Ungovernable Internet with Scuttlebutt

Note: This article is written stigmergically by Emmi, several  Scuttlebutt core devs, and other members of the community and pulls from Scuttlebutt’s stories and publications. Also sorry that I didn’t have the time to make it shorter. I’ll make a more accessible and better edited one at some unknown point along the road. Feature image credit here.


This internet is one of the single most potent factors in ideological complexification, cultural-miscegenation,  and evolution in addition to providing a powerful potential force in the advancement of cosmopolitanism and the destruction of tribalism. A free and more secure internet is a bulwark of protection for our most important activism and as well as our basic freedom to aggregate against and beyond the structural limits of geography and the ideological limits of identity. Yet at the same time, the internet as it stands, is massively throttled and caged by centralized infrastructure, mass surveillance, monopolistic corporate control, echo chambers, vulnerability to attack, and copyright law. Everyday we hear more stories of large swaths of the internet taken out by IoT botnet DDoS attacks, details of sensitive private information or critical organizing communications seized in mass warrantless raids, or of increasing corporate power to subvert net neutrality. Then on top of this, some of the most resilient and efficient anonymous imageboard armies are completely controlled by the fascist right or, to a lesser extent, the tankie left. Many different organizations are fighting and coding for a better future for the internet on the many different terrains that we face. One of the most interesting projects that I’ve encountered is the whimsically named– Scuttlebutt.

Scuttlebutt, aims to provide a platform that is wholly modular, increasingly secure, and brilliantly inspired in order to tackle some of the roots of these problems and make the internet truly ungovernable.


A Short History

(I’ll try to make this as accessible as possible while still giving some insights into the nitty-gritty. If it gets too nerdy though you can just skip that part and go to the juicy bits!)

Scuttlebutt was in part designed through the thought experiment of what type of platform a Galactic Council would use and as an effort to dream for the possibility of Earth’s humans joining it someday. In order to accomplish this goal, it must be maximally decentralized and not dependent on the current fragile and rooted infrastructure of internet service providers and the like.

Historically, sea-slang for gossip – a scuttlebutt is basically a watercooler on a ship. Scuttlebutt is a decent(ralised) secure gossip platform. This seems like a silly name, but it’s a real science. Read this. Or, if you’re lazy, this.  


From Scuttlebutt Genesis by @bobhaguen:

I saw cryptosphere which is a distributed file system project, but uses replicated logs to record which peers are cooperative, basically a trust network. Replicating logs is easy, so that is good, but instead of building a boring filesystem on top of a trust network… why not just expose that directly to the humans? I realized that all the web2.0 apps are basically just replicated logs, and basically implicit trust networks, and that this was a particularly easy architecture to decentralize. What makes it easy is that since you more or less explicitly “follow” or “friend” people that defers the spam prevention to the humans in a way that seems natural. Contrast with email, where spam prevention is a messy soft-AI problem. This also dovetailed with earlier ideas about trust networks, that I didn’t know how to pursue at the time. For example, experts have reputations, and can teach or certify students, but are disincentivized from mis-vouching because they will lose their reputation if their students are found incompetent. This was while I was at university and felt that a degree stamped by the university didn’t mean very much, and was also very restrictive in terms of subject matter etc. Building a decentralized trust network seemed like a very good idea.

One of the key insights of web 2.0 is that users respond to UI, making them aware of an option means they can do it. Users and UI flow together. A certain UI design may influence user behavior, and this also works at higher layers, certain application technology influences possible applications and certain economic models influences business models. I had worked witnessed some terrible software in my day, but recognized that it was terrible for social reasons more than technical… I seek more equitable social arrangements because I think it will create better software. Everything is becoming software right? So if more equitable circumstances produces better software, then the good software can kill the bad software.

By this time I had figured out the basic architecture and was starting to work on it. I had noticed @paul’s work, and recognized its importance as another part of the puzzle. I wanted an open platform that anyone could build things on (as twitter was originally pitched, but has closed off they try to monetize etc). Also, we couldn’t realistically plan to just sit down and create an app that everyone wants to use, we need many experiments so that one can succeed, therefore we need an decentralized application platform more than we need any given a decentralized application.

patchwork crop

(Above image is Patchwork — A social media cinfiguration of the SSB code)

How it Works

Avoiding Centralization

From Scuttlebutt Story: Design Challenge

Secure-Scuttlebutt (SSB) goes out of its way to avoid both centralization and singletons. The danger of centralization is obvious: it creates a single point of failure that can easily be attacked, or act as an attacker. And, it creates a monoculture of information, as the central point starts to control what information is trusted, or ranked highly. To avoid centralization, you make every peer the same.

In simple terms, the data is hosted by each node or user in the network 2-3 connections out. This means that the network cannot be destroyed or hacked as easily as a server farm or a series of email accounts linked by user trust.

Due to limitations inherent in the modern Internet, making every peer the same is hard to do. Home routers perform Network Address Translation to make a single IP address behave like many, which makes it simple to make outgoing connections, but difficult to receive incoming connections.

Most networked applications, including SSB, solve this by connecting to publicly addressable servers. Sometimes P2P systems use clever techniques (TURN, STUN, ICE) to reduce the role of the servers, but it’s still necessary to have them.

