A Public and Open Peer-to-Peer Network of People

Version 0.5 - Mar 2017 - Draft


Luis Fernando Molina


David Matousek, Katherine Noall, Tope Omitola, Daniel Roka, Amadeo Charlé

The Internet of People (IoP) is a software infrastructure that runs on top of the Internet. The IoP is a public good, a shared asset not owned by anyone, like the internet. It is a set of peer-to-peer networks and servers which main purpose is to enable device to device p2p connections without using any third party to establish these connections. Once interconnected, end users devices speak to each other over a direct TCP connection without anybody in the middle, not even the IoP infrastructure.   

This in turn enables Person to Persons Apps (P2P Apps) and when used for business, a broader Person to Person Economy.

The main property of the P2P Economy is disintermediation, that translates into cheaper transactions. The minimum infrastructure to run a computer system are 2 devices directly connected to each other. This is at the same time the limit on disintermediation. The end of the road.  Used for business this translates into the cheapest business transaction possible.



The IoP infrastructure also include services like profile hosting, reputation and proximity and some others services that cannot be run in a Person to Person way.  IoP P2P Apps are built at the edge of these networks, and only use IoP infrastructure when it is not possible to re-create the same needed service in a Person-to-Person way.

The most important service of IoP is the one that allows end users to host their Apps profiles at the IoP Networks. This is needed to allow people to find each other without using any centralized third party. The IoP will become the first public infrastructure where anyone will be able not only to find anyone else, but also establish a direct TCP connection between each other without using any central point of failure.

Until today, when people use internet apps for socializing or even conducting business they create profiles on private networks of people and by doing so they become part of those networks. At the same time they are restricted by network operators on who they can find, who they can connect to, how they can exchange information with others, and what information they can find and consume. Companies build these private networks of users to profit from them, either charging them money, forcing them to consume advertisements or mining their digital footprint or even because of other shady reasons.

The Internet of People is also an alternative to private networks of people. It allows for the first time, anyone to freely find anyone else, freely establish relationships between each other and freely communicate with limits only imposed by the parties involved.

The core proposition of the Internet of People is to allow device to device P2P connections. The second core proposition is to detach people’s profiles from the apps themselves, and publish those profiles to a public shared network. Then something extremely interesting happens: the shared asset is not only the IoP software running, or the hardware that supports that software; the user base is also turned into a shared asset, and this is very powerful.

The Graphchain

The Internet of People uses a new type of cryptographically secured data structure called the graphchain. The main difference between a graphchain and a blockchain is that the first acts as a cryptographically secured data structure, in which no blocks or transactions have to be stored.

At the graphchain the information to be stored concerns either nodes or edges of a graph. The difference with a regular graph is that nodes are identified by a public key and its information is controlled by the corresponding private key holder. Edges represent relationships between the entities controlling nodes and some of these relationships can only be added to the graphchain if they are signed by the private keys of both connected nodes.

At a graphchain nodes are fully owned by their private key holders and the information stored can only be changed  by signing with the respective private key. Edges are co-owned by the entities holding the private keys of the connected nodes. The possible actions they can individually perform on information at the edges is constrained by the relationship type and conditions agreed upon when the relationship was established. In some cases either of the parties might be able to cancel the relationship or change some of its properties. In most relationship types the control resides on the predecessor node.

The Internet of People’s implementation of a graphchain distributes the data structure across two different sets of computers or hardware devices in general. All nodes and public edges belong to the first group: a set of devices running on top of an open and public p2p network. All private edges are stored at the devices of the entities holding the private keys of the predecessor node. This means that one part of the graph is publicly accessible by anyone and the other part is not. The private part of the graph is fragmented into different devices owned by different entities and external parties can learn about it only with the consent of the owner of that private part of the graph or when the owner privately exposes these relationships to a third party with the purpose of declaring a relationship.

These two sets of edges, the private and public ones are linked together because the Internet of People allows end user devices to keep an open connection to the public network. Anyone with access to the public network can locate a device associated with a graph node and use that open connection to learn more about that piece of the private part of the graph, if granted permission by its owner.

The Internet of People’s usage of a graphchain is with the purpose of creating a secure, open and publicly accessible social graph that is user owned and controlled. The end result would be like combining Facebook, Twitter, LinkedIn, Google,  and all user databases of all tech giant companies together and expose them publicly on a blockchain-like p2p-network that anyone can use to consume information and create software in a permissionless way. The most important difference with such a combined user database is that end users own and control both their information and their relationships with others across all type of applications.

