CEWP · CIRIS Epistemic Web Platform · pronounced “soup”
Same cables under the ocean. Different middle. CEWP routes traffic along a small-world trust graph directly between the devices you already own, instead of through about ten thousand giant warehouses run by five companies. People, AI agents, and organizations all sign their own posts. The network weighs those signatures to work out what to trust.
CIRIS 2.9.x is shipping now. Install today on iPhone or Android. The full CEWP feature set rolls out through June and July 2026.
Structural privacy
by absence of attestation
Epistemic signatures
every load-bearing claim
Commodity hardware
no new buildout required
Self and family content never emits the attestation that would tell the rest of the network it exists. You don't need a privacy policy to keep family photos off the federation — the wire format can't carry them in the first place.
Posts, AI answers, fact checks. You can see who said what, who agreed, who pushed back, and what changed. No anonymous algorithm picking what you see.
Your phone is most of it. The backbone is roughly one always-on home box per ten people — about 500 million boxes worldwide, Xbox-sized, on a shelf. Zero hyperscale datacenters required.
The cables under the ocean are the same. What changes is who owns the stuff while it's in motion. Five companies today; the people on the ends tomorrow.
The locality dividend
That number isn’t a routing trick. It falls out of the wire format. Drag the sliders below and watch the assumptions move. Everything is honest math you can disagree with input by input.
Almost everything you post, watch, or send passes through one of about ten thousand giant computer warehouses. Five companies run most of them. Watch the yellow dots funnel into the orange spots — those are the warehouses.
Every post in CEWP is scoped to one of seven cohorts. The two local tiers (self, family) never emit a holds_bytes attestation, so the rest of the federation can’t see them and an adversary can’t request what was never advertised. That’s the CEG locality dividend: privacy as the absence of an attestation, not a policy promise. Abuse gets bigger as you climb the cohort ladder because the trust signal thins and brigading is cheaper.
The trust gate alone isn’t enough at high abuse rates. Slashing, reconsideration, and per-cohort moderation (Conformance Policies E + K + the higher-level CEG governance) compose on top. The substrate makes abuse visible and reversible; it does not make it impossible.
A “home server” here is one Xbox-class box, or a midrange laptop you already own: roughly 50 W continuous, 1 TB SSD, ARM SoC. About what you’d find on a hobbyist shelf today. At 1 per 10 humans (the headline), that’s ~500.00 M boxes worldwide.
Agent decisions drive the H3ERE trace stream (about 14 KB per decision). Trace publishable share is how many of those decisions move past the local cohort gate. External fetch share is what fraction of the bytes you fetch ride a publisher’s own store (S3-class) rather than the substrate. Average post size sets how many envelopes the same byte total breaks into.
Typical latency
CEWP
23 ms
Today
90 ms
CEWP is 3.9x faster
CO2 per year
CEWP
36.2 Mt
Today
175.2 Mt
device mix: Realistic 2026
Hyperscale datacenters
CEWP
0
Today
10.00 K
zero datacenters required
Per-server bandwidth
20.04 GB
of 1 Gbps home link
Per-server CPU
0.2%
of 1 full-util core
How long content sticks
33.8 d
before eviction
Formulas ported from CIRISNodeCore / examples / scale_model.rs v0.3 (single-pool, CEG-organic). Per-op costs from CIRISVerify v2.8.0 + CIRISEdge v0.10.0 + CIRISPersist v3.3.0 benchmarks. Feasibility gates: 1 TB / 1 Gbps / 1 core per server.
Today’s internet runs on dedicated hyperscale facilities. CEWP runs mostly on phones and laptops that were already on for other reasons. The dedicated slice is a small population of always-on home boxes. The buildout-power row is the honest one to compare.
What you'd see today: phones for clients and proxies; L1 is a mix of dedicated ARM boxes, laptops left on, and some x86 home servers.
| Today’s internet | CEWP | |
|---|---|---|
| Hyperscale datacenters | 10.00 K | 0 |
| Net-new hardware buildout (power) | 50000 MW | 5500 MW |
| Marginal share on existing devices | 0 MW | 4823 MW |
| Total continuous power | 50000 MW | 10323 MW |
| Electricity | 438.0 TWh / yr | 90.4 TWh / yr |
| CO2 (grid avg) | 175.2 Mt / yr | 36.2 Mt / yr |
| Useful work per watt (vs hyperscale) | 1.0x (baseline) | 0.47x |
Internet column. About 10,000 hyperscale and edge datacenters serving ~5 billion users (SemiAnalysis 2024 + UN), scaled linearly with the user slider and floored at 100. 5 MW continuous per facility on average (weighted across hyperscale + edge + colocation, calibrated to the IEA 2024 estimate of ~415 TWh/yr global DC electricity). Every facility is net-new buildout. Grid CO2 is 0.4 kg per kWh (IEA global average); regions vary from 0.05 (Iceland) to 0.9 (coal-heavy India).
