The Audit Protocol
For each layer, the auditor asks: "Who owns this?" and "What happens if they ban us?"
The Checklist
- Layer 1 (Physical): Are we hosted on AWS/Google? Do we have a backup host?
- Layer 2 (Network): Who governs our domain TLD? (e.g., .ly is governed by Libya's Sharia law).
- Layer 3 (Identity): Can users log in if Facebook is down? Do they own their handles?
- Layer 4 (Storage): Is user data locked in a proprietary database or exportable JSON/Markdown?
- Layer 5 (App): Is the code open source? Can it be forked?
- Layer 6 (Economic): Are we 100% dependent on Stripe/PayPal? Do we have crypto or direct payment fallbacks?
Scoring
Projects are graded on a spectrum from Serf (100% leased land) to Sovereign (100% owned/federated). Most operational projects aim for Resilient Pluralism—strategic dependencies with clear escape paths.
Field Notes
The "Bus Factor" for Platforms: In software engineering, the "bus factor" is how many team members need to get hit by a bus for the project to fail. In the Sovereignty Audit, we ask: "How many TOS updates need to happen for our business model to become illegal?"