🕊️

Freebird

Authorization without identity. Privacy without compromise.

Every digital interaction today demands you prove who you are before proving what you can do. We've accepted total surveillance as the price of functional systems. This is a false choice.

The Problem

The internet has a surveillance problem baked into its infrastructure. Not because of malicious actors, but because useful systems require identity by default.

Rate limiting requires tracking users
Access control requires accounts
Spam prevention requires surveillance
Resource allocation requires registration
"One person, one vote" requires identity databases

Even privacy-respecting services must collect your data to function. The architecture demands it.

Traditional System: User ──────────────────────────▶ Server "I am alice@example.com" "Give me access" │ Server logs: ▼ ✗ Who you are Access ✗ When you accessed Granted ✗ What you accessed (maybe) ✗ Your usage patterns ✗ Your IP address ✗ Everything, forever

Freebird's Answer

Freebird uses VOPRF cryptography (Verifiable Oblivious Pseudorandom Function) to separate "can you?" from "who are you?" for the first time in a practical, deployable way.

Think of it as anonymous digital cash for authorization. Users receive unforgeable, unlinkable tokens that prove permission while revealing nothing about identity.

Freebird: ┌─────────────────────────────────────────────────────────┐ │ │ │ User Issuer Verifier │ │ │ │ │ │ │ │──[blind data]──▶│ │ │ │ │ │ signs without │ │ │ │ │ seeing content │ │ │ │◀─[signed blob]──│ │ │ │ │ │ │ │ │ │ unblinds to │ │ │ │ │ get token │ │ │ │ │ │ │ │ │ │──────────[anonymous token]──────────▶│ │ │ │ │ │ │ │ ✓ Valid signature │ │ │ ✗ No identity │ │ │ ✗ No tracking │ │ │ └─────────────────────────────────────────────────────────┘ Issuer sees: Someone requested a token. (Nothing else.) Verifier sees: Valid token from trusted issuer. (Nothing else.) Correlation: Mathematically impossible.

Prove you're authorized without revealing who you are
Rate limiting without tracking
Access control without accounts
Spam prevention without surveillance
One person, one vote—anonymously

Cryptographic Guarantees

Not privacy theater. Not "we promise not to look." Mathematical impossibility of surveillance.

❌ Traditional "Privacy"

"We won't share your data"

"Trust our policy"

"We anonymize logs"

Until subpoena, hack, acquisition, policy change...

✓ Freebird

No data to share

No policy to trust

No logs to anonymize

Can't surveil what doesn't exist

Property	Guarantee	Mechanism
Unlinkability	Issuer can't link issuance to usage	Random blinding factors
Anonymity	Verifier can't identify token holder	No identity in tokens
Unforgeability	Can't create tokens without issuer key	P-256 ECDLP hardness
Replay Protection	Each token works exactly once	Nullifier-based detection
Verifiability	Clients verify correct computation	DLEQ zero-knowledge proofs

Real-World Applications

Freebird isn't theoretical. It solves concrete problems for municipalities, healthcare systems, educators, and communities.

🏛️ Municipal Feedback Residents report concerns without fear of retaliation from officials they're criticizing.

🏥 STI Testing Clinics verify patient eligibility without creating records that could be subpoenaed.

🗳️ Anonymous Voting One person, one vote—mathematically enforced—without a voter database.

📚 Library Access Manage computer time limits without logging which books patrons read.

🍽️ Food Banks Verify eligibility and prevent abuse without creating surveillance infrastructure.

📱 Public WiFi Rate-limit bandwidth fairly without tracking browsing history.

🏫 School Lunch Free lunch recipients scan the same card as paying students. No stigma.

🚨 Crisis Hotlines Verify callers are local residents without creating records that could deter help-seeking.

SCREENSHOT: Admin dashboard showing token issuance statistics without individual user data

Sybil Resistance

"Anonymous" doesn't mean "unlimited." Freebird includes multiple mechanisms to prevent abuse without surveillance:

Invitation System (Trust Graphs)

Users invite others. Abuse traces back through the invitation chain. Bad actors get cut off—along with everyone they invited. Social accountability without identity.

Proof of Work

Computational cost per token. Prevents bot farms without collecting data.

WebAuthn / Hardware Keys

"Proof of humanity" via hardware authenticators. No biometrics stored, no accounts created.

Rate Limiting

IP-based throttling for basic protection. Stackable with other mechanisms.

