zenkodr / decentralized-social-apps-guide Goto Github PK

• Purpose
• Applications and Platforms
  • Social Networking
  • Collaboration
  • Identity
  • Decentralized Protocols
  • Decentralized Databases
• Common Issues
• Concepts
• Related Awesome Lists
• Initiatives and Institutions
• Roadmap
• Contributions
• License

The purpose of this document is to provide an overview and guide to existing open-source decentralized applications (dapps) and platforms for social interaction, social networking, social media, social engagement and creative or project-based collaboration (e.g. Decentralized Autonomous Organizations).

For our purposes, decentralized means that these apps are peer-to-peer (P2P) and/or rely on decentralized infrastructure like public, open-source blockchains (e.g. Ethereum or Bitcoin) or protocols (e.g. IPFS, Secure Scuttlebut, Dat, Gun, WebTorrent, ActivityPub). If they rely on blockchains or protocols like these, it must be practically possible for users to run their own nodes without having to pay fees to any centralized entity.

Decentralized apps and platforms are distinguished from centralized ones (e.g. Facebook) that rely on centrally managed servers/databases and federated ones that rely on a network of locally centralized servers (e.g. Mastodon).

Only open-source apps and platforms will be listed here.

This is a curated list. More developed apps and platforms with more features and/or a wider user base may be highlighted, but all apps/platforms that meet the overall purpose will be listed here if submitted.

• Aether - Open source, self-governing communities with auditable moderation and mod elections
• Bluesky - An app and project originally spun out of Twitter, which is building the AT Protocol (see below), a new foundation for public conversation and social networking which gives creators independence from platforms, developers the freedom to build, and users a choice in their experience.
• Briar - WhatsApp clone with security focus. GPL licensed
• Circles - A social media app (iOS only) based off of the Matrix platform (see more below), currently in beta.
• Effectio Community Communication and casual social organising platform, built on top of Matrix protocol.
• Element, formerly known as Riot IM, is the reference messaging client for the Matrix platform. Matrix is currently federated but a fully decentralized version is under active development (see below). Strongly private group messaging using MegOlm double-ratchet. Backed by Automattic, the creators of Wordpress, among others. Used by the French and German governments and other clients. Apache 2.0 licensed
• DTube - Youtube clone using Steemit blockchain and IPFS. GPL licensed
• Iris - Social sharing using Gun and IPFS
• Jami - WhatsApp clone
• Junto - Social network on Holochain
• Lemmy - An alternative to Reddit. Curently only federated, but because it is in Rust it could be ported to WASM and made fully decentralized, like Matrix (see below)
• Matrix Social A Matrix "Social Media" client
• MinesTrix - A social media app (Flutter: Android, iOS and web) based off of the Matrix platform (see more below), still in alpha.
• NOSTR Clients (multiple) NOSTR is an open protocol for censorship-resistant global networks, and this lists multiple clients that support it
• Open Super Dapp - Your gateway to the new digital commons. A "super app" with integrated mobile messenger, Ethereum wallet, and Web 3.0 browser built on open, decentralized, and encrypted protocols. Pre alpha. Seeking developers/supporters.
• Peerpeth - Twitter clone on the Ethereum blockchain
• PeerTube - Youtube clone using ActivityPub
• Patchwork - Social network on Secure Scuttlebut. AGPL licensed
• Textile Photos - A photo sharing app using Textile (See below)
• Vocdoni - A voting and collaboration platform, affiliated with Aragon, on an Ethereum compatible sidechain

• 3box Nascent social networking platform using Ethereum and OrbitDB (IPFS-based)
• DSNP Decentralized Social Network Protocol - a public social graph completely disconnected from financial incentives from Amplica Labs and Project Liberty, built on Frequency and Polkadot
• Mix platform - Using Ethereum and IPFS
• Matrix platform - Matrix is an extendable social messaging platform that is currently federated/distributed, but they are looking into a fully decentralized P2P version with an innovative approach that puts the federated server onto people's devices! Something to watch - A discussion room is available to follow developments. Strongly private group messaging using MegOlm double-ratchet. Supports bridges to existing "walled garden" corporate networks and custom bots. Matrix is governed through an transparent, participatory process overseen by the Matrix Foundation. Element is Matrix's reference client (see above).
• Spritely - An alpha ecosystem of protocols and projects leveraging ActivityPub and Object Capabilities
• SecuShare - decentralized messaging on GNU:Net (see below)
• Textile platform - Using IPFS

• app.co - Decentralized app store (not all are open source!)
• An overview of existing social networking options including decentralized ones (6/26/19): So You Want to Leave Facebook

• Alchemy Proposal voting/funding app built on DAOStack
• Gitcoin - Bounties for software projects

• Aragon platform - Now affiliated with Vocdoni
• DAOStack platform
• Colony platform
• Moloch platform

• BroncoVotes - Ethereum based secure voting platform
• PeepsDemocracy - ActBlue alternative. Nothing there yet? Open source?