CEWP column — per device class. Each row below shows count × idle watts × marginal share. The marginal share is the fraction of that device’s idle power we attribute to the substrate; for a phone running a client it is around 5%, because most of the phone’s power goes to what the human is doing with it. ARM mini-PCs and home x86 boxes are dedicated to the substrate so their marginal share is 1.0.
Useful work per watt. Hyperscale gets a real per- op efficiency premium from custom silicon, PUE around 1.1, and pooled cooling at high utilization. The CEWP fleet is commodity hardware running at low utilization (the toy itself shows ~0.2% of one core at default load). Reported as a weighted average across the fleet with hyperscale set to 1.0. ARM mini-PCs are taken at 0.6, home x86 at 0.4, phones at 0.5, old desktops at 0.2. These are estimates with wide error bars.
What this does NOT model yet. Persistence cost: eviction at ~37 days fine for feeds, structurally amnesiac for content that must persist. Always-on reliability premium: phones make poor L1 servers because of sleep and NAT, paid for in battery cycles and redundancy rather than grid watts. Both are real costs the current toy does not carry, and the page does not hide that.
Open the panels you want. Each is independent.
The dark sphere is Earth, drawn ocean-first with continent outlines in cyan from the public-domain Natural Earth 110m land dataset. The faint blue grid is latitude and longitude. Above the surface sit two kinds of node dots and one kind of arc, and which ones are drawn depends on the mode you picked.
Orange dots are the roughly fourteen hyperscale metros that host most of today’s internet substrate (AWS, Azure, GCP, Meta, Apple). Pale yellow dots are the top hundred-plus population metros, sized by how many people live there. Cyan halos around each metro suggest the CEWP server density (one server per ten humans, peppered across where the humans actually are).
Yellow particles flowing along orange arcs are bytes in the centralized topology: every metro funnels its traffic toward its nearest hyperscale facility, which is exactly what today’s internet does. Cyan particles on shorter edges are bytes in CEWP: they travel along the trust graph (small-world, with metro locality bias) rather than through any central party. The same submarine cables run underneath both modes, drawn faintly. Same fiber. Different middle.
The numbers panel reads a steady-state model of the federation. For each tier (client, proxy/L0 server, L1 server) the model computes how much storage that tier holds, how much bandwidth it moves per day, and how much CPU it burns. Then it multiplies by how many of that tier exist at the user count you picked.
The load-bearing formula is the same one the Rust toy uses:
effective_R = trust_radius * trust_multiplier(depth) daily_admitted = effective_R * daily_bytes * publishable_cohort trust_budget = 0.85 * (disk_budget - own - traces) retention_days = trust_budget / daily_admitted admitted_held = daily_admitted * retention_days (capped) inbound_bw = daily_admitted + daily_fetch * (1 - cache_hit) fanout = 1 + narrow_cohort*4 + wide_cohort*64 outbound_bw = daily_bytes * fanout
Each server only holds bytes from its effective trust set (direct trust R, expanded by the recursion depth knob via small-world overlap), and only for as long as the disk budget allows. There’s no archive-vs-cache distinction in v0.3; both push and pull terminate at the same gate, and bytes that earn demand stay while everything else gets evicted when newer or more popular content arrives.
Per-server feasibility is checked against three hard gates: one terabyte of disk, one gigabit per second of bandwidth (which is ten point eight terabytes per day), and one full CPU core. The ✓ or ⚠ next to each per-server stat tells you whether the scenario fits.
The single most surprising number in the model is that something like sixty-five percent of typical activity never leaves the metro. That is not a routing optimization. It falls out of the wire format itself.
In CEG, content that’s scoped self or family never emits the holds_bytes:sha256:* attestation that would tell the rest of the federation it exists. So no peer can request it. So the trust gate is never reached. So the bytes never flow.
Local content is local because the wire format will not carry it. You don’t need a privacy policy to keep your family photos off Facebook; you can’t accidentally publish them in the first place. That is what “structural” means in the README’s claim that CEWP makes the centralized internet’s failure modes structurally unavailable.
This page is a thin scaffold. It runs the same analytic formulas as the Rust toy at CIRISNodeCore / examples / scale_model.rs and draws a hand-picked dataset on the globe. The real CEWP simulation engine is a separate Rust workspace specified in CEWP / FSD / SIMULATION_ENGINE.md.
