Small Technology Foundation

Small Is Beautiful livestream #6

Distributed and decentralised social networks

Join us talking to Paul Frazee about his new decentralised social network project, CTZN, he’s building on the Hypercore Protocol.

Hosts: Laura and Aral.


Aral: And we’re live. Hello. It’s been a while, we were doing these streams every week, but now we’ve start doing them every month. It’s the first monthly one. Hi there, Laura. Do you want to introduce what we’re doing?

Laura: I can do so. Hello. That man there is Aral Balkan. I am Laura Kalbag. And together we are Small Technology Foundation. We’re a teeny tiny, not-for-profit organisation based here in Ireland. And as with previous events, we are in the same house but in separate rooms, and separate networks. Aral upstairs. I am downstairs. The dog is doing his own thing, so I might just interrupt at any point.

Aral: And this is a small live stream on Small Technology that we call Small is Beautiful. And this week, this week, I still think it’s a weekly thing. This month we have a very special guest, someone that I’ve known about personally for a very long time, followed his work, used his stuff, big fan of. And Laura, would you like to introduce who that is?

Laura: Okay. We today have Paul Frazee, who is working on a decentralised social network (sound familiar?) called Citizen, which is stylized as C.T.Z.N. And he is also one of the core team working on the Hypercore protocol and one of the people who built Beaker Browser. Welcome, Paul.

Paulo Hey, everybody. How y’all doing?

Aral: Hi, Paul, it’s great to have you. It’s great to finally to talk to you after knowing of your work for several years. So first of all, you’re joining us from Texas, right? How are you guys doing? How are you doing? I mean, we’re seeing the news where it doesn’t look great. How are you?

Paulo Yeah, I’m thankfully doing pretty well. I’m near some hospitals, I think is what’s going on. So I’ve managed to have power and heat and water for the entire time. So I’m one of the lucky ones. But a lot of folks are not doing so great and we’re just all kind of hoping for Friday to come along where it’s supposed to hopefully warm up a little bit and we’ll finally get power back. So it’s been a bit of a week,

Aral: Right? I mean, yeah, I can only imagine. And here’s hoping things improve as quickly as they can over there. We’re also hearing some miaows. Can we get introduced to the kitten doing the meowing. I know you have a kitten over there.

Paulo Yeah, she’s over near the door. That’s Kit.

Aral: That’s OK.

Paulo She’s very upset about the weather. I think she’s taking it harder than anybody.

Aral: I can only imagine, my gosh, if you if you ever want to just take Kit and have her join the stream, feel free, we’re very casual and laid back here. So, OK,

Laura: Yeah, Oskar tends to interrupt around the forty five minute mark. That’s his sweet spot.

Paulo All right. All right. I’m looking forward to that too.

Aral: So Paul, CTZN. This is what you’re working on right now. I mean, you were working on Beaker Browser. I’m assuming you still are. And if you’d like to talk about that, please feel free. But CTZN is what you’re currently actively working on, as far as I can see, very actively. Would you like to introduce us to what that is?

Paulo Sure. Yeah. So I like to call CTZN a mad science project. There’s a group of folks that come from like the Node community that have this idea of mad science projects. And it’s kind of, you get hit with some inspiration and you’re just going to do it what’s in your head and take it all the way to the finish point. And, you know, the joke kind of came from like people implementing things in JavaScript, really. “You can’t do that in JavaScript.” “I’m doing it for mad science. You can’t say that I can’t do that.” So that kind of culture of just seeing through some idea all the way to the end was a big part of what made me think, you know what? I’ve got some ideas I’d really like to try out for CTZN that break from what I’ve been doing with Beaker a little bit, but I don’t know, I just felt like it was time to to give them a shot.

Paulo And so the approach that we’re taking here is trying to see how we can use peer-to-peer technology, but actually get around some of the constraints that peer to peer tends to have, which tends to be the difficulty of having everybody maintaining management of their keys or keeping their data online and so on and so forth. It’s really great technology that there’s a lot of really good ones out there. I work with Hyperscore Protocol, but also IPFS and Secure Scuttlebutt are all really great techs. But getting them into useful and interesting applications has been challenging for everybody. And so with this project, I decided to sort of go with a hybrid model where we’re still using servers and that helps us solve key management and helps us solve being able to access from multiple devices or from any device. You don’t have to install anything and things like that. But then we still have this peer-to-peer mesh, which we can use as a kind of a data mesh to synchronize between servers. And the interesting property about that is that in practice it’s a little bit like federation. But I think you can do a few things a little bit more conveniently than you do with federation. Because this data mesh, you can basically pretend like all of your servers are on the same database together. They can just pass over the URL of a database or some record and load it up without having to think about who do I talk to? And I need to exchange messages with whoever is the host of this thing. It’s kind of just out in the mesh so that you can access this data. And that programming model, I think has allowed it to be a relatively fast development process for the engineering of CTZN. And so we started like I’m going to say, second week of January-ish was when we first started writing the code. And we managed to get to a working cross-server, you know, effectively Twitter clone within the span of about three to four weeks. So and that’s starting from scratch, all the UI, all the data synchronization between servers, et cetera, et cetera. And from my perspective, is somebody building on it. It feels kind of more like I’m just using a LevelDB. That’s how Hypercore’s exposing itself. So I think I’ll stop there and try to do something with this cat. So…

Aral: It’s OK.

Paulo I’ll be right back.

Laura: While you do that… Aral, I think it’s probably worth us just briefly noting, for people who maybe aren’t familiar with why you would want to have a decentralized social network, like, can you explain really concisely? Perhaps like why decentralised?