SSB uses the so-called “Pub” servers to rehost the feeds and blobs of the users, which has the added benefit of improving network availability (two peers don’t need to be online at the same time to exchange messages). However, amongst the community, they’re considered a centralization risk.

We mitigate the risk by avoiding putting any special authority or trust in the Pubs. Users may be hosted by many pubs at once, and can change pubs without losing the data or identity. A pub server may go down, and others will still provide service.

Contrast this with email servers, which are ostensibly decentralized (you may run your own email server) but you must have exactly one email server, and if it is down you will not receive email, which makes running your own email server a considerable hassle (not to mention handling spam).

Avoiding Singletons

SecureScuttlebutt also avoids P2P structures that represent singletons – specifically, it avoids using a Distributed Hash Table or a global blockchain. SSB avoids P2P singletons partially to show that it can be done (most P2P designs use DHT or global blockchains) and also because those are just P2P versions of centralized systems. Social Networks are already constructed around a decentralized experience. Popular social networks (fb, twitter) have centralized implementations, but you use them to interact with your peers, so on that level they are P2P.

SecureScuttlebutt takes this decentralized experience and maps the networking layer (the key part of the implementation) on top of the decentralized human/user network. It would be a shame to go to all that trouble to decentralize, but then adopt a singleton. Also, global blockchains are heavy (require nodes to store entire chain, and to waste CPU power) and DHTs are susceptible to spam. These structures also both make the network unprivate, by making all information available globally.

That said, like any good tool, SSB has been built to interoperate with other programs. Though it’s important to us that core remain viable without singletons, the community is free to add protocols wherever they see fit, and is encouraged to do so.


Using Trust in Open Networks

From Scuttlebutt Stories: Using Trust by Paul F

Open networks are systems that allow participation without deferring to central authority. The Web, Email, BitTorrent, IPFS, and SecureScuttlebutt are all open networks. Open networks try to maximise their potential value by letting agents contribute and extract data independently, and without intermediation. This is the Laissez-faire approach to architecture, and it frequently benefits from the efficiency of horizontal scaling.

In SecureScuttlebutt, we have decided never to adopt centralized authorities in the protocol. This decision was motivated by: 1. distrust of information monocultures 2. desire to maximize autonomy of individual users 3. general curiosity

This constraint pushes us to find novel solutions for shared data structures. This article will summarize literature on trust-based mechanisms, and offer some perspective to how they can be applied to SecureScuttlebutt.


Trust-ranking is a key feature of open networks with shared data-structures. As each agent receives new information, it must decide how to act on it, and decide whether to discard the input. Spam, resource-leaching, and DoS attacks would otherwise overwhelm the agents.

Email is an open network: anybody can create a server and account. And, the inbox a shared structure: users share append-rights over each others’ inboxes. But, without proper spam-filtering, email is nearly useless. Filtering must be both effective (very little spam) and accurate (very few false positives) or email loses its utility.

A survey of trust in computer science and the Semantic Web names two primary means of managing trust:

Policy-based trust. Using policies to establish trust, focused on managing and exchanging credentials and enforcing access policies. Work in policy-based trust generally assumes that trust is established simply by obtaining a sufficient amount of credentials.

Reputation-based trust. Using reputation to establish trust, where past interactions or performance for an entity are combined to assess its future behavior. Research in reputation-based trust uses the history of an entity’s actions/behavior to compute trust, and may use referral-based trust (information from others) in the absence of (or in addition to) first-hand knowledge.

SecureScuttlebutt uses social “following” relations as a base trust-policy. Users choose which feeds to follow, and therefore opt into every messaging partner. This is how SSB controls spam.

Other trust-policies could be leveraged by SSB applications, to give users authority over other shared data-structures. For instance, users could assign friends the right to follow more users on their behalf, or give moderator powers to enable post-hiding.

However, policies scale poorly, as they require the user to make a decision about every other agent in the network. This makes it hard for a user to evaluate information produced by “strangers”, even if the stranger is only one or two social hops away. To solve this, reputation-based trust can be introduced to build upon the user’s decisions, by analyzing the decisions of other agents, and assigning authority automatically.


Forget About your Modem

When you connect to a friend over an application like Patchwork, you are syncing the diaries that live on your computers, and making sure they hold the same relevant information. This helps explain how no internet connection is needed: as long as there is any way for your two computers to talk to each other, you can catch up on each other’s feed. This means scuttlebutt could be used between spaceships or boats, on unconquerable mesh networks through bluetooth, Raspberry Pi’s, or any number of other alternatives. We don’t need the internet to internet!



The Scuttlebutt codebase is designed to be exceptionally modular, basically meaning it can be transformed into an infinite number tools. Without being too technical, it allows developers to create data types and combine these types in interesting and novel ways. As it is also all open-source, there have already been a wide range of transmutations of the scuttlebutt code including alternatives to : Facebook, Twitter, Soundcloud, Spotify, and others. The most common of these is the social media network: Patchwork.  In addition to this there are many different variations of the SSB core code being developed to integrate greater levels of privacy and a wide variety of features. In time these additions will likely become integrated more seamlessly into user friendly UI’s that are accessible to the wider public. There is tons of brilliant crypto-papers and code out there in the world but very little of it ever becomes accessible. A key part of SSB is that it has worked quite effectively on the creation of user friendly UI experiences with very little obstacles to entry. Let’s face it, GPG does not seem like it’s going to get mainstreamed anytime soon.



