ETHOS: Extensible Trusted Homeserver Operating System

Qbix Platform
#1

ETHOS is the name we’re giving to the full stack we’re building. It’s personal, collaborative, cryptographically secure social operating system that puts you back in control. It’s not here yet – but this is the vision we’re working towards.

Something Broke

Remember when digital technology felt like it was yours?

Not in some abstract, philosophical way—but literally yours. Your photos lived on your computer. Your emails downloaded to your machine. Your files existed in folders you could see and touch. If you wanted to share something, you chose to share it. If you wanted privacy, you just… didn’t upload it.

Somewhere along the way, we traded that away. Not dramatically, not all at once, but gradually—one convenient cloud service at a time.

And now? Now your photos live on Google’s servers. Your conversations flow through Facebook’s data centers. Your documents exist in Microsoft’s cloud. Your entire digital life is scattered across corporate servers you’ll never see, governed by terms of service you’ll never read, analyzed by algorithms you’ll never understand.

You don’t own your digital life anymore. You rent it.

And deep down, you know something’s wrong. You feel it every time:

  • A service changes its terms and there’s nothing you can do
  • You wonder who’s reading your “private” messages
  • You try to leave a platform and realize your data is held hostage
  • An algorithm decides what you should see, think, or buy
  • You pay for “cloud storage” month after month, year after year
  • You realize your photos, memories, and conversations are being analyzed to sell you ads

You’re not paranoid. You’re right to be concerned. The current system is fundamentally broken, and it’s broken by design.

The Illusion of Free

Here’s what happened: companies offered you “free” services that were so convenient, so useful, so social, that you couldn’t resist. Email! Photos! Messages! All free! All in the cloud! Access from anywhere!

The catch? You became the product.

Every photo you upload is analyzed by AI to improve facial recognition and ad targeting.
Every message you send feeds algorithms learning to predict and influence your behavior.
Every file you store gives companies insight into your life, work, and relationships.
Every click, search, and pause builds a profile more detailed than you could imagine.

And it’s not just about ads. It’s about control.

These platforms can:

  • Remove your content arbitrarily
  • Suspend your account without appeal
  • Change their terms whenever they want
  • Raise prices whenever they want
  • Sell your data to whoever they want
  • Shut down entirely, taking your data with them

You have no rights. No ownership. No control.

The social contract is simple: they provide convenience, you surrender sovereignty. Most people don’t even realize they signed it.

“Just Self-Host!”

The tech-savvy solution has always been: run your own server!

And if you’re a Linux expert with spare time and technical mastery, that’s great. For the other 99.9% of humanity? It’s a non-starter.

Self-hosting means:

  • Buying and maintaining server hardware (or renting it, which defeats the purpose)
  • Managing security patches every week
  • Fighting off attackers trying to compromise your SSH access
  • Dealing with downtime when your home internet fails
  • Backing up everything yourself (and testing those backups)
  • Troubleshooting at 2 AM when something breaks
  • Keeping up with updates for dozens of different services
  • Paying for bandwidth that residential ISPs throttle
  • Getting your IP blacklisted because it’s residential

Self-hosting isn’t freedom. It’s a second job.

And even if you do it, you’re still using centralized services for everything else. Your self-hosted email server still talks to Gmail. Your self-hosted calendar still needs to sync with your phone. Your self-hosted files still need to be shared with people using Dropbox.

We needed a better answer.

What If Your Data Had a Real Home?

Imagine a different world:

Your digital life lives in a place that’s truly yours—not on your laptop (too fragile), not in “the cloud” (not yours), but in a homeserver that combines the best of both.

It’s always running. Always available. Always secure. But you don’t need to be a sysadmin to run it. You don’t need to patch it, monitor it, or worry about it. It just… works.

When you send a message, it flows through your homeserver, not Facebook’s data centers.
When you store a file, it lives in your infrastructure, not Google’s business model.
When you share a photo, you grant access through your cryptographic keys, not by trusting a corporation.

This isn’t science fiction. This is ETHOS.

ETHOS: Your Personal Operating System

ETHOS stands for Extensible Trusted Homeserver Operating System.

But forget the acronym for a moment. Here’s what it actually means:

ETHOS is the operating system for your digital life.

Not your phone’s operating system (iOS, Android). Not your computer’s operating system (Windows, Mac). Those manage devices. ETHOS manages something more important: your data, your identity, your communications, and your privacy.

Think of it like this:

  • iOS/Android = the OS for your device
  • ETHOS = the OS for your digital existence

Everything you do online—messaging, sharing, storing, collaborating—runs on ETHOS. But unlike today’s platforms, ETHOS puts you in control.

Here’s how.

