Why we're building Zbay

We are building Zbay because we want a patch of online life that's controlled by the people of the Internet. Not by one rich man in California, like Facebook is. Or by a brutal dictatorship, like WeChat and TikTok are. Or by an advertising company, like Youtube is.

Making such a space is really hard to do. Who makes it? Who hosts it? Who pays to keep it running? How does it remain controlled by the people, and address challenges existing spaces like Twitter or Facebook face, like spam or organized harassment?

Solving these problems is hard, both technically and institutionally, but we must try! The alternative is a world where governments and corporations control our online life and the global public sphere.

Now is the perfect moment to try, because a lot of the essential groundwork is finally coming into existence. There is a rich and growing stack of technical and institutional infrastructure to build on:

Examining each layer of this stack and how they function together reveals a path forward to a new online space that—as software, as a platform, and as a constellation of communities—is meaningfully controlled by the people of the Internet. We believe you can build communities on this stack that are more accountable, free and fair than communities on existing online platforms.

It’s amazing that we’re here and this is finally possible. A lot of this stuff would have been a pipe dream even a few years ago.

1. Free software gives users control over code.

Free software (sometimes called “open source software”) provides an established, well-understood legal and social mechanism for guaranteeing that people have meaningful control over the underlying code of the software they use.

Free software has been around for four decades (longer depending on how you count) so its track record of protecting the interests of Internet users against governments and corporate monopolies is long, varied and established. 

It started in the year 1980 in Cambridge, Massachusetts when, while fixing a broken printer, a software engineer in the bowels of an MIT computer lab had a powerful revelation: he realized that software makers had legal—and technical—power to control software users, and that they could use this power in nefarious ways, to extort, spy, censor, or worse.

This software engineer defined what he called the "four freedoms” to rally software makers around a brighter future where software users were in control, not under control. And he called software that gave users these freedoms “free software.” The four freedoms were:

To protect and spread his vision for free software, he also created the GNU GPL, an ingenious legal contract that encoded the four freedoms into law. A software license, the GNU GPL gave software engineers a legal, contractual way to grant users and other engineers all four freedoms. It also required that any engineers who built on GNU GPL-licensed code also released their work under a similar license.

Because of this clever legal enforcement of reciprocity, the body of code available under the GNU GPL grew like wildfire, making possible so many major victories for both engineers and Internet users it’s impossible to even name them all. 

As with most social movements, free software’s biggest victories are likely invisible: dystopian futures that simply never happened. But to give a short list, here are some of the big ones:

With free software, any engineer can understand the code, change it, and distribute a competing version. This is called forking. You might not know how to code, but if a piece of free software is popular and doing something seriously anti-user, some irate developer out there will fork it for you. Free software creators know this, so they usually don’t bother being anti-user in the first place.

The guarantee that you can fork code and take it in a new direction creates deeper collaborative dynamics, where people who contribute value to the project benefit from gaining some (but not total) control over it. After all, why would your collaborators capriciously say no to a good idea when they benefit from your contributions to a mutually beneficial project?

2. Peer-to-peer networks give users control over platforms

Today, many modern software companies go against the interests of their users. Advertising is a simple example. Given the choice, most users would prefer to not be subjected to advertising at all, or at least not give advertisers their data. But popular platforms like Youtube, Facebook and Spotify still sell data to advertisers. If free software is such a powerful guarantee, how are so many prominent companies able to go against users’ interests?

The answer is simple: once free software is being run on computers we don’t control, most of its guarantees are moot, and that’s how services like Facebook, Youtube, and Spotify work. Some code runs on your computer or phone, but much of it runs on computers controlled by these companies, which you have no control over.

Because of the freedoms free software granted, companies can use GPL-licensed code however they choose to. As long as they don’t “distribute” it, they don’t have to give their users the four freedoms. Selling an app counts as "distributing" software, but using code to run a website (like Facebook.com or Google.com) does not. 

