger API

Federated software forges with Gitea — Use W3C ActivityPub to federate amond software forges

Gitea is a popular free and open-source software forge, a solution for code hosting, version control (using Git) and featuring other collaborative features like bug tracking, wikis and code review. Unlike proprietary platforms like GitHub, anyone can host the software for themselves and for others - and retain full control and confidentiality over their operations and community. The goal of this project is to implement federation features to Gitea, by implementing among other the W3C ActivityPub standard. This is an important enabler that can be used to implement a distributed search across different software repositories - an important feature for decentralised systems. The project will also make sure to verify the implementation of the federation proposed for Gitea is conformant with the ActivityPub W3C standard as well as the Forgefed models.

>> Read more about Federated software forges with Gitea

Gosling — Generic Onions Services Library Project

One of the internet’s core infrastructural flaws is a lack of anonymity - yet anonymity is a form of privacy that many users would prefer to have. Building products which preserve this user privacy while also being featureful and easy to use is difficult. Part of this difficulty has to do with the fact that developers need to be aware of and actively counter the myriad ways users can be de-anonymised (e.g. fingerprinting, side-channels). This requires knowing many intricate details at all levels of the software stack.Project parent Blueprint for Free Speech's goal is to gradually increase the portion of the internet that offers anonymity. By creating a “generic onions services library” (Gosling), we can help developers create secure and anonymous p2p applications without having to delve too deeply into protocol design or the Tor spec, and to do so with more security assurance.

>> Read more about Gosling

Hyper Hyper Space — Cryptographically secure append-only distributed data layer

The Hyper Hyper Space project aims to make distributed applications easy to build and usable by anyone. It introduces “spaces”, shared information objects that are stored locally (on personal computers or phones) and can be easily replicated over the network to any number of participants and kept synchronized. Spaces have formats (just like files): blogs, discussion forums, e-commerce stores, etc. can be represented as space-types. Instead of filenames or URLs, spaces can be universally looked up by entering a 3-word code into the application. This code is used to find devices hosting the space, and then to fetch and validate it.

Application designers can build upon a library of building blocks supplied by Hyper Hyper Space (e.g. cryptographic identities, CRDT-inspired datatypes, etc.) that work over append-only DAGs. Once a space is defined this way, its synchronization can be handled by Hyper Hyper Space transparently, simplifying application development. Finally, to make spaces universally available, the Hyper Hyper Space runtime works inside an unmodified web browser (as a JavaScript library: IndexedDB is used for in-browser storage, WebRTC as transport - no extensions are needed). Thus a distributed application can be deployed as a static website that fetches its contents from a browser-to-browser mesh.

Ultimately, the Hyper Hyper Space project’s goal is to encourage open information formats and software interoperability, helping make open source, non-for profit and public interest application development sustainable.

>> Read more about Hyper Hyper Space

Icebreaker — Gemini centric viewpoint of coding issues and bug tracking

Modern software projects not only require source code repository management but also tools to plan projects and solve technical problems. Closed source solutions and online commercial services may be convenient, but create significant concerns around control, autonomy and privacy - and they skew discoverability. Icebreaker believes in decentralised approaches which keep the coding repo separate from the project management repo. In terms of cooperation and teamwork, this helps to encourage new, flexible and dynamic approaches. These expectations are solved through the minimalism of the Gemini protocol and its terse Markdown format, Gemtext. It is modern because it is easy to understand; accessible to interact with (whether as a consumer or a contributor); and treats privacy as a foremost priority.

Icebreaker's flagship project, gLean, provides building blocks for navigating and interpreting one or more Gemini content sources (with settings, rulesets, and regex magic). (Non core) modules provide output in alternative formats, including Kanban boards. Creators will control their issue trackers. Creators' terms. Creators' conditions. 'Off-the-shelf' solutions can't compete against gLean's tailored approaches. FOSS communities can choose workflows that match their technical requirements, while supporting autonomy and adhering to their ethical values.

>> Read more about Icebreaker

Interpeer — Collaboration infrastructure with near real-time p2p data synchronization

The Interpeer Project's purpose is to research and develop novel peer-to-peer technologies for open and distributed software architectures. The goal is to enable serverless modes of operation for collaborative software with rich feature sets equal to or surpassing centralized client-server architectures. For that reason, the initial focus lies on facilitating the extreme end of the use case spectrum with very low latency and high bandwidth requirements, as exemplified by peer-to-peer video communications in quality as close to 4k resolution as possible. When that initial goal is reached, the project focus will shift to other collaboriative applications of the technology.

>> Read more about Interpeer

Katzen — Meta-data resistant instant messaging over the Katzenpost mixnet

Katzen is a new private instant messaging application built using the Katzenpost mixnet project, which is an overlay network that is able to hide communication patterns of individual users from passive network observers. This means that attackers cannot link sending and receiving of messages on the network with any of the participants. Messages between conversation parties are delivered to and read from message queues operated by the mixnet service operators. The legacy simple design maintains a per client queue and is able to see when a client is receiving a message, how often clients receive messages, and when the client is online and checking for their messages. The purpose of this project is to replace the legacy ephemeral message storage system used by Katzen with a replacement that does not link messages with a specific user or conversation, To do this, clients will include a csprng seed as part of the contact creation process that will be used to generate a deterministic sequence of message identifiers between conversation participants; these identifiers will be used by each client to query the ephemeral storage provider for the next message in the conversation. Because polling the storage service adds latency, and this design must check for new messages from each conversation partner, mechanisms to reduce the number of round trips - such as using SURBs as an asynchronous callback upon message delivery on the storage provider will be explored as a means to build a mixnet 'push' service to decrease the total round trip delay in receiving a new message.

>> Read more about Katzen

Private Key Operations for Keyoxide — Implement Private Key Store design in Keyoxide

Keyoxide is one of the open-source success stories when it comes to providing an alternative to the proprietary product (Keybase). The UI is straightforward so that the interaction with the site is available to all kinds of users. Unfortunately there is one critical part that differentiates Keyoxide from Keybase - no support for private key operations. Adding proofs requires a complex maze of command line invocations. This project will implement best of both worlds: simple, UI centric way of interaction without technical knowledge required and the strong security of Keyoxide.

>> Read more about Private Key Operations for Keyoxide

Keyoxide v2 — Add cryptographic signature based to Keyoxide

How do you discover which other online accounts across different services and service providers actually belong to the same person? Keyoxide is a secure, privacy-friendly and decentralized platform to manage online identities, uncompromisingly driven by what the user herself wants to share.

