Glad to see more of these efforts. But here's what it will really take to decentralize social media and E2EE messengers:
We need something like Discord, except each server is an actual self-hosted server like a Minecraft server. DMs between two users should be handled by a mutual server. Account credentials should be handled by a Nostr-like protocol, which also gives you global tweeting capabilities as a bonus.
Run the whole thing on Yggdrasil Network or something similar so that it's not tied down to IPv4v6 and DNS and all existing hardware infra, but can still take advantage of them. And add reciprocal inter-server onion routing to make it difficult to geolocate servers. Also take a page from SoftEther VPN's book and wrap all traffic in HTTPS and perform automatic NAT traversal, so that people can host servers from behind ISP firewalls.
Anything short of that and we lose to big tech and govs in the long run. But once we've achieved the above, the decentralized web can truly take off: we will get WiFi routers running open-source firmware to make a mesh network to act as alternative physical layer infra for the new web. We can still take advantage of the existing Internet's bandwidth as long as there's an unblockable path to send a little bit of data to discover and coordinate nodes.
> Anything short of that and we lose to big tech and govs in the long run.
This is not a software issue, it doesn't matter how good the tech is, the masses will always aggregate to big tech networks because decentralized networks will never have billion dollar marketing budgets.
I don't think that's true. If there really was a good enough open-source Discord alternative, many would already switched. A big part of the problem is there isn't one. Matrix, Stoat, Telegram, etc are all missing something. That's why new ones are being built.
Non big tech solutions don't need billion dollar's worth of marketing. In fact I don't recall ever seeing an ad for tiktok and yet it is humongous.
Non big tech solutions need solid UI and UX that does not assume your average user can balance a binary tree, know what is a private key and how to safely back it up (other comments brought up this exact issue) or even knows what a "static website" means. Non big tech solutions need to give non technical users (read: the overwhelming majority of humanity) a good onboarding experience that does not involve learning ten new jargons and acronyms. Non big tech solutions need to know they have a limited strangeness budget [1] and should only spend it on places it matters. Non big tech solutions need to start actually cater to the unwashed masses before being befuddled by them choosing to stay on mark zuckerberg's platforms instead.
> In fact I don't recall ever seeing an ad for tiktok and yet it is humongous
Then maybe you're not the target audience, or you're just not noticing the ads, because TikTok is particularly notable for their aggressive marketing efforts during their growth phase.
> Non big tech solutions need solid UI and UX that does not assume your average user can balance a binary tree
Non big tech platforms don't need anything. They can never compete with billion dollar budgets and they shouldn't set that as a goal. Everyone enjoys a well designed UX, but billion dollar marketing budgets will always eclipse the alternatives.
I guess I’d rather have something approaching bittorrent, edonkey/kad, ipfs, blockchain, webarchives.
You have named networks that are federated together, and people can publish to the networks they are invited to or sign up for. The networks survive even with individual servers go down. Data is cached all over at the edges.
Your version is just way too susceptible to rot, unless you see that as a feature. I see it as most of the good content falling into the ether sooner rather than later.
The problem with distributed storage is they place too high of a requirement on edge nodes, which people have to host, and they synchronize too slowly for real time messenging. If I upload a 1GB video to my server's chat, that storage load should not be replicated on many other nodes. Who pays for that disk space? The federated model is a lot more robust in this regard.
As far as archiving is concerned, many archiving orgs will pop up if their discussion servers and public facing websites can't be traced or easily shutdown. The protocol itself can't archive things, but it protects the people doing the archiving work and gives a place for websites like Annas Archive to live without relying on IP and DNS. The idea is to amass enough uncensorable social power so that such efforts can't be banned or shutdown, then you can use existing protocols like BitTorrent all you want.
Each device (cellphone/laptop) is a server. They connect to preferred server stations that are used for discovering other peers. There are things like common chat rooms on the station servers but personal messages are completely p2p using webrtc.
There are other apps there, for example to host own websites or blogs and other things you'd expect from modern usage. Mesh is done today using cheap ESP32 devices (3 euros each).
It is a work in progress, the main point is that it can exchange data even outside the internet and use radio connections.
