Extra 1 — The d/acc weeb3 tools

Extra reading · ~8 min · a field guide to real projects

Theory is cheap. This is the part where d/acc stops being a philosophy and becomes a list of things you can download, run, or join today.

A word on how to read this. Don't treat it as a list of "good guys." Treat it as a list to run through the Section 4 audit yourself. Every project here leans defensive — but every one of them also has a catch, and the catches are where you actually learn something. We've flagged each one honestly.

One thing we deliberately won't do: tell you which tool to use. There's no "best" privacy tool — only the right tool for your threat model. A journalist in an authoritarian state, an activist organizing a protest, and someone who just wants Meta out of their group chat have completely different needs. These are examples of each category, with their tradeoffs laid bare, so you can match them to your own situation. The audit is the method; the choice is yours.

Private money — proving without revealing

The original cypherpunk dream: cash for the internet that doesn't broadcast your balance to the world. The big technical fork here is opt-in vs. default privacy.

Projects: Monero (privacy is mandatory — every transaction is shielded by default using ring signatures and stealth addresses, which is why it's the most respected privacy coin among cypherpunks), Zcash (strong zero-knowledge privacy, but optional — you choose to "shield"), Railgun (a privacy layer that bolts onto existing Ethereum wallets). The catch: Two of them. First, opt-in privacy (Zcash, Railgun) only works if lots of people use it — when most users transact in the open, the small shielded pool gives weak cover for everyone. Monero solves that by making privacy non-optional, which is its genuine strength. Second, that same strength makes Monero the most regulator-radioactive asset in crypto — delisted from many major exchanges precisely because it works. Privacy that works draws fire. That's not a reason to avoid it; it's a reason to understand the terrain before you step onto it.

Decentralized infrastructure — community-owned plumbing (DePIN)

Instead of one telecom giant owning the towers, thousands of people own a piece and get paid for the coverage they provide. The internet's physical layer, crowdsourced.

Projects: Helium (community wireless) and Bee Maps, formerly Hivemapper (community-built street maps — the for-profit Bee Maps was split off from the not-for-profit Hivemapper Network in 2024). The catch — and it's a real one: "Decentralized" is doing heavy lifting in the marketing. Helium Mobile is partially powered by T-Mobile, which provides the actual nationwide 5G for everywhere the community network doesn't reach — and it migrated off its own blockchain onto Solana in 2023. It's a genuine experiment, growing fast, but score it honestly: the community owns some of the stack, leaning on big telecom for the rest. A solid 1, not a 2.

Local-first AI — your model, your machine

d/acc's answer to "every AI lives on a corporate server harvesting your prompts": run the model on your own hardware. Your data never leaves the room.

Projects: Ollama (the easiest way to run open models on your laptop — has gone mainstream), LocalAI (a drop-in replacement for the OpenAI API you host yourself). The catch: You're limited by your own hardware, so local models still trail the giant cloud ones in raw capability. The gap is closing fast, but "private" and "most powerful" aren't yet the same checkbox.

Private messaging — a spectrum, not a winner

You already audited Signal in Section 4 (it scored an 8). Notice where it lost points — central servers — and you'll see why messaging isn't one choice but a spectrum running from "easy and good" to "unstoppable and inconvenient." Where you land depends entirely on who you're hiding from.

Projects across the spectrum: Signal (mature, audited, widely used — low metadata, but central servers), then toward the decentralization end: SimpleX (no user identifiers at all), Session (onion-routed, no phone number required), Briar (peer-to-peer over Bluetooth/WiFi with no servers — built to keep working during protests and internet blackouts). The catch: Every step toward "more decentralized" usually costs usability or reach. Briar is nearly unstoppable but nobody you know is on it. For most threat models the limiting factor isn't the crypto — it's whether the people you need to reach will actually use the thing with you.

Anonymity networks — censorship resistance as infrastructure

This is the bedrock layer — the tech that lets a journalist, dissident, or ordinary person route around surveillance and blocking entirely. It hides not just what you say but that you said it and to whom.

Projects: Tor (the onion router — the most battle-tested anonymity network on earth, run by a nonprofit), Nym (a "mixnet" that also scrambles the timing and metadata Tor can leak). The catch: Anonymity is slow by design — bouncing traffic through multiple relays costs speed. And these networks live or die on volunteers running relays; resilience here is something you can literally contribute to, not just consume.

Pop-up cities & community OS — d/acc for atoms and people

This is the "collective resilience" slice — d/acc applied not to an app but to how communities organize. The idea: gather aligned people in one place for a month or two, prototype new governance and tools in real life, then take the learnings global.

Projects: This traces back to Zuzalu, Vitalik's 2023 two-month pop-up city in Montenegro, which spawned 20+ derivative villages within 18 months. The living successor is Edge City (flagship gathering Edge Esmeralda, returning to Healdsburg, California in 2026), which open-sourced its operating stack as EdgeOS, plus identity tools like Zupass (ZK-proof credentials). Longevity-focused spin-off: Vitalia. The catch: This is the most "you had to be there" item on the list and the hardest to evaluate as a tool — it's a social experiment, not software you install. (This replaces the original draft's confusing "Switzerland / 4SeasDeSoc" line — Switzerland is a governance inspiration for these projects, not a project itself.)

Access to knowledge — the honest grey zone

Your original draft listed Sci-Hub here with no description, and it's worth keeping precisely because it's uncomfortable. The d/acc logic is real: locking humanity's research behind paywalls is a form of information gatekeeping, and free access is "defensive" for the global majority who can't afford journal fees. Sci-Hub is the rogue archive that made nearly every paper free.

The catch — say it plainly: Sci-Hub operates illegally in most jurisdictions (it's mass copyright infringement), which is a different category of "catch" than the others here. For a human-rights org, the honest move is to name the tension — access vs. law — rather than endorse breaking it. The legal expression of the same instinct is the Open Access movement: arXiv, DOAJ, PubMed Central, and funder mandates that force publicly-funded research into the open. Same defensive goal, no grey zone.

The thread through all of it: none of these is a perfect 2/2/2/2/2. Every one trades something — speed, reach, capability, or legal cleanliness — for a piece of your sovereignty back. d/acc isn't about finding flawless tools. It's about knowing exactly what each trade costs, and choosing on purpose instead of by default.

Go score three of these. You'll never look at the apps you didn't choose the same way again.