Peergos: Capability-Based Access Control for an Encrypted Web

We introduce Peergos, a peer-to-peer protocol for end-to-end encrypted storage, social networking, and application hosting built on top of libp2p. Peergos combines cryptographic identity, content addressing, and decentralized access control into a unified protocol where users fully control their data, identity, and applications without relying on trusted servers.

Instead of treating encryption as an add-on, Peergos integrates cryptographic capabilities directly into its data model: files, directories, social data, and application state are all encrypted and access-controlled by default. We will explain the design of Peergos’ capability-based access control, how key rotation and sharing work in practice, and how identity portability is achieved without central authorities.

We will also introduce the Peergos application sandbox, which allows untrusted applications to operate over private user data without exposing plaintext or keys. This enables privacy-preserving apps such as social feeds, collaborative editing, and backups to run directly on encrypted storage.

The talk will include live demos and a discussion of performance trade-offs, limitations, and open problems in decentralized encrypted systems, including search, discovery, and offline access.

More info: https://peergos.org

https://book.peergos.org

https://github.com/peergos/peergos