Keyoxide is a new type of service to allow proving linked account ownership on a variety of platforms. Keyoxide levers existing and battle-tested cryptographic primitives. The goal is to give users more control over their online presence, independent from dominant internet actors - without in fact having to depend on any centralised services or third parties. The project will build on top of the existing OpenPGP Identity Proofs to add other types of profiles based on various cryptographic signature mechanisms from a variety of new tools. To maintain linkable profiles, a new signature-hosting infrastructure needs to be designed and developed. Other improvements are aimed at safeguarding privacy and achieving plausible deniability.

>> Read more about Keyoxide v2

LiberaForms — End tot End Encrypted Forms

Cloud services that offer handling of online forms are widely used by schools, associations, volunteer organisations, civil society, and even families to publish questionnaires and collect the results. While these cloud services (such as Google Forms and Microsoft Forms) can be quite convenient to create forms with, for the constituency which has to fill out these forms such practices can actually be very invasive because forms may not only include personal details such as their name, address, gender or age, but also more intimate questions including medical details, political information and life style background. In many situations there is a power asymmetry between the people creating the form and the users that have to supply the data through that form. Often there is significant time pressure. No wonder that users feel socially coerced to comply and hand over their data, even though they might be perfectly aware that their own data might be used against them.

LiberaForms is a transparent alternative for proprietary online forms that you can easily host yourself. In this project, LIberaForms will add end-to-end encryption with OpenPGP, meaning that the data is encrypted on the client device and only the final recipient of the form data can read it (and not just anyone with access to a server). Also, the team will add real-time collaboration on forms, in case users need to fill out forms together.

>> Read more about LiberaForms

XMPP-ActivityPub gateway — XMPP, ActivityPub and E2EE Pubsub

XMPP (aka Jabber) is the vendor-netural internet standard for instant messaging. ActivityPub is a web standard for federated social networking, used in software like Mastodon, Pleroma, PeerTube, Pixelfed and Funkwhale. The project consists of two components: an ActivityPub-XMPP gateway, which will be a component bridging these protocols - enabling ActivityPub users to access XMPP blogs, comments and other features, and vice versa. And adding state of the art end-to-end encryption (E2EE) for PubSub and filesharing, which entails proposing a new XMPP standard which can provide a secure way to publish, retrieve and subscribe to all sorts of data over XMPP.

The project is built on Libervia (previously known as "Salut à Toi"), a communication ecosystem based on XMPP. Libervia offers several interfaces (web, desktop, mobile, command line, text UI) and explores the XMPP protocol beyond instant messaging. Libervia features chat, blogging, file sharing, photo albums, events, forums, etc. Libervia's goal is to develop an all-in-one, easy to use "familial and personal social network", i.e. a tool to communicate with the people close to you securely - and that lets your personal data stay within your control (as it should be).

>> Read more about XMPP-ActivityPub gateway

Librecast — E2E encrypted multicast

The Librecast project contributes to decentralising the Internet by enabling multicast. It builds transitional protocols and software to extend the reach of multicast and enable easy deployment by software developers. This can for instance help to synchronise large evolving datasets to many users at the same time (even hundreds of gigabytes of blockchain data) in an economic, reliable, transparent and fair way - unlike with unicast, everyone can get a copy of the same packets received by everyone else. Not depending on a centralised structure (anyone can be the upstream source), means it is very robust as well. LibreCast is energy efficient and as a next generation internet technology offers confidentiality and security - and is sustainable, has high scalability and throughput.

Librecast Live is a Multicast Live Streaming, Conferencing and Remote Collaborative Work Environment. It is a versatile multicast platform flexible and scalable enough to be used for live-streaming, classrooms and conferences - using an ad hoc or previously established web of trust. While using multicast helps solve the scalability inherent with this kind of setup, actually all messages are transmitted over encrypted channels - providing strong privacy and integrity assurances through E2E encryption.

>> Read more about Librecast

Librecast Live — Live streaming with multicast

The Librecast Live project contributes to decentralizing the Internet by enabling multicast. Multicast is a major network capability for a secure, decentralized and private by default Next Generation Internet. The original design goals of the Internet do not match today's privacy and security needs, and this is evident in the technologies in use today. There are many situations where multicast can already be deployed on the Internet, but also some that are not. This project will build transitional protocols and software to extend the reach of multicast and enable easy deployment by software developers. Amongst others it will produce a C library and POC code using a tunneling method to make multicast available to the entire Internet, regardless of upstream support. We will then use these multicast libraries, WebRTC and the W3C-approved ActivityPub protocol to build a live streaming video service similar to twitch.tv. This will be a complement to the existing decentralised Mastodon and Peertube projects, and will integrate with these services using ActivePub. By doing so we can bring live video streaming services to these existing decentralised userbases and demonstrate the power of multicast at the same time. Users will be able to chat and comment in realtime during streaming (similar to YouTube live streaming). This fills an important gap in the Open Source decentralised space. All video and chat messages will be transmitted over encrypted channels.

>> Read more about Librecast Live

LumoSQL at-rest data security — Modern embedded database with encryption and signed data

LumoSQL is an embedded database that combines various modern database technologies into a single powerful abstraction while remaining a drop-in replacement for the most-used database worldwide, SQLite. LumoSQL brings to embedded databases features including built-in encryption, per-row checksum verifiability of all data (without the overhead of e.g. a blockchain), and a choice of storage backends.

In this project the LumoSQL community works towards the 1.0 version which will add a slew of attractive features such as encrypted embedded data at-rest (which can be unlocked either through role based access control or even outside of unmodified apps with a hardware token like Nitrokey), signed data rows and data tables (so users can cryptographically verify the integrity of data), as well as improved documentation and cross-platform availability. In addition the project is producing valuable tools such as the not-forking project, which addresses the root cause of many real-world security issues as customisation without such a tool requires hard-to-maintain forking.

>> Read more about LumoSQL at-rest data security

Distributed Trust for Web Servers — Establishing a Distributed Trust Authority

The M-Pin protocol, and its implementation in the Milagro project currently incubating at Apache, provides cryptographic security using a distributed trust model. In place of the single point of failure (and high-value target for social engineering attacks) of today's Certificate Authorities (CAs), cryptographic verification is assembled from two or more mutually independent authorities, all of which would need to be subverted at once to break security. This project helps bring distributed trust to the Web, by implementing M-Pin support via Milagro's libraries in leading Open Source web servers. This will pave the way both to a distributed trust alternative to monolithic CAs and browser trust lists, and to a distributed trust alternative to protocols such as OpenID for user identification.

>> Read more about Distributed Trust for Web Servers

Manyverse — An off-line capable privacy-centric social messaging app

Manyverse is a social networking mobile app, implemented not as a typical cloud service, but instead on a peer-to-peer network: Secure Scuttlebutt (SSB). The mobile app locally hosts the user's database, allowing them to own their personal data, and also use the app when offline. Data can sync from one mobile device to another, via Bluetooth, Wi-Fi, or Internet. Free and open source software.