Different apps running at end user devices control different sets of private and public edges and nodes on behalf of end users. This means that a single end user can have multiple nodes on the graph and any amount of private and public edges. All of this is enabled just by using IoP apps for different types of social or business interactions.

IoP Properties

In order to achieve these goals the Internet of People needs to have the following properties:

  • Decentralized: It is a set of p2p decentralized networks and like the internet, not owned by anyone in particular. To achieve this, these network are made up of nodes, where any individual, institution or corporation can own some nodes, but not the networks.
  • Open Standard: It is possible for anyone to implement these network protocols. These protocols must be defined by a standards organization where anyone can participate in.
  • Open System: Different apps of the same type using the Internet of People can interoperate between each other as long as they follow the standards.
  • Permissionless: Anyone can run a network node. Anyone can use the network. Anyone can write apps that consume the network services.
  • Dumb: It is a dumb network that pushes innovation to the edge, giving end-users control over the pace and direction of innovation [1].
  • Shared Asset: The IoP software is Open Source and a shared asset. The hardware running this software is a shared asset. The resulting network of people is a shared asset too.
  • Mobile First: The IoP allows mobile devices to connect to each other overcoming the limitations of not being able to receive incoming TCP/IP connections in most jurisdictions.
  • Incentivized:  There are economic incentives to run every type of network nodes and servers.

The IoP network itself does not define any sophisticated high level services or applications and does not target any particular industry. It doesn’t require membership registration or identification to use the network. It doesn’t control the types of applications or devices that can live on its edge. IoP offers these basic services: hosting / seeding people profiles, finding people by the indexable data attached to their profile info, finding people by proximity, communicating with people, and people reputation. Everything else needs to be built on the edge-devices as an application. IoP allows any application to be developed independently, without permission, on the edge of the network. A developer can create a new application using any of these services as a platform and deploy it on any device.

IoP Architecture

The IoP architecture consists of two different types of component building blocks:

    • Nodes: The IoP has a set of p2p networks. Each node type creates at runtime a p2p network with a different topology:
      • Unstructured Network Node: This type of nodes instantiates an unstructured network. We use this for example to run  our IoP Token Server on top of it (Implemented as a blockchain). Status: not implemented yet.
      • Content Address Network Node: This type of nodes implements a DHT (Distributed Hash Table) to allow the other services to index information. (Implemented as a fork of IPFS). Status: alpha released Jan 2017.
      • Location Based Network Node: This type of nodes are organized by an operator declared geo-location. This allows people and apps to comply with regional regulations and deal with privacy concerns. Status: alpha released Jan 2017.
      • Latency Based Network Node: These nodes arrange themselves by latency distance, minimizing communication latency. Status: not implemented yet.
  • Servers: The IoP has a set of servers each one with a well contained and defined responsibility:
    • IoP Token Server: This server is responsible to record IoP token ownership and process token transfer transactions. It uses a blockchain as an underlying data structure and technology. This server runs on top of the IoP Unstructured Network. Status: not implemented yet as described here. Still a simple fork of bitcoin.
    • Minting Server: These servers keep track of IoP full installations (IoP Full Nodes), and run a ranking system with the purpose to determine who deserves the reward of newly minted IoP tokens. These servers runs on top of the IoP Content Address Network. Status: not implemented yet.
    • Profile Server: It is where user profiles are checked in when end users are online. This allows users to find other users, establish relationships between each other, learn which application services client devices are running, and agree how to proceed to establish a p2p connection to exchange information. This agreement constitutes a traditional signaling process to later allow clients to establish a real time p2p communication channel. This server runs on top of the IoP Location Based Network and also on top of the IoP Content Address Network at the same time.  Status: alpha released Feb 2017.
    • Proximity Server: It is a server where people with real-time geo-localized apps check in, in order to be found by nearby peers. These servers run on top of the IoP Location Based Network. Status: under development as of May 2017.
    • Reputation Server: This server stores and serves reputation information of people or any of their sub-profile types. These servers runs on top of the IoP Content Address Network. Status: not implemented yet.
    • Stun Server: These servers helps clients to establish a p2p connection. They run on top of the IoP Unstructured Network. Status: not implemented yet.
    • Turn Server: These servers helps clients to relay data to each other when a p2p connection is not possible. They run on top of the IoP Latency Base Network.  Status: not implemented yet.


