Passer au contenu

Bitcoin accepté au paiement  |  Expédié depuis Laval, QC, Canada  |  Soutien expert depuis 2016

Web of Trust

Digital Sovereignty

Definition

A Web of Trust is a decentralized model for establishing trust and authenticity without a central authority. Rather than relying on a single certificate authority, registrar, or platform to vouch for identities, trust propagates through a social graph: you trust the people you know, you extend partial trust to the people they trust, and reputation emerges from overlapping endorsements rather than from an official stamp. The concept originated with PGP key signing in the early 1990s — Phil Zimmermann's answer to verifying whose encryption key was whose without any government or corporate registry — and it has found sharp new relevance in decentralized networks like Nostr, where anyone can create an identity in seconds and no authority exists to sort the genuine from the fake.

The original: PGP key signing

In PGP's model, the question was binding: does this public key really belong to this person? Users answered it socially — after verifying someone's identity, you signed their key, and your signature became portable evidence others could weigh. Someone who trusted you could then extend calibrated, partial trust to keys you had signed, and confidence accumulated along multiple independent paths through the graph. Key-signing parties became a small ritual of the cypherpunk era. The model worked, but its friction — manual verification, careful key management, unforgiving tooling — kept it from mainstream adoption, a lesson that usability is a security property too.

Web of trust on open networks

Nostr resurrects the idea with the friction inverted. On a network with no gatekeeper, identity creation is free — which means spam, impersonation, and Sybil swarms (one operator wielding thousands of keys) are the default condition, not the exception. A web of trust addresses this by ranking and filtering through social distance: notes from keys followed by people you already follow surface readily; keys with no path into your trust graph get de-prioritized or held for review. The raw material is already on the network — follow lists, mutes, reactions, published as signed events — so clients can compute trust scores locally, each user seeing the network through their own graph. Verified handles via NIP-05 identifiers add a complementary, domain-anchored signal. The result is Sybil resistance you control: an attacker can mint a million keys, but cannot mint your friends' endorsements of those keys.

Honest limits

A web of trust is powerful, not magic. New, legitimate users start outside every graph and must bootstrap visibility — the cold-start problem. Trust graphs can calcify into echo chambers if distance becomes the only signal. Public follow relationships leak social metadata worth caring about. And transitive trust dilutes: a friend's judgment of a stranger is weaker evidence than your own. Metrics need care as well: naive scoring can be gamed by follow-back rings, so robust implementations weight endorsements by the endorser's own standing and decay stale signals over time. Good implementations treat the graph as one weighted signal among several, with the weighting always in the user's hands — which is precisely the point.

Why it matters for sovereignty

The web of trust keeps the decision of whom to believe where it belongs: with the user. It scales reputation without a central registry that could be captured, censored, or monetized, and it replaces the opaque ranking algorithm of platform feeds with one you can inspect and tune. That is the same anti-gatekeeper principle that underpins Bitcoin's node network and self-hosted infrastructure generally — verify locally, trust selectively, depend on no single authority. Identity systems built on self-sovereign identity and decentralized identifiers lean on the same graph-shaped thinking. Explore related trust-minimized tooling in D-Central's sovereign self-hosting catalog.

In Simple Terms

A Web of Trust is a decentralized model for establishing trust and authenticity without a central authority. Rather than relying on a single certificate authority,…

Explore the Full Glossary

Browse all Bitcoin mining terms from A to Z. Whether you are a beginner or expert, deepen your understanding of the mining ecosystem.

Glossaire du minage

ASIC Miner Database

Compare 500+ miners with real-time profitability data, home mining scores, and detailed specs.

Comparer les mineurs