>> Read more about Manyverse

Manyverse Private Groups — Implement SSB Private Groups in Manyverse

Manyverse is a peer-to-peer social network built on the SSB protocol where users themselves are responsible for the network. It is used by thousands of people, on both mobile and desktop. Users can share public posts with each other, but there is currently no way to write private messages to closed communities of a dozen members or more. With this project, we want to implement and improve SSB Private Groups for adoption in Manyverse. This is a cryptographic mechanism to ensure that communities can talk in private. Additionally, we want to make sure that these communities have the tools they need to moderate and prune their social space for safety.

>> Read more about Manyverse Private Groups

Practical Decentralised Search and Discovery — Search and discovery inside mesh/adhoc networks

Internet search and service discovery are invaluable services, but are reliant on an oligopoly of centralised services and service providers, such as the internet search and advertising companies. One problem with this situation, is that global internet connectivity is required to use these services, precisely because of their centralised nature. For remote and vulnerable communities stable, affordable and uncensored internet connectivity may simply not be available. Prior work with mesh technology clearly shows the value of connecting local communities, so that they can call and message one another, even in the absence of connectivity to the outside world. The project will implement a system that allows such isolated networks to also provide search and advertising capabilities, making it easier to find local services, and ensuring that local enterprises can promote their services to members of their communities, without requiring the loss of capital from their communities in the form of advertising costs. The project will then trial this system with a number of pilot communities, in order to learn how to make such a system best serve its purpose.

>> Read more about Practical Decentralised Search and Discovery

SecSync — Efficiently combine end-to-end encryption with CRDTs

While popular CRDT implementations like Yjs or Automerge offer several designs and even implementations on how to asynchronously exchange data using servers, there is no plug & play implementation serving end-to-end encrypted systems. Focus of the first version of SecSync is to provide a protocol to efficiently exchange and resolve e2e encrypted CRDTs. It comes with a plug and play reference implementation on top of Yjs and should be well documented. By leveraging snapshots as well as operations logs referencing snapshots the load times should reduced while still offering real-time collaboration.

>> Read more about SecSync

Namecoin: ZeroNet and Packaging — Make ZeroNet work with Namecoin

Namecoin provides a decentralized naming system and trust anchor. Its flagship use-case is a decentralized top-level domain (TLD) which is the cornerstone of a domain name system that is resistant to hijacking and censorship. Among other things, this provides a decentralized trust anchor for Public Key Infrastructure that does not require third party trust. It operates independent from the DNSSEC root trust chain, and can thus offer additional security under some circumstances. ZeroNet is a decentralized web-like network of peer-to-peer users, which provides an alternative to TOR hidden services. In the project, Zeronet will be adapted to support a local Namecoin client, and provide additional assurances such as a Host Header-like mechanism to protect users from spoofing. Namecoin will be used as a human-readable naming layer for Tor onion services and ZeroNet sites. This eliminates the user problem of pseudorandom, unmemorable website addresses for onion services and ZeroNet sites, which can facilitate phishing attacks.

>> Read more about Namecoin: ZeroNet and Packaging

Namecoin: Core Infrastructure — Alternative domain name system

Namecoin is a blockchain project that provides a decentralized naming system and trust anchor. Our flagship use-case is a decentralized top-level domain (TLD) which is the cornerstone of a domain name system that is resistant to hijacking and censorship. This project is meant to improve the security and usability of core components of Namecoin.

>> Read more about Namecoin: Core Infrastructure

NeoChat — Native Matrix encrypted instant messaging client

NeoChat is a client for Matrix, an open and decentralized chat protocol. NeoChat is using Qt and KDE technologies to run on many platforms: Linux, Windows, macOS, Plasma Mobile and Android. One of the biggest missing features for NeoChat is support for end-to-end encryption. Currently, all the messages are sent unencrypted and encrypted conversation can't be read in NeoChat. This is not a problem for public rooms since they are usually not encrypted, but it makes NeoChat unsuitable for usage in a private or professional context. The goal of this project is to enable support for encryption in NeoChat. Since NeoChat uses libQuotient, a client library for the matrix protocol, most of the work will take place in libQuotient. This means that the work done in the project will also help other Matrix clients and bots built with Quotient, in particular Spectral and Quaternion.

>> Read more about NeoChat

neuropil — Privacy by design P2P search including IoT

Neuropil is an open-source de-centralized messaging layer that focuses on security and privacy by design. Persons, machines, and applications first have to identify their respective partners and/or content before real information can be sent. The discovery is handled internally and is based on so called "intent messages" that are secured by cryptographic primitives. This project aims to create distributed search engine capabilities based on neuropil, that enable the discovery and sharing of information with significantly higher levels of trust and privacy and with more control over the search content for data owners than today's standard.

As of now large search engines have implemented "crawlers", that constantly visit webpages and categorize their content. The only way to somehow influence the information that is used by search engines is by using a file called „robots.txt“. Other algorithms are only known to the search engine provider. By using a highly standardized "intents" format that protects the real content of users, this model is reversed: data owners define the searchable public content. As an example we seek to implement the neuropil messaging layer with its extended search capabilities into a standard web server to become one actor and to handle and maintain the search index contents of participating data owners. By using the Neuropil messaging layer it is thus possible to build a distributed search engine database that is able to contain and reveal any kind of information in a distributed, concise and privacy preserving manner, without the need for any central search engine provider.

>> Read more about neuropil

neuropil — DHT based overlay network

The neuropil protocol is a new integration protocol for the IoT, which can be embedded into applications and devices. It facilitates and recombines messaging paradigms with distributed hash tables, self-sovereign identities and named-data networks to establish a new kind of privacy- and security-by-design overlay network. The protocol itself embraces self-containment, reducing the need for external systems/dependencies. Our goal is a trustworthy, democratized access control mechanism for the internet of everybody. Within our project we would like to leave the beta-phase and realize the first full release of our protocol. To reach this goal we will add two remaining critical parts to our protocol: distributed time calculations and distributed linked time-stamping authorities. The first addition is not only crucial for systems without an RTC, but it also enables a de-centralized time service with a much lower attack surface. The second builds upon the first and is a key requirement to establish trust between entities using the protocol. It can also be used to ensure the integrity and to keep-track of (search-) contents of peers. Furthermore we will review our current reference implementation for efficiency and use less power-hungry algorithms whenever possible to support the green deal of the European Union.