Aral: Well, OK, so why would you want to have a decentralized social network? Well, I think for quite a while now, quite a number of years, we’ve realized what the shortcomings and the toxic aspects of centralised social networks are. Now, when you think about social network, think Facebook, for example, you’re talking about a centralisation of power, of information and of wealth. So this is not a sustainable system. This is what Shoshana Zuboff from Harvard Business School calls “surveillance capitalism”. It’s something that I call “people farming”. It’s a business model. So the way Facebook makes money is they know everything about you and then they use this intimate insight to manipulate your behaviour and to let others manipulate your behaviour for profit. And this is a very toxic model. We’ve seen the so-called externalities of this in terms of in the UK, for example, Cambridge Analytica, you know, this led to the outcome of the Brexit vote and to the election of Trump in the US.

Aral: So this has negative influences on democracy and on human rights. And it creates these new sort of CEO kings, these new gods, like Mark Zuckerberg, who get to decide what’s your filtered reality is. So this is you know, this is something that is really quite dangerous to human rights and democracy. So that’s where decentralised social networks would be the alternative. And when I say decentralised, of course, and I’m sure Paul would agree with me, we’re not talking about Bitcoin bullshit or cryptocurrency bullshit here.

Aral: Right? We’re not talking about a different set of people becoming billionaires because they have their own cryptocurrency. You don’t need it. And I think what Paul is building and Hypercore in general, of course, really shows this as well. Yes. It’s a direct directed acyclic graph. Yes, it’s a Merkle tree. So it’s sharing certain aspects. The data structure itself is sharing certain aspects with cryptocurrencies, but it doesn’t have global consensus because it doesn’t need global consensus, it doesn’t have proof of work. It doesn’t need that. So I think is that a good summary or of why we would need decentralised social networks? Paul, was there anything you’d like to add to this?

Paulo No, that was a pretty good summary. You know, the the thing that I often kind of talk about when decentralisation comes up is a lot of people have a lot of kind of ideas, some of the connotations about it. Like you might assume it means nobody can moderate, no censorship, you know, so censorship-resistant and things like that. Or you might think it means cryptocurrency, things like that. But at the end of the day, I think it all has to do with this idea of authority, who has authority over a system and the way that we’ve built social media networks and a lot of applications on the Internet up until now have used this server-client model where the server is the authority on basically everything that happens within the network.

Paulo And not only are they the kind of topmost authority, but they’re also have all of the different parts, the kind of behaviors of the system are bundled up into what they control. So if you were trying to come up with a political analogy, I think a monarchy is a good one to think of. Everything goes up to the top and all decision making is on that basis. Whereas, you know, any other governance situation, most people would expect something a little more sophisticated. You would expect the authority to be distributed amongst either everybody that’s involved or a representative group.

Paulo You would expect something that looks like elections, whether that actually is an election process or in some ways you can come up with things like forking as an alternative to to elections. And then you would have separation of the different kind of authorities. One person or one group would be in control of one part of the system and another group in a part of another. So and a lot of ways what the way that I view decentralization is about thinking about the political experience of human networks. And thinking about how we design much more sophisticated models for for kind of society as it moves into a virtual realm, as opposed to taking this kind of naive approach, which leaves us in basically a virtual monarchy.

Laura: I thought that was a really interesting thing that I read about when I was just having a look at your Patreon where you’d recently written about the importance of collective rights as well as individual rights. And I think that’s a really interesting thing for us to be thinking about, because so much of the things in the privacy and security world will tend to focus on those individual rights.

Paulo Mmhmm, yeah. It’s one of those things where especially in most decentralisers, especially amongst them, they just always go for a typically libertarian, you know, individual rights supersede all other things. And some of them, some would identify more as an anarchic, like the SSB crowd, kind of think more in terms of anarchy, which systemically what they’re getting at is the idea that every individual person will sort of control exactly how they participate in the network. I’ll set who I follow, I’ll set who moderates for me on an individual basis. I’ll control my data, I’ll control my network. And there is… you know, one of the things I would highlight is that there’s nothing necessarily wrong with any, with that particular model, if that’s what you’re looking for. But for that to be the only model that decentralization is putting forward is actually kind of handicapping the entire premise. If you don’t have any appreciation for, and capacity for, situations that require collective rights, your system is just going to always be a little bit difficult to work with, I would think.

Paulo I mean, even in a fairly anarchic system, you still want a nice way to be able to find people, you know, the user search and things like that. And that gets into the space of having shared resources that a lot of people have an interest in. And now you have a collective question, and I need to start thinking about collective rights. What do we all kind of as a group get to say is our rights in respect to this registry of users that people can search through? And if, you know, there may be things that I find completely unpalatable to be keeping in a collectively-used user registry, if the thing is dominated by this, this is kind of a silly example, but if it’s completely like the phone book for finding me, you have to trudge through a whole lot of let’s just say pornography sites. That’s ok, you know, I don’t have any problem with that. But I also don’t want my family to have to trawl through a bunch of that to find me. So I might want to have some rights as a member of this collective to have some say over how this thing is managed. So that’s where our collective rights come into play. When you have shared resources that simply can’t be taken in the kind of anarchic or libertarian fashion, how do we begin to think about that in a decentralized context?

Aral: And if people want to read more about that, I believe you have, let me show it on here. An article called the “Anti-Parler” is it “par-lay?”

Paulo It’s “par-ler”.

Aral: Parler. Yes, OK. “The Anti-Parler: Principles for decentralized social networking” up on Medium, and I just found that the other day. So I think this is where you make that case as well, unless I’m mistaken. So, yeah, people can look on there as well for that.

Aral: And I mean, you know, we’re talking about collective rights as well. And one of the things that I noticed quite early on was, you know, in the systems that we have, what we’re also just not modeling is the person at all. You know, if you think about the person is in like flesh and blood, you have a level of encapsulation like the boundaries of your biological self. Right? And we have this system of laws and including human rights law that sort of protects those boundaries and protects, you know, whatever is inside of those boundaries as you. We don’t have this in the digital realm. It’s not a different world, of course, just a different aspect of our world. But we don’t have that. So, you know, with something like Facebook, when you have a thought, you know, and you share it on Facebook, you don’t have that initial decision-making capacity to say, I don’t want to share this with anyone else. I’m just jotting it down. I just want to have this thought, I don’t want to share it. You can’t do that on Facebook. So to have a place where you can do that for me was very, very important. To kind of model the individual and then to model the collective as a collection of individuals, you know? So that’s kind of the approach, at least that we’re taking with the Small Web stuff that we’re building.

