Imagine Facebook, Whatsapp, Gmail and Skype rolled into one, without the centralized surveillance and control. Crazy? Well, it hasn't been tried before, at least not our way. So let's give it a try.

secushare employs GNUnet for end-to-end encryption and anonymizing mesh routing (because it has a more suitable architecture than Tor or I2P) and applies PSYC on top (because it performs better than XMPP, JSON or OStatus) to create a distributed social graph. Together, these technologies allow for distributed private social networking including more straightforward and secure e-mail, chat, exchange of content and a private web. It could even work out as a safer choice for the Internet of Things.

The resulting new Internet enjoys the speed of servers that help without knowing much about us, the authenticity of social relationships between users without becoming transparent, the privacy of advanced obfuscation without becoming cumbersome or a threat to society. This way, we can become independent of centralized infrastructure and rest assured that only the designated recipients can read our communications. Read more about it in the introduction.

Radical Privacy is barely enough

We call this secushare, an attempt at providing at least one platform for safe social interaction aside from the uncivilized and surveilled Internet. It arose after realizing that there is no satisfying technology to address the issues we outlined in the FSW 2011 paper entitled "Scalability & Paranoia in a Decentralized Social Network." And there still is no such technology. At the time we assumed to be paranoid, but Snowden has taught us we weren't paranoid enough. Here's what we mean by safe:

  1. updates, comments, postings, messages, files and chat are only visible to the intended recipients (not the administrators of any servers or routers);
  2. the type and content of a message cannot be guessed at by looking at its size;
  3. communication between parties cannot be measured as they may have none to several routing hops in-between. an observer never knows if a communication came where it came from and ends where it is going to;
  4. automatic responses and forwarded messages can intentionally be delayed so that an observer cannot tell two communications are related;
  5. communications cannot be decrypted weeks later, just because the attacker gained access to one of the involved private keys (forward secrecy);
  6. even if an attacker gains access to a cleartext log, there is no proof the material was actually ever transmitted by anyone (for a case in court mere data would not suffice, you need actual testimonies);
  7. the list of contacts is never managed on potentially unsafe servers, it is only visible to those it should be visible to;
  8. the infrastructure is robust and resilient against attacks. in fact by using the GNUnet we are independent from the traditional insecure Internet and can operate in a censorship-resistant wireless mesh architecture.

And if you are happy with less than that, we want you to just pull that slider from 'safety' towards 'convenience' on your own responsibility. You no longer need to switch software to pass from one to the other mode of operation.

New materials

  • secushare is a post-blockchain technology providing little scalable and ecological blockchains for everyone.
  • How the Internet is Broken – a description of the current Internet stack and how our architecture looks in comparison.
  • (de) Presentation of secushare's social graph modeling at Dresden's wonderful Datenspuren 2016, in German language (regular webm, regular mp4, hi-res webm, hi-res mp4).
  • What if secushare were a threat to society?
  • We are frequently asked, why we picked GNUnet over Tor or I2P. You should find the anonymity page interesting.
  • The protocol stack of secushare has become pretty complex. Read more about it on the protocol page.
  • Updated comparison with Best Practice recommendations while you wait for secushare.
  • A Web Respectful of the Constitution is Possible by carlo von lynX. Presented at the W3C Privacy Workshop, describing the features of a private web over secushare-like technologies.
  • The Internet is Broken: Idealistic Ideas for Building a NEW GNU Network by Christian Grothoff, Bartlomiej Polot and Carlo v. Loesch – This paper describes issues for security and privacy at all layers of the Internet stack and proposes radical changes to the architecture to build a network that offers strong security and privacy by default. Presented at the W3C/IETF "Strengthening the Internet" Workshop STRINT.
  • Many reasons not to start using PGP, but skip straight ahead to something safer.
  • New pubsub API released, accompanied by tg's masters thesis.

Events and Press Coverage

Social network services have gained widespread use world-wide and by very different people. To compare the currently most important social network services, six self-selected use cases and an accompanying user survey were conducted. Comparison and survey confirm that the large commercial providers offer sufficient functionality, but lack in the areas of security, privacy and provider independence. In a world under surveillance, most social network services are not suitable for sensitive personal data. It is shown how the architecture of a system affects the business model of the provider and the possibilities for self-determination and freedom of users. Two social network services currently in development, Briar and Secushare, are presented in more detail, followed by an explaination of technical challenges in P2P-based systems.

Projects that have expressed interest in secushare

Other interested partners:

Source Code

Currently most components of secushare are directly integrated with GNUnet. The design is described on the protocol page.

  • the psyc, psycstore, multicast and social directories in the git repository stem from the secushare project.
  git clone  

or, if you prefer, by

  git clone git://  

  • one possible UI prototype currently resides in secushare.git. Get it with…
  git clone git://  

or, if you prefer, by

  torify git clone git://git.cheettyiapsyciew.onion/secushare  
So currently all of our code is written in C and C++. We are however planning to enable bindings to many languages. Work on Javascript and Rust has already started. We also want to achieve compatibility with the old PSYC tools, by emulating a PSYC server on the local host:

  • irssyc, a variation of irssi to serve as a console user interface for developers and power users of psycd.
  • psyced, the swiss army knife of messaging.. it can gateway to existing formats such as IRC and XMPP.
  • Dyskinesia, PsycZilla, perlpsyc, jspsyc, pypsyc and several more.
  • Certificate Patrol, our security add-on for Mozilla Firefox. We'd like to extend it by a social certificate gossip feature using secushare.

This is a free software project, since the kind of security we want to give to people can only be credible and trustworthy if it is freely available in its entirety and can be converted to machine executable programs by as many independent persons as possible. Some of us are also engaged in Gentoo, a meta-Linux that is generated out of source codes, NixOS and Guix, which aim to become reproducible GNU/Linux distributions.

As the architecture page explains in detail, we don't use GNUnet for file sharing, so you don't need neither a particularely large hard disk nor a lot of bandwidth to participate in secushare.


Here are some answers. Have you read the introduction page? Try also our welcome chatroom:

Be patient, we may reply hours later! Or send a Bitmessage to BM-NB7xa9gEpmJgYp9PVnEdACiZcGmmEJcY.

Stay in Touch

For the reasons described in transparency our discussion lists are on Bitmessage. Send a BM to BM-NB7xa9gEpmJgYp9PVnEdACiZcGmmEJcY asking to join, or follow that address for anonymous announcements.

We are considering migrating our e-mail newsletter. Drop your email address into this box to subscribe:

We don't recommend it, but you can also follow us on Twitter or Facebook, if you already sold your soul to them.

This website is accessible as http://secushare.cheettyiapsyciew.onion as much as