ZeroNet - What Went Wrong?
ZeroNet is a peer-to-peer network that acts like a fully decentralized replacement to the World Wide Web. What this means is that sites aren't hosted on centralized servers, but rather on multiple computers connecting to said site, much like a torrent. This has several advantages to the traditional client-server model of the normal web. For one, sites are resistant to both government and corporate censorship. Nobody can shut your site down unless they shut down every single client that is seeding that site. Second, being P2P means that there is no downtime, so you don't have to worry about DDoS attacks or servers crashing. And finally third, you are no longer restricted with server costs, lack of disk space, and bandwidth issues. Anyone can run a site easily and for free.
The idea of having a P2P web is nothing new. Freenet is a similar project and has been around since 2000. What sets ZeroNet apart from networks like Freenet or IPFS is that ZeroNet supports dynamic sites out of the box through a JavaScript framework known as ZeroFrame, meaning that it supports sites like blogs, forums, and wikis. Freenet and IPFS only support static-sites by default (though I think there are hacky solutions to make dynamic sites on IPFS). ZeroNet is probably the most user friendly of these networks, just run the script and use your favorite browser. It even supports .bit domains as opposed to weird hashes that other networks use.
Despite all these promises ZeroNet gained a bad reputation of being a poorly coded, in-secure, and dangerous network. It seems like even the creator, Tamas Kocsis (who also goes by nofish), lost faith in the project, as the official client hasn't updated since 2019, and it seems like there are no plans for any updates. While there are forks of the project, it's safe to assume that ZeroNet is basically dead at this point. As the old saying goes, "cut off the head and the body will parish". It's pretty hard to revive an entire network without the original creator. But that begs the question: what exactly went wrong with ZeroNet?
The Security Risks of P2P Networks
In the client-server model, your computer only connects to the server. Your sever knows your IP address (or the IP address of your VPN, proxy, or Tor exit node, if you are using those). There is no way for other clients to know your IP address unless you or the server makes that public. In a P2P network, your IP address is visible to every client you are connected to. Of course, this could be mitigated using a VPN or Tor. ZeroNet does have built-in Tor functionality, but it is slow.
User Certificates
ZeroNet doesn't use traditional user accounts. It instead has certificates which kind of work like a crypto wallet. You have a public key and a private key. User certificates can be used throughout the entire network. To get a certificate, you need to use a provider. ZeroNet had one known as ZeroID but it was centralized (killing the whole point of a decentralized network). There were others, but ZeroID was the most popular. All ZeroNet sites had a whitelist of which kind of providers they allow. Most only supported ZeroID.
It's not possible to post content on ZeroNet without an ID. While this isn't a problem for blogs, forums, and social media, it is for sites like pastebins and imageboards where complete anonymity is usually the norm. 08chan, a ZeroNet imageboard, provided their own certificate provider, but users still had to manually delete their certificates and generate a new one if they wanted to stay anonymous.
Seeding Unwanted Content
When you connect to any site on ZeroNet, you automatically seed it, meaning that you automatically become a host of that site, and you host ALL content of that site, including potentially illegal content like child pornography. And you never know when someone would post such content. Luckily, site owners can moderate their sites for such content, but this becomes a bigger problem for bigger sites. Nofish encouraged users to create smaller sites. Eventually, there was the option of "merger-sites" where you can have smaller sites that communicate with each other (much like the Fediverse), but that didn't stop the incident which ultimately killed ZeroNet.
The 08chan Incident
On August 3rd, 2019, a highly controversial imageboard known as 8chan was taken offline after being linked to three mass-shootings. Cloudflare after years of defending 8chan decided to terminate service with them, 8chan's domain registrar also revoked their domain, and the site went offline for months. During that time, an unofficial "bunker" (a term used by imageboard users to mean an emergency backup site) on ZeroNet known as 08chan was used in it's place. The site existed before the shutdown, but immediately became the most popular bunker when 8chan was taken offline.
It was clear that the users did not know how to use the network properly. A lot of users were using the network using their bare-IP, and to add insult to injury, CP spam was rampant on the site, meaning that users were unknowingly hosting illegal content. The bunker gave users the option to blacklist certain boards, but the damage has already been done, not just to 08chan, but to ZeroNet as a whole. The network's reputation had been permamently damaged. The last official update for ZeroNet was back in September 4th, 2019, around the same time as this incident.
Concluding Thoughts
It's highly unlikely that ZeroNet will ever resume development or that the network would see a resurgence. The network has too many fundamental flaws, and any attempts to fix them would just break the whole thing. In my opinion, ZeroNet served as a great proof of concept, at the very least. Maybe their will be a similar network that actually addresses those issues. There have been similar P2P networks since then like the Beaker Browser (allows viewing and hosting P2P sites via the Dat Protocol) and Qortal, but a lot of them still have major flaws. Beaker Browser is based on Electron (meaning that it is using Google's Blink as a backend) and Qortal is basically IPFS with paywalls. Right now, if you are worried about censorship, I suggest looking into anonymity networks like Tor or I2P. You still have to host your site on a server, but right now, it is impossible for people to track down your server and shut you down (unless you are practicing poor OPSEC), and you don't have to worry about domain registrars taking down your domain name. If you are only worrying about corporate censorship, alternate DNS roots like OpenNIC are a solution.
Personally, I recommend having a presence on multiple networks, given that not a single darknet is perfect. If you run a clearnet site, consider including an onion and I2P domain, if you can (I currently can't). If your site is just static-HTML, you can also host a mirror or any P2P network. You can also include a Git repository for your site (like what I do). This allows anyone with Git knowledge to easily clone and mirror your site on multiple servers and networks.