The promise of a truly decentralized internet has long been a guiding star for builders, developers, and advocates of digital freedom. Yet, the practical challenges of deploying services that are both censorship-resistant and easy to manage have often felt insurmountable. During the recent #sovEng 5 cohort, we embarked on a period of intense experimentation with ContextVM (CVM), a technology that we believe provides a powerful new foundation for sovereign infrastructure. This article shares the insights, breakthroughs, and a Cambrian explosion of projects that emerged, painting a picture of a more liberated digital future.
The Paradigm Shift: Services Addressed by Public Keys
At the heart of our exploration was a fundamental realization: CVM enables a powerful paradigm shift by allowing services to be addressed by a public key rather than a permissioned, location-dependent IP address. This seemingly simple change has profound implications.
Suddenly, the need for API keys vanishes, replaced by cryptographic identity. The complex dance of configuring networks, firewalls, and NAT traversal becomes obsolete. You can deploy a service from your laptop in a coffee shop, and it is instantly accessible to the world, securely and privately. The service is identified by who it is (its pubkey), not where it is.
This unlocks the concept of "rolling services"—infrastructure that can move geographically without any disruption in accessibility. It makes deploying services not only trivial but also unstoppable. Security and privacy are enhanced by default; since a service never needs to reveal its IP address, only the relay it connects through can see its IP, but all communication is end-to-end encrypted, rendering the relay blind to what's happening.
Balancing the Trilemma: Convenience Through Sovereignty
Zooko's like Trilemmas suggests that of the three desirable properties—privacy, decentralization, and convenience—we can only pick two. If convenience is provided by a third party, you inevitably sacrifice either privacy or decentralization.
Inspired by nostr:nprofile1qqsxu35yyt0mwjjh8pcz4zprhxegz69t4wr9t74vk6zne58wzh0waycprpmhxue69uhhqun9d45h2mfwwpexjmtpdshxuet5qyxhwumn8ghj7mn0wvhxcmmvee340a 's presentations during the cohort, we were led to a powerful conclusion: you can balance all three if you reframe the problem. When a user provides their own convenience, they sacrifice nothing. Convenience is transformed into sovereignty.
CVM provides the technical groundwork for this model, making it practical for anyone to become their own infrastructure provider. This is especially appealing for node runners or anyone with a spare device and an internet connection. We are actively working to make this even more accessible, with plans for "one-click" CVM server installations on platforms like Umbrel and Start9, truly democratizing the ability to run one's own corner of the internet.
From Theory to Practice: A Cambrian Explosion of Experiments
Talk is cheap. The true test of any technology is what people build with it. SovEng 5 unleashed a torrent of creativity, with projects exploring the potential of CVM. Here are some of the highlights:
Nutoff: A Sovereign Cashu Wallet
One of the first experiments, Nutoff is a Cashu wallet that runs locally on your device, yet is accessible from anywhere. By implementing the Nostr Wallet Connect (NWC) API, it allows users to create and pay invoices while ensuring all sensitive data remains under their control. This minimizes custodial risk and provides a powerful, self-hosted alternative for managing eCash. To complement the wallet, the nutoff-http project was created, providing a simple HTTP server to interact with the wallet and offer a Lightning Address out of the box for any Nutoff wallet. Here you can see a diagram of how all this works together.
Beacon: A Trojan Horse for Freedom Tech
Beacon is a liberating and audacious idea: infiltrate walled gardens like WhatsApp with Lightning payments and other freedom technologies. Born from the realization that in many parts of the world, WhatsApp is the internet, Beacon uses CVM as the unstoppable glue to connect its different components and users from closed ecosystems to open networks. It's a pragmatic tool for guiding people toward free information, free networks, and freedom money. As the project's main meme states, "Nice walled garden you got there, shame if someone... Put some freedom tech in it" (Demo)
Blovm: Your Personal, Sovereign Dropbox
Blovm explores the idea of a personal file indexing and storage system. It watches a local directory, indexes any files you drop into it, and uses Blossom integration to let you access or share them from anywhere. Essentially, you can request your server to upload a file from your local filesystem to a Blossom server, making it available to be downloaded from anywhere. It also supports the reverse process, allowing you to monitor a public key and automatically back up all associated blobs to your local machine. Other powerful features include periodic health checks to ensure your online blobs remain accessible, enabling you to re-upload them if they disappear.