>> Read more about neuropil

Adopting the Noise Key Exchange in Tox — Improved security of Tox instant messaging with NoiseIK

Tox is a P2P instant messaging protocol that aims to provide secure messaging. It's implemented in a FOSS library called "c-toxcore" (GPLv3). The project started in the wake of Edward Snowden's disclosure of global surveillance. It's intended as an end-to-end encrypted and distributed Skype replacement. The cryptographic primitives for the key exchange (X25519), authentication (Poly1305) and symmetric encryption (XSalsa20) are state of the art peer-reviewed algorithms. Tox' authenticated key exchange (AKE) during Tox' handshake works, but it is a self-made cryptographic protocol and is known to be vulnerable to key compromise impersonation (KCI) attacks. This vulnerability enables an attacker, who compromised the static long-term private X25519 key of a Tox party Alice, to impersonate any other Tox party (with certain limitations) to Alice (reverse impersonation) and to perform Man-in-the-Middle attacks. The objective of this project is to implement a new KCI-resistant handshake based on NoiseIK in c-toxcore, which is backwards compatible to the current KCI-vulnerable handshake to enable interoperability. Further Noise's rekey feature will be evaluated for adoption.

>> Read more about Adopting the Noise Key Exchange in Tox

Nym Credentials — A decentralised solution for authentication

Nym Credentials provides open-source code for privacy-enhanced authentication and authorization in a decentralized environment. Today, when using "single-sign in" solutions, users hand over their personal data to third-party identity providers such as Facebook Connect and Sign-In with Google. Nym Credentials tackles this problem by allowing users to securely authenticate and transfer personal data (and proofs of private data) while maintaining privacy without a centralized identity provider. Each credential is cryptographically unlinkable between usages and multiple decentralized identity providers can verify this data. Open-source Nym credential libraries can be easily integrated into existing services, with a focus on federated and decentralized European environments.

>> Read more about Nym Credentials

Off-the-Record messaging version 4 — Advanced protocol for secure messaging

OTRv4 is the newest version of the Off-The-Record messaging protocol. It is a protocol where the newest academic research intertwines with real-world implementations. It's aim is to give end-to-end encryption, deniability, authentication, forward secrecy and post-compromise security for any kind of messaging (online or offline). The goal of this new version is to give the most secure privacy and security properties that have a real impact on the world. This new version aims to be available in different desktop clients (that use XMPP or other messaging protocol) and in mobile clients.

>> Read more about Off-the-Record messaging version 4

Open MLS Infrastructure — End-to-end encrypted group messaging

The Open MLS infrastructure project aims at designing and implementing infrastructure components for the MLS (Messaging Layer Security) protocol currently under development by the IETF (https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/). While it is theoretically possible to run MLS peer-to-peer, most use-cases will require central components that take care of ordering and queueing messages, as well as managing group state. Our goal is to create components that are secure, metadata-minimizing, modular, and that allow for federation. This lays a foundation for improving existing and future messaging applications, and will allow to validate a potential future application-layer specification.

>> Read more about Open MLS Infrastructure

Interoperable Certificate Store for OpenPGP — Standardisation effort for shared OpenPGP certificate storage

This project will build a public cert store for OpenPGP keys, with well defined data structures and access mechanisms to facilitate interoperability between OpenPGP implementations. It builds on pgp-cert.d, which stores certs, and has an API to access them. Beyond the common format and API, the project will also add Sequoia-specific indices, where standardization doesn't make sense. sq, Sequoia's command line tool, will be adapted to use the cert store. In addition the project aims to develop a privacy-preserving way to update the certs from keyservers.

>> Read more about Interoperable Certificate Store for OpenPGP

Hardening OpenPGP CA deployments — HSM support for OpenPGP key infrastructure

OpenPGP CA is a tool for managing and certifying OpenPGP keys in organizations. Today, the private key material of OpenPGP CA instances is stored and used locally. This project will add support for two hardened modes of operation: 1) Using a hardware-token OpenPGP Card) based key for the CA, and 2) Split OpenPGP CA deployments, in which critical operations are performed on a highly protected machine (e.g. air-gapped), while regular operation can take place conveniently on an online CA instance.

In addition the project will build an OpenPGP CA based tool for version control signing workflows (e.g. git), with a focus on providing a smooth user experience for signing with OpenPGP card devices.

>> Read more about Hardening OpenPGP CA deployments

P2Pcollab — Decentralised social search and discovery

This project is working towards creating a more decentralized, privacy-preserving, collaborative internet based on the end-to-end principle where users engage in peer-to-peer collaboration and have full control over their own data, enabling them to collaborate on, publish & subscribe to content in a decentralized way, as well as to discover & disseminate content based on collaborative filtering, while allowing local, offline search of all subscribed & discovered content. The project is researching & developing P2P gossip-based protocols and implementing them as composable libraries and lightweight unikernels with a focus on privacy, security, robustness, and scalability.

>> Read more about P2Pcollab

Adding Web-of-Trust Support to PGPainless — Web-of-Trust specification support for Java

Reliable authentication of public key certificates is a hard requirement for strong and effective end-to-end encryption. The "Web-of-Trust" (WoT) serves as an example of a decentralized authentication mechanism for OpenPGP. While there are some existing implementations of the WoT in applications such as GnuPG, their algorithms are often poorly documented. As a result, WoT support in client applications is often missing or inadequate.

PGPainless is an easy-to-use, secure-by-default OpenPGP library for Java and Android. This project will extend PGPainless with an implementation of a recently published, new Web of Trust specification. The goal is to make the Web of Trust more interoperable and accessible to client applications, overall increasing the usability and ergonomics of OpenPGP for the end-user.

>> Read more about Adding Web-of-Trust Support to PGPainless

Statime — Memory-safe high-precision clock synchronization

Of all severe software security bugs, a big chunk (50-70%) has one single source: memory corruption. The underlying cause is that, traditionally, systems software is implemented in languages that are not memory-safe. The way forward is to replace these pieces of software with memory-safe alternatives, one by one. Doing so will not just mitigate, but eliminate this category of bugs entirely. This project picks out one piece: the Precision Time Protocol (PTP). High-precision clock synchronization plays a crucial role in networking, with application areas such as high precision localization, finance, broadcasting, security protocols, smart grids, and cellular base station transmissions. Our proof-of-concept implementation will conform to the IEEE standard for PTP and will focus on the software implementation of a slave-only PTP ordinary clock. In the future, our work is expected to become part of a wider open-source roadmap for reliable and memory-safe keeping of network time, that will seek to expand the feature set of our implementation and work towards growing its adoption.

Statime is part of Project Pendulum.

>> Read more about Statime

PeerDB Search — Search for semantic and full-text data

PeerDB Search is an opinionated but flexible open source search system incorporating best practices in search and user interfaces and experience to provide intuitive, fast, and easy to use search over both full-text data and semantic data exposed as facets. The goal of the user interface is to allow users without technical knowledge to easily find results they want, without having to write queries. The system will also allow multiple data sources to be used and merged together. As a demonstration PeerDB will deploy a public instance as a search service for Wikipedia articles and Wikidata data.