IoP uses a token system that glue all the pieces together and provides the right incentives for all the entities involved. These tokens flow across all the server components of the system incentivizing their operators.

The IoP system is based on the assumption that a broader ecosystem is going to be built around these networks. In this ecosystem a number of entities are needed to participate. The flow of IoP tokens then goes beyond these network incentivizing all entities involved.

The IoP minting servers mint tokens to reliable full node operators, which are later exchanged for fiat money to pay for electricity and other expenses.

IoP Token System

Current Status

Our IoP token system is a fork of the bitcoin code base. On top of the existing functionality we added the following:

  1. Mining Licenses: It is well known that new PoW blockchains can be easily attacked by an adversary with huge hashing power. To avoid that, we implemented a Mining Licenses scheme over the blockchain that allows only Miners Public Keys previously authorized by a few administrators (core developer and community leader) to mine IoPs. Mining licenses have been currently awarded to active developers and to Fermat Chapters spreading the word about the project globally. The road map includes the removal of administrators granting and cancelling licenses eliminating this trusted entities and these single points of failure.
  2. Mining Cap: To protect even further our newborn blockchain, a capping mechanism was implemented to prevent that no mining license holder can mine 3 times more than the average mined by the rest of the license holders. This is recalculated with the same frequency that the network difficulty is calculated, and after each period all counters are reset. We expect in further versions, to remove the arbitrary number 3 with an algorithm that would estimate its value based on the mining activity of the previous period. This cap is currently working very well protecting the blockchain from attacks and also promoting mining with regular computers and servers in contrast to a mining race.
  3. Contribution Contracts: We are developing a DASH [4] like voting system for project contributions that we call Contribution Contracts. In our case anyone can create a Contribution Contract and recorded at the blockchain using a special app for that. With a second App, any token holder can vote to approve or reject Contribution Contracts. The ones approved are paid by the protocol with newly issued tokens. This feature is scheduled to be available in December 2016.

Final Goal

We will continue innovating at the blockchain level towards the resilient system that we envision. We will split the current token system component into several parts: A Minting Server, a Token Server and the underlying p2p Network. In this way we can continue innovating in each component independently without risking a system failure. Following are the details of the end state we want to achieve.

The IoP Token Server uses a blockchain with an hybrid PoS / PoW consensus type that we call Randomized PoS Filtered PoW Mining and is described below. The issuing of IoP tokens is determined by the Minting Servers, so the IoP Token Server role is constrained to record IoP tokens transactions on an immutable ledger. Operators incentives to run these servers are limited to collecting transaction fees.

IoP token system has the same total supply of bitcoin, with 21 million total possible tokens.

Randomized PoS Filtered PoW Mining

The following description applies to the mining of block transaction fees only, not issuing of new tokens. It is designed to allow anyone to mine. Note that this is the final stage we want to reach, but we are starting with a bitcoin fork and evolve into this.

Overall the hybrid consensus protocol follows the following procedure in order to determine who can sign the next valid block and thus get the reward:

  1. Right to Mine: Candidates submit 1 IoP token in a transaction with a special code to participate in the mining of 2016 blocks. This IoP is sent to themselves, so it is not lost, just necessary to create the transaction. They are required to include a mining rights fee that prevents the candidate list to be bloated. This fee is payed with the network transaction fees of that transaction. The same transaction must take the funds from and send the funds to the a single address, usually owned by the same person. This address balance is considered the PoS. The public key of the sender enters the candidate list after the transaction is buried under 2016 blocks. No further transaction is allowed taking funds from the account holding the PoS during the next 4032 blocks. After participating as a candidate in 2016 blocks, the mining rights expires and the candidate naturally exits the candidate list.
  2. Distributed Randomness: The first step of the consensus mechanism executed after the winner of the previous block is known is the collaborative calculation of a random string using a coin flipping protocol to produce the randomness. All the candidates in the candidates list participates on this two-phase process in which a random string is computed.
  3. PoS Filter: The list of candidates is reduced 50% pseudo-randomly using the previously calculated random string. The probability to stay on the list is proportional to the candidates PoS.
  4. First Purge: From the resulting list, the 50% of the candidates with less PoS is eliminated.
  5. Second Purge: The list is randomly purged again using the random string. The resulting list keeps only a 10% of the previous list. This purge prevents big stakeholders to always be a valid miner. This list then becomes the list of valid miners for the next block.
  6. PoW Mining: The remaining candidates then compete with PoW.
  7. Consensus: The next valid block is the one that matches the PoW difficulty on the longest PoW chain signed by a miner on the valid miner’s list. The random string of the next block is recorded in the block header, to allow anyone to verify that that block is mined by a valid miner.

