Looks and feels like Twitter but built for the open web: encrypted and anonymized and decentralized; and only you hold the keys. Read more
This project was successfully funded on September 14, 2013.
About this project
FUNDED! THANK YOU!
Now that we're funded, the next most important success factor for the project will be getting a critical mass of usage. The more people that back us, the better our chances of seriously changing the web for the better.
And importantly, we have major media that could not cover us before we were funded, so we expect another round of even bigger mentions. More users and bigger success on funding will now serve to amplify messages like these.
- Fast Company: This Open Source Twitter Replacement Is Absolutely Brilliant
- Wired Magazine: Crossing Twitter and Google Reader to Create Open Source Love Child
- Tech Crunch: Trsst Is A Secure Twitter For The Post-Snowden Internet
Thanks to all of you. I don't know what else to say.
Welcome to Trsst: An Open and Secure Alternative to Twitter
Post your thoughts, share links, and follow other interesting people or web sites, using the web or your mobile or any software of your choice.
- All of your private posts to individuals or friends and family are securely encrypted so that even your hosting provider - or government - can't unlock them.
- All of your public posts are digitally signed so you can prove that no one - and no government - modified or censored your writings.
- You control your identity and your posts and can move them to another site or hosting provider at any time.
Think of Trsst as an RSS reader (and writer) that works like Twitter but built for the open web. The public stuff stays public and search-indexable, and the private stuff is encrypted and secured. Only you will hold your keys, so your hosting provider can't sell you out.
Technically speaking, Trsst is a working reference implementation that defines a simple and open standard for secure blogging on the open web. See our white paper for details or skip to the How It Works section below. We want you to have lots of different clients and servers to choose from.
But the important twist is that Trsst is built for everyone. Trsst sites can look and feel like Facebook or Twitter or Tumblr. And from day one, you can follow all your favorite sites and bloggers that post RSS feeds. And they'll be able to follow you.
There will be no reason not to make the switch to the open web.
If you think this is at all important, or even interesting, we're asking you to: (1) back it, (2) use it, and (3) get your friends to back it and use it.
A contribution today of any amount is worth ten times as much as a contribution tomorrow because it raises visibility on kickstarter and gets us in front of even more people.
So if you're even thinking about it... please make the leap right now and click the big green button at top-right.
What You Get
You get a fully-functional account on scalable, secure, and consumer-grade RSS-reading and microblogging service with web and mobile web clients hosted at trsst.com that launches on or before December 2013.
You are the initial user base and have a voice in how the project evolves. Reward tiers include reserving your user id and permanent opt-out of all ads or sponsored posts if we ever have to resort to that.
You are acknowledged (if you want) on our about page as a member of the founding team (or you can remain anonymous). Even at the lowest tier, it's at least as good as being in the LOTR credits.
We are going to put a dent in the planet. Take the credit.
You've read the news. People are finally waking up to what the rest of us have known for some time: everything everyone does on the internet is being collected and harvested for inevitably nefarious purpose.
Trsst mainstreams good crypto practices and usage among the general consumer audience to make global communications - on the whole and in the aggregate - more free, private, and secure.
At the end of the day, every company you trust - Google, Facebook, Twitter, Apple, or Baidu - is a corporation owned by shareholders and subject to governmental jurisdiction.
- At any time, the directors and shareholders of these companies may revoke their promises to you about privacy, and they may do so without even notifying you about it.
- At any time, the governments under which these companies operate may enact legislation that appropriates or nationalizes the data in their possession, including your personally identifying information and stored communications.
- This may have already happened. There is no company not under the jurisdiction of a government. No place is safe.
The only hope we have is a decentralized cryptography-based messaging infrastructure that no government can control where no corporation need be trusted and all communications are encrypted and only you hold the decryption keys.
We have the technology. And the time is now.
Revolutions are started on social networks like Twitter and Facebook. Dissidents, informants, confidential sources, journalists, and those they trust all rely on these services. Trsst will better preserve their causes, their freedom, their livelihood, and even their lives.
I hope you will agree that this needs to happen and back the project.
