QUESTIONS AND ANSWERS

Users | Gifters | Developers

Users

How does it basically work?
  • Start with the most reliable (>20yrs) and censorship-resistant P2P protocol known to humanity: I2P - Invisible Internet Project.
  • Everyone runs a client and all are relays...no separate relay nodes.
  • Over 65k clients using I2P.
  • About 7k Peers running Tor.
  • No servers at all including 1M5.
  • Purely peer-to-peer (P2P) at all levels.
  • I2P uses garlic-routing with uni-directional channels using 6 peers with multiple layers of encryption for privacy.
  • Tor uses onion-routing with bidirectional channels using 4 peers.
  • Each 1M5 app is a peer on the 1DN (overlay) network.
  • When a message is sent, it is signed with your personal keys (OpenPGP) that are always on your machine or your Yubi key (preferably) and encrypted with the destination's public key with decryption and signature verification only possible by the destination peer.
  • When I2P gets blocked (e.g. while sending a message), a 1M5 peer with unblocked Tor is used to route around the block making the I2P request.
  • When Tor gets blocked (e.g. while browsing a site), a 1M5 peer with unblocked I2P is used to route around the block making the Tor request.
  • When both are blocked and a 1M5 peer nearby with bluetooth is enabled, it will be used to make the request.
  • Your 1M5 network is built up strictly upon with whom you add to your contacts, they are the seeds that bootstrap the 1M5 network.
  • The underlying I2P and Tor networks bootstrap themselves.
  • The only people who can block you are individuals.
  • You decide with whom you connect with, no one else can.
  • You decide what content you wish to see and not see.
  • There is no algorithm filtering content, only you with tools given to you to assist.
  • All content is saved locally on each machine so no need to pay middle-men.
  • Many peers can result in very reliable, very low-latency streaming of shared content.
  • Storage (and other services) can be offered for sale by peers directly. (Future)
Why not just use X (Twitter), Facebook, LinkedIn, Rumble, etc?
  • Dependent on ads
  • Have a lot of fake accounts spamming you
  • Can easily ban/shadow-ban people
  • Algorithms trying to addict you
  • No history
What about Mastodon and similar apps?
  • A bit more decentralized as they support individual server owners.
  • No incentives for server owners to run a node.
  • Server owners can ban you and other servers.
  • Server-to-server migrations quite difficult.
  • User identities based on domains (controlled by others)
  • It's basically a miniaturized centralized social media app without the ads.
  • Some are not Android-friendly.
What about Nostr?
  • Separates relays from clients thus requiring volunteers to run relays
  • No incentive to run a relay server, similar to above servers which results in low number of relays
  • Tor has this problem which is one reason it is easier to censor (e.g. China) than I2P which has each client must also be a relay
  • Requiring relay volunteering removes plausible deniability resulting in some jurisdictions targeting relay/node operators (e.g. like Tor Exit Nodes)
  • Very chatty and can be slow due to having to search through relays looking for others
  • If Lightning payments are added for relaying incentives, it would require end users to pay for all routing, major turn off and overhead complexity
  • All storage of content is in the hands of unreliable relay operators.
Is this application truly decentralized?

Yes, it is fully decentralized in that it relies on no servers - all communications are peer-to-peer, is not backed by any organization, is not registered under any state, and is fully in the public domain of all sentient beings. It is developed by a small group of developers and will never be a DAO (Decentralized Autonomous Organization) as voting is considered in violation of the NAP and large organizations largely require voting or hierarchies, yet the codebase is fully open and therefore can be easily forked and thus still decentralized.

How does it maintain my privacy?

It uses TOR and I2P when communicating over the internet to ensure the destination IP addresses for requests are not associated with your IP address and encrypts all data with keys you generate and control maintained on your drives, never sent out. All code is fully open-sourced so that you or someone you trust can verify no back-doors were added. You have full control over the services (including network services) and can shut them down at any time if you believe they shouldn't be in use. If you're in a known jurisdiction not recognizing freedom of speech, I2P will not publish your IP address to its shared database (netDb - shared among many peers) thus keeping your use of I2P private - can be overridden manually either way.