• Blockstack platform - Various dapps are available, including Graphite, a Google Docs/Sheets clone. Some but not all are open source

• git-bug Decentralized issue tracking using git itself
• git-remote-ipfs - Git push/pull to IPFS
• git-ssb - Git over Secure Scuttlebut
• Mango - Git using Ethereum, IPFS
• Radicle - using IPFS

• Secret voting (Enigma) using Enigma (see below)
• Secret voting (Oasis) - using Oasis (see below)
• Secret voting (Vocdoni) - using zk-SNARKs
• Trellis - Trello clone based on MPL (Automerge & WebRTC)

• An overview of existing Ethereum-based DAO (decentralized autonomous organization) platforms (6/16/19): Aragon, DAOStack, Colony, Moloch

Identity services are a key requirement of most social/collaborative apps. Decentralized and self-sovereign identity platforms and "wallets" are listed here.

• DID-SIOP - OpenID protocol for self-issued (self-sovereign) identities, e.g. using a public/private key or cryptography wallet
• Ceramic DIDs and linked documents on IPFS. Affiliated with 3Box and Ethereum ecosystem. (Not affiliated with Decentralized Identity Foundation?)
• IDM General purpose identity manager for DIDs
• iden3 Ethereum identity platform leveraging zk-SNARKs (See below)
• ION DID Method implementation using the Sidetree protocol on top of Bitcoin. From Decentralized Identity Foundation.
• ipid - DIDs using IPFS
• Hyperledger Indy
• Keycard - A new type of smartcard and open source API for simple integration with crypto wallets, DApps, and hardware
• MetaMask Ethereum wallet/identity manager
• Reclaim:ID - Decentralized identity on GNU:net with OpenID interface
• Status.im - Status is a secure messaging app, crypto wallet, and Web3 browser
• Trezor Open-source hardware wallet/identity manager
• uPort Ethereum wallet/identity manager
• Wallet Connect - Open protocol for connecting Wallets to Dapps

• Decentralized Identity Foundation
• Decentralized Web Developer Survey 2020

These are the underlying decentralized protocols powering the dapps and platforms above

• ActivityPub
• AT Protocol - The Authenticated Transfer Protocol is the new decentralized protocol developed by Bluesky (a project spun out of Twitter), and is a federated protocol for large-scale distributed social applications.
• Automerge - CRDT implementation
• Bitcoin blockchain
• BitTorrent
• CACAO - Chain-agnostic Object Capabilities (OCAP), created using EIP-4361 (or similar for other blockchains), as an IPLD object. Can work on content addressable storage like IPFS.
• CJDNS - Encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing
• Dat - A mutable, identity addressed file/data sharing protocol
• DIDComm - The purpose of DIDComm Messaging is to provide a secure, private communication methodology built atop the decentralized design of DIDs (see below). Intended to work over any transport.
• Enigma - Secure "secret contract" protocol extended from Ethereum. Founders of Secret Network
• Ethereum blockchain
• Farcaster - Farcaster is a community-created protocol for building decentralized social applications. Developers can use Farcaster to build new, decentralized social networks, letting the protocol deal with the hard problems of managing user identities and data. Users can create a new account that they control and sign up to use any of these applications. Users are always in control of their data and identity and can switch freely between applications.
• Fluid Framework - for managing state for collaborative decentralized apps. Requires servers for operation.
• GNU:Net - Private, decentralized networking stack with file sharing, messaging, etc. layers. An official GNU project.
• Gun - P2P CRDT protocol implementation
• Holochain
• Hyperswarm - A distributed networking stack for connecting peers.
• Lens Protocol - Lens Protocol is a composable and decentralized social graph, ready for you to build on so you can focus on creating a great experience, not scaling your users. Built on Polygon/Ethereum chains.
• LibP2P - A decentralized networking stack and library modularized out of The IPFS Project, and bundled separately for other tools to use
• IPFS - An immutable, content addressed file/data sharing protocol. libp2p based
• Mina Protocol - Mina is a new cryptocurrency with a constant size blockchain, improving scaling while maintaining decentralization and security (Javascript/Browser)
• MPL - Using Automerge and WebRTC
• NOSTR NOSTR stands for "Notes and Other Stuff Transmitted by Relays" and is an open protocol for censorship-resistant global networks. Awesome NOSTR
• Oasis - Secure "secret contract" protocol extended from Ethereum
• OrbitDB - Distributed DB implementing CRDTs on IPFS
• Secure Scuttlebut
• Steem blockchain
• Waku - Decentralized, off-chain communications channel for Web3
• WebRTC
• Yggdrasil - Scalable routing as an encrypted IPv6 overlay network
• Zot - Used in Aether and Hubzilla platforms

• ClickHouse - Distributed SQL OLAP DB
• Cockroach DB - Distributed SQL DB, which is written in Go and can be compiled to WASM to run on devices
• FoundationDB - The open source, distributed, transactional key-value store from Apple.
• FlockDB - Distributed graph database in Scala
• Gun - P2P browser-based graph database. See also above
• JanusGraph - Distributed graph database in Java
• mvSQLite - Distributed SQLite that runs on top of FoundationDB.
• Nebula - Distributed graph database in C++
• SurrealDB - A scalable, distributed, embeddable, collaborative, document-graph database, for the realtime web.
• Tahoe-LAFS - Distributed least authority object capabilities database in Python
• Titan - Distributed graph database in Java

A question for all decentralized social networking and collaboration tools is how to pay for the underlying storage and computing cycles needed to support it. Some of the solutions above require you to pay (in one form or another) to "post" content or initiate an action (e.g. most blockchains). Others make no guarantees that your content will be available to others unless you host it yourself and keep your computer constantly on, and then people across the world may be only able to access it very slowly (e.g. IPFS).