How It Works
Very simply, this project will fund:
- Extending RSS/Atom to support self-signed and self-encrypted entries.
- Specifying a convention for requesting and relaying RSS entries using https.
- Building the reference implementations of the client and the server.
We want to encourage existing twitter client developers to port their software to support this platform with their bold and innovative UIs. We want to encourage others to host their own servers to be part of the syndicated network.
From the user perspective, it's going to look and feel like a Twitter clone. The use cases and functionality are straightforward and familiar.
From a high-level perspective:
- Each user's client generates a keystore with a keypair for each account. Each account maps to a blog. The account's public key is the unique identifier.
- The account keypair is also a bitcoin address, making each trsst client effectively a bitcoin wallet, whether the user realizes it or utilizes it or not.
- A user posts entries to an account either publicly or privately. Public posts are signed with your private key; private posts are encrypted with the recipient's public key.
- Each post contains the message digest of the previous post so you can verify that no posts are modified or missing. We call this the blogchain.
- You publish your posts by pushing them to one or more servers that are participating in the syndication network. Servers serve up portions of your blogchain as an RSS feed.
- Following means subscribing to an account's RSS feed using their public key as an identifier. This is how you see private messages meant for you.
- Any server in the syndication network can serve the feed to you, fetching it from cache or from other servers in order to route around network congestion or firewalls and blacklists.
All of the above is transparent to the user. From sign-up to day-to-day usage, the user thinks it works just like Twitter or Facebook or however a custom client decides to render the schema to make their users happiest.
We are open to smart ideas from smarter people and things may evolve during the course of development.
For detail on how we expect things will work behind the scenes, please see the white paper.
From a user perspective, the end result is a web client for mobile and desktop browsers backed by a scalable server infrastructure. (We would lean on third-parties to provide native clients, mobile apps, et al.)
We expect to let you start using the site as soon as we get a minimally functional version. This would happen several weeks before the delivery date or sooner if funding allows. Afterward, we would add features on a rolling basis.
From the back-end perspective, all public user-generated content must be consumable by off-the-shelf RSS readers like Feedly. We don't expect you to give up your friends to use our service.
We develop organically: first, we get it working; then we get it working right. The aim is to have this base feature set deployed by December 2013, or before then if we exceed the funding goal.
Use of Funds
We're reserving $15K for server/hosting costs over the next year plus, and the remainder goes to fund six person-months of development time for a three-month delivery window for the initial minimally viable product, which is comparable in cost to projects we love like Mailpile, but less due to shorter timeframe.
Subtract from that one-time campaign costs including: 3% to 5% for payment processing from Amazon, Kickstarter's 5% fee, and up to $5K for fulfillment of the handsome T-shirts.
Any funds raised beyond the target amount will be used to add resources to: accelerate the delivery timeline, broaden the feature set, expedite the interoperability, speed the standardization process, and bolster adoption; each of which is essential to achieve the broader goal of making the vision into reality.
Is it enough? We've targeted the "minimally viable" feature set for the funding amount. This is the minimum needed to kickstart the vision. We hope you will help us exceed that goal by a non-trivial amount.
We get the "is it too much?" question about as much as we get the "is it enough?" question, which makes us think we're asking for the right amount.
How do we know you will actually get this launched?
Again, nothing I have done before has been close to as important for the world that I want to live in as the Trsst Project.
Questions and Answers
Why give you money?
Maybe you love the web and want to support open standards in the face of encroachment. Maybe you believe in freedom and privacy. Maybe you have a heart of gold. Maybe you have a vault of gold. All of these are good reasons.
No, why give *you* money?
Because our team has the skill set and track record and just plain *motivation* to get this done. Take a look at my bio to see the kinds of things I've accomplished. None of them is as important to me as this.
Are you asking for enough money?
We've targeted the "minimally viable" feature set for the funding amount. This is the minimum needed to literally "kickstart" the vision. We hope you will help us exceed that goal by a non-trivial amount.
Can't you get some volunteers to do this for free?
Like everyone else, I don't want to be spending time on something no one wants. As opinion research shows, the surest way to measure actual opinion is when it's backed by actual money, even just a few bucks. That's one of the things I like best about about Kickstarter: trust but verify. I want to believe.