How does it help me resist being censored?

When using the app, if during its use of TOR it gets blocked, it will use I2P to route around the block. Same for I2P, it will use TOR. If both are blocked, it will try to use Bluetooth to route around the blocks. With no userbase, Bluetooth is not yet a viable alternative unless the people within range of your bluetooth are using 1M5 and allow you to connect. Work is progressing on supporting LiFi (Light Fidelity) and the full radio spectrum to communciate over light and long distances with radio to get around internet censorship.

How can I use this app?

The android app is in progress; when an alpha is ready, an APK will be provided on this site. For the desktop app, there are no current installers so you must download it from GitHub, build, and follow the directions on how to start it. It currently is in a rough condition and in constant flux as the android app has taken preference so in no way ready for real-world usage...it was mainly used as a prototype. It's best started up in an IDE like IntelliJ and ran as a demo for input into development. Eventually it is expected to be embedded in an operating system (Redox) when implemented with Rust.

Who are the primary users targeted?

All whom take their privacy seriously - this should be everyone.

Will people be able to use this for unethical purposes?

This is a tool like any tool and can be used ethically or unethically like any tool.

How much overhead comes with using many networks simultaneously?

This will depend on what and how many services are activated. Early versions are just using TOR, I2P, and Bluetooth Network Services in support of more application-based services. In these versions, TOR is primarily used for browsing and I2P for messaging. When TOR is blocked, I2P is used for relaying and vice-versa. When both are blocked, Bluetooth is attempted for relay. This requires very little overhead. Later versions with LiFi will see similar little overhead comparable to Bluetooth. It's not until we reach using a Full-Spectrum radio where overhead can go up, especially on battery usage for transmitting over longer distances. In these uses, additional power will likely be needed and will be addressed through recommended practices and additional hardware. If all sensors are running while integrating with Bitcoin, Monero, and Lightning local nodes, then we can expect a fair amount of overhead although this setup would be more likely on a desktop or powerful Raspberry Pi or Pi Farm. Hardware recommendations for each configuration will be provided.

In the beginning 1M5 will be a small network. Does this make it more vulnerable starting out?

1M5 relies on other privacy networks for routing so it will be as private as those networks from day one. Those networks are TOR and I2P primarily which are the leading networks to maintain your privacy.

Can the developers of 1M5 censor the flow of information?

1M5 developers just put code out in the public. Other developers can embed 1M5 in their products. 1M5 is not operated in any means by the developers creating the 1M5 software so no, it's not possible. Even if they did, the software is purely peer-to-peer meaning that any attempt to monitor the flow of information and/or attempt to divert or block information in the codebase would be obvious as it is 100% open source and visible to all.

Gifters

How will the gift money be used?

Primarily to fund development and support of the platform but also includes web site hosting fees and other fees associated with supporting the mission. The mission's roadmap lays out the work to be accomplished.

What form of money do you accept?

Bitcoin (BTC). If interested, send a request to info@1m5.io with GIFT in subject line. An address will be generated and returned. Use the fingerprint below to verify the public key is valid if possible. It's recommended to use Bisq.network or Samourai wallet as they both use TOR. In the future, it is planned to support gifting directly in the 1M5 dapp.

Developers

How can I contribute?

Currently the repository on 1M5 is under heavy development so forking and fixing something is not recommended as it's changing so rapidly. The best method to support it today is to contact the development group at info@1m5.io, discuss your background including any links to your past work if identity is not an issue, what you would like to work on, and what it would cost in BTC or XMR.