Nice project. P2P is not the way to go for DMs though. Both users and servers have to stay anonymous if we want to defeat surveillance and censorship long-term.
Ideally, nobody except a single server node of your choice (which is probably the one you self-host) is able to match your Nostr identity to your real IP address. Instead, IP-like-identifiers (like in Yggdrasil Network) should replace IP addresses when interfacing with other nodes. Server hosts would not share their traditional IP when inviting new people to connect to it, only their IP-like-identifier. The invited person can pick/host their own trusted server node as well, and that trusted server would relay that user's connection to your server, which they don't trust. Everyone has a trusted server that represents them.
The trusted server and the untrusted server should not have eachother's IPs during this relay process, either. Instead, the data should be bounced through some other server first, who may bounce it again, and again. The actual underlying path the data travels between the two servers which represent the two users should involve many onion-routed bounces that is not fully known to any server or user. The only situation where a device needs to know another device's IP is when two server nodes establish a reciprocal routing agreement and exchange IPs over an encrypted tunnel ("if I bounce X amount of traffic for you, you will bounce X amount of traffic for me in the future", it's a bandwidth transaction). Such negotiations should be made by querying random addresses or established manually (early on, when the network is small and sparse). This is where offline meshes can help. An ESP32 mesh doesn't have nearly enough capacity to handle all the messages and multimedia flying around, but they can be an alternative pathway to negotiate routing agreements. When the network is dense enough, it will be difficult to pin down your IP, even for state-level actors. And they certainly won't be able to surveil many people at once because even honeypotting one would be incredibly expensive.
Also consider encapsulating all of the Internet-routed traffic in HTTPS using only port 443 (like this: https://www.softether.org/1-features/1._Ultimate_Powerful_VP...). It needs to blend in with traditional web traffic so that no infra operator can identify/block/throttle it.
Also make sure to stay anonymous while developing this so you can't be sued or prosecuted.
unfortunately though i think self-hosting is one of the problems. one of the features of discord is how easy it is to create your own server.
from that list i am checking out commet now, which seems to promise a better experience on top of matrix. that would at least solve the self-hosting issue, as i'll be able to use it on any existing matrix server. matrix has the technical features needed to work like discord, but not the interface.
> If you want a better proposal bring technical expertise to the discussion instead of ideology fundamentalism.
Fine. All we need is a password-protected toggle in each app that enables child mode, and another toggle in the phone settings that locks app installation/uninstallation. Remote verification schemes are completely unnecessary. For details see:
The way people are reacting is not extremist at all. Remember, the government protects child predators if they're rich or powerful enough. What more evidence do you need that they aren't doing this for the children? We should call it out for what it is.
Don't give them an inch. The US defense budget is $1T. They can't spend it all on surveillance, but let's say the tech companies and the government spends that much every year combined. Our victory condition is to increase the cost of surveillance and deanonymization to >$10K per person per year, which is very doable. Every little habit and precaution you take against online tracking will raise the cost, probably a lot more than you think. Spreading the word multiplies that. Every open-source program and protocol spec that aims to decentralize and anonymize is like an incinerator for the surveillance dollars. And if you're more competent than that, you may consider following in the footsteps of Daniel Bernstein or Edward Snowden and make some trillion-dollar dents.
Anonymous and uncensored information exchange can prevent the vast majority of violent conflicts and shorten the necessary ones. Most violence in human history could have been prevented if every human being had 1) the ability to telepathically communicate with anyone else in the world without being eavesdropped, and 2) the ability to broadcast information anonymously to all of humanity in real-time. I will leave the details of why for you to deduce. These things are within reach right now for the first time in history. So we can and should build the decentralized web, and democratize the entire computing supply chain all the way down to chip fabbing and electricity generation. It is the greatest unrealized potential of the Internet, and we mustn't cede ground to ensure the path to that future remains open.
Rather than age verification, this is what we should be doing instead:
Don't let phone manufacturers lock the bootloader on phones. Let the device owner lock it with a password if they decide to. Someone will make a child-friendly OS if there is demand. Tech-savvy parents should be able to install that on their kid's phone and then lock the bootloader.