>> Read more about PeerDB Search

Peertube-Desktop — Enjoy and share federated videos

Cuttlefish is a client for PeerTube that will allow for searching and discovering new and interesting video's online with more privacy. PeerTube is a federated video hosting service based on the W3C ActivityPub standard. By using WebTorrent - a version of BitTorrent that runs in the browser - users help serve videos to other users. Cuttlefish is a desktop client for PeerTube, but will work on GNU/Linux-based phones (like the Librem 5 or Pinephone) as well.

We want the experience of watching PeerTube videos and using PeerTube in general to be better, by making a native application that will become the best and most efficient way to hook into the federation of interconnected video hosting services. It will have improved search, and will allow people to continue sharing watched videos with other PeerTube users for longer periods of time, instead of discarding the video when done watching. It will also help bridge PeerTube's gap between the - now separated - BitTorrent and WebTorrent networks by speaking both of those protocols.

>> Read more about Peertube-Desktop

Extending PeerTube — Adding advanced search capabailities to PeerTube

This project aims to extend PeerTube to support the availability, accessibility, and discoverability of large-scale public media collections on the next generation internet. Although PeerTube is technically capable to support the distribution of large public media collections, the platform currently lacks practical examples and extensive documentation to achieve this in a timely and cost-efficient way. This project will function as a proof-of-concept that will showcase several compelling improvements to the PeerTube software by [1] developing and demonstrating the means needed for this end by migrating a large corpus of open video content, [2] implementing trustworthy open licensing metadata standards for video publication through the PeerTube platform, [3] and emphasizing the importance of accompanying subtitle files by recommending ways to generate them.

>> Read more about Extending PeerTube

peermaps — Peer to peer cartography

Peermaps is a p2p, offline-friendly way to distribute, view, and embed map data. Instead of fetching data from a centralized tile provider, you fetch data from other peers on the network. Right now we have all of OpenStreetMap processed into a 100GB archive in our p2p spatial database and rendering formats and seeded to hyperdrive and ipfs. This data is hooked up to a proof-of-concept web map viewer.

For this grant, we will build on our proof-of-concept to release a user-oriented map viewer as a web application with search functionality on peermaps.org along with a developer-oriented tool to embed web maps in an iframe. In addition to (p2p) web development, this project will involve research on peer queries for offline and online location-based search, optimizations to the spatial database and p2p layer, webgl graphics improvements in addition to web development in order to produce a usable p2p mapping alternative.

>> Read more about peermaps

ProveThis — Prove statements about authenticated API resources

ProveThis allows users to prove statements from websites and APIs using TLS without revealing private information. Although efforts like TLSNotary can currently be used to prove the authenticity and origin of a full HTML page, we extend the capabilities of TLSNotary and allow users to make zk-SNARK based zero knowledge proofs about statements in complexity class NP. More concretely, this can allow users to prove statements about e.g. their banking data (how many transactions did you send in a certain period), social media data (how many friends are you away from knowing Barack Obama) or other data sources. Such proofs can generally be used to reduce fraud without compromising privacy and confidentiality.

>> Read more about ProveThis

R5N-DHT — Formalisation within IETF of R5N Distributed Hash Table design

Decentralization and digital sovereignty are fundamental building blocks to strengthening European values of freedom of information and informational self-determination against particular interests of foreign state and commercial actors. Decentralization is often based on Distributed Hash Tables; DHTs are already an important component for many NGI components such as decentralized web applications (IPFS, Web3) or components in the blockchain ecosystem. The GNUnet/R5N-DHT - a Free Software distributed hash table and P2P protocol - provides additional and relevant properties like Byzantine fault tolerance and censorship resistance. The project will improve, implement and specify the R5N protocol as an IETF RFC (Informational). This supports other efforts such as the GNU Name System protocol (GNS).

>> Read more about R5N-DHT

Ricochet Refresh — Anonymous, meta-data free secure messaging

Ricochet Refresh, is a metadataless messenger for PCs (Windows, macOS, Unix) that provides anonymity as well as security. By using Tor, it allows people at risk making public interest disclosures to communicate in chat sessions with anonymity to journalists, members of parliament, regulators protecting the environment, financial malfeasance investigators and others who have the power in society to act as corrective mechanisms to serious wrongdoing. This project will update Ricochet, reduce known security risks, and ensure continued compatibility with Tor's onion services protocol. The possibility of anonymous communication is important for everyone, but particularly vital for those who risk reprisal in their workplace or other institutions to be able to speak up. Through anonymity, Ricochet Refresh allows the focus to be on the disclosure, not on the source or whistleblower. Thus, the project provides a tool in support of evidence-based reporting in the public interest by creating a safe on-going channel for the journalist to conduct verification as the story develops.

>> Read more about Ricochet Refresh

SCION-Pathdiscovery — Secure and reliable decentralized storage platform

With the amount of downloadable resources such as content and software updates available over the Internet increasing year over year, it turns out not all content has someone willing to serve all of it up eternally for free for everyone. And in other cases, the resources concerned are not meant to be public, but do need to be available in a controlled environment. In such situations users and other stakeholders themselves need to provide the necessary capacity and infrastructure in another, collective way.

This of course creates new challenges. Unlike a website you can follow a link to or find through a standard search engine and which you typically only have to vet once for security and trustworthiness, the distributed nature of such a system makes it difficult for users to find the relevant information in a fast and trustworthy manner. One of the essential challenges of information management and retrieval in such a system is the location of data items in a way that the communication complexity remains scalable and a high reliability can be achieved even in case of adversaries. More specifically, if a provider has a particular data item to offer, where shall the information be stored such that a requester can easily find it? Moreover, if a user is interested in a particular information, how does he discover it and how can he quickly find the actual location of the corresponding data item?

The project aims to develop a secure and reliable decentralized storage platform enabling fast and scalable content search and lookup going beyond existing approaches. The goal is to leverage the path-awareness features of the SCION Internet architecture to use network resources efficiently in order to achieve a low search and lookup delay while increasing the overall throughput. The challenge is to select suitable paths considering those performance requirements, and potentially combining them into a multi-path connection. To this end, we aim to design and implement optimal path selection and data placement strategies for a decentralized storage system.

