What are the two missing pieces of the internet?

The internet was built with a foundational protocol for communication (TCP/IP) but never included native protocols for identity verification or value exchange. Identity and payments were handled by borrowed systems (banks, tech platforms, government databases) rather than open, trust-minimized protocols at the foundation.

Why are borrowed identity and payment systems breaking down?

AI has driven the cost of generating convincing fake content, emails, and identities toward zero. Systems built for a lighter era (spam filters that guess, platforms that surveil to protect, centralized identity databases) are buckling under exponential load they were never designed to handle.

What is economic email filtering?

Economic email filtering charges unknown senders a small fee (about 4 cents) to deliver their message, rather than using AI to guess which emails are spam. Known contacts pass through free. The cover charge settles directly to the recipient's wallet. At scale, even a tiny cost makes mass spam economically impossible.

How does Rythm relate to open protocols?

Rythm uses open protocols (Cashu ecash over the Lightning Network) to impose economic cost on unwanted email without depending on a central authority to hold funds or make filtering decisions. It's a practical, immediate solution built on the same trust-minimized principles that made TCP/IP durable.

The Two Missing Pieces of the Internet

The internet solved communication. It never solved identity or value exchange. AI is exposing that gap. Here's why open protocols are the only durable fix.

The hottest phrase among suburban moms right now is: “I don’t even know what to trust anymore. Everything I see online is AI and I can’t even tell.”

They’re right. And the problem runs deeper than most people realize.

As AI drives the cost of producing digital content toward zero, we’re left with a question that should unsettle everyone: in a world of infinite digital abundance, how do you know what’s real? How do you know who’s real?

These aren’t new questions. They’re the original questions. And the early internet never answered them.

What the internet left out

When you walk into a room with another person, three things happen so naturally that you never think about them.

You can speak to each other.

You can see who you’re talking to.

You can hand each other something.

These aren’t features someone designed. They’re the physics of being in the same room. Every marketplace, every courtroom, every handshake in human history has depended on all three.

The internet recreated the first one brilliantly. TCP/IP, the base-layer protocol underneath everything online, gave us a universal way to exchange messages with anyone on Earth, instantly. Email, the web, streaming, video calls. All of it built on top of one elegant solution to one fundamental problem: moving information from point A to point B.

But the other two? The internet has no native way to verify who you’re talking to. And no native way to hand someone value. Those capabilities simply don’t exist at the foundation. They were never built.

So we did what made sense at the time. We borrowed them. Banks and payment processors stepped in for value. Tech platforms and government databases stepped in for identity. These were practical solutions to urgent problems, and for over two decades, they held.

Then AI changed the math.

Why it’s cracking now

Those borrowed solutions all share a common assumption: that deception is expensive. That forging a convincing identity, writing a persuasive phishing email, or impersonating a trusted sender requires real human effort and skill. When that assumption holds, borrowed systems can keep up. When it breaks, they can’t.

AI broke it.

The cost to generate a convincing email, a realistic voice, a fake identity, or a thousand pieces of content indistinguishable from human work is approaching zero. What once required a skilled attacker now requires a prompt. The borrowed systems that held for two decades were never built for this kind of load.

Our defenses against digital deception have always been logic. Pattern matching, heuristics, rule engines, probabilistic models, trained classifiers. These worked while the attackers were also human, because human deception was slow and expensive to produce. They start to buckle when the attackers are generative systems producing fakes at machine scale and machine speed.

And logic can only be answered with more logic. Sharper filters. Bigger models. Tighter rules. More data to cross-reference against. More checkpoints to verify each interaction. This is the shape of every logic-versus-logic contest: an exponential arms race with no finish line, where each advance on one side is quickly matched by a new advance on the other.

To keep this version of the internet usable under that pressure, the defensive side has to keep escalating. And each escalation costs a little more of the same things: privacy, autonomy, the ability to move through a system without being logged and verified and cross-referenced at every step. More of what you do gets watched. More of who you are gets linked to a record. That isn’t a prediction. It’s the direction the math runs when logic is the only tool available.

The crossroads

This is the fork. The pressure on the borrowed foundation is mounting, and there are only two directions it can bend.

Path A: Reinforce the borrowed pieces. Keep what we have. Double down. Plug the identity gap with government-issued digital IDs required for internet access. Plug the value gap with corporate stablecoins or central bank digital currencies issued and controlled by institutions. Tighten the existing surveillance. Centralize the existing databases. Require more verification at more checkpoints. Solve the fracture by clamping down.

This path is fast. It’s familiar. And it deserves honest scrutiny, because the problems it claims to solve are real.

But look carefully at what it actually asks of us.