Aral: So to basically say, well, what if everyone had their own server somewhere? And it started out, you know, I was looking at Hypercore and I want it to be maybe just a client. Everyone just has it on their… but Apple killed that with there with erasing your data if you don’t visit a site for seven days. So you go on vacation, you come back. And if we built the system on that, all your data would be gone. Thanks, Apple.

Laura: And you mean specifically the storage inside the browser? Not all your data.

Aral: Yeah exactly. Exactly. So imagine that we all had our own websites and but the data was stored on the client, on our browsers because we didn’t trust servers, because we don’t trust servers on the on the Small Web, like you were saying, Paul, as well, we trust people. And so yeah, you come back after a vacation, all your data is gone because your browser’s erased it. So we couldn’t do that. So my next thought was why? What if everyone had their own server? For one. No concept of users, just people, a person having their own server and then going from that.

Aral: How can we evolve a system where, you know, if you put something out there and you’re breaking the law, then we have a system of laws that that should come into play there. You know, I think a lot of… there’s so many issues here. People mistake freedom of speech with the freedom to make someone, compel someone to listen or the freedom from consequences of their actions. So there are lots of these things, but we have a lot of existing systems that would come into play if we could just model the individual. You know, and I don’t think that’s a million miles from what you’re doing either, because like you said, it’s not a federated system. You’re not building Mastodon using Hypercore. You’re when I’m on a Hypercore server, I still own my own data. And my data is separate from that instance. Right? Is that correct?

Paulo To a degree. So the the way that the Hypercore… Well, let me actually comment on the kind of personhood aspect of it, because it segues nicely into it…

Aral: Yeah.

Paulo In an information space, a networked information space. You can’t really have identity without having cryptographic keys involved. That ends up being a major determinant of whether or not you have any kind of first class identity in the system. In the Web, only servers have cryptographic keys. They have a domain name which gets mapped to a public key, and they’re able to sign, and then encrypt, traffic that comes from their device. And that is basically how they have a first class identity in the system. Individual users at present don’t really have that. They have to sort of borrow an identity from one of those servers that actually have first class. So they have second class identities. So any sort of solution to getting first class identities to end users would be to give them cryptographic identifiers, public keys, which they can then sign things and prove that they authored. Now, the ideal model for how I would like to be building this thing. We have successfully managed to make it so that every user has their own public key identifying them. And in the ideal world, they would possess their private key on their own devices, because I think you could actually get into a notion of property rights around your cryptographic key. And as long as you retain the property of the private key, you have total autonomy in the system. That would be the ideal world. At this stage, we’re going to go ahead and let the servers maintain those keys on your behalf and then put in place some ways to try to check that slight power imbalance that comes from that, which I could talk about a little bit later.

Aral: But what’s the blocker in not being able to do the ideal aspect of that? So generating the keys on the client and just having the public keys on the server.

Paulo Yeah, the biggest blocker, really, I say there are two things that stand out really quickly. One of them is you would you might be able to do that without having to download some software. But I kind of doubt it. I mean, you really want to make sure that the key, the private keys are going to be kept secure and not lost for some arbitrary reason. So if I’m thinking about mobile and I’m thinking about, you know, your desktop and laptop, you need to have a piece of software which can reliably generate the key and then transmit well, basically interact with the server to sign changes that occur. So you have a software problem where, at present, the browser ecosystem is just not terribly ideal for having the device hold onto the keys, and especially because you need to sign off on any change that occurs without sending the private key up to the to the server. So you would need to have some kind of a pathway for having the application get the signature, send it up to the server. That’s the first problem…

Aral: This is something I’ve been working on… in case it helps… We saw Kit! Kit just jumped up there…

Laura: We can see Kit’s tail!

Aral: [laughter] Kit’s tail has entered the chat!

Aral: Aw, it reminds me of the cat that I had when I was a kid.

Aral: So, Paul, in case it helps and if you want to drill some holes in this as well, that would help me. But I’ve been thinking about this for a while as well. And what I’m doing basically is I’m generating a diceware passphrase on the clients, and all of your key material is then generated from that. So what you do as your experience is you store that diceware passphrase in your password manager and let’s assume at this point that that’s something we’ll push with the system that we’re doing, like use a freakin password manager.

Aral: So put it in there. That’s the only thing you need. So anywhere you put that password, the passphrase back in, all your key material can be generated on the client. Now, there are issues, like you said, the browser is not ideal for this because, of course, we’re trying to use the Web in ways that it wasn’t necessarily built, maybe originally how it was built, but not how surveillance capitalism has shaped it in the last however many, 20, 30 years. But one of the issues is, of course, we don’t have something like sub resource integrity for the initial page that’s loaded.

Aral: Now, the reason small websites are SPAs, and quite possibly, I don’t know if it’s the same consideration for you because I know CTZN is this single page app. But the reason is that’s the only way I can think of of actually being able to sign it. So we’ll have to use a browser extension at that point to verify that the initial load is what you expect it to be, because you don’t want the server sending something that gets your passphrase. But you can do that. And it depends on your threat model as well, but you can still do that.

Aral: So at that point, the client is where all of your key materials are generated and you don’t have to send the the private keys, the secret keys to the server. So if this works for you in any way, please steal it. And I’ve kind of basically implemented this for for Place at this point… it’s the bit that exists. But I don’t know in case it helps…

Paulo It’s not a bad thought. And, you know, especially if you can install an extension. I’m trying to avoid… I’m trying to get us to a point of maximum approachability. So I’m trying to avoid anything to install. The other challenge you’ll run into and maybe you have an answer to this as well… is just synchronizing between devices the keys, which, you know, if you have the passphrase, I think you probably sit down at the device and type that in.

