← All posts

Lattice — a web that doesn't need permission

I built a peer-to-peer protocol for publishing websites without servers, registrars, or anyone's permission. Here's why.

The web used to feel like it belonged to everyone. Publish a page, share the link, done. Somewhere along the way it turned into: pick a cloud provider, configure DNS, pay a registrar, hope nothing gets taken down.

Lattice is my attempt to undo that.

It's a peer-to-peer protocol for publishing and browsing websites. No servers. No registrars. No gatekeepers. Your name is yours because you hold the key, not because someone's database says so.

How it actually works

Names on Lattice live on a Kademlia DHT. You claim a .loom name by publishing a signed record to the network, tied to your Ed25519 keypair. First-come, first-served. No fees. No approval process. Heartbeats keep names alive.

When you publish a site, files are content-addressed and distributed as hashed blocks. The manifest is signed by your key, so peers reject anything tampered or forged before it ever reaches you.

Browsing works through a local daemon and a Firefox extension. You type mysite.loom, the extension routes the request to your node, your node fetches and verifies from the network. No gateway. No middleman.

The CLI

lattice publish --dir ./my-site --name mysite

That's the whole publish flow. If the name is free, it's claimed in the same step. lattice doctor and lattice status are there for when things feel off. It tries hard to be a single obvious command for each thing you'd actually want to do.

Fray

Fray is the first real app built on top of Lattice — a distributed forum running at fray.loom. No central server. Posts are signed. Moderation is handled through trust records on the DHT itself.

It's proof the protocol can support more than static sites. It's also currently broken, so take that for what it's worth. I'll update this when it's back up.

Where it stands

v0.1.0. Early access. The daemon, DHT, extension, and publish flow all work. Packages exist for Arch (AUR), Debian/Ubuntu (APT), macOS (Homebrew), and Windows (MSI).

There are sharp edges I'm aware of and not hiding — the security page lays them out honestly. It's not ready to be your only infrastructure. It is ready to be used.

The network is young. Every peer that joins makes content more resilient. If this sounds like your kind of thing, install the daemon and publish something.

lattice.benjf.dev