SCREENSHOT: Invitation tree visualization showing trust relationships

Technical Architecture

┌─────────────────────────────────────────────────────────────────────┐
│                         Freebird System                              │
│                                                                      │
│   ┌──────────────┐         ┌──────────────┐         ┌────────────┐  │
│   │    Issuer    │         │   Verifier   │         │   Redis    │  │
│   │   (Rust)     │         │   (Rust)     │         │  (State)   │  │
│   │              │         │              │         │            │  │
│   │ - VOPRF eval │         │ - Token auth │         │ - Nulls    │  │
│   │ - Sybil      │         │ - Multi-     │         │ - Invites  │  │
│   │   checks     │         │   issuer     │         │ - WebAuthn │  │
│   │ - Key mgmt   │         │   federation │         │            │  │
│   └──────────────┘         └──────────────┘         └────────────┘  │
│          │                        │                       │         │
│          └────────────────────────┴───────────────────────┘         │
│                                  │                                   │
│                         ┌────────▼────────┐                         │
│                         │   TypeScript    │                         │
│                         │      SDK        │                         │
│                         │                 │                         │
│                         │ Browser/Node.js │                         │
│                         └─────────────────┘                         │
└─────────────────────────────────────────────────────────────────────┘

Component	Language	Purpose
Core Crypto	Rust	VOPRF, DLEQ proofs, P-256 operations
Issuer Service	Rust	Token issuance, key rotation, Sybil checks
Verifier Service	Rust	Token validation, multi-issuer federation
Client SDK	TypeScript	Browser/Node.js integration
Admin CLI	Rust	Key management, invitation admin

SCREENSHOT: CLI output showing key rotation and status

Implementation Status

Feature	Status
P-256 VOPRF with DLEQ proofs	✓ Complete
Batch issuance (rayon parallelization)	✓ Complete
Zero-downtime key rotation	✓ Complete
Multi-issuer federation	✓ Complete
Invitation system with ban trees	✓ Complete
WebAuthn/FIDO2 integration	✓ Complete
TypeScript SDK	✓ Complete
Admin dashboard UI	✓ Complete
Prometheus metrics	✓ Complete
HSM/PKCS#11 support	✓ Complete
Documentation	In Progress
Reference integrations	In Progress
Browser playground	Planned

Why Open Infrastructure Matters

Privacy technology that requires trusting a company is privacy theater. Freebird is infrastructure, not a service.

Self-hostable: Run your own issuer. No dependencies on us.
Federated: Multiple issuers can exist. Verifiers choose whom to trust.
Auditable: Every line of code is public. Every cryptographic claim is verifiable.
Forkable: Don't like our decisions? Fork it. The protocol is the product.

This aligns with Mozilla's vision of an internet that's open, accessible, and respects users. It aligns with NLnet's mission of trustworthy, open infrastructure. Privacy shouldn't be a product you buy—it should be infrastructure everyone can build on.

Funding Goals

Freebird's core technology works. Funding accelerates adoption and hardening.

Documentation & Tutorials

Lower the barrier for municipalities and community organizations. Step-by-step deployment guides. Integration cookbooks for common scenarios.

Reference Implementations

Working examples beyond the current demo: anonymous feedback system, token-gated forum, municipal service portal. Proof that this works in production.

Browser Playground

Try Freebird without installing anything. Interactive demo that shows the cryptography working in real-time.

Security Audit

Third-party cryptographic audit. We believe the implementation is correct—let's prove it.

Community Building

Outreach to municipalities, libraries, healthcare organizations who could benefit. Help them understand that privacy-preserving systems are possible.

Try It

git clone https://github.com/flammafex/freebird
cd freebird
docker compose up

That's it. Issuer on localhost:8081, verifier on localhost:8082.

# Get a token
curl -X POST http://localhost:8081/v1/oprf/issue \
  -H "Content-Type: application/json" \
  -d '{"blinded_element": "..."}'

# Verify it
curl -X POST http://localhost:8082/v1/verify \
  -H "Content-Type: application/json" \
  -d '{"token": "..."}'

Full documentation at github.com/flammafex/freebird/docs.

SCREENSHOT: Terminal showing successful token issuance and verification

Standards & Prior Art

Freebird implements established cryptographic standards:

IETF CFRG VOPRF Draft — The core protocol
Privacy Pass Protocol — Related work from Cloudflare/Apple
RFC 9380 — Hash-to-curve specification
FIPS 186-5 — P-256 curve specification

We're not inventing cryptography. We're making existing, peer-reviewed cryptography deployable.

Team

Built by The Carpocratian Church of Commonality and Equality—a 501(c)(3) religious nonprofit building infrastructure for digital dignity.

Other projects: Clout (trust-graph social network), HyperToken (distributed simulation engine).

GitHub Documentation Organization