Mass electronic surveillance by governments revealed over the last several years has spurred a new movement to re-decentralize the web, a movement to empower individuals to be their own service providers again.

This library is part of a general project at the Internet Archive (archive.org) to support the decentralized web.

We convene the Decentralized Web Summit, dedicated to creating the Web we want and the Web we deserve. A Web that is private, safe and locked open for good.

In order to redecentralize the web, we need people to run some kind of own server.

IDEAS FOR TECHNICAL MECHANISMSA technique called differential privacy1 provides a way to measure the likelihood of negative impact and also a way to introduce plausible deniability, which in many cases can dramatically reduce risk exposure for sensitive data.Modern encryption techniques allow a user’s information to be fully encrypted on their device, but using it becomes unwieldy. Balancing the levels of encryption is challenging, but can create strong safety guarantees. Homomorphic encryption2 can allow certain types of processing or aggregation to happen without needing to decrypt the data.Creating falsifiable security claims allows independent analysts to validate those claims, and invalidate them when they are compromised. For example, by using subresource integrity to lock the code on a web page, the browser will refuse to load any compromised code. By then publishing the code’s hash in an immutable location, any compromise of the page is detectable easily (and automatically, with a service worker or external monitor).Taken to their logical conclusion these techniques suggest building our applications in a more decentralized3 way, which not only provides a higher bar for security, but also helps with scaling: if everyone is sharing some of the processing, the servers can do less work. In this model your digital body is no longer spread throughout servers on the internet; instead the applications come to you and you directly control how they interact with your data.

Noel Gough (2012) writes, “complexity invites us to understand that many of the processes and activities that shape the worlds we inhabit are open, recursive, organic, nonlinear and emergent. It also invites us to be skeptical of mechanistic and reductionist explanations, which assume that these processes and activities are linear, deterministic and/or predictable and, therefore, that they can be controlled (at least in principle).”

Whilst this has been okay for our initial experimentation and proof of concept, it’s likely that future homeserver work will be written in a more strongly typed language (e.g. Go).

End-to-end encryption is coming shortly to clients for both 1:1 and group chats to protect user data stored on servers, using the Olm cryptographic ratchet implementation.

options for decentralising or migrating user accounts between multiple servers