🔥Today is the day 🔥
I’m excited to introduce Cordn (https://cordn.net). This is my take on private, accessible communication for everyone.
https://image.nostr.build/2facfc7651d9b65883bdc1c5012983c46c6714901c03f4cdbc2aa9df28899e78.png
Cordn is a small protocol built on two solid foundations: nostr:npub1dvmcpmefwtnn6dctsj3728n64xhrf06p9yude77echmrkgs5zmyqw33jdm and MLS. MLS is already emerging as an internet standard, and it handles the cryptographic heavy lifting. It provides quite strong security guarantees, including post-compromise forward and backward secrecy. It is also highly scalable, handling large groups efficiently without the overhead that double-ratchet protocols like Signal carry.
https://image.nostr.build/48f6484a15bf96007937bb366a789f71e87361a0e3c8976528a84ae92d203ebe.png
That power comes with a requirement. MLS needs tight coordination between group members. All the secrets that let you participate are computed locally, and without strict message ordering, an out-of-order message can cause your state to drift. You could silently fork yourself out of a group without ever noticing.
That is exactly why Cordn is built around the concept of coordinators, or delivery services, as the MLS specification calls them. A coordinator have very little responsability: it keeps messages in order. It cannot see who is participating. It cannot read messages. It cannot see IP addresses. It just orders messages and delivers them.
Cordn uses one coordinator per group. This keeps state simple and avoids the consistency problems and race conditions that come from splitting a group across multiple coordinators. The upside is that Cordn is fully open source, and deploying your own coordinator is effortless. Switching between coordinators is straightforward too, thanks to ContextVM.
You can run a coordinator behind a firewall or NAT. No static IP, no domain, no DNS required. Just run the existing coordinator implementation on any device and it becomes accessible. Using ContextVM was a deliberate choice. It makes deployment trivial, and it strengthens privacy because Cordn traffic is fully encrypted and blends into broader ContextVM traffic. An external observer learns nothing useful. They cannot tell that Cordn is being used, let alone who is using it or which groups exist. Running your coordinator would be the equivalent of running a Discord server or a Signal server, but in a very easy way, fully private and open source.
Coordinators handle three things: message ordering, storing and delivering encrypted blobs, and acting as a key package directory. That's it.
Spinning one up takes a single command:
'docker run --rm ghcr.io/cordn-msg/cordn:latest'
Because coordinators are intentionally minimal, migrating between them is clean. If your group’s coordinator goes offline, you can move to another one and carry on. The rule is simple: one coordinator per group at a time. Migration is not fully implemented yet, but it is coming soon, along with multi-device support.
Today I am announcing both the coordinator and a web client, now live at https://cordn.net. There is also a CLI client available in the main repo; it is primarily intended for testing, but it is fully usable and interoperable with the web client.
The web client is already quite capable. It is early, and there are still rough edges, but the experience is quite solid. I spent the weekend stress-testing it with groups of around ten people, plus smaller groups and individual chats. It held up well, which gives me the confidence to release it.
Cordn is also a protocol. It draws inspiration from nostr:npub1marm0t9qkmv8lq7pe7vdx60ed8fl2d876a2ytk3ade208dlyfweqg5r6m9 around user identities, group metadata, and Nostr envelopes for group messages. Kudos to the Marmot team for pushing boundaries. The protocol defines coordinator roles, transport conventions, group metadata, identity conventions, and Nostr message envelopes. If you are curious and want to build on it, the spec and code are at https://github.com/Cordn-msg/cordn. There is also a larger text about the why behind Cordn at https://cordn.net/why if you are einterested.
That is Cordn in a nutshell: private messaging you can own, sovereign, and accessible to everyone.
To lower the barrier to entry, we are running a public coordinator so you can get started without hosting anything yourself. It is completely free and will stay that way until everything is stable. After that, we will figure out how to pay the bills. The important part is that a fully sovereign experience is always available. You can run your own coordinator for yourself, you agent swarm, your friends, your family, or your community, you own it. We are running ours on an inexpensive VPS from nostr:npub1lnvps32qq2nvg75cqwflq4y6cmnzn55d26ypzjakpkp3khqcx2ns7t7vjj , and you can easily do the same.
We also plan to release deployments for Umbrel and Start9 soon. If you have experience packaging apps for those platforms, your help would be deeply appreciated. Cordn is fully open source, and every contribution matters. We are building this for love and freedom.
I cannot close without thanking nostr:npub1gzuushllat7pet0ccv9yuhygvc8ldeyhrgxuwg744dn5khnpk3gs3ea5ds and the nostr:npub1dvmcpmefwtnn6dctsj3728n64xhrf06p9yude77echmrkgs5zmyqw33jdm team. They provided the inspiration and the core technology that made Cordn possible. It began with a ContextVM project called cvm-mls, which planted the seed for everything here. gz also opened my eyes with his article “Private communications, over public infrastructure” and pointed me to the cvm-mls repo. None of this would exist without them. Thank you so much.
Without further ado, you can reach me here on Nostr and, of course, on Cordn. Do not hesitate to ask anything. We also have a Cordn dev group you are totally invited to join, so let me know and we will add you.
Reference
RFC9420: https://datatracker.ietf.org/doc/rfc9420/
nostr:naddr1qvzqqqr4gupzqs9eep0ll6hurjkl3sc2fewgses07mjfwxsdcu3at2m8fd0xrdz3qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcqx9c8y6tkv96x2ttrdakk6atwd93kzarfdah8xtt0wejhyttsw43xc6tr945kuenjv9ehgun4vd682un9778mr0