Abstract
Every existing communication product — WhatsApp, Signal, Telegram, WeChat — shares the same fundamental architecture: client → server → client. Even when messages are end-to-end encrypted, the transport layer remains fully centralized. Servers know who communicates with whom, when, and how often. Metadata — which Edward Snowden identified as more dangerous than content — is structurally exposed.
Simultaneously, three technological shifts are converging toward maturity: 5G/6G sidelink enables direct device-to-device communication without base stations; Self-Sovereign Identity (SSI) gives individuals cryptographic control over their digital identity; and mesh networking allows ad hoc multi-hop routing without infrastructure.
This paper proposes Sovereign — an open communication protocol that unifies these three capabilities into a single stack, creating the first communication system where data sovereignty is not a policy promise but a structural guarantee. The protocol's defining property is: no entity other than the communicating endpoints has the architectural ability to observe, store, or interfere with any aspect of the communication — including metadata.
1. The Problem: The Last Centralized Layer
1.1 The Data Sovereignty Stack Is Missing Its Foundation
The movement toward personal data sovereignty has made significant progress at every layer except one:
| Layer | Status | Examples |
|---|---|---|
| Storage | Decentralized options available | IPFS, personal NAS, encrypted device storage |
| Identity | Standards maturing | W3C DID, Verifiable Credentials, EU eIDAS 2.0 |
| Computation | Emerging | Homomorphic encryption, zero-knowledge proofs, TEEs |
| Value transfer | Operational | Bitcoin, Ethereum, stablecoins |
| Communication | Still fully centralized | Every messaging app routes through servers |
The communication layer is the foundation upon which all other layers depend. You cannot exercise data sovereignty if the act of transmitting your data requires passing through infrastructure controlled by third parties.
1.2 The Metadata Problem
End-to-end encryption solves content confidentiality. It does not solve metadata exposure. When you send a message through any existing service, the transport infrastructure learns:
- Who you communicate with (social graph)
- When and how often (behavioral patterns)
- Where you are (network location)
- How much data you exchange (relationship intensity)
This metadata is sufficient to infer political affiliations, health conditions, business relationships, romantic involvement, and organizational hierarchies — without reading a single message.
1.3 The Infrastructure Dependency Problem
All current messaging systems fail when infrastructure fails. Government internet shutdowns affected users in Myanmar (2021), Iran (2022), and multiple other countries. In these scenarios, the need for communication is greatest and the ability to communicate is zero.
2. Technological Convergence: Why Now
2.1 5G/6G NR Sidelink
3GPP Release 18 (5G Advanced) introduced UE-to-UE scheduling over the PC5 interface, enabling devices to coordinate direct communication without base station involvement. Key capabilities: direct device-to-device data exchange without any network infrastructure, range of several kilometers outdoors, multi-hop relay capability, and support for hundreds of simultaneous devices.
2.2 Self-Sovereign Identity (SSI)
The W3C Decentralized Identifier (DID) and Verifiable Credential (VC) standards provide a complete framework for identity that is self-generated, cryptographically verifiable, selectively disclosable, and pairwise (each relationship uses a unique identifier, preventing cross-context correlation).
2.3 Mesh Networking
Delay-tolerant networking, store-and-forward protocols, and onion routing are mature technologies. Projects like Briar have demonstrated practical encrypted mesh communication. The missing element has been a high-bandwidth, standards-based radio interface suitable for mesh at scale — which 5G NR sidelink now provides.
2.4 The Convergence Opportunity
| Technology | Solves | Does not solve |
|---|---|---|
| Sidelink | Physical transport without infrastructure | Identity, trust, application logic |
| SSI | Identity without central authority | Physical transport |
| Mesh | Multi-hop without infrastructure | Bandwidth, standardization, identity |
| E2E encryption | Content confidentiality | Metadata, transport dependency |
No existing product or project integrates all four. This is the gap Sovereign fills.
3. Protocol Architecture
3.1 Design Principles
- Structural trust over promissory trust. The protocol makes surveillance architecturally impossible.
- Transport agnosticism. The protocol operates over any available physical channel — sidelink, Bluetooth, WiFi Direct, internet, satellite.
- Progressive enhancement. Full D2D when available, mesh when not, internet relay as fallback.
- Minimal disclosure. Every interaction reveals the minimum information necessary.
- User sovereignty. All data resides exclusively on user-controlled devices.
3.2 The Seven Layers
Layer 1: Identity (DID)
Users are identified by Decentralized Identifiers rather than phone numbers. A user's DID is generated locally from a cryptographic key pair stored in the device's secure element. No registration server, no phone number binding, no central directory. Trust is established through Verifiable Credentials.
Layer 2: Transport (Tri-Modal)
Mode A — Direct: Devices within physical proximity communicate via sidelink. Zero servers, zero metadata leakage.
Mode B — Mesh: Messages forwarded through intermediate devices with onion-style layered encryption. Relay nodes cannot read content or identify endpoints.
Mode C — Remote: Cross-city communication via internet or satellite D2D, using mix-network routing through multiple independent relays.
Layer 3: Storage (Device-Local)
All message history, contacts, credentials, and keys stored exclusively on the user's device. No server stores any user data. Offline messages held in mesh distributed store-and-forward buffer with configurable TTL.
Layer 4: Trust (Verifiable Social Graph)
Contact relationships are cryptographically authenticated via DID exchange and Verifiable Credentials. Trust transitivity through social attestation, similar to PGP's web of trust but with SSI's selective disclosure.
