Web of Trust: Identities without servers

Hosted ondev.hyper.mediavia theHypermedia Protocol

Seed Hypermedia

Resources

/Community/Web of Trust: Identities without servers

Gabo H Beaumont

15 June 2025, 21:47

At Seed Hypermedia, we believe the web needs decentralized, open, and neutral identities. Not as an independent technical feature, but as a foundational element of how we collaborate, publish, and govern online on the web.

We are building a system where identity doesn’t come from a central server, but from your relationships and the shared trust they establish, just like in real life, where you vouch for someone because you know them, not because a corporation said so.

Why Web of Trust?

Traditional identity systems depend on:

Centralized databases (Google, Facebook, Microsoft)

Federated authorities (e.g., email providers, OAuth)

Platforms with moderation control (forums, social media)

These systems centralize power. They define who you are, what you can say, and whether you’re “allowed in.”

In contrast, Web of Trust enables:

Peer-to-peer identity bootstrapping

Local trust decisions, not global approval

Scalable, human-readable authentication

Moderation and governance from the edge

It’s how you would build social structure in a bar, a community, or a village. Not a digital prison.

Web of Trust

So, how does SHM improve trust on the open web? We build on a system called public key cryptography. You have a private key, basically random data, that is stored on your computer or phone. And it has a public key, which acts like a username. But it’s not registered with us, anyone can independently create these identities. Any time you do something in the system, it is signed by your private key. Thanks to the magic of cryptography, anyone can verify that signature against your public key. And you can link new devices by signing a message that gives account access to a different private key, on the new device.

So now you can securely see when content is signed by the same person. But how does Seed help you know who really owns each identity? You can form a web of trust by signing a validation for other accounts, claiming that this other key is your friend, a real person, or at least is worth listening to.

Now, when you see some hypermedia content, you can validate the source by looking at their network of friends, domains they own, and other social media accounts. And that’s how the web of trust can ensure integrity on the open web.

References

Wikipedia Introduction

https://en.wikipedia.org/wiki/Web_of_trust

PGP

https://www.latacora.com/blog/2019/07/16/the-pgp-problem/

https://threadreaderapp.com/thread/1147162583969009664.html

Keybase

Petnames

http://www.skyhunter.com/marcs/petnames/IntroPetNames.html

https://files.spritely.institute/papers/petnames.html

Secure Scuttlebutt SSB

https://en.wikipedia.org/wiki/Secure_Scuttlebutt