Decentralized Internet and Privacy
NextGraph: E2EE decentralized platform & framework
<p>NextGraph is a protocol, a framework, and a platform that supports development of Local-First, decentralized, secure and private apps.</p>
<p>By combining the best of the local first world (Yjs, Automerge CRDT libraries), a graph database, DID (decentralized identifiers) for users and documents, and end-to-end encryption plus encryption at rest, we provide an SDK that offers all the requirements of portability, interoperability and security needed today for a true alternative to Big Tech platforms and products.</p>
<p>In this talk, we would like to dive into details of implementation of the E2EE sync protocol, the specifics of an encrypted sync protocol for CRDTs, the cryptographic capabilities that enable decentralized access control, and our 2-tier overlay network based on a pub/sub. Our philosophy is "zero single point of failure". With that in mind, we completely got rid of dependencies on DNS, and only rely on IP. Our broker can be and should be self-hosted, and forms a federation of decentralized servers.</p>
<p>The protocol and SDK can be used to develop any kind of app, including messenger, productivity tools, editors, and social networks. All apps developed with our SDK can be built to webapp, Linux, Android, iOS, macOS and Win, thanks to the use of Tauri. All our codebase is in Rust, and MIT/Apache 2.0 of course. We recently released a new ORM mechanism that does all the heavy lifting of managing the database. Developers just need to declare the schema they want to use, and then objects are directly mapped to reactive components in React, Svelte, VueJS, via proxies and signals.</p>
Additional information
| Live Stream | https://live.fosdem.org/watch/ud2218a |
|---|---|
| Type | devroom |
| Language | English |
More sessions
| 2/1/26 |
<p>The Internet landscape is evermore on it’s steadfast course towards surveillance and centralization. Video content and streaming out of CDNs now account for half of all global traffic; splinternets are now a thing, from China to South Korea, from Russia to Iran; mandatory backdoors on communication platforms are just around the conner with EU’s Chat Control. In this scenario, where most Internet connected devices have become tools of imprisonment rather than liberation, reviving the old ...
|
| 2/1/26 |
<p>Can we make the web more decentralized and more private without asking users to switch browsers? For the past five years, the IPFS ecosystem has pioneered multiple approaches to this challenge. This talk shares hard-won lessons about what works—and what doesn't.</p> <p>We'll cover three parallel strategies: (1) pushing for native protocol support in major browsers, (2) driving adoption of critical cryptographic building blocks (such as Ed25519 into WebCrypto API, a three-year standards ...
|
| 2/1/26 |
<p>The massive size of browser engines has concentrated power over the web platform into a few large corporations. Creating a new browser engine that is sufficiently featureful to be an alternative to the Big Three is practically impossible. But what if we could shrink the footprint of a browser's core? What if a browser was little more than a WebAssembly (Wasm) runtime and nearly everything else was an extension? By breaking up the monolith we would have a chance to re-decentralize control over ...
|
| 2/1/26 |
<p>In recent decades, the internet has increasingly become centralized, shifting from its hacker-driven origins into a cartel of advertising companies. It won't get better if we allow these same companies to drive the design of the web browsers and their protocols.</p> <p>Within hacker communities, many solutions have been developed to mitigate centralization, but their adoption has been limited, often because they require specialized expertise to be operated safely.</p> <p>In this talk I'll ...
|
| 2/1/26 |
<p>For over a decade, critiques of OpenPGP and GnuPG have resurfaced in cycles: too complex, too fragile, too old, unfriendly, too “cryptonerd.” Modern messaging apps, "forward-secrecy-by-default" protocols, and crypto tools are frequently presented as decisive reasons to abandon GPG altogether. Yet these arguments often rely on a deeper and more troubling assumption: that ordinary users cannot and should not be expected to understand or control their own cryptographic identity.</p> <p>This ...
|
| 2/1/26 |
<p>Nym is the first decentralized noise-generating mixnet to provision real-world network anonymity to Internet users even against nation-state adversaries. The aim here is to supersede existing VPNs in order to fight increasingly more powerful authoritarianism and surveillance. Unlike traditional centralized VPNs that can be de-anonymized by a global passive adversary - like the NSA - based on their traffic patterns, Nym adds noise (“cover traffic”) to existing Internet communications. ...
|
| 2/1/26 |
<p>TLS has secured the internet for decades, but it has a major limitation: because TLS relies on symmetric encryption, data cannot simply be shared with a third party. As a result, most Web data remains locked inside centralized silos. HTTPS provides authenticity and confidentiality, but not verifiable provenance, leaving applications to rely on screenshots, scraped HTML, or centralized access control mechanisms such as OAuth.</p> <p>zkTLS changes this. Using MPC-TLS and zero-knowledge ...
|