The Stack: Five Layers of Sovereignty

ETHOS isn’t a single app or service. It’s a complete platform built from five interconnected technologies, each solving a specific problem with today’s internet.

Layer 1: The Homeserver (QBOX)

The Problem: You can’t run a server without becoming a sysadmin.

The Solution: A server that runs itself.

Your QBOX homeserver is a piece of software running in a hardware-isolated enclave—think of it as a vault inside a cloud server that even the cloud provider can’t access. It’s running on AWS or Azure, but it’s cryptographically sealed. Amazon’s engineers can’t read it. Microsoft’s admins can’t access it. The NSA can’t subpoena it (they’d get encrypted gibberish).

Here’s the magic: it has no login.

No SSH. No admin panel. No backdoor. You never “log into” your homeserver because there’s nothing to log into. It manages itself through cryptographically signed updates that you (and trusted auditors you choose) have approved.

What it does:

  • Stores your encrypted data
  • Runs AI agents on your files (without sending them to OpenAI)
  • Signs blockchain transactions when you’re offline (within rules you set)
  • Sends you notifications across channels (email, push, Telegram)
  • Serves your personal website
  • Acts as your identity anchor

What you do:

  • Nothing. It just runs.

Updates happen automatically, but only after multiple independent auditors you trust have verified them. Your homeserver can’t be compromised by a single developer going rogue or a server admin getting curious. It’s truly yours.

Layer 2: Access Control (Tree-Based Keys)

The Problem: Current systems give you binary access: all or nothing.

Think about Netflix. You either have the password (full access to everything) or you don’t (no access). There’s no way to give someone access to “just Season 1” or “only the first episode” without creating separate accounts and managing permissions server-side.

The Solution: Cryptographic key trees.

Imagine your encryption keys organized like a family tree. At the root is a master key. From that, you derive child keys for different purposes. From those children, you derive grandchildren. Each level of the tree controls access to a different scope.

Example: A video course

Master Key (you control this)
  ├─ Course Key (derives from master)
      ├─ Module 1 Key
      │   ├─ Lesson 1.1 Key
      │   └─ Lesson 1.2 Key
      └─ Module 2 Key
          ├─ Lesson 2.1 Key
          └─ Lesson 2.2 Key

Now here’s the power:

  • Give someone the Module 1 Key → they can decrypt all Module 1 lessons (they can derive the child keys)
  • Give someone the Lesson 1.1 Key → they can decrypt only that lesson (can’t derive parent or siblings)
  • Want to offer a “first lesson free” preview? Give out Lesson 1.1 keys freely
  • Want to revoke someone’s access to Module 2? Just stop giving them access to those encrypted files—the keys they have can’t decrypt them

No server permissions. No database queries. No API calls. Just math.

The person who holds a parent key can access everything below it. The person who holds a child key can’t climb back up the tree. Revocation is instant: just don’t give them the next file. Access upgrades are instant: give them a higher-level key.

This works for everything:

  • Videos: free preview (first 5 minutes) vs. full episode vs. entire season
  • Documents: table of contents vs. specific chapters vs. entire book
  • Messages: recent messages vs. full history
  • Forums: specific threads vs. entire topics
  • Files: specific folders vs. entire directory trees

Why it matters: Access control is cryptographic, not server-side. No one can give themselves more access. No admin can peek. No hack can escalate privileges. Math doesn’t lie.

Layer 3: Storage & Delivery (Intercloud)

The Problem: Cloud storage is centralized, expensive, and surveilled.

You pay Dropbox $10/month forever. They can read your files. They can shut down. They can raise prices. You have no alternatives that don’t involve moving everything and learning new software.

The Solution: A decentralized content delivery network that’s privacy-first and economically self-balancing.

Intercloud is like BitTorrent meets Uber meets end-to-end encryption. Here’s how it works:

Three types of participants:

  1. Jets (coordination nodes)

    • Track where content is stored
    • Route requests to the right place
    • Never see plaintext—only encrypted chunk hashes
    • Anyone can run a Jet

  2. Drops (storage nodes)

    • Store encrypted chunks in their browser tab (IndexedDB)
    • Earn crypto for serving popular content
    • Automatically evict cold content (no forced hosting)
    • Can be your spare laptop or a browser tab you keep open

  3. Streams (your content)

    • Videos, files, any data
    • Encrypted before hashing (privacy beyond Monero)
    • Split into chunks with Merkle tree proofs
    • Decrypted only by people with keys from your key tree

The economics:

Popular content spreads naturally because Drops earn more serving it. Cold content decays naturally because Drops prioritize what earns them money. Nothing is permanent unless you pay for guarantees. It’s a predictive cache that aligns with actual demand.

If someone lies about storing content, they get challenged randomly (“prove you have chunk #47”) and slashed if they fail. No central authority needed—the system polices itself through cryptoeconomics.