Aral: That’s it. Yeah. Or use your password manager. I mean, I think one of the things we need to do is also kind of, you know, really encourage good practices. And the thing is, if you’re not using a password manager right now, you have bigger problems, probably. Like really week pass phrases, et cetera. Yeah, but yeah, I mean, let’s and we can keep talking about this stuff as well, because I’m not saying I’ve solved all of it. There are issues like, again, going from a point to we don’t trust servers, we trust the person. So it means like, OK, well every piece of data that I, even the public data that I want to store on my server, I need to sign that on the client to say I’m the one who put that there.

Aral: Now, of course, with Hypercore, you you have a signed, you know, tree there that you’re working with. But so these kind of things are really, you know, it’s… you know, when people say, what’s a Small Web, what is this whole thing about Small Web you’re doing? I’m just like it’s exactly what it sounds like. It’s the exact opposite of the Big Web. Take the Big Web, flip it around on its head and you get the thing that I’m trying to build. And I think it’s not a million miles apart from what you’re doing.

Paulo No, not at all. No. Yeah. I don’t know if I have smallness as a goal. Actually, one of the things on which I completely, that idea resonates with me, but it’s slightly different than what I’m aiming for with CTZN. I want to make, to my thinking, me personally, what I always like about things like Twitter is I do like being a big space personally. Right. And I think, in fact, some of the, you know, the kind of high level interest about CTZN is thinking about this political experience design, and how can we add sophistication into the political system, which really only becomes significantly challenging and compelling when you get at scale.

Paulo And if you can apply those ideas to some of the really challenging questions around how these big networks surface information, how the algorithms work, how curation and discovery work, how moderation works and things like that. If you can actually make some improvements on that front, I think it’s a pretty compelling thing to be angling at, which is why I’m tending more towards sticking with big. Of course, it makes scaling a little bit harder for me. But…

Aral: But also it’s so great that there are multiple approaches in this area. I mean…

Paulo Absolutely.

Aral: One of the things that people ask me is like who are the people working towards similar ends in this space? And if you remove the sort of bullshit projects, and by that I mean venture-capital-funded wants-to-be-a-billion-dollar-thing, you know, I’m going to take it at face value that you’re not in this to be a billionaire because you wouldn’t be building it in the way that you’re building it, if you were. I mean, if you are, you’re doing it wrong. And I don’t think you are.

Aral: And that’s what’s so cool about it. But if you remove all of those efforts in the blockchain, kind of right-Libertarian things, you get a group of people, like you said, maybe the the the Scuttlebutt folks, the Hypercore folks, a few others that you could probably put into a large room like at a conference. And if something happened to that room, they’d just be gone. I mean, I tell people we’re… statistically we don’t exist right now. So it’s so cool to see different approaches because part of why I’m trying to share every bit of what I’m doing, like whether it’s how do we get automatic Let’s Encrypt certificates so you can instead of just Node’s HTTPS, you can say @small-tech/ https and you get automatic Let’s Encrypt in your application. You know, that’s a little module, part of Site.Js/Place that you can use. The reason I’m trying to share every brick of what we’re doing. And I see that same approach with what you guys are doing as well, is to enable people to play with this in different directions, to take it in different directions, try different things to lower the barrier of entry.

Paulo Yeah.

Aral: You know, because you have a thousand Twitter clones, actual Twitter clones like we have. You know, everyone’s trying to make the next unicorn and become a billionaire. You know, they call it innovation. They’re just building the same sort of people-farming things over and over again. So we need something where we can experiment. So it’s so cool to see a different approach with the right intentions.

Laura: If we rewind for a second. I was going to say, because we’ve just talked about venture capital backing and things like that. I noticed that you’ve got a passion and you’ve got three of you working on the project there? Could you say a little bit more about who’s working on it and how you’re funding that?

Paulo Yeah so presently we have… There’s Kit again. Presently we have… there are three of us that are a part of the Patreon. On the Hypercore team, core team of Hypercore is myself, Mathias Buus and Andrew Osheroff. Mathias was the original creator of the Hypecore protocol, and they are currently full time on some protocol work where they’re they’re looking to kind of wrap up a couple of final major changes to get some more sophistication in the protocol to deal with things like multiple devices and things like that, possibly even something similar to smart contracts. We’ll see.

Paulo And then I’m the one working full time on CTZN. So we are you know, there’s a lot of intersection between what we’re doing, obviously, because I’m downstream of them effectively. But on day to day, we work pretty separately. And that’s reflected in the fact they’re both in Copenhagen right now. And here I am in Austin.

Aral: Yeah, and and I know Mathias personally is a lovely guy. And Dominic as well, I mean, many years ago we were sitting in a little cafe in Copenhagen with Dominic and with Mathias and kind of talking about the stuff back when I was, you know, just thrilled to discover DAT, the precursor to Hypercore. Lovely, lovely people. You know, it’s just so great to have people working on this stuff for the right reasons, which is so rare, so rare.

Aral: You know, it’s like what? There isn’t a venture capital backed billion dollar, you know, unicorn ploy behind this? No. Good. OK.

Aral: By the way, before we forget, if people if you want to if you’re watching this right now and you want to join us in the studio, I’m just going to put the URL up here. Grab your webcam, grab your headphones so we don’t get any feedback, and we have room for seven other people apart from us. So if you want to ask a question or if you have a comment or if you want to just say something, join us. And the URL is up there now.

Laura: And if you’re shy and you don’t want to come on camera and use your mic, as I say, every livestream, you can always just ask your question in the private chat and I will ask it on your behalf.

Aral: Cool. I mean, people are not going to stream in right away, [laughter] this is so huge, the Small Tech web cast is huge.

Laura: Because we were talking about it in a recent livestream, we had a lot of conversation about the funding aspect of it. Can I be nosy and ask you how the Patreon is working out for you in terms of helping you fund your work?

