ecosistema-social-decentral.../topics/privacy.md

# Privacy

Designing for public communication requires less focus on privacy than social applications designed for close social circles. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.

Many decentralized social applications use e2e encryption to preserve the privacy of direct messages.

- Matrix - [End-to-end encryption guide for Matrix clients](https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide)
- ActivityPub - Mastodon is [adding e2e encryption to ActivityPub](https://github.com/tootsuite/mastodon/pull/13820). Previously, messages were unencrypted on the server.
- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed around the network.

Some more e2e messaging encryption options:

- [Noise protocol](http://www.noiseprotocol.org/), used by WhatsApp
- [Messaging Layer Security (MLS)](https://messaginglayersecurity.rocks/)

A few decentralized social applications focus on privacy.

- [Peergos](../protocols/peergos.md) - Peergos provides [capability-based access control](https://github.com/Peergos/Peergos) for files on top of IPFS. Files are kept private. All encryption happens on the client, which could be a native Peergos client or a browser. Data is always encrypted on the servers. Servers do not have access to metadata or sensitive information. Access is controlled through cryptographic capabilities. Access is hierarchical, and stored in an encrypted structure called [cryptree](https://book.peergos.org/security/cryptree.html).

- [Zeronet](https://zeronet.io/) - Zeronet is an example of a p2p network that was designed with a focus on privacy. It is a browser for a decentralized network built on BitTorrent and Bitcoin, and instead of having IP addresses, Zeronet site addresses are Bitcoin public keys. ZeroMe is a proof-of-concept Twitter-like social network on Zeronet. It has not received wide usage. Other sites on Zeronet include ZeroTalk (like Reddit), ZeroBlog (microblogging), and ZeroMail (encrypted mail).
update security, discovery, blockchain-social, identity 2020-07-04 06:41:33 +02:00			`# Privacy`

			`Designing for public communication requires less focus on privacy than social applications designed for close social circles. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.`

			`Many decentralized social applications use e2e encryption to preserve the privacy of direct messages.`

			`- Matrix - [End-to-end encryption guide for Matrix clients](https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide)`
			`- ActivityPub - Mastodon is [adding e2e encryption to ActivityPub](https://github.com/tootsuite/mastodon/pull/13820). Previously, messages were unencrypted on the server.`
			`- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed around the network.`

			`Some more e2e messaging encryption options:`

			`- [Noise protocol](http://www.noiseprotocol.org/), used by WhatsApp`
			`- [Messaging Layer Security (MLS)](https://messaginglayersecurity.rocks/)`

			`A few decentralized social applications focus on privacy.`

			- [Peergos](../protocols/peergos.md) - Peergos provides [capability-based access control](https://github.com/Peergos/Peergos) for files on top of IPFS. Files are kept private. All encryption happens on the client, which could be a native Peergos client or a browser. Data is always encrypted on the servers. Servers do not have access to metadata or sensitive information. Access is controlled through cryptographic capabilities. Access is hierarchical, and stored in an encrypted structure called [cryptree](https://book.peergos.org/security/cryptree.html).

			`- [Zeronet](https://zeronet.io/) - Zeronet is an example of a p2p network that was designed with a focus on privacy. It is a browser for a decentralized network built on BitTorrent and Bitcoin, and instead of having IP addresses, Zeronet site addresses are Bitcoin public keys. ZeroMe is a proof-of-concept Twitter-like social network on Zeronet. It has not received wide usage. Other sites on Zeronet include ZeroTalk (like Reddit), ZeroBlog (microblogging), and ZeroMail (encrypted mail).`