Even worse, once Facebook and Google are running software on their machines, users have no control over what code is running, even if it is free software. Google might be using mostly free software to run Gmail, and you might check Gmail using a free software email client or web browser. But if Google decides to give the US government an easy way to read your emails, how would you know? That’s happening on their computer, not yours. If Facebook is doing something evil with your data, that’s running on Facebook’s computer, not yours.

In the above cases free software might still be making the world better by making the marketplace more competitive, or by making it easier to unseat a monopoly. But for free software to provide a meaningful guarantee to users, users cannot depend on code running on computers outside their control. All of the important code needs to be running on a user’s own  machine for free software’s guarantee to function fully.

This is why, as more and more people used software shared by millions running on servers outside their control, free software had a problem. The free software movement's "four freedoms" only made sense when our apps ran on *our* computers. Once we stopped downloading apps and running them on our computers, and started mostly using websites like Facebook or Youtube, or apps dependent on company servers like Spotify, free software no longer provided a meaningful check on those companies’ power to control users.

One way to build modern cloud services with free software is federation, but doesn’t really solve the problem, as you can see in the Gmail example above. Email is an example of a federated protocol. There are traditional servers, which can be run by anyone, from a big company like Google to a band of activists like Riseup.net. And there are clients that can connect to these servers, like Thunderbird, Outlook, the Gmail website, or the Mail app on an iPhone. The problem with federation is that you still have to trust the server, and you have no idea what code it’s running or who it might be working for. Google could give your emails to the government. The activists at Riseup could be hacked without your—or their—knowledge by a well-funded spy agency, or forced to hand over servers by a court order. Also, in federated platforms with many stakeholders, progress on crucial technical issues like privacy can stagnate because of difficulties in coordination and aligning priorities: the state of the art in end-to-end email encryption has barely made progress since the 1980s, for example.

Peer-to-peer networks built on free software, on the other hand, provide a real way to address the problem of trust. In a peer-to-peer network, all the important code runs (or can be run) on each participant’s computer. Peer-to-peer networks must by their nature be very untrusting of other participants in the network, since anyone out there could change their code to do something malicious. But if the network is designed to not require trust, and you’re running free software code on your computer, a peer-to-peer network has extended the guarantees of free software to the platform itself. Users can come together in the network knowing that they have meaningful control over what happens. 

Peer-to-peer networks also push down the cost of forking, ensuring that the free software guarantee has teeth. Unlike services that depend on large clusters of servers, peer-to-peer networks have operating costs that are zero or near-zero, so forking a platform becomes much easier. If you had the source code to Facebook, but it required you to spend millions each day and assemble a massive team of specialists to keep it online, the code itself would not be very useful, and its availability would not provide a meaningful guarantee to users. However, because peer-to-peer networks emerge like hives from the code running on users’ machines, they are much easier platforms to fork, and the guarantee continues to be meaningful.

3. Bitcoin showed how to do *much* more with peer-to-peer networks, and lowered the cost of forking even further.

Having to not trust anyone else introduces some real limitations for peer-to-peer networks. In the first era of peer-to-peer applications, software like Limewire and Bittorrent created massive libraries of files and delivered them super fast, but you still needed a conventional website to find what you were looking for, or at least to filter out the junk. Even something as simple as a reliable system for ratings and moderation was really hard in a peer-to-peer context. 

Unlike with desktop apps like web browsers or video players, creating a free software competitor to something like Facebook or Youtube is a much trickier proposition. These applications have to connect—and balance the interests of—many different users. If software runs on each user’s computer, how does code balance their interests in privacy, safety, control, and freedom? 

To build a true online space like Facebook, Twitter or reddit with the pro-user guarantees of free software, we needed a way to build free software that everyone can modify, that runs on our own computers, not the servers of a large business, but that balances everyone’s interests in a way people can actually trust to work as advertised. 

That is extremely hard to achieve. It’s a paradox. If everyone runs the software on their own computers, and it's free software, what stops malicious users from modifying the software to do something malicious? 

