Treadwell
Protocol

Traditional messaging networks require structure: servers, routing tables, hub-and-spoke hierarchies. FidoNet had zones, nets, and hubs. The internet has BGP and DNS. All of them assume that the topology is known, stable, and navigable.

Treadwell assumes none of that. Runners carry USB drives between nodes in whatever direction their day takes them. A drive might visit three homesteads in one direction today and a completely different set tomorrow. Five drives might be circulating simultaneously through overlapping subsets of the network. The protocol doesn't care.

Every sync pass is a bidirectional state merge. The drive and the node compare what they each know, exchange the differences, and part ways. No routing decision is made. No path is computed. No delivery receipt is expected. The network converges toward consistency through the simple, repeated act of drives visiting nodes.

The protocol does not deliver messages. It synchronizes state. Each node maintains a local view of the world. USB drives carry snapshots of that state. When a drive meets a node, both sides merge — what do I have that you don't? What do you have that I don't? — and both walk away with a more complete picture.

This is a conflict-free replicated data type (CRDT) model. The merge operation is deterministic and commutative: it doesn't matter what order drives arrive, or how many times you sync the same drive. The result is always the same converged state.

This eliminates entire categories of problems that plague store-and-forward networks: duplicate detection, delivery confirmation, retry logic, message ordering, and return-path routing. In a topology-free sneakernet, those problems are unsolvable. Treadwell sidesteps them by not trying to deliver anything.

• Content-addressed storage: every object identified by its BLAKE3 hash
• Bloom filter diffing for efficient sync negotiation
• Vector clocks for causal ordering where needed
• Idempotent merge: syncing the same drive twice is a no-op

Every blob enters the content-addressed store already encrypted. The sync engine and transport layer never see cleartext. A captured USB drive reveals only opaque ciphertext, opaque domain identifiers, and blinded metadata. The adversary can observe volume but not content, structure but not meaning.

Identity is rooted in Ed25519 keypairs. No usernames, no registration, no central authority. You generate a key, and you exist. Trust is built through a web-of-trust model: real people vouching for real people, with attestations that replicate across the network like any other state.

Each replication domain has its own encryption context:

• Public bases — signed but unencrypted, readable by anyone
• Private bases — ChaCha20-Poly1305 with a shared group key, epoch-rotated
• Netmail — encrypted to the recipient's X25519 public key via Diffie-Hellman
• Forward-secret mail — ephemeral prekeys for per-message forward secrecy

The sync engine does not know or care what carries the payload. It operates on a serialized SyncPayload — a CBOR-encoded structure containing domain metadata, encrypted blobs, want lists, and vector clocks. That payload can travel on:

• A USB drive in a runner's pocket
• A LoRa radio packet (metadata-only for low bandwidth)
• An HF radio link
• A TCP/IP socket (when internet is available)
• An email attachment, an SD card, a QR code sequence

The protocol is designed for delay-tolerant, high-latency channels, but it works equally well when latency drops to milliseconds over TCP. The same merge logic runs regardless. Adding a new transport means writing a thin adapter that reads and writes SyncPayloads — no protocol changes.

USB drives are the primary design target because they offer enormous bandwidth (gigabytes per trip) at the cost of latency (hours or days). A single inexpensive key can carry more data than weeks of LoRa transmissions.

The protocol uses three levels of naming. A domain is the category (echomail, netmail, file base). A channel is a specific instance within a domain (local.general, trade.barter). A topic is the human-readable name. Nodes subscribe to channels. Archives carry channels. The sync engine operates on channels.

Domains are divided into two categories:

The mandatory/opt-in distinction is structural: the domain type determines it, not a per-channel flag. No central authority decides what’s mandatory — system channels are protocol infrastructure by definition. Adding a new application domain requires only a new merge function. The transport and sync layers remain untouched.

Every sync has two phases. Phase 1 exchanges metadata — compact records (hash, author, timestamp, size, parent reference) that describe what exists. This is small and always runs. Phase 2 exchanges blobs — the actual encrypted content. This is large and runs selectively, driven by want lists and available capacity.

After a metadata-only sync, a node knows the full message graph for every subscribed domain: who posted, in reply to what, when, and how large the content is. It just doesn't have the content yet. Users see activity immediately — "5 new messages in local.general" — before a single blob has arrived.

Drives carry want lists: hashes of blobs that nodes along the route have requested. When a drive visits a node that holds a wanted blob, it picks it up. The drive is not just a replication medium — it's a courier with a shopping list.

The protocol distinguishes three entity types, each with a different role and a different kind of identifier.

• Users are people. They carry portable Ed25519 keypairs, author messages, receive netmail, and participate in the web of trust. A user can operate on multiple nodes. Identity survives hardware loss.
• Nodes are machines. They store state, run the sync engine, and host user accounts. Each node has its own Ed25519 keypair used in vector clocks and route logs. A node’s trust derives from its operators.
• Archives are serialized sync payloads that move between nodes via any transport medium. A USB drive carries a persistent archive. A TCP connection transmits an ephemeral archive. Archives have a random ID (not a keypair), a retention policy, and a want list. They are passive, expendable, and replaceable.

Trust is built through a web of trust: people vouch for people by signing each other’s public keys. No certificate authority, no central registry. Each node evaluates trust locally based on its own policy. BBSes can form trust rings to relay data on each other’s behalf.

Privacy is structural and default: all blobs are encrypted before storage, metadata uses blinded identifiers, and the sync engine never handles cleartext. A captured USB drive reveals ciphertext, opaque channel IDs, and blinded metadata.

Anonymity is opt-in. Each channel can set its own authorship policy: signed (real identity), pseudonymous (consistent within a channel but unlinkable across channels), or anonymous (no attribution). Hidden channels combine encryption, opaque IDs, and anonymous posting so that non-members cannot detect the channel exists.

• Forward secrecy for netmail via one-time prekeys (best-effort, limited by courier speed)
• Epoch-approximate forward secrecy for private groups via key rotation
• Two-layer signatures: outer (metadata, verified during sync) and inner (content, verified after decryption)
• Plausible deniability: hidden channel traffic is indistinguishable from opaque relay data
• Subscription privacy: mitigated by cover channels, universal metadata carry, or future ZKP-protected sync

The transport layer is thin and replaceable. The replication layer is the stable core, written once. The application layer is where new domain types are added without touching anything below. System domain channels (keyring, directory, epoch, moderation) are synced as protocol infrastructure before application channels.

An archive is a serialized snapshot of the replication layer's state for whatever channels it carries. It is a passive data structure, not a node. It has no identity, runs no code, and makes no decisions. It is a letter, not a post office.