Pillar 02 · Value system
Authenticity is not a feeling, not a font, not a „we care" banner. Authenticity is a verifiable property: readable source code, measurable server behaviour, redeemable promises. If any of that is missing, everything else is marketing.
„Real is what you can verify."
Why this pillar exists
„End-to-end encrypted." „We do not sell data." „Privacy matters to us." — sentences that today appear on the homepage of every tech company, including those who do the exact opposite. The problem is not the lie in the individual case. The problem is the evidence asymmetry: the company claims, the user cannot check.
The only clean answer is code that can be read. Whoever publishes open source, whoever ships reproducible builds, whoever permits independent audits — has dissolved the evidence asymmetry. Whoever does not, is just talking.
What the technology says
Raymond's observation on the Linux kernel: openly readable source code finds bugs faster than closed code, because many independent eyes read it. That is not ideology, it is a scientifically demonstrated effect — and the reason why almost all security-critical systems today (Linux kernel, OpenSSH, Signal protocol, Matrix Olm/Megolm) are open source. Closed code that calls itself „secure" is a statement of faith. Open code is a statement of fact.
Open source alone is not enough. You also need to know that the app you install really was built from this source — and not from a modified version. Reproducible Builds solve that: two independent people build from the same source, the result is bit-identical. Debian, Bitcoin Core, F-Droid and Tor are systematically moving in this direction. That is the technical form of dissolving the evidence asymmetry.
NCC Group (UK) is one of the internationally most respected security audit firms — they have reviewed Signal, Tor and OpenSSL, among others. In September/October 2016 two NCC Group consultants spent 15 person-days reviewing Matrix's Olm and Megolm encryption; funding came from the Open Technology Fund. The full report is public. That is not „we are secure" — it is „independent third parties looked, here is the result". That mode is the one we adopt.
How we deliver here
This page runs on static HTML files — no JavaScript tracking, no analytics pixel, no hidden calls to third parties. You can see it yourself: view source (Ctrl+U) or watch the network calls in the developer tools (F12 → Network).
The parallel ALD protocol has 16/16 tests green, a signed Genesis manifest hash chain, and is published as a Python reference implementation. That is not „we promise". It is „you can recompute".
What comes next
NOPE will be a Matrix-based, fully encrypted, free, decentralised chat service. Self-hosted, openly verifiable, no profile required. The name is the programme: NOPE says „no" to everything that elsewhere is standard — no tracking, no advertising, no sale of attention, no algorithmic feed, no mandatory read receipts, no „X is typing" pressure.
NOPE will be a separate brand, a separate domain and a separate identity. Its construction follows exactly the principles of this pillar: open source, reproducible builds, independent audit before going live. We promise nothing we cannot publicly substantiate.