Why it matters:

  • Your content can’t be censored (it’s on many nodes)
  • It can’t be surveilled (encrypted before hashing—even identical files hash differently each time)
  • It’s cheaper than centralized CDNs (no corporate profit margin)
  • It scales naturally with demand
  • No one can shut it down

Layer 4: Browser Security (Declarative Extensions)

The Problem: Browser extensions are security nightmares.

Extensions today can:

  • Read everything on every page you visit
  • Modify page content invisibly
  • Steal your passwords
  • Track you across the web
  • Load malicious code from remote servers

Users install them anyway because convenience beats paranoia. But what if an extension could access your contacts, calendar, or crypto wallet safely?

The Solution: Extensions that can’t execute remote code, only render declarative interfaces.

Here’s the trick: when a website wants to access your contacts through an extension, instead of running arbitrary JavaScript, it embeds a declarative specification (like HTML) in an iframe hash fragment.

The old way (dangerous):

// Website sends JavaScript that runs in extension context
extension.executeCode("showContacts()");  // Could be malicious

The ETHOS way (safe):

<!-- Website embeds declarative UI spec in URL hash -->
<iframe src="https://extension.local/#
  <contact-picker max=5 filter='recent'></contact-picker>
"></iframe>

The extension:

  1. Intercepts the iframe load before it hits the network
  2. Parses the declarative spec (no JavaScript execution)
  3. Renders the UI locally
  4. Returns only opaque identifiers (XIDs) to the website

The website gets “contact_123, contact_456” but never sees names, emails, or phone numbers. Your extension holds the actual data. The website can’t execute code in your extension. Even if the website is compromised, your data is safe.

Why it matters: You can embed personalized, privacy-preserving content into any website without trusting that website with your data.

Layer 5: The Foundation (Personal Crypto OS)

The Problem: Your crypto keys, identity, and authority are scattered across dozens of apps with no coherent model.

Every app has its own password. Every blockchain has its own wallet. Every service has its own “sign in with Google” flow. Your digital identity is fragmented, and you’re trusting dozens of companies with pieces of it.

The Solution: One cryptographic root for everything, held in hardware you control.

This is the heart of ETHOS: a personal cryptographic operating system where everything derives from a single root secret stored in your device’s Secure Enclave (iOS) or StrongBox (Android).

From this one root, you derive:

  • Signing keys for different contexts (work, personal, anonymous)
  • Encryption keys for different channels (family chat, work team, public forum)
  • Authentication tokens for different services
  • Blockchain wallets for different chains
  • Capability proofs for different resources

The magic:

  • The root never leaves your hardware
  • Derivation is deterministic (same root always produces same keys)
  • Keys are hierarchical (parent can derive children, children can’t access parents)
  • You can prove two signatures came from the same authority without revealing the root

Example:

You have one ETHOS root. From it:

  • You derive a “work” identity → signs work documents
  • You derive a “crypto” identity → manages your Ethereum wallet
  • You derive a “social” identity → posts to forums
  • You derive a “family” identity → accesses family photos

Each identity is cryptographically linked (they all descend from your root) but can’t be correlated (observers can’t tell they’re related unless you prove it).

Signed modules:

Apps and interfaces are signed HTML+JavaScript bundles verified before execution. You choose which auditors you trust (maybe EFF, Mozilla, and your company’s security team). An app needs M-of-N signatures from your chosen auditors to run.

If a developer goes rogue? Their signature alone isn’t enough. If an auditor gets compromised? The other auditors prevent malicious code. No single point of trust failure.

Pristine execution:

Many features work through App Clips—ephemeral apps that launch instantly from a URL, run with full hardware security, then disappear. No installation. No permanent footprint. Each launch is fresh.

Example: Someone sends you an encrypted message via URL + secret word spoken over phone. You tap the link, an App Clip launches, you enter the secret, it decrypts and shows you the message. Done. The App Clip disappears. No app to install, no account to create, no metadata collected.

Why it matters:

  • One root secret, infinite capabilities
  • Hardware-protected (Secure Enclave)
  • Provably hierarchical (cryptographic delegation)
  • User-controlled trust (you choose auditors)
  • Zero-install when needed (App Clips)
  • Extensible forever (signed modules)

How It All Works Together

The power of ETHOS isn’t in any single layer—it’s in how they compose.