A physical ID, a passport or a driver’s license, proves who you are at a single moment. You show it at a border or a bank. Then it goes back in your pocket. It exists in one place, for one purpose, under your control. A digital identity system linked to every login, every transaction, every interaction across your entire online life doesn’t go back in your pocket. It creates a complete behavioral map that no physical document ever could. A database that comprehensive doesn’t just identify people. It becomes the most valuable surveillance infrastructure ever constructed. Not because the people who build it intend that. But because power changes hands. It always has. A database that valuable doesn’t stay in benevolent hands indefinitely. History hasn’t given us a single example of that kind of restraint holding forever.

Centralized digital currencies carry the same structural risk. Programmable money controlled by an issuer means transactions can be monitored, restricted, or frozen by whoever holds the keys. Today that power might be exercised responsibly. But the architecture is permanent. The people who control it are not. That’s not a monetary system. That’s a permission structure.

This is the quiet cost of Path A. To answer what’s real and who’s real with borrowed tools, we have to build honeypots for our own individual rights and then trust the indefinite benevolence of everyone who will ever hold the keys. We already live too much of our lives inside the digital realm to treat that as a small concession. It is a fragile foundation to build the rest of our lives on top of, and it gets more fragile the more of our lives we move onto it.

Path B: Build the missing pieces at the foundation. Solve identity and value exchange the same way TCP/IP solved communication. With open standards. With math. With protocols that, once released into the world, don’t depend on their creator to keep running.

This is the harder path. It’s slower. It asks people to understand something new. But it’s the path that follows the pattern of every foundational protocol in internet history.

How foundational protocols actually win

TCP/IP was not a scrappy garage project. It was funded by DARPA, a US Department of Defense research agency, and built on ARPANET, a government network. It had serious institutional support.

But here’s the distinction that changes everything: once deployed, TCP/IP no longer depended on any of those institutions to function. No single entity controlled it. No single entity could change the rules. No one needed to trust DARPA, or anyone else, for the protocol to keep working. DARPA funded its birth. Then it walked on its own.

That’s what separates a foundational protocol from a product. A product requires ongoing trust in its maker. A foundational protocol requires trust only in the math and the open standard itself.

In the 1970s and 80s, TCP/IP competed against the OSI model. OSI was backed by European governments, IBM, the major telecoms, and the International Organization for Standardization. It was the “serious” choice. Designed by committee. Mandated by governments. Comprehensive on paper.

TCP/IP won. Not because it was anti-institutional. It had plenty of institutional backing of its own. It won because it was already working. The IETF, the engineering body behind it, operated on a principle that would prove prophetic: rough consensus and running code. While OSI was still being specified in conference rooms, TCP/IP was already carrying traffic. And once it was carrying traffic on an open standard that anyone could implement, no institution could take it back.

That property, the inability of any single entity to revoke or control the protocol after deployment, is what makes a foundational layer durable. The layers built above TCP/IP don’t always share it.

Consider how identity actually works on the internet today. It isn’t one system. It’s several, stacked on top of each other, each running through its own institutional gatekeepers. Domain identity, the answer to “is rythm.xyz really rythm.xyz,” runs through ICANN and the DNS root. Server identity, the answer to “is this really the server rythm.xyz points to,” runs through Certificate Authorities. Human identity, the answer to “is this really Sean,” runs through Google, Apple, Facebook, and the government databases they authenticate against. Each of those layers works. Each depends on specific entities that can fail, get breached, or change the rules. When any of them shake, everything built above them shakes too.

Sound foundations can’t have that weakness. That’s why the missing pieces need to be solved the same way TCP/IP was solved. At the base. With the same properties that made TCP/IP unkillable.

Completing the foundation

Bitcoin follows the same pattern for value exchange. A base layer that does one thing: settles transactions using an open ledger that anyone can verify and no single entity can control. It is not fast on its own. It is not feature-rich on its own. It doesn’t need to be. Foundational layers never are. TCP/IP doesn’t know what a webpage is. It just moves packets.

Scaling and speed and features are built in layers above the base. The Lightning Network, Cashu, and other protocols are doing for Bitcoin what HTTP and email did for TCP/IP: adding capability on top of a stable, trust-minimized foundation. What matters at the base is simpler: no single entity can freeze your payment, reverse your transaction, or change the rules after the fact.

Bitcoin is resilient not because of how it’s governed, but because of how it can’t be. Every participant who runs a node enforces the rules for themselves. No one can impose a rule change on you from the outside. If someone proposes a change you disagree with, you simply don’t adopt it. Your node, your rules. A rule only becomes the network’s rule when enough independent participants choose, on their own, to run it. That individual agency, replicated across thousands of operators who answer to no one, is what makes the network antifragile. It’s not that no one controls it. It’s that no one can control it on anyone else’s behalf. Satoshi Nakamoto disappeared in 2010. The protocol kept running. That’s the test.