>> Read more about SCION-Pathdiscovery

Geographic tagging of Routing and Forwarding — Geographic tagging and discovery of Internet Routing and Forwarding

SCION is the first clean-slate Internet architecture designed to provide route control, failure isolation, and explicit trust information for end-to-end communication. As a path-based architecture, SCION end-hosts learn about available network path segments, and combine them into end-to-end paths, which are carried in packet headers. By design, SCION offers transparency to end hosts with respect to the path a packet travels through the network. This has numerous applications related to trust, compliance, and also privacy. By better understanding of the geographic and legislative context of a path, users can for instance choose trustworthy paths that best protect their privacy. Or avoid the need for privacy intrusive and expensive CDN's by selecting resources closer to them. SCION is the first to have such a decentralised system offer this kind of transparency and control to users of the network.

>> Read more about Geographic tagging of Routing and Forwarding

SES - SimplyEdit Spaces — SimplyEdit Spaces - collaborative presentations

SimplyPresent allows users to collaboratively create and deliver good looking presentation using CRDT's through Hyper Hyper Space - another project supported by NGI Assure. SimplyPresent is itself based on top of the open source SimplyEdit tool, adding advanced user-friendly presentation features. SimplyPresent allows team members to live edit a presentation and the presenter notes while the presentation is being given, control the presentation from any phone without complicated setup: all that is needed on the presenting system or with remote viewers is a URL which will sync through Hyper Hyper Space.

>> Read more about SES - SimplyEdit Spaces

A Secret Key Store for Sequoia PGP — Standards-compliant private key store for OpenPGP

This project implements a private key store for Sequoia, a new OpenPGP implementation. Currently, Sequoia-using programs use private keys directly. A private key store mediates applications' access to private keys, and offers three major advantages relative to the status quo. First, a private key store is in a separate address space. This means that private keys that are in memory are in a different address space from the application. This was underlying cause of the Heartbleed vulnerability. Second, a private key store can provide a uniform interface for accessing keys stored on different backends, e.g., an in-memory key, a key on a smart card, or a key on a remote computer, which is accessed via ssh. This simplifies applications. Third, this architecture simplifies sharing private key material among multiple applications. Only the private key store needs to worry about managing the private key material, which improves security. And, when a user unlocks a key in one application, it is potentially unlocked in all applications, which improves usability.

>> Read more about A Secret Key Store for Sequoia PGP

Sequoia PGP — Improve interface of Sequoia PGP commandline

Sequoia PGP is a new OpenPGP implementation, which is written in Rust and focuses on ease of use. To date, the main product is a library. This project will focus on sq, Sequoia's command line tool. The project consists of three parts. First, useful functionality will be added to sq making sq comparable to gpg. Second, the human-readable interface will be augmented with a JSON interface. This will make it easier and robuster to use sq from scripts. Finally, this project will add an acceptance test suite to sq thereby strengthen the foundation for future changes.

>> Read more about Sequoia PGP

Sequoia GPG Chameleon — Implement well-known API's for using OpenPGP

Sequoia's GnuPG Chameleon is a drop-in replacement for the widely-used encryption software GnuPG. It offers the same interface, while at the same time replacing the underlying OpenPGP implementation. This approach brings security benefits to everyone directly or indirectly using GnuPG before, while providing a smooth migration path that does not require changes to existing software.

>> Read more about Sequoia GPG Chameleon

Peer-to-Peer Access to Our Software Heritage — Access Software Heritage data via IPFS DHT

Peer-to-Peer Access to Our Software Heritage (SWH × IPFS) is a project aimed at supporting Software Heritage’s mission to build a universal source code archive and preserve it for future generations by leveraging IPFS’s capabilities to share and replicate the archive inadecentralized, peer-to-peer manner. The project will build a bridge between the existing Software Heritage (SWH) API and the IPFS network to transparently serve native IPFS requests for SWH data. In the short term, this allows users using IPFS to form their own Content Distribution Network for SWH data. Longer term, we hope this will serve as a foundation fora decentralized network of copies that, together, ensure that the loss of no one repository, however large, results in the permanent destruction of any part of our heritage. The end product would be a perfect application of IPFS’s tools and a step in the direction of a decentralized internet services infrastructure.

>> Read more about Peer-to-Peer Access to Our Software Heritage

Solid-NextCloud app — Bridge Nextcloud to Solid

This project connects the world of Solid with the world of Nextcloud. The aim is to develop an open source Nextcloud app that turns a Nextcloud server into a spec-compliant Solid server. It gives every user a WebID profile and allows Solid apps to store data on the user's Nextcloud account. It also exposes some of the user's existing Nextcloud data like contacts and calendar events as Solid user data, so that Solid apps can interact with the user's Nextcloud data, and allow the user to manage which Solid apps can access which specific aspects of the user's personal data. We will make our implementation compatible with the latest version of the Solid spec (including DPop tokens and the WebSockets AUTH command), and contribute the surface tests we create for this as a well-documented independent test-suite, for other Solid server implementers to benefit from. We will also publish a stand-alone version of our PHP components, which can run independently of Nextcloud.

>> Read more about Solid-NextCloud app

Solid Control — Access Control mechanism for data and services within Solid

Solid-Control aims to enhance Tim Berners-Lee's Social Linked Data Project (Solid) with Attribute-Based Access Control. By extending the Linked Data Platform (LDP) with WebID based authentication and Access Control Lists (ACL), Solid has enabled the emergence of new forms of Hyper-Apps. These apps can follow data from server to server, authenticate when needed and write to the user's Personal Online Data storage (Pod), creating a decentralised social web.

With relation-based access control (friend of a friend, business network, etc.), Solid can be a full alternative to centralised social networks. We also want to allow authentication based on Verifiable Claims such as age. Solid-Control will work on developing the needed logic, verify protocols, write prototype implementations and contribute to the Solid Auth Community groups, which are developing specs for standardisation.

>> Read more about Solid Control

Sonar: a modular peer-to-peer search engine — Modular peer-to-peer search engine

Sonar is a project to research and build a toolkit for decentralized search. Currently, most open-source search engines are designed to work on centralized infrastructure. This proves to be problematic when working within a decentralized environment. Sonar will try to solve some of these problems by making a search engine share its indexes incrementally over a P2P network. Thereby, Sonar will provide a base layer for the integration of full-text search into peer to peer/decentralized applications. Initially, Sonar will focus on integration with a peer-to-peer network (Dat) to expose search indexes securely in a decentralized structure. Sonar will provide a library that allows to create, share, and query search indexes. An user interface and content ingestion pipeline will be provided through integration with the peer to peer archiving tool Archipel.

>> Read more about Sonar: a modular peer-to-peer search engine

Secure User Interfaces (Spritely) — Usability of decentralised social media

Spritely is a project to advance the federated social network by adding richer communication and privacy/security features to the network. This particular sub-project aims to demonstrate how user interfaces can and should play an important role in user security. The core elements necessary for secure interaction are shown through a simple chat interface which integrates a contact list as an easy-to-use implementation of a "petname interface". Information from this contact list is integrated throughout the implementation in such a way that helps reduce phishing risk, aids discovery of meeting other users, and requires no centralized naming authority. As an additional benefit, this project will demonstrate some of the asynchronous network programming features of the Spritely development stack.