Paulo It’s early days, so I’m not really, I can’t really make anything definitive, say anything definitive about it. But relative to, I think the amount of people that have been kind of involved with what we’re doing, I get a pretty good sense based on how many people show up to the stream. It’s done pretty well. You know, I think it’s pulling in somewhere like four hundred fifty a month, which helps, you know, you know, making sure that I’m not going completely broke at the moment.

Aral: And you’ve got that listed on the GitHub as well.

Paulo We’ve got it all. It’s all pretty transparent.

Aral: It’s all there. Yeah.

Paulo Yeah. So, yeah, I mean, I don’t know how that will pan out long term. One of the things that I do actually strongly believe is that, despite the fact that we’re not a cryptocurrency kind of thing, I think we do have to think pretty clearly about the economics of how this system is going to work. And what I would like to see is… I don’t know this yet. It’s all kind of speculative. But probably the first thing I’m going to play with is getting the CTZN server instances to have a nice setup for users to be able to pay for their usage of it.

Paulo And if the CTZN servers are actually sufficiently sort of generic platforms for data storage and application back ends, then the value proposition, I think starts to get to the point where users might be willing to pay for it. Some like how they pay for, like Google Maps and like that and…

Aral: Exactly what we’re doing.

Paulo Yeah, I think that’s the right model for this kind of thing.

Aral: Yeah, yeah. And let’s share notes on that as well, because that’s that’s the aspect of it. How do we get that to be so, so seamless, et cetera, that I’ve been putting a lot of effort into and we’ve been thinking about that and building around that a lot. So if there’s anything we can help with that for your… for what you’re doing, if there’s anything you can reuse with what we’re doing, that would be more than happy to help because. Yeah, exactly the same thing.

Paulo Likewise. Yeah. I mean, you know, everything, sharing everything I can and I’d be happy to see what you have on that front. I was just thinking out and I’ll get Stripe integration in there, make it easy for a server admin set up. But, you know, they have to be. One of the things I saw, too, back when Mastodon first happened was… I hope he doesn’t mind me sharing the story, but he tweeted about it. It’s Nolan Lawson set up a Mastodon instance. And Nolan is a pretty sophisticated tech guy. And so watching him go through it was a really eye opening thing. You talked about the difficulties of server administration. I mean, he was having to put it to work, and then he started to run into the cost problem and had to put together a Patreon just to pay for his Mastodon instance. And I was just kind of watching this go going like that… it’s like that is not ideal. That’s not going to work. So obviously, having the thing be as hands-off as possible to administrate is a major, major part of it. But if you could, you know, why bother with having to go to the side channel if you could get just the payment system integrated pretty cleanly? There’s part of me that kind of loves the fantasy that, like running one of these CTZN instances could be like a small business thing, that reasonably somebody could spend a little time putting one together and make a comfortable salary.

Aral: Yeah.

Paulo Being an administrator for people. It’d be really nice.

Aral: Totally, totally agree. I mean, it’s basically what we’re doing with And part of it is basically at the beginning, I got really blocked by, well, how am I going to give everyone their own domain? We did this project with the city of Ghent where they had their own top level domain. And we were like, let’s give every citizen in the city of Ghent their own site. This was a project that we were doing about two years ago until they got a conservative government and we got axed. But yeah… But it was it shouldn’t have been a blocker because what we’re doing now with is I’ve registered it with the the domain prefix list in your browser.

Aral: So basically we are a de facto top level domain. So we can set up a subdomain like that. And I can actually get your site up and running like that. And if you look at, I can actually source code for it. You don’t have to like make a donation to us for it. But if you actually go to, let me just show you this. Sorry, very quickly. If you go to and if you were put in a… Actually, you know what, I’ll show you this on in Terminal, actually.

Aral: I’m running it locally, because then I can actually do the whole thing. Because this might be interesting for you as well. So I’m just going to… I wasn’t planning on doing a live demo. Let’s go to, “site”, and I’m just going to run Site.js on there. So it’s serving it locally and I’ll open that up in my browser. If I go to localhost, go to Fund Us, you’ll just see how it works in test mode.

Aral: Going to make a monthly donation. So I’m going to become a patron. This is all part of Site.js, all written in NodeJS. Just very, very basic. But if I actually make, let’s say,, that’s not my email. This is all just test data and I’ll… any date in the future. I think any CCC. probably going to get some religious people… I know and subscribe. Now, what happens is after it’s done this, it’s going to come back here and I have my own patronage page, and I must have put in my name wrong. I must’ve done something wrong.

Aral: Ara! But the cool thing is you can manage your patronage from here. And we’re not storing any data. It’s based on your Stripe token. So we’re not storing any data whatsoever. But I can update my patronage here. And so all using WebSockets. And again, we’re not storing any data here. So this is your management console basically for it where we’re not storing any data.

Aral: We’re going to take this one step further with the Small Web. So you’re setting up your own server, but even the administration of that, I don’t want to do that for you. So you get to administer it. You do make calls to us. And we basically when you say you want to cancel your account, we then relay that to Stripe and we cancel your account with the host for you. But everything is on your own server. So that might be an interesting way of looking at it as well. All this code exists as well. If you want to take a look at it. It’s so, so simple with Site.js, as well, to implement something like this.

Aral: But again, we can keep talking about this stuff. We also have people who’ve joined us. But yeah, sorry. Go Paul. What do you think?

Paulo I think that’s very cool and I appreciate the emphasis you’re putting on not storing data. The thing that’s funny is that when you think about how you would expect a system like that to work, you would expect there to be requests sent to a service, but only kind of on the basis of are you actually asking them for something right now similar to I have to go to the bank to make a withdrawal. That’s the one time I don’t expect the bank to kind of like, run my identity there or something along those lines. I have an account with them, that’s it. So the design that you’re putting into place, I think, is is a very nice approach to how you’re going to keep this. You know, you want the thing to survive longer than you. That’s kind of the thing.

Aral: Yeah.

Paulo And one of the and it’s not just like the existence of your organization, but you also got to think about what happens if you’re, once you’re gone from the organization, somebody else comes in to control. How are they going to handle the thing? So you really have to design your software to be resilient to yourself, sort of preemptively. And that’s really what you’re accomplishing there. So I appreciate what you’re doing.