Example: Sending a private video

  1. Record video on phone (your device)
  2. Encrypt with key tree (Layer 2: access control)
    • Master key → Video key → Preview key (first 30 seconds)
  3. Upload to Intercloud (Layer 3: storage)
    • Split into encrypted chunks
    • Drops cache popular chunks
    • Jets track locations
  4. Generate capability URL (Layer 5: crypto OS)
    • URL points to encrypted video
    • Keys needed for decryption
  5. Send preview link publicly (anyone can watch 30 seconds)
    • App Clip opens, shows preview
    • Uses Preview Key from tree
  6. Send full access privately (specific person gets Master Key)
    • Can watch entire video
    • Can’t share keys (cryptographically)
  7. Revoke access later (stop serving that person the chunks)
    • Their keys become useless without content

No server knows:

  • Who uploaded the video
  • Who watched it
  • What it contains
  • How many viewers
  • Social graph

You control:

  • Who can watch what parts
  • For how long
  • Through which channels
  • With what capabilities

Example: Running AI on your data

You want an AI to analyze your documents and answer questions. Today, you’d upload to ChatGPT (they read everything) or Claude (same problem).

With ETHOS:

  1. Your documents live encrypted (in Intercloud)
  2. Your QBOX homeserver downloads them (Layer 1)
  3. Decrypts in hardware enclave (no one can access)
  4. Runs AI model locally (or in enclave)
  5. Answers your questions (never sends data externally)
  6. Results stored encrypted (back to Intercloud)

Your data never leaves your control. The AI runs in your homeserver’s isolated environment. Even the cloud provider hosting your QBOX can’t read your files.

Example: Collaborative document

Traditional: Google Docs can read everything.

With ETHOS:

  1. Create document (your device)
  2. Encrypt with channel key (Layer 5: derived from root)
  3. Store chunks in Intercloud (Layer 3: distributed)
  4. Grant access via key tree (Layer 2: editor key vs. viewer key)
  5. Embed in website safely (Layer 4: declarative extension)
  6. Coordinate through QBOX (Layer 1: homeserver mediates)

Collaborators decrypt locally. Edits are encrypted before upload. The storage network never sees plaintext. Even collaborators only see what their key level permits.

Why This Matters Now

Timing is everything.

Five years ago, this wasn’t possible:

  • Hardware security enclaves weren’t mainstream
  • Browsers didn’t support advanced crypto APIs
  • App Clips didn’t exist
  • Blockchain infrastructure was immature
  • People didn’t care about privacy

Today, everything’s aligned:

Technology:

  • Secure Enclaves in every iPhone
  • Web Crypto API in every browser
  • App Clips and Instant Apps on mobile
  • Hardware isolation in cloud (AWS Nitro, Azure Confidential VMs)
  • Mature blockchain infrastructure

Regulation:

  • GDPR forcing data sovereignty
  • DMA forcing platform interoperability
  • State privacy laws in US
  • Antitrust pressure on Big Tech

Culture:

  • Increasing awareness of surveillance
  • Distrust of Big Tech
  • Desire for alternatives
  • Web3 expectations (“you own your data”)
  • AI making personal agents feasible

The window is now. In 2-3 years, either this exists and succeeds, or Big Tech builds walled-garden versions that lock everyone in further.

What We’re Building

ETHOS isn’t vaporware. The patents are filed. The code is being written. The architecture is proven.

Web0 (Apps): Including zero-install messaging via App Clips
Web2 (Qbix Platform): Social features you own
Web5 (Intercoin): Economic layer bridging Web2 and Web3
Web10 (Intercloud): Decentralized storage and delivery

All powered by ETHOS—the operating system that makes it possible.

The Choice

You have two paths forward:

Path 1: Keep renting your digital life

Continue uploading to services that read your data, analyze your behavior, change terms arbitrarily, and hold your information hostage. Accept that “free” means “you’re the product.” Hope they don’t get breached, shut down, or turn evil.

Path 2: Own your digital life

Run a homeserver that actually serves you. Store data in a network you participate in. Control access through cryptography, not corporate policy. Choose who to trust instead of accepting whoever happens to run the platform.

The Technical Truth

Everything described here is real, patented technology:

  • Patent 1: Tree-based key derivation for hierarchical access control
  • Patent 2: Intercloud decentralized storage with cryptoeconomic incentives
  • Patent 3: Declarative browser extension security model
  • Patent 4: QBOX homeserver with hardware isolation and M-of-N updates
  • Patent 5: Complete personal cryptographic operating system

These aren’t ideas. They’re filed provisional patents covering specific, novel technical inventions. The architecture is coherent. The math works. The implementation is underway.

What Happens Next

We’re building this. You can:

  1. Follow the progress (we’ll share as we ship)
  2. Run a QBOX when it launches (be your own homeserver)
  3. Become a Drop (earn crypto for spare storage)
  4. Use the platform (Web0 through Web10)
  5. Help build it (it’s extensible by design)

Or you can wait and see. That’s fine too. But know that this is coming—with or without Big Tech’s permission.

Your data deserves a home. ETHOS is that home.