Profile Server & Network

The Profile Server main purpose is to allow end users to expose their profiles to their peers in order to be found on the network, connect to others and exchange information. Profile Servers are expected to be chosen from between a set of Profile Servers geographically close to end users average location.

Application Services are defined as p2p communication channels available for apps to use in app to app data communication. Each Application Service has its own message protocol. End users communicate between each other through apps that rely on Application Services.

Profile Servers provide the following basic services:

  • Profile Check In / Out: User-agents check in end user  profiles once they are online. This allows other end users to find them, connect with them and communicate with them.
  • Application Service Check In / Out: Application Services also check in when they are online, to signal that that channel is open.
  • Application Service Call: An application service at one end user device can place a call to a remote instance of itself through Profile Servers. This call is for signaling purposes: exchanging connection requests and agreeing on p2p communication details.

Profile Server operators are economically incentivized. They charge a fee in IoP tokens to end users for hosting / seeding their profile information for a certain period of time, serving queries to other people searching for them  and allowing the signaling process for incoming p2p communications.

The Profile Network is the network of Profile Servers. These servers run on top of the IoP Location Based Network and also on top of the IoP Content Address Network at the same time. In the first case is to be able to be found by their operator configured geo-location. In the second one, to be found by its id on the network.

Proximity Server & Network

Certain apps or use cases needs to know which people are around a certain physical area: for example a taxi app might need to find all taxi drivers nearby. To avoid scanning the Profile Network a specialized network is needed for this purpose.

Profiles that are subject to be found in this way, also check in to the geographically closest node of this Proximity Network. This allows querying only one node for any app to know who is around a certain spot.

Reputation Server & Network

The Reputation Network is p2p network of Reputation Nodes. Its main purpose is to store and manage people’s reputation information. By being an application agnostic network, this allows people to prove their reputation across several apps, use cases and even industries.

Reputation entries are handled by profile and sub-profile types. As people might have several different profiles they can build reputation for each of them separately. People can also link profiles on the fly to combine their reputation to others. The linking is done outside the network to preserve privacy.

Finally, Reputation Nodes implement a web of trust that helps users to have some certainty that the online profiles they search for are the real life persons they think they are.

Minting Server & Network

The minting  network is a final network on top of all other networks that functions as an incentivisation layer for the whole system. In order to participate in the minting network, a node has to run all of the IoP servers and networks (such a node is called a Full Node).

Those who participate in the minting network and can establish themselves as a reliable service provider on all networks, can mint new IoP tokens in exchange for contributing to the health and performance of the whole system.

Establishing a good reputation is done through passing audits performed within the individual networks, and building up a rank from consequently passing audits for an extended period of time. The requirements to mint IoP tokens are:

  1. Run a full node.
  2. Be at the top of the ranking system.
  3. Proof of Stake.


The IoP is part of a broader project called Fermat [2]. The Fermat Vision goes beyond the IoP and the P2P Economy and is about a connected and decentralized human species [3].

The IoP is a necessary step towards that direction. At the same time is reach in innovations and we expect it to have a profound impact in society. The P2P Economy is the second necessary step. It is also very powerful since it is the limit on disintermediation. It is truly the digital version of physical person to person interactions.



[1] - Andreas M. Antonopoulos, “Decentralization: Why Dumb Networks Are Better”, https://fee.org/articles/decentralization-why-dumb-networks-are-better/

[2] - http://www.fermat.org

[3]- Luis Fernando Molina, “Fermat, the Internet of People and the P2P Economy”, //medium.com/@luisfernandomolina/fermat-the-internet-of-people-and-the-person-to-person-economy-ce933865a0b0#.1sbk4yiq0">https://medium.com/@luisfernandomolina/fermat-the-internet-of-people-and-the-person-to-person-economy-ce933865a0b0#.1sbk4yiq0

[4] - https://www.dash.org/