Aral: And cool, and like I said, if there’s anything we’re what we’re building, any of what we’re building can help, please let me know. I’m more than happy to take you through it or whatever. You don’t need me to, but you know what I mean. That if I can help, I’d love to help. I love what you’re working on. I’d love to see it succeed.

Paulo Appreciate that.

Aral: Laura…

Laura: I think it would be great if we could add Paulo to the stream. He’s a really great supporter of ours and has been so wonderful and kind to us. It’s really nice to be able to see your face.

Aral: Hey Paulo!

Paulo: Hello Aral. Laura and Paul, delighted to meet you.

Paulo Ah!

Paulo: I’m sorry I have to wear my mask because I’m at the office right now so I can take it for the shared. But maybe in the future you can see my face. Otherwise you’re…

Aral: And you’re responsible. And we appreciate that. Thank you.

Laura: Yeah.

Paulo: Yeah. We have to do that. It’s our etiquette here at the office. So I cannot I cannot take it. So I have a question. And this is a coincidence because my patronage goes to both of you, both Small Tech org, and Paul’s work in the mad science project with the CTZN that I’ve been I’ve been following very, very keen in the YouTube channel. And Aral was talking about lowering the barriers. And the problem is how to make technology accessible to ordinary people without having the resources that all Big Tech normally have. And the question is, you were talking about the funding process… what constraints independent developers like you have to collect enough funds to enable them to be able to develop software solutions that are at the same time ethical and easy to set up. Because one of the main problems that people that use Facebook or Twitter or any other product like that, normally they they have a problem in switching to free and open source software because of the constraints in setting up a server and making all the configs. So what can be done in the process of making it easier to ordinary people to access those those tools? That’s my question. Thank you.

Aral: Paul, please take it away.

Paulo So there’s there were sort of two parts to the question you ask. One is like, how do you deal with the funding aspect of that, that being under-resourced and trying to get… and the other one, which is just how do you accomplish it at all? I probably have more to say about the latter because the former the answer is I’m just barely scraping by… Happy to do it. It’s just kind of this is what I’m driven to do. But it’s not a scalable, reproducible solution. And I’m fortunate enough to have people like you helping me out with that. And thank you for for doing that. So the… but on the execution part of it, it is absolutely harder. Everything is harder whenever you try to do it this way, just right out of the gate, you get a couple of new interesting opportunities because of the design. But for the most part, you’re paying for those opportunities with 10x the amount of difficulty. And I think at the end of the day, the only answer is to just accept that that’s the cost and then do, aim as high as everybody else does.

Paulo One of the things that kind of hit me at one point, as I was I’ve been doing this for like 10 years now and like two or three years. And it kind of hit me that if you’re not doing something that is easily adoptable for people, that it’s kind of a solipsistic practice because you’re just doing it for yourself or for your friends, which, if you want to do that, is fine. But if you’re actually telling yourself, I’m trying to do something for people and then you’re not actually getting it all the way to the end goal that anybody can sign up and use this thing, then you’re not actually executing on what you’re intending to do. And so that means, you know, you can’t put a band together and have great guitarist, a great keyboardist and a great drummer, but like terrible vocals, you’ve got to get the full band together.

Paulo You’ve got to take it all the way to the end, make sure that people can handle it as conveniently as possible. So it’s just got to be more work and a high standard for yourself. That’s the only answer.

Aral: Yeah, I mean, I couldn’t agree more. And we’re in a similar situation and really, you know, my criteria for success, for whatever it is that Place is going to morph into, and Small Web is going to morph into, is can you get up and running with it in 30 seconds with no technical knowledge whatsoever? And can you keep using it without any technical knowledge whatsoever and not being reliant on some sort of large corporation or being locked into, you know, any single provider? And that’s hard. It’s not impossible. But to get back to your original question of the funding and these are related, you know.

Aral: We shouldn’t be struggling the way that we’re struggling to fund these these projects. There is more than enough public funding in the EU, especially, to be supporting projects like this. It’s just not going to our projects because our application form doesn’t say bitcoin, blockchain, and here’s how it’s going to make X million in this amount of time. It can be sustainable, but that’s not what we’re looking to fund, even in the public sector.

Aral: In Europe, people like to think, oh, well, I mean and I hope that this happens, that Europe is the third alternative that something can come out from because it’s not driven by this history from Silicon Valley, et cetera. Quite possibly. But because we have the European Union. But when you look at what people are upset about in the EU, it’s not that we don’t have ethical alternatives, it’s that we don’t have our own Facebook. If you talk to policymakers, it’s that we don’t have our own Google.

Aral: And look, the American Google is doing everything and making all this money and whatever. Why don’t we have our own? So why don’t we try to have our own? So even we’re not even at the point where we’re thinking, no, we don’t wanta Google, we don’t want a European Facebook, we want something better. And maybe then, you know, maybe then the money would go to projects… because we’ve like we’ve given up, for example, we’ve given up applying for public funding in the EU because we just never get it, you know, because we’re not talking the startup game.

Aral: We’re not we’re not part of that system. And this ends up with like Europe, for example, acting like an unpaid research and development department for Silicon Valley because we actually invest in Silicon Valley-style startups with public money. If they fail, the taxpayer foots the bill. If they succeed, they get bought by Facebook and Google because they’re compatible with their business model. So we end up becoming an unpaid research and development department. So we need to change this. But I’ve said these exact same words at the European Parliament and it falls on dead ears.

Aral: You know, how do we change that? Because until we change that, you know, like with us, with Laura and me, we sold three family homes that my family had, small apartments in Turkey. If you combine them all, you could maybe get one apartment building here. So they’re not rich. But that’s how we funded ourselves in the last five or six years. And donations which kind of pay for our hosting bills. And thank you so much for supporting us.