CtxCn: Streamlining Developer Experience
Inspired by tools like shadcn and Cap'n Web, CtxCn is a command-line utility that makes developers' lives easier. It connects to a CVM server, reads the JSON schema definitions of its tools, and automatically generates a type-safe TypeScript client. With a simple init and add <pubkey> command, developers can call remote CVM tools as if they were native functions, complete with type safety and autocompletion. We'll be writing a more detailed article on this tool soon.
Retired in a Field: FUNding, and Multi-Jurisdictional Deployments
This playful game demonstrated how a full-stack application could be built with a completely decoupled architecture. The static frontend was hosted somewhere, while the CVM backend—managing Cashu payments, leaderboards, and some logic—ran from an Airbnb in Funchal, Madeira. This highlights the concept of multi-jurisdictional deployments, a powerful strategy for building resilient applications. It also brought "fun" to funding, with proceeds split between the developer and the CVM team. Another insight from this project is the ability to create 'full-stack' apps based on static web pages, a powerful pattern when combined with Nsite.
Keepass-CVM: A Secure, Self-Hosted Password Manager
This project brings the convenience of services like Bitwarden to a self-hosted, minimized-trust environment. Keepass-CVM allows anyone to run their own secure password manager, accessible from anywhere, without any sensitive information ever leaving their device. It transmits data over relays in an end-to-end encrypted manner.
Craig David Machine: Composable AI Entertainment
A perfect example of a composable application, this hilarious experiment uses multiple micro-backends to summarize your week on Nostr and turn it into a rap song, performed by a virtual Craig David. It's a fun demonstration of what's possible when services can be composed seamlessly. (Craig David Profile)
Hypernote Elements: Interactive Experiences on Nostr
Hypernote brings back the spirit of the early, hypertext-driven web, allowing developers to create interactive, micro-apps that live directly within Nostr notes. It have some examples using CVM to provide the 'backend' or state management for these hyper-apps, opening up new possibilities for rich, decentralized content. (Demo)
Paygress CVM Integration: Sovereign Machine Provisioning
Another powerful idea, this project explored using CVM as the interface for Paygress, a service that offers VPS and machine deployment using Nostr. This would allow users to programmatically buy and manage machines in a completely sovereign manner.
And More...
Other projects are being built right now, and we are working on creating an awesome list of them. Stay tuned!
Empowering the Builders: Workshops and Knowledge Sharing
A common misconception we encountered was that CVM is purely for AI and LLM applications. To dispel this, we conducted workshops focused on building general-purpose services. We demonstrated how anyone could build an MCP server in one of the ten supported languages (see the MCP SDKs) and instantly expose it as a CVM server using the gateway component. The CVM Rust MCP example created by nostr:nprofile1qqsq6myr3rwtqjdcm48u357ccwae8h3a4y96s28y7zwg458ngeyg5vcpzpmhxue69uhnzdps9enrw73wd9hsz9rhwden5te0dehhxarj9ehhsarj9ejx2as9mu63n during the workshop is a testament to this flexibility.
The Dual API: A Bridge Between Humans and AI
While these experiments focused on CVM for sovereign backends and programmatic use, it's crucial to remember that the underlying Model Context Protocol (MCP) was designed for interaction with LLMs. This gives every CVM service a unique "dual API" nature. By building on CVM, you get an API usable by LLMs for free. A service built for a human or another program can be seamlessly understood and utilized by an LLM, opening up a fascinating design space for the future.
The Road Ahead
The experiments at SovEng 5 revealed that ContextVM is more than just a tool; it's a foundation for a new class of applications built on the principles of sovereignty, privacy, and decentralization. It enables multi-jurisdictional deployments, eliminates single points of failure, and provides a stellar developer experience.
All the projects mentioned are in their early stages, and we are incredibly excited to continue working on them, and about what's next. We hope this article has illuminated the potential of CVM and inspired you to join us. Keep an eye on these projects, or better yet, jump in and contribute.
If you have questions or want to contribute, please reach out to us on Nostr or join our Signal community. We are always happy to help build the future.
Thanks to everyone who contributed to make this article possible đź’›