Social's Missing Piece

Written by
Federico Daffina
Jan 22, 2025

Online social platforms promised to bring us closer together, yet for many users, the reality feels far more complicated. We've ended up in a world where sharing anything online feels like a delicate balancing act between connection and protection.

Today's platforms force us into difficult tradeoffs: real identity-based networks like Facebook offer broad reach and credibility but often at the cost of privacy; anonymous spaces like Reddit preserve privacy and reach but make establishing credibility hard; and private group chats like Whatsapp enable authentic sharing but don’t scale well to larger communities.

What if we could reimagine online social experiences without these tradeoffs?

A new generation of cryptographic tools may finally allow us to do so. Often called programmable cryptography, these techniques make it easier to establish credibility and offer stronger privacy guarantees, all while preserving our ability to reach broad audiences.

In this piece, I’ll explore this emerging space and share some ideas on how programmable cryptography could enable social experiences that combine credibility, privacy, and broad reach in ways that weren't possible before.

The Social Trilemma

Today's social platforms struggle to deliver privacy, credibility, AND reach all at once. Let's look at how different platforms navigate these tradeoffs.

Prioritizing Credibility and Reach

Networks like Facebook, Instagram, and LinkedIn tie everything to your real-world identity. This makes it easy to verify who's who and reach broad audiences, but often at the cost of privacy. Even with “friends only” settings, our posts still reach wide circles of people — colleagues, relatives, friends. 

Because these platforms are tied to real-world identities and reputations, it can be risky to share opinions or experiences that might trigger backlash, judgment, or reputational damage. This encourages people to present a polished, inoffensive persona rather than honest expression. 

Prioritizing Privacy and Reach

Platforms like Reddit (or even anonymous X accounts) let you speak to large audiences while staying somewhat anonymous, promoting candid conversations.

You can build credibility over time through consistent contributions and community validation (like upvotes), but it's much harder when you're just another anonymous handle. And anonymity is never absolute; data breaches or policy changes can reveal your identity. 

Prioritizing Privacy and Credibility

Private messaging apps like WhatsApp or Telegram excel in small group settings where members know and trust each other. This combination of privacy and credible identity leads to more trustworthy discussions. 

But these conversations are usually cut off from the broader public — they can’t easily scale or include outside voices without risking the close-knit dynamic. You also still need to trust these companies (and each other) to keep chats truly private, as there's always the risk of leaks, compromised accounts, or company policy shifts.

Attempts at Breaking the Trilemma

Some platforms, like Glassdoor, Blind, or Yik Yak, let users claim certain attributes — like where they work or where they live — without publicly tying it to their real name. These approaches can increase credibility without public identity disclosure. 

However, because they still require you to hand over sensitive data for verification, you still need to trust these platforms to keep your data private. If they suffer a breach, or change their policies, your anonymity may be lost.

For example, Glassdoor made changes that attached users’ real names, jobs, and job titles to what were previously anonymous profiles without their consent. This highlights how policy changes alone can undo privacy protections, pointing to the need for approaches that don’t hinge on a single entity’s goodwill.

Enter Programmable Cryptography

This is where programmable cryptography comes in. These techniques make it easier to establish credibility and offer stronger privacy guarantees, all while preserving our ability to reach broad audiences.

You can think of it as an entire toolkit for designing interactions that simulate a trustworthy middleman, yet don’t rely on any actual person or institution to do the job.

Here are some examples of techniques that achieve this in different ways:

  • Zero-knowledge Proofs (ZKPs) let you prove a fact, like age or membership, without revealing any other information about yourself. 
  • Multi-Party Computation (MPC) allows multiple parties to compute a function on their inputs without revealing those inputs to each other.
  • Fully Homomorphic Encryption (FHE) allows a server to perform computations on data that remains encrypted the entire time, as if it were working in the clear.
  • Witness Encryption (WE) allows encryption to be “unlocked” only by someone who can prove they meet certain conditions, rather than unlocking with a specific key tied to an identity.

With these techniques, you can effectively program your own “trusted third party” into the platform — one whose trustworthiness isn’t based on a single database or company, but on the mathematical guarantees of the cryptographic protocols themselves.

You may ask, but what about the average user who doesn’t understand the math? Aren't they still trusting the website not to do bad stuff? 

