Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Encrypted peer-to-peer web application platform for decentralized, privacy-preserving applications
Ruby CSS
branch: master


Build Status Code Climate Coverage Status Dependency Status

"I want people to see the truth... regardless of who they are... because without information, you cannot make informed decisions as a public" -- Chelsea Elizabeth Manning

The Cryptosphere is a global peer-to-peer cryptosystem for publishing and securely distributing content pseudonymously with no central point of failure. The system is openly federated and anyone can join. To ensure quality service and prevent abuse, the Cryptosphere uses an integrated cryptographically secure reputation system which provides a distributed web of trust.

There are several systems with similar goals to the Cryptosphere, such as MNet, Freenet, and Tahoe-LAFS. These systems serve as inspiration for the Cryptosphere's design. The Cryptosphere is also heavily influenced by Git, the distributed version control system.

For more information, please see the project philosophy page in the wiki.

Like the Cryptosphere? Join the Google Group. To join by e-mail, send a message to:

We're also on IRC at #cryptosphere on

Is it any good?


Is it "Production Ready™"?


No, the Cryptosphere is still in an early development stage, and is not yet ready for general usage.

Can I use it yet?

No, but the system is being actively developed. You can view progress here:

Is there at least something I can play with?

You can see the system's work-in-progress UI if you'd like.

First, make sure that libsodium is available. For OS X, it is available via Homebrew: brew install libsodium. On other systems, follow the installation instructions.

Then run the following to clone the repo from Github and set up a local copy.

git clone
cd cryptosphere
bundle exec bin/crypt server

This will launch a local web server:

$ bundle exec bin/crypt server
I, [2012-11-30T21:23:30.059083 #62043]  INFO -- : Starting web UI on

You can view the web UI at


The Cryptosphere Wiki contains all relevant documentation, including the protocol specification, FAQ, and usage notes.

Use Cases

The Cryptosphere provides an encrypted storage system where only users with the capability tokens for respective content are able to access it. Unlike many other peer-to-peer systems, there is no global search feature because all content in the system is encrypted and therefore unsearchable.

This makes the Cryptosphere quite a bit different from many other P2P systems which sought to publicize users content. Instead, the Cryptosphere tries to keep your content as confidential as possible. This makes it useful for the following things:

  • Secure personal backups
  • File sharing among small groups (ala Dropbox)
  • Secure anonymous encrypted source control
  • Censorship-proof anonymous web hosting

Important Questions

Is it "Military Grade™"?

Only if your military understands twisted Edwards curves

Does it have a lock with a checkmark?

Sure, here you go:

Checkmarked Lock

No really, I'm interested in the system's cryptography. What should I read?

We realize there's a lot of people making "interesting" claims in the security world, and that claims alone don't work. We need well-designed, well-documented, well-scrutinized open source cryptosystems.

Check out the Data Model page in the Wiki for the threat model and a specification of the cryptography employed in the system. It's still a work in progress and some components of the system aren't specified yet. We're going with a specify-then-implement approach, so by all means provide feedback on the design, we'd love it.

The Protocol page of the Wiki describes the transport encryption we use (CurveCP) and our rationale for this choice.

Cryptographic primitives are supplied by RbNaCl, a Ruby binding to the Networking and Cryptography (NaCl) library by Daniel J. Bernstein. The Cryptosphere uses a portable repackaging of NaCl named libsodium.

Is it NSA-proof?

tl;dr: NO.

Time for some RealTalk™...

In the pantheon of potential adversaries you can have in a cryptographic system, the NSA falls into a category you never want to deal with: state-level adversaries with vast resources, expertise, and manpower.

It is the opinion of the creators of this software that if the NSA wants to compromise this software (or any software-only cryptosystem) they will be able to, both by finding flaws in this software and exploiting endpoint vulnerabilities (e.g. unpatched OS vulnerabilities/zero days).

We do not claim to be NSA-proof because we do not think it's a responsible claim for software of this nature to make.

That said, we are still trying to build the best cryptosystem we can.

Have any fancy pants cryptographers taken a look at the design?

Matt Green glanced over an initial draft of the data model. He thought that Blake2bXSalsa20Poly1305 was a funny name.

Contributing to the Cryptosphere

  • Fork this repository on github
  • Make your changes and send us a pull request
  • If we like them we'll merge them


Copyright (c) 2014 Tony Arcieri. Distributed under the MIT License. See LICENSE.txt for further details.

Dedicated to the memory of Iain Banks

Something went wrong with that request. Please try again.