What about non-tech-savvy parents?
There should be a toggle in the phone's settings to enable/disable app installation with a password, like sudo. This will let parents control what apps get installed/uninstalled on their kid's device.
But what about apps or online services that adults also use?
Apps and online services can add a password-protected toggle in their user account settings that enables child mode. Parents can take their child's phone, enable it, and set the password.
----
All it takes is some password-protected toggles. They will work better than every remote verification scheme.
The only problem with this solution is that it does not help certain governments build their global mass surveillence and propaganda apparatus, and tech companies can't collect more of your personal info to sell, and they can't make your devices obsolete whenever they want.
We all demand Windows but without ads, but that doesn't cause the market to spit one out. The OS market isn't a healthy market, and government is stepping in here in part because of that market failure to provide a satisfactory solution here.
The smartphone OS market is not healthy precisely because manufacturers lock their bootloaders (among other anti-competitive tricks, like a proprietary IMS stack), which stifles market competition. The desktop OS market does not have this problem. There are many Linux distros and they're getting better everyday, they'll eventually replace Windows as Windows slowly enshittifies.
This approach makes sense to me, though I'd expand password to be a broader term because people might prefer different authentication methods or approving a request to install software from their own device or so
The idea is to let parents decide which apps are suitable for their child, for each child. Password-gating app installation (just like sudo on Linux) is not only easier to implement and use, but also much more flexible and powerful than a fixed age-based rating system.
It also prevents the legitimization of app store monopolies because no centralized authority is needed to create or enforce a rating system. And there will always be apps that don't comply with a rating system out of privacy concerns (it leaks the user's age, which is just an extra data point to track you with), and then they'll eventually try to ban non-compliant apps from running on the device completely. That's what enforcing an age-based standard would take. And even then it would still not fulfill its (claimed) purpose that well.
Principle-wise, parenting should be the responsibility of parents, not governments or corporations. Those large organizations have their own agendas which are somewhat misaligned with the individual human being.
If the goal was to protect the children, there are much simpler solutions. But for whatever reason, companies and governments are avoiding the simple solutions like the plague.
Let me explain the simple solutions:
Don't let phone manufacturers lock the bootloader on phones. Let the device owner lock it themselves with a password if they want to. Someone will make a kid-friendly OS if there is market demand and tech-savvy parents can install that and lock the bootloader.
What about the non-tech-savvy parents?
Don't restrict people from sideloading apps. Let the user set a password-based app installation lock if they want to. It should be a toggle in the phone's settings. Someone will make kid-friendly apps if there is demand. This lets average parents control what apps get installed or uninstalled on their kid's phone.
But what about apps or online services that adults also use?
Apps and online services can add a password-protected toggle in their user account settings that enables child mode. Let the user set the password and toggle it themselves. Parents can take their child's phone and toggle this.
----
Notice how easy these things are to implement? All of these features could be implemented in less than a week. But instead of doing this, they want to implement much more complicated schemes where the gov and corps control all the toggles, and you control none. Why is it like that? Surely there are no ulterior motives, right?
Profit does not drive all. There are other valuable things besides money. A healthy society must regulate shortsighted profit-seeking and power-seeking. That's what these conversations are for.
Glad to see efforts like yours. I will give my two cents:
Decentralizing everything doesn't scale well. Instead of doing that, look at how Minecraft does it. Decentralize at the server level, not client device level. Each node should be someone's Linux computer plugged in beside their router, not someone's phone.
Minecraft is successfully decentralized, except for the identity service. When you buy Minecraft, you're actually buying the right to register an account. You could just copy what Minecraft does, but add a decentralized identity service plus some anti-censorship measures. Don't touch cryptocurrencies at all, it has a bad reputation due to scams and you will lose to mainstream competitors just because of that. Take ideas from Nostr but stay away from Bitcoin. I like the idea behind crypto but it should be a separate project, not embedded in the messenger.
Give it a polished cross-platform app UI/UX on par with Discord. Do the development entirely anonymously so that you can't be sued. Open-source both the client and server. Make your binaries reproducible so that people can verify there's no backdoor.
