Freenet, One Big Privacy Problem

Playback speed

Share post at current time

0:00

Transcript

Freenet, One Big Privacy Problem

Our solution of the week!

Take Back Our Tech

Oct 06, 2025

Transcript

#TBOT Solution of the Week: The New FreeNet, one big privacy problem

Freenet has been in operation for 25 years as one of the first peer-to-peer distributed networks. The newest generation of Freenet has been completely re-written from the ground up and has been making waves.

Freenet could potentially be a replacement for the World Wide Web, you use Freenet through a web browser, and connect to other Freenet peers accessing shared data and interacting with distributed applications.

—

About Freenet

https://freenet.org/

https://freenet.org/faq/

You can think of it as an end-to-end operating system for decentralized apps, where the apps and data are entirely stored on Freenet.

The Freenet core software is small (under 10 MB) and can be embedded into existing applications.

Freenet is essentially a global distributed key-value store, or a dictionary. In a normal dictionary, you look up a key and get a value back. In Freenet, those keys are WebAssembly programs which power the decentralized applications on Freenet, and are referred to as contracts.

WebAssembly is a portable assembly-like language that runs at near-native performance, but allows programs from different languages such as C/C++/C# or Rust to be compiled into WebAssembly and run on the web.

These programs can easily be imported into any website, and that’s how they can be loaded into Freenet as contracts or apps.

These contracts manage their associated data, they can do things like authenticate changes to the data, or even authenticate changes to the contract.

Peers on Freenet can read a contract’s state and subscribe to receive immediate updates if the state is modified, which means Freenet can be used for near real-time applications with interaction, unlike many other Web3 solutions.

For speed and scalability, the network uses specialized Small World Routing, in which each peer keeps track of the performance of other peers, learning over time which peers to use to get data from different locations on the network.

It’s important to note that Freenet is an ephemeral network, and data is not meant for long term storage. That means data will typically be fresh and new, unless there is a repeated effort to archive data on the network. As an example, you could publish a blog or a chatroom, but after some time, old blog posts and messages would disappear.

All of the design choices are sound and would allow for rich web applications the way we use the internet today, without having to rely on centralized infrastructure.

The Spam Problem

There is one area of concern though that I found, when it comes to handling spam & reputation on the network. Every interactive network has to deal with this problem.

These are spammers coming in and abusing the network, on a centralized platform they’re quickly reported and banned. But on a decentralized network, it’s much harder to get rid of them - without a reputation system.

Freenet attempts to do this with what they call Ghost Keys. A Ghost Key is a verifiable cryptographic identity that should be completely separated from one’s identity.

You get a Ghost key by donating to Freenet, your browser generates a key pair, the public key is blinded and signed by the server. The server is certifying that your public key donated and is the foundation to your cryptographic identity on the platform.

When Freenet is released, I speculate that first users to interact with the network will be Ghost Key holders, since they supported and have established identities. This makes sense. The only problem is the method in which people donate.

Decentralized Reputations on Centralized Payments

Currently Freenet uses Stripe donations to confirm Ghost keys, a centralized big tech payment processor which runs on the majority of e-commerce sites online.

Stripe would have a record of your payment details and a donation to Freenet. Freenet would certify your key and give it a timestamp, and Stripe could easily correlate the donation timestamp with the key timestamp and be able to tie your identity (or at least some credit card details, IP address, other fingerprinting) to the network.

I really like this project so far and give the developers the benefit of the doubt as I know integrating a payment processor isn’t easy in the first place, and they haven’t had time to implement a solution like BtcPay - which is a self-hostable payments server that can use Bitcoin or Monero under the hood.

However, it’s a really bad start to the reputation mechanism and there should be another way to pay - I let them know on their Github issues.

https://github.com/freenet/freenet-core/issues/1855

UPDATE: My Github account was shadowbanned.

Conclusion

Tying Stripe to reputation on the network is a failure for people’s privacy and anonymity as Stripe could use their donation records to match up with the time the keys were generated.

I want Freenet to succeed as they’ve made a lot of good choices, but this issue needs to be fixed. The basis for their reputation mechanism is relying on a company that surveils payments over the internet.

Implementing Stripe was easy, far easier than a cryptocurrency payments server like BTCPay, but there may have not been enough time to choose, administer, maintain, and integrate.

Still, if Freenet wants to stick to its principles of decentralization and protect the privacy of its users, they need to integrate cryptocurrency payments for Ghost Keys.

Digital ID is more than just identification. It’s a whole verification ecosystem that could fracture the internet. Learn about how it works in this report preview. Be the first to get your eyes on the report—sign up for the waitlist!

This is a segment from #TBOT Show Episode 15. Watch the full episode here: