Decentralized net services

a.k.a. DEX, P2P, Peer-to-peer. Internet for an untrustworthy world.


Services which run without a server; Peer-to-peer (“P2P”) services. When you combine P2P services with P2P networks you have the internet for the post-industrial surveillance world.

What follows are some miscellaneous peer-to-peer/friend-to-friend/federated forms/self-hosted services for people who worry that their favourite online service might be politically censored by state power or corporate manipulation or just dickheads.

Perhaps you want communications to function without a single point of failure. Or maybe you just freedom from centralised surveillance of your social connections. Presumably most of us would like those things to some extent. The question is if we wish to pay the various convenience costs of not using a corporate-backed state-approved product.

Ideally I’d like to find robust ways of participating in the internet bidirectionally, in non-real-time, without assuming the internet is plugged in and working, and without requiring all participants be massive geeks.

Related: the unidirectional offline internet and sneakernets, and low bandwidth hacks, DIY internet infrastructure. Note that chat clients, social media and file syncing are covered elsewhere, which biases what remains. If you want to do this truly securely, a hardened os might be advisable.

Contrast self-hosted, federated and P2P options. By “self hosted” I mean when I run your own server for my own stuff. In federated systems there are still servers, but anyone can run one for a community and these community servers collaborate for some kind of global coverage. In P2P every client is also a server, and therefore everyone is peers. Further taxonomising is uninteresting for my current purpose.

There seem to be two priorities that developers bring to making peer-to-peer networks.

  1. implement a P2P application
  2. reinvent the internet as an intrinsically P2P system

P2P apps

You run an app on your computer which finds peers on the internet somehow, and does something with those peers. The most famous example is probably BitTorrent (for downloading and verifying things), or the Bitcoin blockchain (for arranging financial transactions).

Bisq

Bisq is a decentralised network for currency exchange via bitcoins.

OpenBazaar

Openbazaar is a decentralised network for selling anything, including currency.

Retroshare

Retroshare is…

  • A Decentralized Social Sharing Network designed For the People with no dependencies on any corporate system or central servers.
  • Make strong crypto useable for the average computer user, have strong crypto in daily communication.
  • The right to have secrets. You decide who can receive information. Hide information from intelligence agencies and spying companies.
  • Freedom of speech, no censorship.
  • Independence from corporate systems and centralized servers. Central services might shut down or change their terms of services at any time. Do you remember Myspace? Or German Studivz? Remember when Facebook changed their terms of service? Skype being bought by Microsoft?
  • Free software. Only free software can provide free and secure communication. Developers can read Retroshare’s source code and verify the security.

Features chat, voice and video, offline mail, file sharing, distributed search, forums and compatibility with TOR, and sneakernet everything.

You can run multiple machines with the same id but different “locations”.

Beaker

Beaker is based on the dat protocol for data sharing. It sounds like zeronet but a bit less shaky, if still not actually well designed for real use cases.

Create and fork websites directly from your computer. You control your data. No blockchain required.

They also have pointed blockchain-mania snark:

We quickly ruled out the blockchain variants (Bitcoin, Ethereum, Namecoin) as the core network model of Beaker for the following reasons:

  • Proof-of-work and global ledger distribution are inefficient. So far, blockchain networks have struggled with throughput as they scale. Betting on a blockchain includes the risk that throughput may decrease over time, and/or that users will be forced to download large datasets to participate.
  • The requirement to use global consensus on all transactions results in a direct costs for operations in the form of transaction fees. We know that many network operations do not require global consensus, and therefore a blockchain makes a poor default for applications.
  • We believe Proof-of-work is wasteful, and we have ethical reservations about the expenditure of resources to sustain PoW. At this time, Proof-of-stake is still an unproven alternative, but we are interested in its potential.
  • We have concerns over governance models. By investing decision-making in miners, the blockchain networks have given power to the entities with the most mining resources. […]

Rhetorical entertainment value aside, whilst I do find this model elegant, it works, for now, only for rich nerds with desktop computers and time to replace their nice corporatised internet with an ugly experimental broken DIY internet. It doesn’t work on smartphones, so the people with the most tenuous internet will not use it and it will not take over the world. I don’t think the founders would claim otherwise; they are all about proof-of-concept. Perhaps some future iteration might change stuff?

Magic wormhole

The minimal viable sorta-decentralised anything, magic wormhole simply transfers a file from one machine to another, via magic passphrase (which must be transferred separately e.g. by encrypted chat)

Sender:

$ wormhole send README.md
Sending 7924 byte file named 'README.md'
On the other computer, please run: wormhole receive
Wormhole code is: 7-crossover-clockwork
Sending (<-10.0.1.43:58988)..
100%|=========================| 7.92K/7.92K [00:00<00:00, 6.02MB/s]
File sent.. waiting for confirmation
Confirmation received. Transfer complete.

Receiver:

% wormhole receive
Enter receive wormhole code: 7-crossover-clockwork
Receiving file (7924 bytes) into: README.md
ok? (y/n): y
Receiving (->tcp:10.0.1.43:58986)..
100%|===========================| 7.92K/7.92K [00:00<00:00, 120KB/s]
Received file written to README.md

Elegant, no? Tragically it doesn’t yet work on mobile platforms, only desktop.

