What follows is the founding document of Osnova - a decentralized truth network designed to survive censorship, manipulation, and infrastructure collapse. This is not a whitepaper. It is a set of structural principles derived from 123 years of Polish underground tradecraft, the PARDES methodology for truth preservation, and the mathematics of trust-bounded networks.
The password protecting this page exists because some ideas need to reach the right people before they reach everyone.
The Name
Osnova (Polish/Slavic: “warp”) - the foundational threads in weaving that hold everything together. The threads you don’t see, but without which the fabric doesn’t exist.
The Problem
Every social network ever built has failed the same way:
-
Centralization creates a kill switch. One company, one government order, one server farm fire - and the network dies. Twitter became X. Facebook became Meta. The network is the platform, and the platform is the owner.
-
Global consensus creates attack surfaces. Blockchain networks require agreement across all nodes. This sounds democratic until you realize that 51% attacks, consensus manipulation, and governance capture are all structural inevitabilities.
-
Identity ownership by platforms creates dependency. Your account, your followers, your content - none of it is yours. You are renting attention on someone else’s infrastructure.
-
Algorithmic feeds optimize for engagement, not truth. The feed shows you what makes you react, not what makes you think. This is not a bug. It is the business model.
Osnova solves all four by not being a platform at all.
Principle 1: Your Identity Is Your Keypair
When you open Osnova, your browser generates an Ed25519 keypair. The private key never leaves your device. There is no username, no email, no password stored on any server.
What this means:
- No one can lock you out of your identity
- No one can impersonate you (they’d need your private key)
- You can move your identity between devices by transferring the keypair
- Your identity is a mathematical fact, not a database entry
How you transfer it: A QR code containing your public profile (public key + display name + preferred nodes). The secret key transfers separately via encrypted backup. One scan on a new phone and you’re back.
Principle 2: Nodes Are Dispatchers, Not Owners
The servers that run Osnova are dispatchers - they store content, relay messages, and serve the web interface. They do not own your data. They do not control your identity. They are infrastructure, not authority.
You connect your browser to 3-6 dispatcher nodes. When you post, your browser signs the content with your private key and sends it to all your nodes. Each node stores it and serves it to anyone who requests it.
Why 3-6 nodes:
- If one goes down, the others have your content
- If one is compromised, the majority still serves the real version
- If one censors you, the others don’t
- 6 independent copies is the minimum for resilience against coordinated takedown
The nodes don’t need to trust each other. They just need to verify signatures. If a node receives content signed by a key it recognizes, it stores it. If the signature is invalid, it rejects it. Trust is mathematical, not social.
Principle 3: Dunbar-Capped Trust Rings
Every user has concentric rings of trust, modeled on Robin Dunbar’s research on human social group sizes (5 / 15 / 50 / 150):
| Ring | Size | What They Hold | Real-World Analog |
|---|---|---|---|
| Core | ~5 | Full content, real-time sync | Your closest people |
| Inner | ~15 | Full replication | Close friends, family |
| Middle | ~50 | Headlines and summaries only | Colleagues, extended circle |
| Outer | ~95 | On-demand access | Acquaintances |
| Followers | Unlimited | Served from inner ring, no storage | Public audience |
The cap is structural, not arbitrary. Dunbar’s research shows that humans maintain ~150 meaningful relationships. Beyond that, relationships become transactional. By capping the trust ring at ~160 (5+15+50+95), Osnova enforces a network topology where every connection is meaningful.
Content replication follows trust: Your core ring has everything. Your middle ring has summaries. Followers see content served from your inner ring’s cache - they never store it themselves. This means:
- Storage costs are bounded (your inner 15 nodes carry the weight)
- Content availability is high (15 copies is resilient)
- The network can’t be flooded (no node is obligated to store content from outside its rings)
Principle 4: Content Surfaces Through Engagement, Not Algorithms
There is no algorithmic feed. Content appears in your feed through three channels:
- Direct: Posts from people in your rings
- Surfaced: Posts from OUTSIDE your network that someone IN your network engaged with
The second channel is the critical innovation. When someone in your ring comments on a post from outside your network, that post appears in your feed with context: “Alice replied.”
This is the Lynchpin function digitized.
In the Polish underground resistance, a Lynchpin was a person who belonged to two separate cells. Neither cell knew the other existed. The Lynchpin carried information between them through ordinary social behavior - gossip, casual conversation. The information flowed across trust boundaries because a trusted person engaged with it.
In Osnova, when your ring member comments on an outside post, they are performing the Lynchpin function. They are bridging two networks that don’t know about each other. Their engagement is the trust signal that makes the outside content visible to your ring.
What this prevents:
- No viral manipulation (content can’t go viral without real engagement from trusted people)
- No bot amplification (bots aren’t in anyone’s ring)
- No filter bubbles (your ring members connect you to other rings through engagement)
- No algorithmic suppression (no algorithm decides what you see - your ring does)
Principle 5: PARDES Truth Integrity
Every piece of high-integrity content in Osnova can be encoded using the PARDES methodology - a five-layer truth structure that makes falsification computationally expensive:
| Layer | Name | Function |
|---|---|---|
| 1 | Peshat (Data) | Observable facts + illustrative narrative |
| 2 | Remez (Connections) | Hidden patterns between data points |
| 3 | Drash (Mechanism + Challenge) | How it works + the strongest counter-argument |
| 4 | Sod (Emergence) | What arises that no single layer contains |
| 5 | Tzelem (Shadow) | What happens when this truth is weaponized |
The holographic property: Each layer contains reconstruction hooks for two others. Any 3 of 5 layers can reconstruct the essential argument. This means:
- Censoring one layer doesn’t destroy the truth (the other layers reconstruct it)
- Tampering with one layer is detectable (the hooks in other layers expose the inconsistency)
- Partial transmission works (send 3 layers over a low-bandwidth channel, the recipient reconstructs the rest)
The Einstein Riddle encoding: PARDES-structured content can be encoded as a constraint satisfaction problem (like an Einstein logic puzzle). The unique solution to the puzzle IS the content. Altering any constraint changes the solution. Verification is deterministic - any node can run the solver to check integrity. Falsification requires solving an NP-hard problem.