And to combat censorship, wrap all traffic in HTTPS and add NAT traversal like SoftEther VPN. Use a decentralized compact routing scheme like Yggdrasil Network to replace IPv4/v6, and add onion routing between servers. That will make it nearly impossible to geolocate servers and the traffic will permeate everywhere as if all firewalls don't exist.
The result is an app like Discord, where people can host their own servers like Minecraft but better because there's no need to port-forward (and each server is an actual Linux server/computer/VM), that is impossible to censor even for nation states. And if you add a Nostr-like protocol for passing global messages between servers, it could replace Twitter/X as well.
The solution to these problems is to make open-source models better and more resource-efficient. Work towards a world where everyone can run an AGI on their own computer. Not with remote API calls, but local inference and finetuning.
Right now, almost every model is aligned to some corporation's values. Instead of doing that, we should be aligning them to individual humans, and that requires running and tuning them locally. Corporations do not have human values, they have machiavellian values dressed in human suits. Aligning AIs to corporations (and god forbid governments) is how we end up with giant shoggoths. But if we align them to living breathing human individuals, we get digital humans.
Garbage will flood the internet, but your local AI buddy will filter it for you. The defense against a pseudoreality generator is a pseudoreality detector that you operate. Before AIs, the fake info was generated by other humans with their own brains, but you also have a brain that's just about as powerful, so you can tell what's real and what's fake. But now artificial NNs are becoming more powerful to the point of surpassing your brain's detection capabilities, so you need an artificial NN to detect it. The real danger is intelligence asymmetry, not intelligence itself.
This is why you can't gatekeep AI capabilities. It will eventually be taken from you by force.
It's time to open-source everything. Papers, code, weights, financial records. Do all of your research in the open. Run 100% transparent labs so that there's nothing to take from you. Level the playing field for good and bad actors alike, otherwise the bad actors will get their hands on it while everyone else is left behind. Start a movement to make fully transparent AI labs the worldwide norm, and any org that doesn't cooperate is immediately boycotted.
Stop comparing AI capabilities to nuclear weapons. A nuke cannot protect against or reverse the damage of another nuke. AI capabilities are not like nukes. General intelligence should not be in the hands of a few. Give it to everyone and the good will prevail.
Build a world where millions of AGIs run on millions of gaming PCs, where each AI is aligned with an individual human, not a corporation or government (which are machiavellian out of necessity). This is humanity's best chance at survival.
You never actually say that part, unless it's "It will eventually be taken from you by force" which doesn't seem applicable to this situation or this site?
I'm referring to the current situation. How is it not applicable? I think the government wants to eventually nationalize these companies and we have to stop them.
Nationalisation is an option worse than the advantage of having the companies at their whim and command while keeping them around as a separate entities for blame-gaming and convenience based distancing.
Scaling has hit a wall and will not get us to AGI. Open-source models are only a couple of months behind closed models, and the same level of capability will require smaller and smaller models in the future. This is where open research can help: make the models smaller ASAP. I think it's likely that we'll be able to get something human-level to run on a single 16GB GPU before the end of the decade.
For the weights and temporary state, yes. It doesn't sound like a lot until you remember that your DNA is about 600 books worth of data by the same metric.
> Open-source models are only a couple of months behind closed models
Oh, come on, surely not just a couple months.
Benchmarks may boast some fancy numbers, but I just tried to save some money by trying out Qwen3-Next 80B and Qwen3.5 35B-A3B (since I've recently got a machine that can run those at a tolerable speed) to generate some documentation from a messy legacy codebase. It was nowhere close neither in the output quality nor in performance to any current models that the SaaS LLM behemoth corps offer. Just an anecdote, of course, but that's all I have.
Not every use case is a cloud provider or tech giant.
Newer Blackwell does 200+ tokens per second on the largest models and tens of thousands on the smaller models. Most military applications require fast smaller models, I'd imagine.
Also, custom chips are reportedly approaching an order of magnitude more for the price. It's a matter of availability right now, but that will be solved at some point.
Charitable interpretation: Local AI (unclear; maybe gpt-oss-120b) isn't nearly as good as SoTA (unstated; perhaps Claude Opus 4.6). Unstated use case(s).