Bridgefy chat

A messaging client built as the flagship app of the Bridgefy mesh network, about which I know little except that it doesn’t require the internet, using a P2P system over bluetooth.

Bugout

Bugout by Chris Mccormick is a miniature decentralised web proof-of-concept based purely in the browser.

Build back-end web services that run in a browser tab.

  • Host backend services without a VPS, domain or SSL cert.
  • Anyone can deploy by simply opening a browser tab.
  • Can be “self-hosted” by leaving a browser tab open on a PC.
  • Client-server over WebRTC instead of HTTPS.

This is fostering a little ecosystem including rpi bugout boxes.

UUCP

Classic unix maildrop distributed syncing via UUCP is having a resurgence. See the Dataforge UUCP for some of that.

Internet 2.0

The whole internet is terrible! Let us make one that is less terrible! There is a collective action problem in getting people to switch to such networks, which anyone who has tried to persuade peers not to facebook them will appreciate. There is also an incentive problem in getting people to contribute resources; So if you are using a distributed anonymous system then presumably everyone is storing chunks of other people’s data. How do you incentivise that? Some kind of verification that you are pulling your weight? Some kind of blockchain?

Scuttlebutt

The flagship social internet-as-social-network thing. See its section under DIY social networks.

IPFS

Amber Case argues for IPFS.

This project claims to be building an actual decentralised, internet-collapse-ready web replacement, so it must intersect with P2P networks in some way not immediately obvious to me. Still geeky and badly explained, but an actual ecosystem is reportedly growing around it with ties to the blockchain community.

Their rationale is

The average lifespan of a web page is 100 days. Remember GeoCities? The web doesn’t anymore. It’s not good enough for the primary medium of our era to be so fragile.

IPFS keeps every version of your files and makes it simple to set up resilient networks for mirroring of data.

Developing world. Offline. Natural disasters. Intermittent connections. All trivial compared to interplanetary networking. The networks we’re using are so 20th Century. We can do better.

IPFS powers the creation of diversely resilient networks which enable persistent availability with or without Internet backbone connectivity.

One interesting service is the decentralised databases such as orbitdb.

e.g. orbitdb

They also offer other weird decentralised hacks like filecoin, a blockchain incentivisation scheme for storing files.

Awesome IPFS lists some applications.

If I were trying to publish my blog on IPFS I would read this guide, the appropriate example the ipscend manual

Zeronet

Zeronet promises “Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network”.

I am not convinced yet by this promise purely because there were too many buzzwords at once and I am grumpy today. Judge for yourself, though.

How does it work?

  • After starting zeronet.py you will be able to visit zeronet sites using http://127.0.0.1:43110/{zeronet_address} (eg. http://127.0.0.1:43110/1HeLLo4uzjaLetFx6NH3PMwFP3qbRbTf3D).
  • When you visit a new zeronet site, it tries to find peers using the BitTorrent network so it can download the site files (html, css, js…) from them.
  • Each visited site is also served by you.
  • Every site contains a content.json file which holds all other files in a sha512 hash and a signature generated using the site’s private key.
  • If the site owner (who has the private key for the site address) modifies the site, then he/she signs the new content.json and publishes it to the peers. Afterwards, the peers verify the content.json integrity (using the signature), they download the modified files and publish the new content to other peers.

This bittorrent thing sounds practically identical to the dat one although presumably with some protocol differences that us user schlubs don’t care about.

I2P

The invisible internet project

I2P is an anonymous network built on top of the internet. It allows users to create and access content and build online communities on a network that is both distributed and dynamic. It is intended to protect communication and resist monitoring by third parties such as ISPs.

It seems somewhat Tor-like but with less interest in proxying to the normal internet, rather funnelling you into local distributed services of some kind…?

Freenet

Freenet aims to be a peer data storage layer that you can build services on.

Freenet can be thought of as a large storage device. When you store a file in it, you receive a key which can be used to retrieve the file. When you supply Freenet with a key, it returns the appropriate file (if it is located). The storage space is distributed among all connected nodes on Freenet.

Freenet is a peer-to-peer network which is both decentralized and anonymized. The nodes that you connect to only know their nearest neighbours and have no idea about how the network as a whole is structured.

Secushare

Imagine Facebook, Whatsapp, Gmail and Skype rolled into one, without the centralized surveillance and control. Crazy? Well, it hasn’t been tried before, at least not our way. So let’s give it a try.

secushare employs GNUnet for end-to-end encryption and anonymizing mesh routing (because it has a more suitable architecture than Tor or I2P) and applies PSYC on top (because it performs better than XMPP, JSON or OStatus) to create a distributed social graph. Together, these technologies allow for distributed private social networking including more straightforward and secure e-mail, chat, exchange of content and a private web. It could even work out as a safer choice for the Internet of Things.

I’m not clear if they’ve shipped an actual product or not.

LBRY

LBRY differs from the status quo in three big ways:

  1. Coupled payment and access. If desired, the person who publishes to lbry://rhapsody-film#e1029aaa08bef8e9225efcbfb94a895e9bbdc8ea can charge a fee to users that view the content.
  2. Decentralized and distributed. Content published to LBRY is not specific to one computer or network, making LBRY robust to failure and disruption.
  3. Community controlled. No party other than the publisher (including us) can unilaterally remove or block content on the LBRY network.2