Summary: Pubky is best cataloged as public-key identity-and-routing infrastructure with a homeserver-backed application stack rather than as only a decentralized social app or an alternative DNS experiment. In this pass, the clearest first-party evidence came from the official knowledge base, the Pubky Core introduction, the security model, the Paykit work-in-progress docs, and the pubky-core README. Together those materials describe a system that combines public-key-based identity, PKARR-based discovery, developer-facing homeservers and SDKs, credible-exit-oriented data portability, and an emerging payment-coordination layer that aims to route Bitcoin and Lightning methods through the same identity substrate.
What it does:
Provides an open protocol for per-public-key backends that lets applications authenticate users with cryptographic keys instead of centralized accounts or passwords
Uses PKARR plus the Mainline DHT to map a user’s public key to a chosen homeserver, enabling identity-based routing and migration between storage providers
Ships a homeserver implementation, SDKs, and REST-style storage APIs so developers can build decentralized apps with standard web-style availability patterns
Frames credible exit as a core design goal, letting users keep identity keys, back up data, and repoint their identity to a new homeserver if an operator misbehaves
Supports an application layer that already includes Pubky App, Ring, Nexus, and other ecosystem services for publishing, identity management, indexing, and moderation
Exposes Paykit as a work-in-progress payment protocol for discovering and coordinating Bitcoin onchain, Lightning, and future payment methods through the Pubky identity layer
Key claims:
The Pubky knowledge base says Pubky attempts to unlock the web through a key-based, self-regulating architecture that combines decentralized routing and identity with interoperable hosting, censorship resistance, and credible exit
The Pubky Core introduction describes an open protocol for decentralized web applications built from public-key-based authentication, capability-based authorization, homeserver discovery, RESTful API standards, and developer SDKs across Rust, JavaScript, iOS, and Android
The same introduction says users control identities, choose where data lives, and can move between homeservers by updating PKARR records, which is strong evidence that the project is packaging routing and data-portability infrastructure rather than just one application
The security model explicitly says Pubky aims to minimize trust requirements while remaining practical, centers the model on credible exit, and explains that users keep their keypairs while backups and PKARR updates let them migrate away from misbehaving homeservers
The pubky-core README summarizes the project as an open protocol for per-public-key backends for censorship-resistant web applications and highlights public-key-based authentication, third-party authorization, and an HTTP key-value storage API
The Paykit docs say the payment layer is a work in progress, but they already position it as a protocol for payment discovery, negotiation, and coordination across Bitcoin onchain, Lightning, and potentially other methods using a static Pubky public key as a universal payment identifier
Whitepaper: No canonical standalone Pubky whitepaper or litepaper surfaced in this pass. The clearest current sources of truth were the official knowledge base, the Pubky Core introduction, the security model, the Paykit docs, and the pubky-core README; see ../whitepapers/pubky-primary-sources-2026-05-04.md.