"In human communities, relationships survive through reciprocity. You remember my stories; I remember yours. One-sided relationships decay."

The protocol formalizes this as storage pacts: bilateral agreements where both parties store each other's events, matched by data volume within a 30% tolerance. A prolific poster paired with a lurker creates an asymmetric obligation that incentivizes defection — just as asymmetric friendships decay in real social networks.

"Human reputation is not a number. It is the aggregate of observed behavior, weighted by the observer's trust in each source."

Each node maintains per-peer reliability scores using a 30-day rolling window of challenge-response results. Scores are private — each node computes its own assessment. There is no global reputation score. The network topology is the incentive structure.

"Every community has patrons — established members who vouch for newcomers they don't personally know."

The protocol formalizes this as guardian pacts: an established user voluntarily stores data for one untrusted newcomer outside their Web of Trust. The pay-it-forward framing is deliberate: today's seedling becomes tomorrow's guardian.

"Not everyone in a community is equally present. Some friends are always around — they remember everything, they're the first you call. Others drift in and out, but they still matter."

This natural variance maps directly to the protocol's two node types. Keepers — full nodes — are the friends who are always around: a desktop left running, a home server, a small VPS. They store your complete history and are expected online 95% of the time. About 25% of participants naturally fill this role — people who already have always-on hardware. Witnesses — light nodes — are the friends who check in when they can: a phone that syncs when unlocked, a laptop opened a few hours a day. They keep your last 30 days and are expected online 30% of the time. The protocol doesn't force anyone into a role. It observes your device's uptime and classifies automatically: 90%+ becomes a Keeper, lower becomes a Witness. Just as social circles self-organize around natural availability, the network's storage topology emerges from how people actually use their devices.

Storage Pacts

A storage pact is a bilateral agreement between two nodes to store each other's events. Formation follows a three-phase negotiation: Request, Offer, Accept. Pact partners are verified through periodic challenge-response exchanges — hash challenges prove possession without transferring full events. Each node maintains 20 active pacts and 3 standby pacts for instant failover.

Tiered Retrieval

When a node needs to retrieve events from a followed author, the protocol attempts delivery through a cascade of increasingly expensive paths: BLE mesh (nearby, no internet), local cache (zero cost), cached endpoints (~60ms), WoT gossip with blinded requests (TTL=3), and finally relay fallback as a last resort. Each tier is attempted only when the previous fails, creating a natural cost gradient that keeps most traffic within the social graph.

Gossip Routing

The protocol's WoT-filtered forwarding mirrors how humans selectively share: active pact partners get highest priority, then 1-hop WoT peers, then 2-hop peers if capacity permits. Unknown sources are never forwarded — strangers' gossip stops at your door. Data requests use blinded pubkeys that rotate daily, so storage peers learn that someone requested data, but not who.

Multi-device sync without sharing keys

Each device gets its own subkey, delegated from your root identity. Your phone, laptop, and browser extension all sign events independently — no private key copying, no single point of compromise. When devices come online, they reconcile via checkpoints: a lightweight Merkle proof that each device saw the others' latest events. Conflict resolution is automatic. If two devices edit your profile simultaneously, fields merge by latest timestamp. Follow lists merge by set operations. Events chain by per-device sequence numbers, making withholding and reordering detectable in real time.

Encryption with purpose-built key hierarchy

Your root key stays cold — in a hardware wallet or air-gapped machine. From it, the protocol derives purpose-specific keys: device keys for everyday events, a DM key for encrypted messages, and a governance key for profile and follow changes. The DM key rotates every 90 days for bounded forward secrecy. Not every device needs DM access — your desktop and phone might decrypt messages, while your browser extension only posts. If a device is compromised, revoke its subkey. Your identity, your DMs, your social graph: untouched.

Data portable across protocols

Every event is self-authenticating — signed by the author's keys, verifiable by anyone. This makes cross-protocol bridging straightforward: Nostr events convert to ActivityPub activities for Mastodon, to AT Protocol records for Bluesky, and to RSS/Atom feeds for syndication. Your identity bridges through signed attestations linking your secp256k1 pubkey to ActivityPub actor URIs or AT Protocol DIDs. You can export your complete history as a signed archive — tamper-evident, importable into any compatible client.