Aral: But this is not sustainable. So hopefully we’re going to… hopefully the Small Web with the server setups that, like Paul was talking about as well, will be a step towards sustainability. But the hardest thing is we’re told to be successful, you have to be successful in the current system and in the system that you’re building. You know, so we’re trying to build this bridge between these two worlds and we have to be successful at both. And telling the truth, we’re going to need a little bit of help. You know, if we’re going to do that. And that help isn’t coming, as far as I can see, from at least public funding

Laura: And going back to what I was saying earlier as well about having the intention that people who aren’t… don’t have a lot of experience being able to get set up and go very quickly, what we’ve had to do is be realistic about the fact that we’re not going to achieve that immediately. And we do actually need to think about in-between stages that we can potentially make financially sustainable as well. And so really, we have to understand the uses that it might have for developers, people who would be able to use what we’re building sooner in order to get us to that first stage as well.

Aral: Yeah, I mean, the very first stage of setting up your own Small Web server is going to be for developers, even though it’s a 30 second thing, it’s going to be hopefully developers who want to build along this alongside us and to explore this area, taking it up until the thing that we’re building like Paul’s building CTZN, that is an actual app. And we’re going to be we’re building Meep, which is a single app, which is kind of like basically our version of the Twitter clone for our system. That’s going to be the thing that people will you know, regular people who use technology is an everyday thing we’ll be able to use. But in the interim, we’re going to need to have some sort of funding coming in. So we’re thinking, you know, and it will help us to have developers on board initially and then to move towards that.

Aral: But, yeah, eventually it’s a success or not, whether or not someone can as easily set this up as setting up a Facebook account or even easier and get as much utility, if not more.

Paulo So everything you said about the funding, the public funding in particular, matches my experience as well. I was just nodding along, as you said, that it sounded very familiar. I just have come so far from success with them wit getting public funding that I gave up on it quite a bit ago.

Paulo And I agree that the trick is to sort of aggressively look for something that you can give to people as quickly as possible that’s going to resonate to help you build the kind of forward momentum you need to then potentially get the kind of funding help you want. And you know, what you’re doing with with Place is interesting. I’m pretty… you know, I saw your demo that you did, and you really are simplifying the server deployment flow significantly. So I’m keen to see where that goes. And it’s kind of one of the things I like is whenever people pull what I like to call a ninja move where it starts out, they put something out into the world and it starts out looking like one useful thing. And then they kind of like, OK, it’s got some traction and then it blossoms into something else. And it’s kind of a surprising thing like, oh, wow, this is actually much bigger than I first thought. It’s useful, but also they’re thinking big. So I think it’s entirely in the realm of possibility to pull off one of those ninja moves to to hand developers something that feels really good and then say, by the way, this is actually the basis for decentralized applications.

Paulo So have fun with this new piece of tooling. And by the way, this is now easy enough for a non-technical person to put to use. And now you’re even more so rewarding the initial developers that adopted it because their initial investment is now paying off for them. They were early in it and so on. And so I think that’s a very good strategy to take.

Aral: Well, I mean, my turn to keep nodding along. [laughter]

Aral: Which feels good, because that’s not something I normally do. I mean, if you if you ask around, I’m not I’m not known for my agreeableness, but that’s just because I come into contact with the mainstream on a daily basis.

Paulo That’ll do it.

Aral: Laura, do we have any other questions?

Aral: Yeah, we have we have questions from Leonardo. Leonardo can’t come on to the stream today so he’s asked me to ask the questions on his behalf. I hope I get these right, Leonardo. It’s a bit of a turn in a slightly different direction, but it is related to what we’ve been talking about. So Leonardo asks, what about the role of physical personal servers in the same way we have personal computers in building small tech and he follows up and says, shouldn’t we develop personal servers of people to use in the same easy way they use personal computers?

Paulo So I would actually be pretty keen to hear y’alls thoughts about this. I’ll just start by saying that I love that idea personally and it strikes me as compelling on a number of different levels. The first one being, as just a kind of a total fulfillment of what you would ideally want your Internet, decentralized world to look like. Having the autonomy of your own hardware would just be really fantastic. And, you know, having kind of if there’s pretty useful compute their, excess compute, the ability to be bringing in new applications that you don’t even have to think about how much am I paying the cloud provider for anymore? You pay one time and now I could really just have fun installing things there and run my own web crawler or run my own set of social applications. I would really love to see that. So on a kind of a personal what I would love in terms of what it does for people, I think that’d be great. The other thing that strikes me is speaking of like trying to get into a niche of like an established concept of a hot space. This is like what’s blocking a lot of the funding stuff is that they’re looking for hot spaces that they can fund and be a part of.

Paulo If, you know, the home server premise has never really caught off, caught on. And my impression is that it’s on account of the software ecosystem around it as much as the hardware. The hardware aspect of it is not super complicated at this stage in terms of what is available off the shelf. It’s all always going to be hard to sell a hardware product. But building a home server is not extraordinarily unique and there have beena whole in a esses for a long time. So if you were able to build a software stack, it’s able to actually leverage this and turn it into a product that suddenly goes big on the consumer market. Let’s talk about creating a new market category that could get a lot of buzz so it could end up being a pretty useful step in solving how we get decentralization funded by forming an entirely new market.

Laura: I do you remember a while ago when we were at RePublica, which probably was about seven years ago now, or something like that. And there was a product there that where there was this home server. And I think there is a home server system. I want to say it’s based out of Germany. And it seemed to be very popular and usable for the people who were kind of in the more technically-savvy, more kind of the kind of people be used to hanging out and fiddling around with hardware anyway, rather than a mass market. Although nowadays I think that that might have changed a bit because people are so much more aware of the dreaded smart home products. So while most of them are surveillance-based and pretty horrifying, I think it has made people more comfortable with the idea of interacting with hardware in their own spaces.

