Idun

protocol architecture v0.1

Portable, verified social identity for the federated web

Identity Eudi Did Activitypub At protocol Idun protocol Open source

Idun's architecture ensures no single entity — including Idun itself — is a point of failure. The principle: if any one node disappears, recovery requires zero cooperation from that node.

A social platform shuts down
Survives: Identity/DID (self-held keys), verification credentials (in your wallet), follow relationships (held by federated peers on both protocols), reputation (in your wallet). Content on AT Protocol survives in your signed personal data repository.
At risk: Your actor URI on that platform (AP) or your PDS hosting (AT Proto). But your DID lets you claim a new home elsewhere. Content on ActivityPub platforms may be lost unless mirrored.
An Idun node goes offline
Survives: Already-issued credentials remain valid (they're signed and self-contained — no phone-home required). Other Idun nodes continue operating. The protocol spec is open and anyone can run a new node.
At risk: That node's ability to issue new credentials. Users can switch to another Idun node or self-host one.
The Idun organisation ceases to exist
Survives: The open protocol spec. The open-source reference implementation. All existing credentials (self-contained, cryptographically verifiable). The federated network of nodes run by others.
At risk: The idun.org website and any flagship services. The protocol lives on like RSS lives on without Netscape.
Your device is lost
Survives: Your EUDI Wallet credentials (recoverable via national eID re-issuance). Your social graph (held by federated peers). Your content (in AT Proto's signed repos, or AP mirrors). Your reputation credentials (re-issuable by platforms).
At risk: Local private keys — but EUDI Wallet recovery + identity re-verification lets you generate new keys and reclaim your DID.
The AP ↔ AT Proto bridge goes down
Survives: Both networks continue independently. Your Idun identity and credentials work on both sides. Only cross-protocol interactions are interrupted.
At risk: Follows and interactions that span the bridge. When a new bridge comes online, DID-based identity means reconnection is automatic.