The key difference is that you’re no longer relying on the company’s policies or employees to protect your data. Instead, you’re trusting the cryptographic protocol itself and, hence, that the code is properly implemented and audited. If that's the case, the math literally prevents the platform from viewing or revealing your information, giving you much stronger privacy guarantees. 

A New Design Space

By letting us combine privacy, credibility, and reach in novel ways, these technologies open up new possibilities that didn’t exist on mainstream platforms before. 

Let's look at some concrete examples of what this means in practice.

Whistleblowing

Take whistleblowing on corporate fraud. Traditionally, you’d have three unappealing options:

  1. Post publicly, reveal your identity, and risk retaliation
  2. Post anonymously, but likely be dismissed due to lack of proof you’re an actual insider
  3. Share privately in small circles, which might not spark meaningful change

With ZKPs and MPC, you can prove you’re actually employed by the company without revealing your identity, while still being able to broadcast your message to a wide audience, such as a public forum that accepts these proofs.

Of course, these proofs still rely on having a trusted credential issuer that can attest to your employment (or other claims) in the first place. However, once you’ve obtained that credential, you can prove it to anyone without the issuer’s involvement or awareness, and the platform verifying the proof doesn’t see your underlying data — only the fact that the proof is valid.

Salary Sharing

Discussing sensitive data like compensation often requires sacrificing one of privacy, credibility, or reach. With MPC and/or FHE, you could share aggregate salary figures without revealing each individual’s number, then prove the math is correct via ZKPs. This allows participants to preserve privacy, build trust in the final result, and still share these insights publicly.

Again, the feasibility depends on real-world constraints, particularly performance at scale. 

All-Or-Nothing Petitions

While Witness Encryption (WE) isn’t fully practical yet, it offers a glimpse of future possibilities.

Imagine a scenario where employees want to sign a petition calling for an internal company change, but fear retribution if it's not widely supported. With WE, you could create an all-or-nothing petition where the text is publicly visible, but the signers’ identities are only revealed if at least 1,000 employees add their names. Only if that threshold is met can anyone, including the organizers, see the list of signers.

Though this is still largely theoretical, it shows how programmable cryptography might someday enable condition-based sharing on a broad scale—without relying on a single institution to manage, certify, or prematurely disclose sensitive information.

By embedding privacy, credibility, and reach into mathematical guarantees, rather than corporate promises, we can enable people to open up in ways they previously wouldn’t have and create social interactions that might otherwise never happen.

The Emergent Ecosystem

A few projects are already using these tools to build novel social experiences that better balance privacy, credibility, and reach:

  • Anon.world is building a truly anonymous network with a Reddit-like interface, where you can attach verifiable credentials to your posts and participate in anonymous discussions. That means you can be “AnonDev23” but still prove things like “I contributed to X open-source project”, without doxxing yourself. 
  • Speakeasy is a tool that gates webpages based on cryptographic proofs, so you can join private communities or access exclusive content if you meet certain credential requirements, without revealing your identity. What makes Speakeasy unique is its ability to privately group strangers who share similar cross-platform footprints — enabling intimate yet broad-reaching communities.
  • Cursive is exploring the idea of "digital pheromones" — where people can put out lightweight, privacy-preserving signals about who they are and what they want. Through MPC, these signals facilitate matches, synergies, and group coordination without revealing anything else, creating an organic way to connect with others based on shared experiences and interests. 

These projects highlight what’s already possible. And as these cryptographic tools mature, we'll likely see even more form factors that reshape how we connect online.

Conclusion

Today’s online spaces often leave us choosing between oversharing publicly or huddling in private corners of the internet, never quite finding the sweet spot where privacy, credibility, and reach can peacefully coexist. Programmable cryptography holds the potential to loosen these constraints by embedding trust into math instead of external platforms.

These technologies aren't just incremental improvements. They're enabling entirely new kinds of social experiences that weren't possible before. Ones that let us be vulnerable without being exposed, credible without being identified, and widely connected without sacrificing either privacy or trust. 

If you’re building at the intersection of cryptography and social, or simply intrigued by these possibilities, we'd love to hear from you.

--

Many thanks to Baz, Vivek, Kartik, and Tracy for their feedback on this piece.

Star IconStar IconStar Icon