Layer 5: Value (Integrated Payment)
Optional peer-to-peer cryptocurrency/stablecoin transactions within conversations. In D2D mode, payments can be committed without internet connectivity.
Layer 6: Group (Decentralized Communities)
Groups defined as collections of DIDs with programmable governance rules executing locally. No group server — shared state replicated across member devices.
Layer 7: Application (Open Protocol)
Sovereign is an open protocol, not a closed application. Multiple client implementations can interoperate, similar to email's SMTP/IMAP ecosystem.
4. Trust Model Comparison
| Property | Signal | Sovereign | |
|---|---|---|---|
| Content encryption | Yes (E2E) | Yes (E2E) | Yes (E2E) |
| Metadata protection | No | Partial | Yes (structural) |
| Identity binding | Phone number | Phone number | DID (self-sovereign) |
| Server dependency | Full | Full | None (optional fallback) |
| Infrastructure survival | No | No | Yes (mesh/sidelink) |
| Data location | Meta servers | Signal servers + device | Device only |
| Social graph exposure | Full (to Meta) | Minimal (to Signal) | None |
| Open protocol | No | Partial (open source) | Yes (open standard) |
| Payment integration | No (separate app) | MobileCoin (limited) | Native (multi-chain) |
| Selective identity | No | No | Yes (SSI/VC) |
The fundamental distinction: WhatsApp and Signal offer promissory privacy ("we choose not to look"). Sovereign offers structural privacy ("we cannot look, because we are not in the path").
5. Data Lifecycle Under Sovereign
Creation: Data is created on the user's device, encrypted with the user's keys, signed with the user's DID. From its first bit, it is the user's property with cryptographic provenance.
Transmission: Data traverses the tri-modal transport. At no point does any entity other than sender and recipient have access to plaintext content or metadata.
Storage: Data resides exclusively on endpoint devices. No server-side storage exists in the protocol.
Sharing: Selective disclosure with cryptographic access tokens. Revocable at any time.
Monetization: Users can sell their data through direct P2P transactions. No intermediary platform.
Deletion: Because data exists only on user devices, deletion is genuine and complete. The "right to be forgotten" is a local file operation.
6. Market Entry Strategy
Phase 1 (2026–2027): Internet-based SSI messenger. DID identity, E2E encryption, device-local storage, crypto payments. Target: privacy-conscious communities, Web3 users, journalists, GDPR-compliant enterprises.
Phase 2 (2027–2028): Sidelink-enhanced. Add D2D communication for proximity scenarios. Target: events, public safety, unreliable connectivity areas.
Phase 3 (2029+): Full mesh protocol. Tri-modal transport, complete data sovereignty. Target: global mainstream.
7. Business Model
Sovereign is an open protocol. Revenue derives from: premium client applications, enterprise protocol licensing, security auditing, managed relay infrastructure, and developer ecosystem tools.
8. Regulatory Considerations
Lawful intercept: Sovereign's architecture is equivalent to two people having a conversation in a room — no technology provider is in a position to intercept it. Legally defensible in jurisdictions with strong privacy protections.
GDPR: Natively aligned. Personal data resides exclusively on user devices. The user is the sole data controller.
Content moderation: Protocol-layer neutral, like TCP/IP. Moderation is an application-layer concern.
9. Technical Risks
| Risk | Severity | Mitigation |
|---|---|---|
| Sidelink adoption slower than projected | High | Phase 1 operates over internet; sidelink is additive |
| Mesh density insufficient | Medium | Store-and-forward, internet fallback |
| Regulatory prohibition | Medium | Open-source; cannot be fully suppressed |
| Quantum computing threat | Low (near-term) | Cryptographic agility; post-quantum planned |
| UX inferior to incumbents | High | Significant UX investment; progressive disclosure |
| Network effect barrier | High | Targeted seed communities; bridge interop |
10. Conclusion
The convergence of 5G/6G sidelink, Self-Sovereign Identity, and mesh networking creates a once-in-a-generation opportunity to redesign the communication layer from first principles.
Sovereign is not a better WhatsApp. It is a fundamentally different category of communication infrastructure — one where the concept of a "data breach" is meaningless because there is no central data store to breach, where government shutdown of communications is impossible because there is no infrastructure to shut down, and where the user's identity, data, and relationships are genuinely, cryptographically, structurally their own.
The question is not whether this will be built. The question is who builds it first, and whether it is built as an open protocol that serves users or as another proprietary platform that co-opts the language of sovereignty while recreating centralized control.
This paper proposes that it should be the former.
References
- 3GPP TS 23.303: Proximity-based Services (ProSe)
- 3GPP TS 38.300: NR; NR and NG-RAN Overall Description (Release 18)
- W3C Decentralized Identifiers (DIDs) v1.0, 2022
- W3C Verifiable Credentials Data Model v2.0, 2024
- EU Regulation 2024/1183: European Digital Identity Framework
- Snowden, E. "Permanent Record," 2019
- Access Partnership, "The Future of Networks: D2D for Universal Connectivity," 2025
- ABI Research, "5G Sidelink: Consumer and Enterprise Forecasts," 2025
- Nokia Bell Labs, "Sidelink: Unlocking the Full Potential of Device Communication," 2025
- Qualcomm, "5G Versatility with Sidelink," 2022
- Briar Project, "Briar: Secure Messaging, Anywhere"
- DIF, "DIDComm Messaging Specification," 2023