For identity, the foundation is still being laid. Nostr is one attempt built on the right principles: a simple, open protocol for signing messages with cryptographic keys and publishing them across a network of relays. Your identity is a key pair that you generate and hold, not something an authority issues and can revoke. Your data is signed by your key and portable across any application that speaks the protocol. No single company holds your social graph. No platform can delete your history.

Nostr is early. Its relay infrastructure has real limitations. The user experience is raw. But the foundational pattern holds: a simple base layer that handles one thing, authenticated and portable identity, without depending on a specific company or government to function. The scaling, the polish, the consumer applications are being built above.

TCP/IP solved how the internet communicates. Bitcoin is solving how it exchanges value. Nostr is solving how it handles identity. Three foundational layers. The first one reshaped civilization. The second and third are still being laid.

Why this direction holds

Looking at the current landscape, it would be easy to feel grim. Governments have clear incentives to enforce digital ID mandates. Corporations and states both benefit from the control that centralized digital currencies provide. The pressure to take Path A is enormous.

But three things give me genuine confidence in Path B.

Open protocols are cheaper than control structures. Enforcement, compliance, surveillance infrastructure, auditing, licensing. These are enormously expensive to build and maintain. Open protocols maintained by their participants cost orders of magnitude less. Over time, systems that deliver the most value at the lowest cost tend to win. TCP/IP was cheaper to deploy than OSI. That dynamic hasn’t changed.

The cost of building is collapsing. The applications and user experiences that once required decades and thousands of developers are becoming reproducible at a fraction of the cost. The same AI that’s exposing the cracks in our borrowed foundation is making it radically cheaper to build on the real one. The capital asymmetry that once protected incumbents is evaporating. Small teams can now build what only institutions could before.

Foundational protocols converge. This is the most important point. At the base layer, the layer everything else depends on, protocols don’t carve up market share the way products do. They converge. They have to. Adversaries, competitors, and strangers all need common ground to transact, communicate, and verify. That’s why the world runs on TCP/IP and not on seven competing networking standards. Above the base layer, fragmentation is fine. At the base layer, the protocol that earns the broadest trust wins. And the protocol that earns the broadest trust is the one that doesn’t require trusting anyone at all.

We’re living through the completion of the internet’s foundation. The value layer and the identity layer are being settled right now. Both are early. Both have rough edges. TCP/IP had rough edges in 1983 too.

There will be more confusion, more noise, and more pressure before this resolves. But the pattern, once you see it, is hard to unsee.

Where Rythm fits

We spent over two decades building on an incomplete foundation. Email, the most universal communication protocol on the internet, carries every scar of that decision. No native identity verification. No native cost to send. An open door that anyone can walk through for free, at scale, with consequences that now cost businesses $2.7 billion a year in fraud alone.

Rythm exists at the intersection of where we are and where we’re going.

Today, Rythm is a practical, immediate solution: a bouncer for your Gmail and Outlook inbox that works right now, on the infrastructure billions of people already use. Underneath, it’s a dual-layer filter built on top of legacy email. The first layer is identity: your own guest list, assembled from the people you already know and trust. The second layer is cost: unknown senders pay a small cover charge through the Lightning Network and Cashu, and the money settles directly to you. Identity we borrow from the legacy stack. Cost we orchestrate ourselves, because the legacy stack has no native way to charge for attention. We aren’t waiting for the world to migrate. We’re protecting you where you live today.

But what we’re really doing, one inbox at a time, is proving out a pattern: identity plus cost. A guest list plus a cover charge. Both are tack-on solutions today because the foundation underneath them was never built to hold them. That isn’t permanent.

We see a future where email itself is reimagined on protocols that include identity and value natively. Nostr for who. Bitcoin for what it costs to reach you. The protection Rythm provides today becomes part of how email works tomorrow, structural instead of stitched on. Built in, not bolted on.

That’s why Rythm is the first stepping stone and not the last. Today we stand on the legacy protocol stack and extend it with the pieces it’s missing. Tomorrow the stack itself catches up, and the protection we provide now becomes a property of the medium rather than something a third party has to arrange on your behalf. Our mission is to build each stepping stone between here and there. Rythm is step one. Many steps follow.

For a deeper understanding of TCP/IP protocol history, Bitcoin, and foundational network dynamics, I recommend “Finding Signal in a Noisy World” by Jeff Booth. For the national strategic implications of proof-of-work as a power projection technology, read “Softwar” by Jason P. Lowery (MIT, 2023).

Sources:

BEC losses: $2.7B annually. FBI IC3 Report, 2023
TCP/IP vs OSI: RFC 791 (1981), ISO 7498 (1984)
Softwar: Jason P. Lowery, “Softwar: A Novel Theory on Power Projection and the National Strategic Significance of Bitcoin” (MIT, 2023)