This paradox was the subject of a lot of research through the 90s and early 2000s. But researchers never really got it working. Sure, there were “federated” protocols like email or XMPP, but they depended on servers outside the user’s control, and these servers were often controlled by a large company, like Google, or if they were independently run, couldn’t be credibly considered more secure than the centralized servers of a large corporation with a massive security team. 

Then, in 2008, something special happened. Someone, it seemed, had come out of the woodwork with an answer to the paradox, and the answer came not just as an academic paper, but as a working app you could actually use. The “person” was Satoshi Nakamoto, though that's definitely not his real name, and “he” might not actually have ever existed. The project was called Bitcoin.

You've probably heard of Bitcoin, and you probably have tons of ideas about it. Like any popular phenomenon, Bitcoin has been politicized and its reputation precedes it. Maybe you got rich off Bitcoin. Maybe you lost half your life savings to it. Maybe it's the answer to the tyranny of big banks. Maybe it's a ponzi scheme or a “late-capitalism” acid trip from Burning Man. 

Bitcoin’s reputation matters much less than this fact: it was the first to crack the paradox. Bitcoin was free software, and it was a peer-to-peer application, but it created a single agreed-upon set of data, known as a blockchain, that everyone could trust was correct. Bitcoin’s successor Ethereum took the idea even further and created a general platform for computation, albeit a very slow one—an almost magical feat. 

Blockchains let you fork entire platforms and take the data with you. You can make a new version of the Bitcoin app that uses data on the same blockchain but has some new or different functionality. Or you can fork the blockchain code itself and give birth to a new blockchain, letting users carry over their accounts. You can even reference data on one blockchain from another. This isn’t always easy to do, but it’s possible and often straightforward—certainly much more straightforward than trying to convince Facebook to let you use their data to build a Facebook competitor!

Free software gave users meaningful control over code. Peer-to-peer networks extended this control to the platform level, but with severe limitations. But Bitcoin and successors like Ethereum blew the doors off what kinds of applications you could practically build with a peer-to-peer network, and opened up the possibility for forking entire platforms while retaining useful data. They let us extend the guarantee granted by free software even farther.

4. ZK-SNARKs and Zcash let peer-to-peer platforms keep secrets

Bitcoin had a big missing piece: it didn’t address privacy. Theoretically, anything you did with Bitcoin was visible to everyone in the world; they just might not know it was you. But to make a functioning online community with things like direct messages, or an ecommerce platform where people provide sellers their shipping address, you need to be able to keep some things private. 

Zcash is a Bitcoin successor with an emphasis on privacy. It lets you send transactions without revealing what they are or who they’re going to. It also includes a way to attach encrypted messages to transactions. If you want to build something more like Facebook, Twitter, or reddit on top of a blockchain, these features make Zcash a plausible (if clunky) place to start.

Zbay is built on the Zcash network. Where Facebook’s apps connect to Facebook's servers, Zbay connects to the Zcash network. Where most emails go through servers controlled by Google or Microsoft, Zbay’s messages go through the Zcash network. The Zcash network itself is made up of people running Zcash nodes on computers they control. Users don’t need to trust other Zcash node operators either, because the network’s design constrains their behavior.

We chose Zcash as a network for Zbay for a few reasons:

By building on Zcash, we can trust leading privacy-tech pioneers to protect users’ privacy, keep them secure, and scale to billions of users, while we focus on building a fun app that’s easy to use and good for building online community.

5. Tor protects IP addresses (and location) of users in a peer-to-peer platform.

In a peer-to-peer network like Bittorrent, Bitcoin, or even Zcash, you connect to many users you don’t know or trust directly from your own IP address, revealing it to them.

Knowing your IP address could give other users information about you that you’d rather not share: your employer if you’re accessing the network from work, your school if you’re accessing it from a campus, or a rough guess at your city or town if you’re accessing it from home.

