The Problem Space: Smart Cities vs. Sovereign Communities

In high-density municipal environments like San Francisco and Portland, modern "Smart City" infrastructure acts as a dragnet for corporate and state surveillance. For marginalized and transient populations—such as vehicle dwellers, urban nomads, and mutual aid networks—visibility within a centralized system directly translates to vulnerability (e.g., targeted ticketing, sweeps, and sweeps tracking).

This presentation outlines the design of a Shadow Ledger: a hyper-local, decentralized resource allocation network that operates strictly under a zero-trust, local-first paradigm.

2. Cryptographic Sovereignty via Zero-Knowledge (ZK) Proofs

To protect the social fabric of vulnerable communities, the ledger must facilitate trust without identity. The architecture shifts the proof of eligibility from centralized KYC/Government ID systems to cryptographic Proximity and Affiliation Proofs.

[Proving Node (User)]                     [Verifying Node (Mesh Host)]
         │                                             │
         │  1. Compute Witness Local-First             │
         │  2. Generate Proof (π) via zk-SNARK         │
         │                                             │
         ├───────────────── Proof (π) ────────────────>│
         │                                             │  3. Verify π against 
         │                                             │     Current Epoch Root
         │                                             │  4. Confirm Proximity
         │                                             │     (No Location Leaked)
         │                                             │
         │<─────────────── Resource Token ─────────────┤
         │                                             │

Using zk-SNARKs (implemented via Rust libraries such as arkworks or bellman), a user can generate a proof ($\pi$) that verifies two critical predicates without leaking raw data:

• Affiliation: Proving membership within a trusted local mutual aid circle without revealing which individual node they are.
• Proximity: Proving physical presence within a specific geographic radius (e.g., the Mission District or Southeast Portland industrial zone) using time-bounded cryptographic handshakes over local mesh networks, completely separate from GPS or cell tower triangulation.

3. Low-Bandwidth Infrastructure Optimization via HARM

The backend must run reliably in highly unstable physical environments—such as a node hidden inside a parked camper van running on fluctuating solar power.

• Axum State Management: Axum serves as a resilient, multi-threaded state coordinator handling ad-hoc peer connections over local Wi-Fi or Bluetooth Low Energy (BLE).
• Maud Payload Compression: Every byte matters when broadcasting over congested or weak ad-hoc channels. Maud constructs hypermedia responses compiled down to minimal byte-arrays.
• HTMX Partial Swaps: Instead of forcing a client browser to fetch heavy JSON payloads and reconstruct views client-side, HTMX swaps small, raw HTML fragments. This maintains a highly responsive interface on burner phones or older, un-updated operating systems commonly found in resource-strapped communities.

4. Adversarial Threat Modeling & Mitigation

The proposal details specific mitigation strategies against common attack vectors in decentralized networks:

• Sybil Attacks: Mitigated through a localized, non-transferable web-of-trust mechanism where existing nodes must cryptographically sign new entrants during face-to-face interactions.
• Traffic Analysis: Mitigated by padding hypermedia payloads to uniform sizes and introducing randomized delay intervals in Axum’s routing layer to prevent external observers from mapping resource distribution patterns.