Tahoe-LAFS

Decentralized Storage Networks

Free and open-source decentralized file store built on a 'principle of least authority' (POLA) security model, providing provider-independent security: files are client-encrypted and erasure-coded (default 3-of-10) before distribution across storage servers, such that no server operator can read or modify user data.

Fully P2P Community Low capture risk

Links

Visit Community

Details

License Libre

Dev Status Released

Owner Tahoe-LAFS Software Foundation (volunteer-maintained open source project); originally started at Allmydata.com

Country USA; globally distributed volunteer contributors

Start Year 2006

Stack Python

Funding Community, Donations

Last Investigated Mar 10, 2026

Use Case Domains

Platform Evolution & Sovereignty

Affordances

Self-hostable Local-first storage End-to-end encrypted

Decentralized Storage Network Attributes

P2P Architecture Mesh network (client connects to introducer, then to storage nodes; no routing protocol between nodes)

Overlay Network Store-wide (data limited to configured storage grid)

Content Addressing Yes (immutable files addressed by content hash embedded in read capability)

Local-First N/A (client-server model; gateway on local machine or remote)

E2EE Yes (client-side AES encryption before upload; storage servers never see plaintext)

Byzantine Fault Tolerance Partial (erasure coding tolerates node failure; cryptographic proofs prevent silent data corruption; no Byzantine consensus protocol)

Signature Ed25519 (mutable file signatures)

Permissions Cryptographic Capabilities (read caps, write caps, verify caps — capability-based access control; no ACLs)

Semantic Web Compatability N/A

Smart Contract No

Protocol Stack Position Application-layer (built on TCP/IP)

Asset / Value Embedding None (no token; volunteer or self-hosted model)

Protocol Maturity / Standardization De Facto Standard (established open-source reference for capability-based decentralized storage; 15+ year history; no formal standards body)

Update Policy Immutable (for immutable files) / Mutable (versioned) for mutable directories and files (MDMF format)

Storage Proof Mechanism Merkle audit proof (continuous integrity checks; storage servers audited by requesting random shares; failed audits trigger data repair)

Economic / Incentive Model Volunteer (no economic incentive model; operators run nodes for altruistic or cooperative reasons; lease-based GC to manage storage)

Retrieval Guarantee Best-effort (configurable K-of-N erasure coding; 3-of-10 default tolerates 7 node failures; availability depends on operator commitments)