Why do you need the money?
You are kickstarting development and server resources. And let's not kid ourselves: a few guys in suburban DC developing yet another blog platform aren't going to reach a meaningful number of users out of thin air. But if there were five thousand influencers like you contributing $12 each, that's the beginnings of a solid community. Paul Graham says at ten thousand we'd be unstoppable. And a funded Kickstarter project has a way of attracting attention and building a following.
What about app.net or one of the many of other teams with a similar idea?
We're all on the same team: working for the open and secure web. We will adopt existing standards -- HTTPS, RSS, OStatus -- extending only if necessary. We will use whatever existing software we can. We want everyone to interoperate with lots of choices. And the only way to affect that kind of change is to write working software, now.
We aim to push the envelope in what we think is the right direction, and we think our approach has the greatest potential for rapid adoption and success.
Risks and challenges
The obvious risk is that this ends up as vaporware. Real artists ship. I have a track record of founding companies and more importantly shipping software: if it's funded, we will see it done.
The beautiful thing about this approach is that it's really simple. The servers don't have to be all that smart, and a lot of the client js code from feed parsing to crypto is already available in open source. The protocols and standards are already designed and established. This means we can get something up and working in very short order. There is relatively little left to figure out.
If you share our goals, there's no reason not to join us.Learn about accountability on Kickstarter
Trsst is a blogging platform, so most posts are indeed public but also signed and search-indexable by anyone.
Trsst also supports direct messages (encrypt with someone else's public key), and private groups like Facebook (behind-the-scenes keys are exchanged with closed groups of others).
Unlike Facebook or Twitter, trsst can't be compelled to reveal your private messages because trsst is a standard, not a corporation, and participating trsst servers only store public or encrypted information.
Not least: with trsst you can choose whatever client you like and host at whatever server you like.
Yet, you can still friend anyone using trsst on any server, and you can follow anyone with an RSS feed. And existing RSS readers can follow your stuff too.
You're not locked into a closed ecosystem; all the APIs are wide-open.
We get this question a lot.
Diaspora was a pitch to fund a summer project by college students that got all crazy successful due to the magic of Kickstarter and then was late because they were *in school* and pissed a lot of people off. (We'd note they've suffered some personal setbacks, but seem to be doing excellent work now.)
Trsst is an extension to RSS to support self-signed and self-encrypted messages, a convention for servers to send and receive and relay RSS, and a working reference implementation of each. It's a lot simpler goal.
We're no spring chickens, but we have launched multiple major consumer-facing projects under all the time-pressures and constraints that entails. If you want it to happen, we will see it done.
Yes. We're starting with the critical bit - the client - out in the open in JS w/ off-the-shelf open-source. Needs many eyes.
The server will follow because the first cut needs to be kind of quick-and-dirty code to test the client, and server is dumb anyway.
Trsst servers are just http servers serving RSS snippets to and from each other based on a common url convention.
With Trsst does all encryption take place client side? Not totally clear from white paper. (@arRMorgan)
We like to say: it's all https get and post, so you can write your own client with openssl+curl+bash if you trust your binaries.
Pretty sure you can get a nice client running in emacs if you were so inclined.
We're in the US, but doesn't matter given that the servers don't store anything non-public that isn't encrypted.
If your client randomizes which trsst servers you pull from and post to, then the connection logs won't be useful either.
We never see or hear the password used to encrypt your keystore, nor do we want to. However, this is probably the weak link with regard to consumer user experience.
No server -- not ours not anybody -- ever decrypts your keystore. This only happens inside the client and never leaves your device.
For consumer ease of use, we need to figure out how to move and synchronize a keystore from one device to another (like PC to mobile), but never in decrypted form.
YES. PLEASE DO! A trsst server is just an http server with agreed upon conventions for accepting and relaying RSS snippets.
The network needs to have many independent providers, and the good news is that it's just plain old http servers pushing around RSS entries.
We always lean GPL but people have issues, so Apache, MIT, all of the above? Have not decided.
Each blog's public key is also its unique id, so it's like subscribing to an RSS feed, but you can request anyone's feed from any participating server.