In this way, a peer-to-peer network can be less private than a centralized platform like Google or Facebook, where the IP address you connect from may be known to the services themselves, some intermediaries, and assorted spy agencies, but not in most cases to the users you’re communicating with.

If we’re building a peer-to-peer network that people are going to use as an online space, we should offer at least the same level of protection of IP address information that Facebook and Google offer. Tor, a technology developed for protecting activists and journalists from repressive regimes, gives us one way to do that.

Tor isn’t foolproof, its efficacy when used to connect to networks like Bitcoin or Zcash is still the subject of research, and Tor might actually make these networks less secure in some ways. But it restores the privacy protections for your IP address when you use a peer-to-peer platform instead of a centralized one, so we think it’s an important part of the stack, at least until the Zcash team addresses this privacy problem directly.

6. Free software has established models for governance.

The ability to fork a free software project and build in a new direction is a powerful guarantee that over time the software will serve its users, but if a free software project is governed in a way that is responsive to its users’ and developers’ needs, forking might never be necessary. Zbay will strive to find a governance model that can align our interests with users, minimizing the necessity of forking.

Some free software projects are run by a conventional business. Others are run by foundations like the Mozilla Foundation, the nonprofit organization behind the Firefox browser, or the Tor Project, the nonprofit organization that makes the privacy and anonymity tool Tor. Others, including many of the basic building blocks of the Internet itself, are run through rough consensus of volunteers and paid professionals spanning dozens of organizations and companies.

There are lots of models that make sense and huge troves of experience to draw from in deciding how to govern Zbay. Right now, Zbay is still just an experiment, so settling on a governance model would be putting the cart before the horse, especially given that—if we failed to find a good one—forking would always be an option. Nonprofit foundations are difficult enough to start and maintain that they aren’t the best default starting point for a small free software project. But we do have experience starting and operating them (we participated in founding fightforthefuture.org and pculture.org) if that seems like the best path forward.

There are new structures emerging each year. A B Corporation is newer kind of entity that combines the structure of a conventional corporation with the declared public interest mission of a nonprofit. A DApp is a piece of autonomous software that can elect decision-makers, approve or reject major proposals, or possibly even approve or reject proposed code changes based on a voting algorithm. Peer-to-peer networks governed by peer-to-peer networks. Yikes!

Finally, the network that Zbay uses, Zcash, has its own structures for governance. If you like, you can read more about Zcash’s own governance structure—the people behind Zcash are putting a ton of thought and work into this.

7. Moderation models and codes of conduct

Online spaces aren’t just about how they’re built; the culture and community that develop on them are the final piece that matters more than anything. With Zbay, we believe that we can stand against censorship while still building online communities that are safe, respectful, and accountable to the values of diverse communities.

Zbay will soon include established systems for moderation, where channel owners can hide posts, ignore problem users, or delegate these powers to moderators. Channel owners will have the power they need to create functioning online communities built on respect for clear principles. Zbay will encourage channel owners to post clear codes of conduct that moderators will enforce consistently, and we plan to recommend model codes of conduct. 

That said, channel owners have complete freedom to decide the rules for their channel, and the fact that Zbay is a free software, peer-to-peer, blockchain-based platform guarantees they always will. First, the Zcash blockchain is designed for censorship resistance. You can't simply delete transactions or messages. When channel owners “hide” a message on Zbay, they are sending a new message which tells the Zbay app to ignore it. The hidden message is still there, and users could modify their Zbay app to display it. If the Zbay team added censorship code, an anti-censorship fork could remove it, and no human expression would be lost. 

Unlike platforms like Twitter, Facebook, and reddit, users won’t be bombarded by an algorithm serving messages from communities users did not choose to participate in. Zbay users are not subject to the content of Zbay channels unwillingly: they must actively join them and can leave at any time.