>> Read more about Secure User Interfaces (Spritely)

Spritely — Capability based petname system

Users are currently caught between two worlds of identity solutions: prepackaged centralized identity silos (which also tend to be very phishing-vulnerable) and more decentralized naming systems that awkwardly separate the experience of secure connections from identity. What if instead users could have an experience where decentralized naming was a natural outgrowth of using the application? Spritely is a laboratory project to advance the decentralized social web founded by authors of the popular ActivityPub federated social web protocol. Spritely's approach to decentralized naming systems is to implement a "petnames system", where local meaning is given to "petnames" to otherwise non-human-meaningful decentralized identifiers (such as a hash of cryptographic key material). An important part of this design is that decentralized naming flows should be a natural part of use of the program.

Petnames tend to resemble local contacts in a "contact list", but petnames on their own do not provide a sufficient way to discover, meet, and come to trust new contacts. A complete petname system also provides "edge names": for example "CWebber=>JessicaTallon" would show JessicaTallon as an "edge name" proposed by the petname CWebber. Our system also provides support for contacts introduced in a context with no existing relationships; these are called "self-proposed names" and are rendered in a way distinct from petnames and edge names. This has been under-implemented in existing petname systems; since Spritely is implementing decentralized communication systems, this will be a full implementation of a petname system (including edge names and self-proposed names) in an ergonomic manner that can also be applied to other decentralized systems. In addition to a specification, the project will delivered a usable chat application plus contact list.

>> Read more about Spritely

Great Black Swamp — Decentralized cloud storage with provider-independent security

Tahoe-LAFS is a well-known open source distributed storage solution based on DHT, suited for sharing critical data in production. Currently, Tahoe-LAFS uses the Foolscap protocol for communication between client nodes and storage nodes. Foolscap has a small developer community, is only implemented in Python, and Tahoe-LAFS only uses a small subset of its features. This project will implement an HTTP-based storage node protocol for Tahoe-LAFS (Great Black Swamp, or GBS in short) which will help to eliminate unnecessary complexity, increase the pool of potential contributors, open the door to new implementations and improve runtime performance.

>> Read more about Great Black Swamp

Trustix — Make build logs available as publicly verifiable, tamper-proof Merkle trees

Software build infrastructure is vastly underestimated in terms of its potential security impact. When we install a computer program, we usually trust downloaded software binaries. But even in the case of open source software: how do we know that we aren't installing something malicious which is different from the source code we are looking at - for instance to put us in a botnet or siphon away cryptocurrencies? Typically, we have confidence in the binaries we install because we get them from a trusted provider. But once the provider itself is compromised, the binaries can be anything. This makes depending on individual providers a single point of failure in a software supply chain. Trustix is a tool that compares build outputs across a group of providers - it decentralizes trust. Multiple providers independently build the software, each in their own isolated environment, and then can vouch for the content of binaries that are the outcome of reproducible builds - while non-reproducible builds can be automatically detected.

In this project the team will work on further enabling trust delegation, by offloading log verification to trusted third parties - heavily inspired by the Delegated Proof of Stake consensus algorithm. It will bring Trustix into the Nix and the Guix ecosystems that are most amenable to Trustix' approach. The ultimate goal is for Trustix to integrate seamlessly into the entirely decentralized software supply chain so we can securely distribute software without any central corruptible entity.

>> Read more about Trustix

TypeCell — CRDT-based collaborative block-based editor

TypeCell aims to make software development more open, simple and accessible. TypeCell integrates a live-programming environment as a first-class citizen in an end-user block-based document editor, forming an open source application platform where users can instantly inspect, edit and collaborate on the software they’re using. TypeCell spans a number of different projects improving and building on top of Matrix, Yjs and Prosemirror to advance local-first, distributed and collaborative software for the web.

>> Read more about TypeCell

ValOS Cryptographic Content Security project — Cryptographic Content Security for ValOS

ValOS (Valaa Open System) is a project pushing programming to become a civic skill. It’s a decentralized software development architecture that empowers beginners with little training or prior experience to create practical web applications. ValOS applications and data are created, stored and distributed as event streams. ValOS Gateway is a JavaScript library that acts like a browser: it connects to event streams, reduces them into applications and provides means to induce new events. ValOS Cryptographic Content Security project focuses on enhancing the infrastructure level security of ValOS through event log hash chaining, end-to-end encryption and other features.

>> Read more about ValOS Cryptographic Content Security project

Yrs — Collaborative editing with CRDT written in Rust

Yrs "wires" will be a native port (in the Rust programming language) of the Yjs shared editing framework. Abstractly speaking, Yjs allows many users to concurrently manipulate state that eventually converges. It is a popular solution for enabling collaborative editing (Google Docs style) on the web because it is indefinitely scalable, works peer-to-peer, and has a rich ecosystem of plugins. There are plugins that allow you to connect with other peers over different network providers (WebRTC, Websocket, Dat/Hyper, IPFS, XMPP, ..) and there are many editor plugins that allow you to make existing (rich-)text editors collaborative.

The Yjs project is about connecting projects with each other and providing a network-agnostic solution for syncing state. A native port will allow native applications (e.g. XI, Vi, Emacs, Android, iPhone, ..) to sync state with web-based applications. We chose Rust because it's well suited to be embedded in other languages like C/C++, PHP, Python, Swift, and Java. With Yrs, we want to connect even more projects with each other and provide a modern collaboration engine for native applications.

The Rust implementation will implement the full feature set of the shared types, including the event system. This will enable users to parse existing Yjs documents, manipulate them, and implement collaborative applications. The port will make it easy to "bind" to another language so that the shared state is available in other languages as well. There will likely be a WASM binding, a C++ binding, and a Python binding (provided by Quantstack). Other existing features like awareness, selective Undo/Redo manager, relative positions, and differential updates will be added after the initial release.

>> Read more about Yrs

Yrs Undo — Rust-based CRDT framework for real-time multi-user applications

Yrs "wires" is a native port (in the Rust programming language) of the Yjs shared editing framework. Abstractly speaking, Yjs allows many users to concurrently manipulate state that eventually converges. It is a popular solution for enabling collaborative editing (Google Docs style) on the web because it is indefinitely scalable, works peer-to-peer, and has a rich ecosystem of plugins. There are plugins that allow you to connect with other peers over different network providers (WebRTC, Websocket, Dat/Hyper, IPFS, XMPP, ..) and there are many editor plugins that allow you to make existing (rich-)text editors collaborative. This project will add a selective Undo/Redo manager, include support for other native clients and to interop with languages like Java, PHP and Swift. The goal is to reach full feature compatibility with Yjs and improve its performance even more - bringing a collaborative, decentralized experience where users' data lies in their own hands.