In a world in which the decentralized devices that interact with each other may be low power devices like phones, and in which the security of given nodes in the network may be untrustworthy, it is essential to be able to secure data and also compute on that data securely. This will require end-to-end encryption solutions in which data is encrypted on our individual devices.

It will also require secure private smart contracts and secure multi-party computation that can operate on encrypted data safely and in a "trustless" way. There are various new approaches to this including trusted execution environments and homomorphic encryption.

The Actor Model is the most natural framework for building decentralized social protocols, platforms and apps because it aligns with our democratic ideals and ways of initiating and organizing human endeavors. Object Capabilities, as opposed to Access Control Lists (ACLs), builds on the actor model to support the Principle of Least Authority, putting an actor in charge of their data, rather than a recipient or a service. This allows permissions to be revoked by the actor when desired and prevents the Confused Deputy problem and other abuses by service providers and proxies. See the concepts section below for references. See also ACLs Don't for an overview of the benefits of Object Capabilities vs ACLs.

Even when a project is fully decentralized in its operation and technically open source, its may be tightly controlled by a single corporation. No software that is controlled centrally like this can be considered truly decentralized. Some process considerations to evaluate when considering a project include:

• Is a development roadmap published?
• Is there an open and transparent process for selecting priorities for bug fixes and new features to be added to the development roadmap?
• Are pull requests and code contributions welcomed from everyone? Are pull requests processed in a timely and friendly manner? Are "good first issues" tagged, etc?
• Is there a welcoming Code of Conduct that is published and adhered to?
• Are there open discussion rooms where project maintainers and contributors can be reached with questions and issues in a timely manner?
• Are forks and alternatives welcomed or discouraged?
• Is the project well documented and regularly updated?
• Is the project designed in an extendable way?

Some relevant concepts

• Actor Model - Actor model of decentralized/concurrent computing
• Blockchain
• Byzantine Faults A type of challenge facing decentralized systems
• Confidential Computing - A consortium to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards
• Confused Deputy Problem
• CRDTs Conflict free replicated data types
• DAG - Directed acyclic graph
• DAO Decentralized autonomous organization
• DIDs Decentralized Identifiers
• DHTs - Distributed Hash Tables
• Double-ratchet encryption - Private messaging with "future secrecy"
• Decentralized AI
• End-to-End Encryption
• Homomorphic Encryption
• MegOlm - A double-ratchet encryption algorithm used by Matrix for private group messaging
• Object Capability - An access control approach consistent with the actor model of decentralized/concurrent computing. See also some introductory slides
• P2P Peer to peer
• Principle of Least Privilege - Also know as the principle of least authority
• Privacy-preserving DHTs, status. See also this paper on current reality and future
• Self-sovereign identity
• Secret contracts - A form of secure multi-party computation. Privacy protecting smart contracts. Also sometimes called "private contracts" or "private smart contracts"
• Smart contracts
• SMC - Secure multi-party computation
• Sybil attacks - A type of attack on a decentralized system
• TEEs Trusted execution environments, used in current versions of secure/private smart contracts
• Verifiable Credentials
• zk-SNARKs and zk-STARKs - Non-interactive zero-knowledge proofs. zk-SNARKS require trusted third-party setup, zk-STARKs do not.

• Decentralized ID
• Fediverse
• Object Capabilities
• Peer-to-Peer
• Self-Hosted

• Next Generation Internet - a major European initiative and funder for a Human Internet that respects the fundamental values of privacy, participation and diversity.

This is a work in progress! Please help extend it and keep it up to date.

It is hoped that in the future a comparison of the various apps and platforms will be provided. Some of the criteria that will be worth highlighting are:

• Availability / use of encryption
• Privacy and management of personal data
• Underlying technologies used
• Adoption and use
• Level of maintenance and ongoing development
• License type
• Features provided
• Ability to do financial transactions
• Sponsors / contributors
• Degree of lock in that prevents leaving or migrating from the app / platform
• Degree of integration available with other networks and tools
• Performance / speed

Contributions aligned with the stated purpose and consistent with our code of conduct are welcome! Make a pull request to suggest additional resources or enhance this document. Edits to pull requests may be requested for placement, accuracy. Contributions that highlight the criteria mentioned in the roadmap above are especially appreciated.

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.