Three-tier feed model

Not all relationships are equal, and the protocol knows it. Your Inner Circle — mutual follows with active pacts — gets continuous, real-time delivery. Your Orbit — high-interaction authors and socially-endorsed discoveries — gets periodic polling. Your Horizon — 2-hop graph and relay discoveries — gets on-demand fetching. The tiers emerge from your actual social behavior: reply, repost, and react to someone enough, and they drift closer. Stop engaging, and they fade. No algorithm decides this. Your attention does.

Social recovery

Lose your root key? Designate recovery contacts from your Web of Trust. If the worst happens, N-of-M threshold verification kicks in: your contacts verify your identity out-of-band, publish recovery attestations, and after a 7-day timelock — giving the legitimate owner time to cancel — your new key takes over. No seed phrases to forget. No centralized recovery service. Just the people who know you.

Complementing Nostr

Nostr gave the decentralized world something critical: a simple, relay-based protocol where identity is a keypair and events are self-authenticating. But Nostr's relay model means your data lives on servers you don't control, with no guarantee of persistence. Gozzip adds the storage layer: bilateral pacts between peers who know each other, enforced by cryptographic challenges, with volume-matched reciprocity. Your Nostr identity works directly — same secp256k1 keys, same event format. Gozzip doesn't fork Nostr. It gives Nostr users a way to own their data without depending on relay operators.

Complementing BitChat

BitChat solves a different problem: encrypted peer-to-peer messaging over Bluetooth Low Energy, with Noise Protocol handshakes, compact binary framing, and multi-hop relay up to 7 devices. It excels as a real-time mesh layer — ephemeral, local, designed for scenarios where there is no internet. Gozzip adds persistence on top: storage pacts that keep your data alive when you go offline, a Web of Trust that filters what propagates, and a social graph that serves as long-term infrastructure. BitChat handles "send a message to someone nearby right now." Gozzip handles "own your social life permanently." Together they form a complete stack from Bluetooth radio to sovereign social media.

What Scuttlebutt got right — and where it stopped

Secure Scuttlebutt pioneered the idea that social networks could run on peer-to-peer gossip without centralized servers. Gozzip owes a conceptual debt to that work. But the architectures diverge in three critical ways. First, identity: SSB ties ed25519 feeds to single devices — lose the device, lose the identity. Gozzip uses secp256k1 with a delegation hierarchy, so your root key stays cold while device subkeys handle daily operations. Second, replication: SSB pub servers replicate data unilaterally — they store what they want, for whoever they want, with no obligation. Gozzip enforces bilateral storage pacts with proof-of-possession challenges, making free-riding structurally impossible. Third, gossip boundaries: SSB has no explicit trust limit — gossip propagates indefinitely through the network. Gozzip restricts forwarding to a 2-hop Web of Trust, preventing the unbounded data growth that made SSB pubs collapse under their own weight.

Emergency resilience

The BitChat integration also enables panic wipe: a configurable trigger — triple-tap, gesture, or decoy PIN — that destroys all local keys, cached events, and state. Your published data survives on pact partners and relays. Your identity survives in cold storage. Recovery is: access root key, publish a new device delegation, fetch from storage peers, and you're back. Optional decoy mode wipes to an innocuous profile. The adversary sees a normal app with harmless content.

FIPS: beyond the transport layer

BitChat proves that mesh transport works locally. FIPS (Free Internetworking Peering System) extends the principle across any network: identity-routed transport where your pubkey is your network address. No DNS, no static IPs, no NAT traversal headaches. A storage pact partner is simultaneously a mesh routing peer. Sessions survive transport changes — WiFi to cellular to BLE — without dropping. Once the social graph is the storage infrastructure and the trust network is the delivery system, the remaining dependency is the address system. FIPS eliminates that too.