>> Read more about Yrs Undo

Quantum-Proof Zenroom — Implementation of Quantum-Proof Cryptography in Zenroom

Zenroom is a tiny secure execution environment that integrates in any platform and application, even on a chip or a web page. It executes human-readable smart contracts for all kinds of use cases, such as databases, blockchains and much more. Zenroom is scriptable in an English-like language called Zencode.

During this project quantum-proof cryptography will be implemented in Zenroom by strictly adhering to ECDH specifications for common session exchanges, signature and verification, applying liboqs transparently as a back-end to existing Zencode scenarios. This makes it seamless to substitute existing EC implementations with the same Zencode. The result will be a fully portable software (plain C, no hardware acceleration) of the NIST quantum-proof competition winner algorithm and full alignment with its final test vectors.

>> Read more about Quantum-Proof Zenroom

Distributed Mechanism Learning — Privacy preserving ways of distributed data usage

Mechanism design is a field concerned with finding rules for economic processes which incentivize self-interested agents to behave in a way, such that a common goal is reached. This project aims to build robust infrastructure for mechanism design via machine learning, to make theoretical results more applicable to practical networked deployments. We plan to do this by finding solutions for the following two problems and making them accessible to developers, while keeping the required domain knowledge to a minimum:

On the one hand, a trusted third party is often assumed to exist, which is supposed to learn and execute the mechanism. In practice, finding neutral trusted parties who do not stand to gain anything from cheating can be hard. To solve this problem, we distribute the computation of the trusted party over multiple computers, ideally controlled by different entities, using multiparty computation. This way, we get a more robust trust base with better alignment of incentives.

On the other hand, current models often assume prior knowledge about preference distributions of agents to learn optimal mechanisms. In practice, this knowledge is not always available. We exchange finding optimal solutions using prior information with finding approximate solutions using no prior information, by way of differentially private learning. This results in more general applicability, especially in settings with sparse information.

>> Read more about Distributed Mechanism Learning

dweb-search — Index DHT based distributed webs

dweb-search is a Free and Open Source (FOSS) search engine for directories, documents, videos, music on the Interplanetary Filesystem (IPFS), supporting the creation of a decentralized web where privacy is possible, censorship is difficult, and the internet can remain open to all. This project implements a publicly accessible IPFS thumbnail service and creaties a UI specifically to explore music or videos.

>> Read more about dweb-search

elRepo.io - Resilient, distributed content sharing — Resilient, human-centered, distributed content sharing and discovery.

In this project AlterMundi and NetHood collaborate to develop a critical missing part in decentralized and distributed p2p systems: content search. More specifically, this project will implement advanced search for elRepo.io, the self-hosted and distributed culturesharing platform currently under active development by AlterMundi and partners. Search functionalities will expand on the already proven coupling of thelibxapian searching and indexing library and turtle routing. The distributed search functionality will be implemented to be flexible and modular. It will become the meeting point of three complementary threads of on-going work: Libre technology and tools for building Community Networks (LibreRouter & LibreMesh), fully decentralized, secure and anonymous Friend2Friend software (Retroshare), and a transdisciplinary participatory methodology for local applications in Community Networks (netCommons).

>> Read more about elRepo.io - Resilient, distributed content sharing

libresilient — Create robust web presence with service workers and DHT

A browser-based decentralized content delivery network, implemented as a JavaScript library to be deployed easily on any website. LibResilient uses ServiceWorkers and a suite of non-standard in-browser delivery mechanisms, with a strong focus on decentralized tools like IPFS. Ideally, users should not need to install any special software nor change any settings to continue being able to access an overloaded LibResilient-enabled site as soon as they are able to access it once.

>> Read more about libresilient

Securing Decentralised Live Information with m-ld — Collaborative editing of LInked Data based on CRDT

m-ld is a software technology for live information sharing. It enables software engineers to reliably add real-time collaboration, support for offline working, and service resilience to both new and existing software architectures. It achieves this by operating at an "information" level, creating reusable patterns for maintaining the consistency and integrity of application content that is being edited from multiple locations at once. m-ld is built from the ground up on a W3C standard information representation, contributing ideas for its evolution, and is committed to open standards and open source. This project will research and prototype modifications to the primitives of the m-ld core protocol to natively support strong assurance of data integrity and traceability, with authority assignable to identified users or groups, so that they can be reliably assured of the integrity and controlled availability of their data.

>> Read more about Securing Decentralised Live Information with m-ld

Minedive — P2P search over webRTC

The minedive project is building several components: first, minedive is a browser extension aiming to allow users to search the web while preserving their anonymity and privacy. The second is an open source reference implementation of its rendez-vous server. minedive instances connect each-other (via WebRTC data channels) forming a two layered P2P network. The lower layer (L1) provides routing, the upper layer (L2) provides anonymous and encrypted communication among peers acting as a MIX network. This architecture guarantees that peers which know your IP address (L1) do not know search data for (L2) and vice-versa. A central (websocket) rendez-vous server is needed to find and connect with L1 peers, and to exchange keys with L2 peers, but no search goes through it. We are running a default server which can be overridden by users who want to run their own (using our reference implementation or a custom one). Users can also set the extension to pick peers from a given community (identified by an opaque tag). Currently all requests are satisfied by letting L2 peers return results from the 1st page of mainstream search engines (as they see it, in an attempt to escape the search bubble). While this will stay as a fallback, we plan to implement web crawling on peers, doing keyword extraction from URLs in local bookmarks and history and ranking with open algorithms, being transparent with users about which techniques are used and open to suggestions.

>> Read more about Minedive

node-Tor — Implementation of Tor protocols for inside webpages

Node-Tor is an open source project and the only existing implementation of the Tor protocol in Javascript. That gives it the unique property to not just run on a server or desktop, but also inside a regular webbrowser itself as a standalone secure webapp. It must not be misunderstood for just a re-implementation of Tor network nodes: the goal is much wider, because it allows any project related to privacy/security enhancement to implement the Tor protocol in their nodes and/or inside a web page. The browser client acts as a standalone node itself communicating via web interfaces such as Websockets with servers or through WebRTC with other browsers. The use of Javascript allows to reduce very significantly the code and libraries (prone to security breaches), simplifying the integration for developers (like removing the need to maintain installation packages since standard web interfaces can be used), simplifying the use for users. This offers a lot of potential for increasing security and privacy for everybody, since the technology can be accessed from any place and any device that has a browser or can run Javascript, including mobile devices.

>> Read more about node-Tor