Three defense layers:
- Casual tampering - caught by Ed25519 signatures
- Sophisticated editing - caught by PARDES holographic inconsistency
- State-level forgery - caught by riddle constraint verification
Principle 6: Triangulated Discovery - Message, Countermessage, Challenge
Content discovery uses a three-signal system inspired by the Lynchpin noise function:
- Message (truth): points toward the real content holder
- Countermessage (falsehood): points toward a decoy node, structurally identical to the truth signal
- Challenge (question): forces a human judgment call - “which one is real?”
Two signals triangulate a “hot zone” where the content lives. The third signal is deliberately ambiguous - both candidates look identical to a machine. Only someone with human context (ring membership, shared knowledge) can resolve the ambiguity.
Why this matters: Automated scraping, AI-powered content extraction, and mass surveillance all rely on being able to computationally resolve content locations. The three-signal system creates a structural human-in-the-loop requirement. The machine can find the neighborhood. Only a human can knock on the right door.
Principle 7: Eject, Canary, Re-attach
Eject: A user can disappear from the network at any time. The eject function:
- Packages all content into a portable archive
- Broadcasts a closing message to ring members (encrypted)
- Clears the keypair from the device
- The archive can be imported into a new identity on a new network, with or without provenance (linking back to the old identity)
Canary: If a user is compromised, they can broadcast a “canary signal” to their entire ring. Every ring member sees a warning: this person’s content may be compromised. Trust is revoked structurally, not socially.
Re-attach: With Shamir’s Secret Sharing, a user’s secret key can be split across their trusted nodes. If they eject and later want to return, they contact 3+ of their original nodes simultaneously. Each node provides its key share. With enough shares, the identity is reconstructed. The user is back - mathematically proven to be the same person.
Principle 8: Multi-Transport by Design
Osnova is transport-agnostic. The protocol works over any channel that can carry bytes:
| Transport | Best For | PARDES Scale |
|---|---|---|
| HTTP/TCP | Full documents | Page to system |
| IPFS | Permanent archival | Document to system |
| WiFi Direct | Local events, retreats | Paragraph to page |
| Bluetooth Mesh | Close-proximity groups | Paragraph |
| LoRa/Meshtastic | Rural areas, crisis | SEED only (one sentence) |
| Packet Radio | Last resort, censorship bypass | SEED only |
The bandwidth constraint IS the fractal selector. You can’t send a full document over LoRa. You send a SEED - one sentence that compresses the entire analysis. A PARDES-trained recipient can reconstruct 60-70% of the full document from the SEED alone.
This means Osnova works in scenarios where the internet doesn’t:
- Rural areas with only LoRa coverage
- Crisis situations where infrastructure is destroyed
- Censorship environments where internet traffic is monitored
- Offline gatherings where content passes person-to-person
Why It Is Resilient
Osnova is resilient because it has no single point of failure at any level:
| Level | Threat | Defense |
|---|---|---|
| Identity | Account seizure | Keypair is client-side, no account to seize |
| Content | Censorship | Replicated across 3-6+ independent nodes |
| Network | Takedown | Nodes are independent, no coordination needed |
| Discovery | Scraping/surveillance | Three-signal triangulation with human gate |
| Truth | Falsification | PARDES holographic + Einstein riddle encoding |
| Infrastructure | Internet outage | Multi-transport: LoRa, Bluetooth, packet radio |
| Trust | Infiltration | Dunbar-capped rings + canary signals |
| Recovery | Identity loss | Shamir secret sharing across trusted nodes |
The deepest resilience is structural: The network topology itself - overlapping Dunbar rings connected by Lynchpin engagement - is the same topology that kept the Polish underground alive for 123 years under three occupying empires. It works because it maps to how humans actually organize trust: in small, overlapping circles connected by people who naturally belong to multiple worlds.
The Live Instance
Osnova is live at va.evil1.org
It is a single dispatcher node running plain PHP 8.3 with SQLite. No frameworks, no npm, no Docker. The entire backend is ~2,000 lines of PHP. The frontend is HTMX + PicoCSS + tweetnacl.js for client-side Ed25519.
The code: github.com/… (not yet published)
What Comes Next
- More dispatcher nodes - the network needs 3-6 independent nodes to be resilient. One node is a demo. Three is a network.
- IPFS transport - content-addressable storage for permanent archival
- Bounty system - information requests with path-attributed rewards (Shapley values for fair compensation across the discovery chain)
- Democratic tools - polls with quadratic voting, liquid delegation within trust rings
- LoRa transport - SEED propagation over radio for offline resilience
- Shamir recovery - key splitting across trusted nodes for identity recovery after eject
Osnova is not a product. It is a protocol for preserving truth in networks that resist centralized control. The warp holds the fabric together. You don’t see it. But without it, there is no cloth.
Architecture: Maciej Jankowski + Oracle (RAZEM partnership)
Lineage: Lynchpin Protocol + PARDES v2 + ECHAD Circles + The Ring Manifesto
Date: April 5, 2026