Cavern

Cavern is an in-development social media protocol that aims to have a user experience similar to Livejournal or Dreamwidth (journaling, threaded comments, filtered access) but with an architecture that emphasizes privacy, security, and autonomy:

  • Local-first: When you write a journal entry or comment, it starts out on your computer, not a website; when your friend reads it, it has already been downloaded to their computer.
  • End-to-end encryption: Every user has a keypair which, if all goes well, they will never have to know about.
  • Low tech: No special server software to self-host, just an HTTP server. Cavern brings the stability and reduced maintenance possible with static site generators.
  • "Go dark": Encourages and enables people to not post publicly, by providing socially-local posting options (e.g. "friends of friends").
  • Low trust hosting: The server admin cannot read people's journals without impersonating someone (which would be quickly detected). And in the other direction, the server admin can restrict public posting, removing the moderation burden.
  • Cheap to host for others: One tech-savvy person can host hundreds of people's journals for dollars a month. A basement computer can easily be a homeserver.
  • No group moderation: Everyone is responsible for moderating discussion threads on their own journals; there are no outside moderators. It's your living room, your rules.
  • Nomadic identity: You can always move to a different server, even if your original one dies unexpectedly.
  • Social bootstrapping: The trust model rides lightly on top of existing social ties. There's a web of trust, but it's just the regular one that existed before computers; cryptography is merely used to facilitate it.

The protocol, philosophy, and some future plans are documented in the cavern repository, along with a rudimentary but functional desktop app.

You can help!

If you're interested, any of the following would be very useful!

  • Kick the tires on the "Spelunk" reference implementation (for Linux desktop; currently requires Java to be installed). Write posts! Read other people's journals!
  • Guide the evolution of the protocol, with an eye towards simplicity, robustness, and privacy.
  • Review the security model, including the use of cryptography. Design a workable threat model.
  • Help design a new semantic markup language that will thread the needle between simplicity (for ease of application development) and richness (to satisfy users).
  • Discuss the design of social media in general—what works, what doesn't, how we can improve on it.
  • Maybe even come up with a new name! "Cavern" is a working name, but it might not be the best for adoption.

Where we are