Far too much yap yap yappin' around here lately.. cpunks write code, remember? Let's get back to business. Here's an idea for a private, censorship-resistant communication/file sharing system with integrated invitations and access control. I don't think I've ever seen this before, but it's quite possible that people have discussed this idea previously. Either way, I don't know of any implementations yet. Problem ======= The current P2P file sharing landscape is divided up into two spaces: 1) private tracker communities (what.cd // Demonoid // etc) which provide high quality network speeds and file quality through moderation, but which are often subject to outages due to centralization, and 2) the single giant BitTorrent 'peer exchange' distributed hash table, which provides universal file access and fault-tolerance, but at the cost of abuse and surveillance of those participating. Ideally, we want a peer-to-peer community which is decentralized and fault-tolerant, but with enough authority to maintain a high network quality and private enough to avoid open surveillance. Proposed Solution ======= It might be possible to combine the exclusivity and moderation of private trackers with the fault-tolerance of distributed hash tables by having each private table operate with a certificated-authority based public key infrastructure. Essentially, to participate in the DHT, peers must cryptographically prove that they have been invited to participate. Power and trust flow down a through a concentric certificate web. A client's authority in the network is a function of how far away from the root authority they are (not dissimilar to Scientology's hierarchy.) Clients should automatically respect commands coming from those higher up the cert chain or from those closer to the root than they are, and should listen to, but not automatically respect, commands from those lower down the cert chain or from "lower-ranking" clients. * Bootstrapping and Invitation The very first user of the network will have to generate a root certificate. He is then able to generate new signing certificates, which he can give to new users of a network to allow them the ability to access the network. These new users should be able to use their own certificates to do the same for their own new users. (This could be done with certificate signing requests coming from potential new users as well, but that might come at the cost of a slightly more complicated user experience). * Revocation Bannings can be performed by issuing updates to a network-wide revocation list. Clients will automatically respect revocations coming from superiors, and may or may not choose to respect revocations coming from underlings. * Implementation Everything needed to create the heart of this should exist already in Kademlia and OpenSSL. BitTorrent could serve as the basis for the file-sharing application, but vanilla BitTorrent has a content discovery problem, so I'd suggest that any implementations of BitTorrent on Private Distributed Hash Tables should have some kind of discovery BEP included as well, possibly one which uses the authority system of the PDHT to verify files. There's also a possibility there for what you might call "trusted amnesia" - the ability for a user with a high authority to publish verified documents to the whole network without having to broadly expose themselves as the source of the content by having peers in their same trust level sign their content, forget the source, then increase the availability by one access level. Anyway, that's the sketch. Any thoughts? Rich