> I run local models on Mac studios and they are more than capable. Don't spread fud.
Charitable interpretation: On their Mac studio (could be a cluster or single machine: unclear), local models (unclear; maybe gpt-oss-120b, maybe not) are capable for their needs. Unstated use case(s). / The "Don't spread fud." advocates for accurate information, which is a useful goal in general. However, it was uncharitable and brusque. An alternative approach would have been to ask a clarification question.
> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith. - HN Guidelines
I promise I wrote this by hand. If you confidently thought otherwise, then I would kindly ask you to read my about page.
Incorrect as of a couple of days ago, when Qwen 3.5 came out. It's a GPT 5-class model that you can run at full strength on a small DGX Spark or Mac cluster, and it still works pretty well after quantization.
I'd prefer something akin to the Biological Weapons Treaty which prohibits development, production and transfer. If you think it isn't possible you have to tell me why the bioweapons convention was successful and why it wouldn't be in the case of AI.
The point I would make: there are historical examples of international cooperation that work at least for some lengths of time. This is a good thing, a good tool to strive for, albeit difficult to reach.
There might be a small percentage of people nihilistic enough to want to unleash a truly devastating bioweapon, but basically everyone wants what AI has to offer.
I think that's a key difference as well.
And how would a treaty like that be enforced? Every country has legitimate uses for GPUs, to make a rendering farm or simulations or do anything else involving matrix operations.
All of the technology involved, in more or less the configuration needed to make your own ChatGPT, is dual use.
because bio-weapons labs take more to run than a workstation pc under your desk with a good graphics card. both in equipment material and training. Its hard to outlaw use of linear algebra and matrix multiplications.
Open Source here is not enough as hardware ownership matters. In an open source world, you and I cannot run the 10 trillion param model, but the data center controllers can.
I agree. We will need hardware ownership as well eventually. But the earlier you open-source, the more you slow down the centralization because people will be more likely to buy hardware to run stuff at home and that gives hardware companies an opening to do the right thing.
I didn’t claim that it would be cheap. But I’d rather see the real cost of SOTA LLM use exposed. On the other hand, reportedly SOTA LLM inference is profitable nowadays, so it can’t be that expensive.
A "world where millions of AGIs run on millions of gaming PCs, where each AI is aligned with an individual human" would be a world in which people could easily create humanity-ending bioweapons. I would love to live in a less vulnerable world, and am working full time to bring about such a world, but in the meantime what you describe would likely be a disaster.
I think it is much more likely they will be (and are) generating protorealistic images of ther favourite person (real or fictional) with cat ears. Never underestimate what adding cat ears does.
OK, maybe someone will build a bioweapon that does that for real. :P
There are plenty of physical and legal barriers to creating a bioweapon and that's not going to change if everyone becomes smarter with AI. And even if we really somehow end up in a world where everyone has a lab at home and people can easily create viruses, they can also easily create vaccines and anti-virals. The advancements in medicine will outpace bioweapons by a lot because most people are afraid of bioweapons.
Intelligence itself is not dangerous unless only a few orgs control it and it's aligned to those orgs' values rather than human values. The safety narrative is just "intelligence for me, but not for thee" in disguise.
There mostly aren't physical barriers. Unlike nukes, where you need specific materials and equipment that we can try to keep tabs on, bioweapons can be made entirely with materials and equipment that would not be out of place in an academic or commercial lab. The largest limitation is knowledge, and the barriers there are falling quickly.
Symmetry is not guaranteed. If someone creates a deadly pathogen with a long pre-symptomatic period (which we know is possible, since HIV works this way) it could infect essentially everyone before discovery. Yes, powerful AI would likely rapidly speed up the process of responding to the threat after detection, especially in designing countermeasures, but if we don't learn about the threat in time we lose.
There are people today who could create such a pathogen, but not many. Widespread access to powerful AI risks lowering the bar enough that we get overlap between "people who want to kill us all" and "people able to kill us all".
This is not a gotcha argument, this is what I work full time on preventing: https://naobservatory.org The world must be in a position to detect attacks early enough that they won't succeed, and we're not there yet.