Aral: Well, and as you were talking, what I was doing was just taking our little prototypes that we had, so while I was working on Site.js, one of the things was, well, what will this run on? So let me just hide my face, see if this will focus on there. So this is just a Raspberry Pi One with a battery and a 3G modem, and that’s a website. Right. So you can watch some of my talks where I’m just live, people are having WebSocket chats with me using Site.js on this little tiny thing. You want more of a product? This is, I even forget what it is, I got it from China. It’s little tiny server. Let’s see if it focuses on this tiny little server. And I was calling this a limpet, actually. And basically what you do is you just connect this to your router. If it has an ethernet port in it for an external device. And that’s your home server right there. So this is definitely within the realm of possibility. Like Paul was saying as well, the hardware is there right now and it can support all the stuff that we want to do with it. But like Paul was saying, it’s not about the hardware, it’s about the software and what it does. So, yeah, in the future, I think this would be another path to sustainability for what we’re building. So just like you can set up your own Place or your own CTZN or your own Meep for our little Twitter clone on your own VPS, virtual private server, you could just set it up on here as easily as well, but you wouldn’t even have to set it up.

Aral: This is something that you could buy online. You take it home, you connect it up and it works or it’s just Wi-Fi and it just works. So that’s how it’s got to be. It’s got to just work and it’s got to do something useful. So, yeah, definitely within the realm of possibility. But of course, if you think about it, you know, why aren’t these things running on these? This is a PinePhone it’s probably $150 free and open source phone. Right? Because that’s all this is, kind of packaged up nicely, in a way. And if the mainstream was different, you know, we have these devices like this is just the new iPhone that I got because my other one almost exploded the battery. But yeah. So this thing [the iPhone] which costs way more, is way more powerful. We could all be running our own Facebook’s on these. The reason we’re not is not a technical difficult difficulty or a blocker. It’s a business model issue and it’s a surveillance capitalism issue that we have. Or we could all have sovereignty right now. We could all have these beautiful, decentralized networks all running on this. But Apple won’t let you and Google won’t let you do that. So I think the future is so open. It’s so exciting what we could build, what we can build and what we’re building with absolutely no, I mean, don’t get me wrong, Paulo, your support is so welcome and thank you so much. When I say absolutely no support, I mean, statistically. You know, you have you have an idea for a social network where all you can say is Yo! and you get five million in VC right away because your business model is the same as, is compatible with theirs. Right? But we have no funding for what we’re doing and we’re still doing it. So, you know, hey, more power to us.

Paulo: Just let me say one thing. You are talking about your phone. I have my iPhone. It’s a ex-XS Max. I think it’s about two years old. Three years old. I’m not sure running Manyverse, which is a peer-to-peer social network. And so we can have this kind of devices and using a decentralized social network. So we are not obliged to use Facebook. So I deleted my Facebook account sometime ago, long ago. I don’t regret it. I I’m perfectly happy without Facebook. Many of my friends just complaining, why don’t I have Facebook? Wewant to send you a message. And I just keep saying you have several pieces of software. You can use XMPP to send me a message. But they they they just say that if I have to to install an app every time someone uses a different app to communicate with someone, I will have ever so many messaging apps on my phone that I can’t just run it. So this is one problem.

Aral: If you think about it, these are the same people that will install the next Candy Crush app, whatever it is, the moment it comes out, though right? At some point we also have to say, you know, if you’re my friend, then does my privacy matter enough for you to download an app? Downloading an app is literally the least amount of effort you can ever spend right now. People used to get water from wells and carry it for miles. You’re pressing a freaking button.

Laura: But this is this is a whole nother issue for another day to some degree. But it’s the we’re kind of lucky if we are the people that can detach ourselves from particular social networks, because there are people with kids whose whole schools, especially nowadays with homeschooling and things like that, are using Facebook for everything and are reliant on it. And so you have to, you’re forced to partake in these things because it is the social infrastructure that the majority use. And that’s a whole nother battle that I mean, I’m not really sure that we have the energy to fight, but that other people have to fight as well.

Aral: And we’re kind of almost out of time. So I’m thinking maybe we should give Paul the last word as he’s our guest today. Paul, is there anything we haven’t asked you? Is there anything we haven’t talked about? What is the… what is the message you want to end this on? Because I think it’s been a great conversation. I’m so glad that we could have you on.

Paulo Boy, it feels so big when you put it like that. What I want to end it on, you know, there are a lot of things that that interested me about all this. And I think there’s a lot of opportunity, a lot of possibility and a lot of projects doing really interesting things. So it’s a pretty, I think, an exciting time to be kind of key into a decentralized social networking or decentralization in general.

Paulo And, you know, in a lot of ways, the you know, it might be easy to kind of focus on some of the weightier reasons for why I’m involved in it. But my main takeaway is that it’s really pretty enjoyable. And hopefully what will come out of this is something that could be quite fun for people to be using as well. And wouldn’t it be nice if we had if we’re able to inject a little bit more fun back into our online experiences. So hopefully that’s what everybody kind of walks away from if they ever do check out what I’m doing is that this is actually just a fun thing to be involved in and check it out.

Aral: I couldn’t agree more. And on that note, Paul, thank you so much for joining us. Paolo, thank you for joining us as well and for your questions and Leonardo for your questions. And yeah, if you want to check out Paul’s work, please go on GitHub. I believe that’s where CTZN is available right now. So this is the URL,… CTZN and and just also reach him however you can. As you can see, he does not bite. And Laura, do you want to do you want to take us out.

Laura: Yeah, sure. And so that man has been Aral Balkan, I have been Laura Kalbag.

Aral: And this has been Small is Beautiful, but of course, that’s not showing right now. Here we go. [laughter]

Laura: Classic. There we go!

Aral: No, still not showing. So smooth? Wait a minute. Let’s do that again. We’re doing it again. Doing it again live. Come on. It’s going to be so smooth. The last 10 seconds did not happen. All right. Let’s do it right. Laura, would you like to take us away?

Laura: Oh ok. I’ll go again. Ok. He has been Aral Balkan. I have been Laura Kalbag. It was really nice talking to you today.

Aral: And that has been Small is Beautiful. [cheers]