Why originally implemented in Java?
  • Java is the 'Swiss-Army Knife' of programming languages
  • Has two decades to flush out a strong virtual machine
  • Massive amount of code to choose from
  • One of the largest talent pools
  • OS independent
  • Leads in the number of progressive projects in development (with C/C++ being close in decentralized apps)
  • I2P (the foundational network) implemented in Java
Why the change to Rust?
  • 1M5 is heavily networked and part of its targeted platforms are tiny electronics with limited resources and embedded within C/C++/Rust-implemented operating systems
  • It has innovative memory management
  • Gives you the power of C/C++ yet productive like Python
  • Mozilla has a great reputation
  • Most decentralized software is being written in C/C++
  • C, C++, and Go were considered also but the first two don't have the desired memory protections and are often written in a very terse manner and the latter uses garbage collection (and Google's reputation is slipping)
  • Crustaceans are a great community
  • It's expected to dramatically reduce codebase size with far less objects yet still get the benefit of object-orientation
  • Can be compiled to most operating systems
  • Great selection of code in Crates.io
  • Doesn't require downloading a virtual machine prior to use
  • Oracle increasingly closing Java
  • Open source language from the beginning
  • Don't expect to need a large number of Rust developers ever
  • Can integrate with I2P via SOCKS, no need to use Java
  • Rust version of I2P was started
  • Consider Rust the replacement of C, C++, C#, Go, Java, and Python
Why a custom SOA/EDA foundation?

Enterprise Service Buses (ESB) with affiliated Message-Oriented Middleware (MOM) are quite heavy in implementation and it's desired to keep the codebase as small as possible as it is desired to support DoT (Decentralization of Things) devices. Spring's module + integration support does not fully satisfy the requirements and brings much more than desired. The move to Rust solidified the need for a custom platform as none exist.

Where are the Spring and Google libraries in the Java version?

To keep the codebase small with less attack surface, Spring, Google, and Apache libraries were avoided; minimal 3rd party libraries used.

Why is routing so confusing?

Services are completely decoupled so that they can be orchestrated dynamically during real-time operations. This is accomplished using a dynamic routing stack contained in the envelope that is passed around. This is more complex than just calling a method of an object yet allows great flexibility in execution while virtually eliminating interface breakage down to data payload breaks - each service is responsible for handling what data comes in and versioning. When making a request for a service, the operation name, the payload expected by the service, and the results expected from the service need to be known prior to making the call. This will come with a future API to simplify many common calls.

Codebase doesn't use advanced techniques. Is this old code?

The code is intentionally implemented to be as simple as possible:

  • Generics and lambdas are avoided unless a big impact on design
  • Verbosity is chosen over small code size for visibility
  • Excessive verbosity in variable names is also avoided keeping variable names especially small when within very small scopes
  • Classes are designed based on cohesion/coupling not size; some classes can intentionally reach upwards of 1000 lines; the minimal number of objects with strong cohesion while supporting the right amount of coupling is a great desire to keep it simple
Top

SUPPORT 1M5

1M5 is an open source project powered by volunteers, bounties and gifts. In the spirit of open source and censorship resistance, this mission has opted to create 1M5 without the demands or influence of investors nor governments.


GitHub
Gift to the 1M5 Development Fund

If you support this mission and are in a position to help that would be wonderful. Please request a bitcoin address from info@1m5.io or gift through Patreon.

Gifts to 1M5 are not tax-deductible as it is not formally registered in any jurisdiction. By gifting to 1M5, you will be helping 1M5 pay for our direct costs like web hosting, domain names, outsourced work, bounties, and so on. If you wish to support it anonymously, we recommend sending Bitcoin using a wallet that uses Tor such as Bisq or Samourai or with a wallet directly connected to your local Bitcoin Core node. Gifting will be supported directly in the app in the future.
Get in Touch

Please don’t hesitate to get in touch if you can think of other ways you can help with the 1M5 mission.

info@1m5.io (Protonmail)

PGP: 948E A2E2 C194 AB3C A225 605B 963F 6331 C29F 2342

Please download the Bitcoin whitepaper if you have not read it yet.