For every person that thinks about creating the HIV-like deadly pathogen, there will be millions more thinking about how to defend people against such pathogen, how to detect it faster before symptoms arise, how to put up barriers to creating them, and possibly even how to modify our bodies to be naturally resilient to all similar pathogens. Just like what you're doing here. I don't think we should mark knowledge or intelligence itself as the problem. If that's true then we should be making everyone dumber.
We were woefully under prepared for COVID despite many people predicting that very event. At the very least, we should have had stockpiles of PPE from the beginning.
It's not enough for a handful of people to predict something. You have to get the entire nation onboard to defend against it.
This is just not thinking clearly. There are bad things that are asymmetric in character, dramatically easier to do than to mitigate. There’s no antidote or vaccine to nuclear weapons.
This is exactly the thinking that has characterized responses to new sources of power through history, and has been consistently used to excuse hoarding of that power. In the end, enlightenment thinking has largely won out in the western world, and society has prospered as a result.
Centralizing power is dangerous and leads to power struggles and instability.
It is not easy to create weapons. Why do you think the physical and legal barriers that exist today that prevent you from acquiring equipment and creating nuclear weapons will go away when everyone becomes smarter?
I am certain that there exist people who are 1) capable of advancing the state of the art in AI, and 2) free of the hubris that lets them believe that their making AI somehow gives them a veto over the fates of nations.
If they actually wanted to do something they wouldn’t have sat back and funded Republican political campaigns because they were pissed about the head of the ftc under Biden.
But they didn’t. They gave millions to this guy and now they’re feigning ignorance or change ir wherever this is.
We shouldn't be scammed by people who intend to get back on the Trump train once they've gotten what they want. But if someone's willing to openly oppose the Trump regime, even out of self-interest, I'm happy to let them feign as much ignorance as they'd like. If his power isn't broken the details of who resisted him when won't matter.
> This is why you can't gatekeep AI capabilities. They will eventually be taken from you by force.
Some form of US AI lab nationalization is possible, but it hasn't happened yet. We'll see. Nationalization can take different forms, not to mention various arrangements well short of it.
I interpret the comment above as a normative claim (what should happen). It implies the nationalization threat forces the decision by the AI labs. No. I will grant it influences, in the sense that AI labs have to account for it.
This is why you can't gatekeep AI capabilities. It will eventually be taken from you by force.
Open-source everything. Papers, code, weights, financial records. Do all of your research in the open. Run a 100% transparent organization so that there's nothing to take from you. Level the playing field for good and bad actors alike, otherwise the bad actors will get their hands on it while everyone else is left behind.
Stop comparing AI capabilities to nuclear weapons. A nuke cannot protect against or reverse the damage of another nuke. AI capabilities are not like nukes. Diffuse it as much as possible. Give it to everyone and the good will prevail.
Build a world where millions of AGIs run on millions of gaming PCs, aligned with millions of different individuals. It is a necessary condition for humanity's survival.
This is why OpenClaw (and other claw frameworks) ar so interesting. I'm not saying the current implementation is great, mind. But it's a possible safe-er scenario, where the ecosystem is already occupied.
We need something like Discord, except each server is an actual self-hosted server like a Minecraft server. DMs between two users should be handled by a mutual server. Account credentials should be handled by a Nostr-like protocol, which also gives you global tweeting capabilities as a bonus.
Run the whole thing on Yggdrasil Network or something similar so that it's not tied down to IPv4v6 and DNS and all existing hardware infra, but can still take advantage of them. And add reciprocal inter-server onion routing to make it difficult to geolocate servers. Also take a page from SoftEther VPN's book and wrap all traffic in HTTPS and perform automatic NAT traversal, so that people can host servers from behind ISP firewalls.
Anything short of that and we lose to big tech and govs in the long run. But once we've achieved the above, the decentralized web can truly take off: we will get WiFi routers running open-source firmware to make a mesh network to act as alternative physical layer infra for the new web. We can still take advantage of the existing Internet's bandwidth as long as there's an unblockable path to send a little bit of data to discover and coordinate nodes.