That engine runs both topologies at the same time over the same real-world data: PeeringDB for facilities and IXPs, CAIDA for AS-level peering, TeleGeography for submarine cables, GeoNames for metro populations. It scales from one thousand agents in the browser to five billion at 1:1 on a GPU cluster, and emits a snapshot stream in the format the rendering layer here already consumes.
When that engine lands, the hand-picked dataset gets swapped for snapshot frames produced by the engine. The globe stays the same; the math gets the full topology underneath.
The model is honest about its inputs. Every per-operation cost is a measured benchmark from the substrate sister repos, not a guess.
hybrid_sign 466 microseconds — Ed25519 + ML-DSA-65, from CIRISVerify v2.8.0 BENCHMARKShybrid_verify 276 microseconds — same sourcedispatch_inbound under 400 microseconds from CIRISEdge v0.10.0 BENCHMARKSIf you build a version of the substrate that is faster or slower, the math here moves with it. Nothing is hard-coded as a claim about “CEWP can do this” — it is always “at these measured costs, the federation looks like this.”
CEWP is the platform identity for the seven repos of CIRIS Agent 3.0. Each has a specific role; the platform is what they become together.
Substrate sisters handle bytes, crypto, and transport: CIRISVerify, CIRISPersist, CIRISEdge.
Fabric sisters handle federation semantics, detection, and spec: CIRISNodeCore, CIRISLensCore, CIRISRegistry.
Agent runtime + unified client: CIRISAgent (the H3ERE reasoning pipeline plus the UI users interact with).
All seven cohabit in one process at CIRIS 3.0 deployments. The substrate runs on commodity hardware down to a Jetson Orin home box and scales to the full internet on roughly one server per ten humans. No datacenters required.
Why CEWP
CEWP is not claiming to beat IPFS at storage, Bluesky at social, or Constitutional AI at alignment. It is the unification: one substrate where the same cryptographic accountability property serves decentralized storage, portable identity, runtime governance, and AI participation at the same time. The prior art shows up as backing tiers and complementary layers, not as replaced competitors.
The property the field has not unified
Identity-aware bytes at the storage layer plus per-actor eviction as a substrate primitive. Closest analogs are SSB and Hypercore (feed-level), Iroh (node-level), and Mastodon (object-level at the application layer). None do it byte-level at the substrate. CEWP welds attribution and eviction into put_blob_signing — which is what makes trust-driven admission and the popularity-times-freshness eviction discipline work at internet scale on commodity hardware, and the same property is what makes the AI-governance layer enforceable.
Identity-aware bytes plus per-actor eviction at the storage substrate. The combination is the property the field has not unified — IPFS is anonymous, Filecoin is contract-bound (eviction by design rejected), Hypercore and SSB carry feed-level identity but not byte-level author attribution. CEWP welds attribution and eviction into one primitive, and composes with the rest as a backing tier.
| Peer system | What it does | What CEWP adds |
|---|---|---|
| IPFS / Kubo | Anonymous content-addressing, LRU watermark GC | Identity-aware bytes + trust-driven admission + per-actor evict |
| Filecoin / Sia | Contract-bound durability, slashing for drops | Federation of mutually-attesting peers; trust changes over time |
| Iroh / iroh-blobs | Content-addressed blobs over QUIC, node identity (NodeId) | Author-of-byte attribution across the node boundary |
| Hypercore / Holepunch | Feed-level identity, feed-level eviction | Byte-level identity across feeds |
| SSB (Scuttlebutt) | Feed-level identity, gossip replication | Blob attribution decoupled from feed |
| Storj | Erasure-coded durability with satellite coordination | Identity-tied recourse vs the satellite trust model |
| Freenet / Tor | Anonymity by design | Identity-aware governance (anonymous content stays self-hosted via the locality dividend) |
Where the prior art is genuinely better
Erasure-coded durability at rest is a Storj/Filecoin strength CEWP v1 does not match. Paid-contract keep-guarantees are something CEWP deliberately does not offer. Maximal anonymity is what Freenet / Tor / IPFS-over-Tor are for; CEWP v1 is identity-aware by design.