The Zbay team believes that it is morally wrong—and harmful to any conceivable notion of political progress—to censor channel owners. Any destructive conversation is certain to be outweighed by a larger, countervailing, constructive response. The response could come in that conversation itself or in other conversations on Zbay, elsewhere on the Internet, or years down the road—but it will come: the arc of the moral universe is long, but it bends toward justice. Our commitment to this idea is unshakeable, and thanks to the technology we’re building on, you don’t even need to take our word for it.

Fitting it all together

If our goal is to make a patch of online life that’s controlled by the people of the Internet, not by big companies or repressive governments, we can fit these pieces together to achieve that in Zbay.

Zbay exists as free software available under the GNU GPL. Even if the organization and team we’ve created to make Zbay disappears, others will be able to take the code and continue. Any developer in the world can make improvements to Zbay, and if the Zbay team doesn’t accept these improvements, that developer can create their own alternative. This guarantees that the people of the Internet will control Zbay’s underlying code.

Zbay is peer-to-peer, so Zbay as a platform emerges hive-like when many users run the code of the Zbay app. If the code survives, the platform survives as well. If developers with a new and better vision want to fork the code, they can fork the platform as well. Thanks to Zbay being a peer-to-peer network, the control users enjoy over code also gives them meaningful control over the platform.

Because Zbay uses a blockchain, it can do some special things that used to not be possible in peer-to-peer networks, like registering unique usernames or channel names, sending money, and buying or selling things. This also lets Zbay use small fees to increase the cost of being a bad actor—for example by registering millions of fake accounts, sending spam, or scamming other users. Using a blockchain network guarantees that competing projects will be able to take essential data (like channels, users, and their messages) with them when they fork, without needing permission from the team behind Zbay—in stark contrast to centralized services like Facebook, where big companies use control over data to lock users and developers into the network.

Zbay uses the cutting-edge, privacy-focused blockchain Zcash, so it can offer basic privacy protections like end-to-end encryption for direct messages and group chats. It can even protect “metadata,” knowledge of who is speaking with whom. Zbay also uses Tor (optionally right now) to protect users’ IP address from becoming public, restoring a basic privacy protection offered by centralized services. Unlike a centralized service like Facebook, where privacy guarantees are based just on what Facebook says it will do, and potentially undermined by laws that require it to collaborate with governments in secret, the privacy guarantees in Zbay are based in encryption, free software, and peer-to-peer networks which can (someday) be studied by researchers and verified to be secure against all known attacks.

Zbay has a deep trove of free software governance models to choose from, as well as new kinds of entities like the B Corporation or the DApp. The Zcash network on which Zbay is built has a thoughtful and evolving governance model. The low cost of forking a free software, peer-to-peer, blockchain-based platform creates a baseline guarantee that the platform will serve users’ interests. But a good governance model can do even better: it can actively solicit and respond to user and developer feedback and make smart plans for the future.

What are we waiting for?

Like many eager observers of the blockchain / cryptocurrency space, we’ve felt an enormous pent-up desire for products to come along that actually matter to all of us. We saw the first peer-to-peer platforms emerge in the early 2000s. We saw Bitcoin and Ethereum emerge years later. We watched as a breathtaking amount of investment flowed into moonshot-like infrastructure projects to build this new stack for decentralized, peer-to-peer, free software applications.

Still, we’ve felt some pent-up frustration that all this investment and passion has produced so few useful tools for our daily lives. When do us Internet users get fun products that we can download, play with, and use with our friends to build online spaces where people are secure and free?

When we saw the announcement of the encrypted memo field in Zcash, we got excited. For the first time a blockchain stack was natively supporting enough protections for user privacy to build something really useful beyond finance. We thought, “why wait for somebody else to build our dream?” We decided to go for it, and build one of the free software, peer-to-peer dream apps we’d always wished would exist—something out of a Thomas Pynchon novel: a W.A.S.T.E, or a DeepArcher.

We decided to take the best big step we could in the direction of a world where our online life is controlled by the people of the Internet. We built Zbay.