Will #cryptocurrency functionality of Trsst be pluggable to support other currencies (e.g. litecoin) or is bitcoin embedded? (@arRMorgan)
Honestly the currency stuff seems to be putting people off the project right now, like they're going get jailed, etc. It's not required.
But that said, the keygen routine could be anything really, as long as it encoded to a not-too-long string.
The whitepaper makes it sound like I'll be able to "host my own" trsst instance. Is this true? How will it work (especially given the unique username part of the kickstarter perks)?
Trsst is basically just an extension of RSS to support self-signed and/or self-encrypted entries, and trsst servers are just http servers that use an agreed upon convention for pushing and pulling RSS entries.
Each trsst user has one or more blogs, and each blog has a keypair of which the public key is the unique id for a blog. Blogs can be hosted on a server, and the server will have a domain name, so you can access any blog if you know the public key of the blog and the server it's hosted on.
In our case, we're going to run the first trsst server, and because we're first we get to call it trsst.com. So you blog might be trsst.com/yourpublickeyhere.
Because public keys are kind of unwieldy, the spec allows for servers to assign more friendly aliases to a blog they host, SO, you could have a blog like trsst.com/cooldog or similar.
If you host your own trsst server, you'd have your own domain name, and you could name your blog whatever you want, like: cooldog.com/dogsblog or similar. You could even have it be the same blog as found at trsst.com/cooldog; as long as both blogs had the same id, they'd automagically stay in sync.
What sort of tasks/needs does Trsst have for people who want to help but cannot afford to donate at this time? (@arRMorgan)
We know now that can get backers if we can get visibility, so talking us up everywhere on the internets is worth its weight in gold.
Pledge $12 or more
VANGUARD BACKER. Early access to the beta as soon as it is ready. Your name in the site credits if you want it. Also: respect and gratitude.Estimated delivery:
Pledge $24 or more
200 backers All gone!
EARLY BIRD: CHARTER BACKER. First pick of user id; first-come first-served. Early access to the beta as soon as it is ready.Estimated delivery:
Pledge $24 or more
19 backers Limited (29 left of 48)
LAST MINUTE SPECIAL: CHARTER BACKER. First pick of user id; first-come first-served. Early access to the beta as soon as it is ready.Estimated delivery:
Pledge $36 or more
CHARTER BACKER. First pick of user id; first-come first-served. Early access to the beta as soon as it is ready.Estimated delivery:
Pledge $48 or more
200 backers All gone!
EARLY BIRD: FOUNDING BACKER. Charter backer plus early access to the beta BEFORE it is ready, perpetual OPT-OUT from any monetization, AND a handsome limited-edition t-shirt.Estimated delivery:
Pledge $60 or more
FOUNDING BACKER. Charter backer plus early access to the beta BEFORE it is ready, AND perpetual opt-out from any monetization if it comes to that.Estimated delivery:
Pledge $120 or more
FAMILY PLAN. Founding backer with a handsome limited-edition t-shirt and five vanguard backer invites.Estimated delivery:
Pledge $240 or more
GROUP PLAN. Founding backer with a handsome limited edition t-shirt and five charter backer invites.Estimated delivery:
Pledge $480 or more
COMPANY PLAN. Founding backer plus a handsome limited-edition t-shirt and five founding backer invites.Estimated delivery:
Pledge $1,200 or more
6 backers Limited (4 left of 10)
Board member backer. As above, plus membership on the board of advisors, and 10 founding backer invites. Be a major part of the evolution of the platform.Estimated delivery:
Pledge $1,200 or more
Silent partner backer. Just like the board member backer, but no obligations to advise or anything else.Estimated delivery:
Pledge $2,400 or more
2 backers All gone!
Chairman-of-the-board backer. As above, plus (possibly co-) chair of the board of advisors, and 10 charter backer invites and 10 founding backer invites. Also, darned-likely to have a significant say in how things take shape.Estimated delivery:
Pledge $4,800 or more
4 backers All gone!
ANGEL backer. All of above and much more, obviously.Estimated delivery:
- (31 days)