Security & ownership

The security comes from the shape, not from a promise.

FrogNet runs on hardware you own, links you control, and encrypted tunnels between your own nodes. No company can read what passes between them — on your own LAN the traffic never leaves it, and where sites bridge across the internet it travels as encrypted bytes a broker relays but cannot open. Most of the questions a security review asks are answered by the architecture before anyone writes a policy.

Your data lives on your machines. You own the nodes, the keys, and everything that passes between them.

A FrogNet node is your computer. The mesh it forms is between your computers and the ones you choose to federate with. Nothing is hosted on my side, nothing is escrowed, and there is no account of yours for me to hold. Ownership isn't a setting — it's where the software runs.

The broker can't read a byte of your traffic. On your LAN it isn't in the path at all; when sites bridge across the internet, it relays only opaque, encrypted bytes.

What the broker does

  • Introduces two nodes that can't yet see each other
  • Hands out the encrypted tunnels that let them connect
  • For an internet bridge, relays those encrypted bytes without being able to read them

What the broker can never do

  • Read your calls, video, files, or telemetry
  • Read your shared memory — the values nodes read and write
  • Touch LAN traffic at all — nodes that can already reach each other never involve it
  • Encryption boundary: node to node

    Traffic between nodes rides encrypted point-to-point tunnels. The boundary is the pair of nodes at each end — data is protected in transit for the whole hop, not just to some gateway in the middle.

  • Identity: each node proves itself with keys

    Every node has a permanent identity and a keypair set at install. Nodes authenticate each other by key, so a peer is trusted because it holds the right key — not because a central authority vouched for it.

  • Offline: it keeps working

    Losing the internet doesn't stop a FrogNet. Nodes that can still reach each other keep discovering, sharing state, and carrying traffic. Local operation was never conditional on a connection to anywhere else.

  • If the broker disappears

    Lose the broker service and every existing link keeps carrying traffic — the tunnels are already up. Only brand-new cross-internet introductions pause until a broker is reachable again; LAN discovery and existing links carry on.

  • No central point to compromise

    There is no master server holding your data, your directory, or your keys. Each node holds its own. That means there is no single system whose breach exposes the network — because the network isn't kept in one place.

Trust assumptions, stated plainly

You trust the hardware you run FrogNet on, the keys your nodes hold, and the peers you choose to federate with. You do not have to trust me, a cloud provider, or a broker with the contents of your traffic — a broker relays only opaque encrypted bytes and can never read them, and on your LAN it isn't involved at all. If any of that ever changes, it will be said here, in plain language.

— John W. Fawcett · Fawcett Innovations LLC · john@fawcettinnovations.com

Own it outright

The surest security is a network with no middle.

Nobody can hand over what they never held. Read how the architecture puts you in the only trusted seat, then run your own.