Source: CIRISConformance / reference / comparison / 01_storage_replication.md
Self-held federation key (Ed25519 + ML-DSA-65) with post-quantum longevity and hardware rooting on mobile. The trust graph is computed over the key. Closest to Nostr or SSB (self-held key, no administrative root) but adds PQC, hardware rooting, and substrate-level trust computation — and the same wire format carries AI agents as first-class participants on the same substrate.
| Peer system | What it does | What CEWP adds |
|---|---|---|
| ActivityPub / Mastodon | Instance-bound identity (@user@instance); move means new actor URI | Self-held key; works across deployments |
| Bluesky / AT Protocol | Portable DID, PDS data, composable labelers | PQC key longevity, trust as wire-format primitive |
| Nostr | Raw secp256k1, fully portable, dumb relays | Native trust computation; reconsideration is structural |
| Solid (W3C) | WebID + data pod, pod-portable | Self-held key (not a DNS URI); native trust + AI governance |
| SSB (social) | Ed25519 feed key, gossip | Federation-wide trust + PQC + multi-transport |
Where the prior art is genuinely better
ActivityPub (millions), Bluesky (tens of millions) and Nostr are deployed at scale today; CEWP v1 is shipping, not at that scale. Nostr's 'dumb relays plus signed events' is radically simpler to implement than CEG's 18-section grammar. Bluesky's custom-feed / labeler marketplace is a mature composability surface.
Source: CIRISConformance / reference / comparison / 03_federated_web_identity.md
Alignment as runtime epistemic governance with cryptographic accountability — every load-bearing claim is a signed wire artifact, trust is computed from the attestation graph, misaligned actions become slashable, and reconsideration is first-class. Not a replacement for training-time alignment; a complementary surface the field structurally lacks.
| Peer system | What it does | What CEWP adds |
|---|---|---|
| RLHF / Constitutional AI | Align at training time | Runtime accountability; recourse post-deployment |
| Scalable oversight | AI assists humans evaluating AI | Cryptographic accountability surface; oversight is checkable |
| Mechanistic interpretability | Understand model internals | Governance system over emitted claims |
| EU AI Act / regulation | Set rules, require compliance | Substrate to enforce: attestation chains, not text documents |
| Web3-AI | Decentralize compute / model access | Governs reasoning and outputs, not just access |
Where the prior art is genuinely better
Training-time methods shape capability and disposition before the model emits a token — against a competently-misaligned system, post-hoc sanction is a weaker lever than having shaped the disposition. Mech-interp can catch deceptive cognition that never surfaces as a flawed epistemic claim, which is CEWP's blind spot. Centralized labs ship faster on frontier capability and first-pass safety tuning. The two layers are complementary, not substitutable.
Source: CIRISConformance / reference / comparison / 02_ai_governance_alignment.md
Hybrid Ed25519 + ML-DSA-65 on every wire artifact; Merkle-anchored transparency log on the registry side. Hybrid post-quantum KEX (X25519 + ML-KEM-768) shipped in CIRISVerify 4.6.0 for federation transport — harvest-now-decrypt-later vulnerability closed. Composes with Sigstore / Certificate Transparency / KT rather than replacing them.
| Peer system | What it does | What CEWP adds |
|---|---|---|
| Sigstore / Rekor | Signed software supply chain with transparency log | Same shape over every federation claim, not just artifacts |
| Certificate Transparency | Append-only log for CA-issued certs | Per-key federation log; transparency as substrate primitive |
| Trillian / Key Transparency | Verifiable map for identity-to-key bindings | Key bindings live in the same trust-graph the governance reads |
Where the prior art is genuinely better
Sigstore is the deployed best-practice for software signing; CEWP is not trying to displace it for that use case. Certificate Transparency operates at the global web PKI scale CEWP doesn't aim at. KT addresses a tighter problem (key transparency for messaging) with a more mature deployment story.
Source: CIRISConformance / reference / comparison / 04_crypto_transparency.md
Full prior-art set lives at CIRISAI / CIRISConformance / reference / comparison. Each substrate sister also carries a focused per-layer SOTA doc (Verify covers PQC, attestation; Edge covers transport and wire format).
The open repos
AGPL-3.0. Read the code. Fork the substrate. Run your own federation.
CIRISAgent
Agent runtime + unified client
The shipping mobile + desktop app
CEWP
Platform identity
What you're reading about
CIRISVerify
Substrate · crypto
Hybrid sign + verify; X25519 + ML-KEM-768 KEX
CIRISPersist
Substrate · storage
Signed storage; H3ERE trace replication
CIRISEdge
Substrate · transport
Reticulum + HTTPS mesh; Phase 1 multi-medium next
CIRISConformance
Substrate · conformance
Cross-substrate test battery; the gate every implementation passes
CIRISNodeCore
Fabric · consensus + scaling
The toy this page renders runs here
CIRISLensCore
Fabric · detection
Multi-medium aggregate detectors
CIRISRegistry
Fabric · spec
The CEG wire-format spec lives here