Partially pulled from “Gossiping Securely is the New Email

If you’re still using email for direct communication, you’re probably facing some well known problems : spam, provider lockin, privacy, and reliability (doesn’t work without the internet).Patchwork is built on an open gossip network built on Secure-Scuttlebutt. Here’s how it works:

  • In the network everyone has a diary which only they can write to.
  • When you bump into a friend, you can make a photocopy of their diary.
  • To send a message to a friend, I leave a message in my diary and scramble (encrypt) the words using a code only that friend can read.
  • When I read my friends diaries, any scrambled message I can decode must have been for me, any I can’t must have been meant for someone else.

If you’re an uber-nerd, the networks of trust ideology might remind you of the inspired origins of PGP/GPG in which friends would gather to trade public keys and then give votes of confidence to keys that they were certain matched the desired person. In many ways Secure-Scuttlebutt is very similar. It also relies on a public and private key system to encrypt all forms of messages or file sharing and to ensure that messages come from where they say they did. In it’s current iteration it is very easy to create an anonymous handle, join a shared pub, and communicate securely with your friends and accomplices. However, even more security could be gleaned from hosting your own “pub” and controlling entry through single-use invite passwords.

Oh, other good news is that your intuition how information is passed by gossip pretty much translates to Patchwork:

  • you gossip with friends (and sometimes friends of friends)
  • you don’t gossip with people your friends don’t trust
  • you gossip about mutual friends

The major exception is that unlike people-gossip, this gossip is cryptographically 99.9999999% impossible to fake.

This setup eliminates spam and abusive actors, because over time no-one will talk with them, and hence their messages are not passed on. Because the system is built on gossip, you don’t need to be on the internet to do it. Whenever you’re on the same wifi as a friend your computers will gossip. Patchwork will also swing by known ‘pubs’ (like public houses on the internet) and catch up on gossip there. The network doesn’t need a central provider, so you can’t be locked into some corporation. The direct messages are all hardcore encrypted by default and unlike encrypted email, no-one can even tell who you were messaging.

Some problems do exist though such as the difficulty in erasing or revoking messages or identities assigned to or said about you. Another problem is the possibility that if one’s pub did get compromised, including one member having a private key, it could be possible to access the public data of many other members. This wouldn’t compromise the private features though, unless they had sent them to that person specifically.


What this Means for Anarchists

We need better tools. GPG is our best encryption but many worry it’s on it’s way out, and has never really been user friendly to non-nerds in any case. With the far-right control of the 8chan universe and doxxing becoming ever more prominent, we need tools to counter-organize. Hosting our own pubs gives us the chance to control our flow of information and secure our communications against intrusion, DoS, and surveillance. Scuttlebutt could provide a much more resilient version of 8ch and the like, allowing us to break out of the constant paranoia that haunts and silos radical movements. As of this moment, it is quite easy to make an anonymous user account even though the technology is still quite young. Patchwork is currently only built for desktops and laptops (no phones). The setup is also such that you have one identity per device — this means you have to have different identities for each computer you have which can make it difficult to juggle identities, but hopefully unlike the book of face, we will not face the zuccing crisis that created these needs in the first place.

@Me aptly writes:

Secure-Scuttlebutt creates a social media that the government cannot stop. This is really SSB’s strong suite and what people should be evangelizing. A lot of socnets advertise “They would have to take down the internet to stop this”. Well with ssb…. You can even take down the internet and it won’t stop it. With globalized ‘consensus’, e.g. bitcoin, it’s the elites who make the real decisions [read: miners] . But when you model the network topology based on your friends you’re really giving the power back to the people and not some central authority that depends on centralized command and control

Imagine a world where we weren’t trapped by geographical tribalism and isolated from the brilliant work happening all over the world. These types of advances are some of the key structural elements to creating a truly radicalized globalism, solidarity, and meaningful empathy.  We need tools like this to make the internet ungovernable and maximize the degrees of freedom each being can access and meaningfully sort. Even with post-left critique of left appeals to mass unity, deeply embedded and complex horizontal networks are crucial to sustainable ecologies of activism and radical thought. Building the tools can help to mainstream the culture, creating a feedback loop of exchange.



To the Galactic Council and Beyond

Scuttlebutt is still a very burgeoning, if aspirational technology. It is still in it’s infancy which is a source of hope in that it has already accomplished a great deal. It is not a panacea to all of our tech problems but it does create practical and working alternatives and a foundation for very different ways of interacting with the internet. These possibilities have tidal waves of implication for our movements, and the lives of those most at risk in our ecosystems of activism and organizing. If you’re sufficiently psyched and curious, the easiest way to get started is using patchwork, a classic social networking application. If you join a few pubs like pub.doge.haus, you’ll see that some user has already started a #C4SS channel!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s