A social graph is a map of relationships and interactions between entities, traditionally owned and monetized by centralized platforms. In Web3, the goal is to architect a user-centric social graph where individuals own their social data—their connections, posts, and preferences—and can grant selective, granular permissions to applications. This shifts the power dynamic, allowing users to port their social identity across dApps without starting from scratch on each platform. The core challenge is designing a system that is both decentralized and performant for querying complex relationship data.
LABS
Guides
How to Architect a Social Graph with Selective Data Sharing
A technical guide for developers on implementing a decentralized social graph where users control who accesses their profile and connection data.
Chainscore © 2026
introduction
INTRODUCTION
How to Architect a Social Graph with Selective Data Sharing
A technical guide to building decentralized social graphs where users control who can access their data and connections.
The architecture relies on a few key components. User data and connection lists are stored as verifiable credentials or in decentralized data stores like Ceramic, IPFS, or Arweave. A smart contract registry, often on a blockchain like Ethereum or a Layer 2, acts as the system of record for mapping user identifiers (like Ethereum addresses or Decentralized Identifiers / DIDs) to the location of their data. This separation of the index (on-chain) from the data (off-chain) is critical for scalability and cost-efficiency, as social data is high-volume and frequently updated.
Selective sharing is enforced through cryptographic proofs and access control logic. When a dApp requests a user's social data, it must present a permission grant, such as a signed message or a delegatable capability token. The data storage layer or a gateway service verifies this proof before serving the data. Frameworks like Lit Protocol enable condition-based decryption, where data is encrypted and only released if specific on-chain or off-chain conditions (e.g., "holder of NFT X") are met. This allows for complex sharing rules like "share my followers list only with apps I've used in the last month."
Developers building on such a graph need efficient query patterns. Since blockchains are not optimized for graph traversal, an indexing service like The Graph or a purpose-built graph database (e.g., using GUN or OrbitDB) is often necessary to serve queries like "friends of friends" or "mutual connections." These indexers subscribe to events from the on-chain registry and index the user-permitted data from storage to provide fast, complex queries to dApps, forming a decentralized backend-as-a-service for social applications.
In practice, architecting this system involves trade-offs between decentralization, user experience, and performance. A fully on-chain graph is transparent and permissionless but prohibitively expensive. A fully off-chain graph is fast but may lack credible neutrality. The emerging best practice is a hybrid approach: a minimal, verifiable on-chain root of trust coupled with scalable off-chain data layers and indexing, all governed by user-held cryptographic keys. Projects like Lens Protocol and Farcaster exemplify this architecture, providing composable social primitives for developers.
prerequisites
FOUNDATIONAL KNOWLEDGE
Prerequisites
Before architecting a social graph with selective data sharing, you need a solid understanding of core Web3 concepts and tools. This guide assumes intermediate knowledge of blockchain development.
You should be comfortable with decentralized identity (DID) standards like W3C's DID-Core and Verifiable Credentials (VCs). These are the building blocks for user-centric data. Familiarity with Ceramic Network's data models or Lens Protocol's composable social graph is highly beneficial, as they provide practical frameworks for the concepts discussed. A working knowledge of GraphQL is also recommended for querying complex, interconnected data.
On the development side, proficiency in JavaScript/TypeScript and experience with a Node.js environment are required. You'll need to understand smart contract interaction using libraries like ethers.js or viem. For handling cryptographic operations related to data signing and encryption, knowledge of public-key cryptography and libraries such as @noble/curves is essential. Setting up a local testnet (e.g., with Hardhat or Foundry) will be necessary for development.
This architecture relies on decentralized storage for off-chain data. You must understand how to use IPFS (InterPlanetary File System) via services like Pinata or web3.storage, and the differences between content-addressed (CID) and mutable storage solutions. Knowledge of Lit Protocol for access control conditions or XMTP for secure messaging will be crucial for implementing the selective sharing logic.
core-architecture-overview
CORE ARCHITECTURE OVERVIEW
How to Architect a Social Graph with Selective Data Sharing
A technical guide to designing a decentralized social graph where users control who can access their data and under what conditions.
A decentralized social graph is a network of user identities and their connections (follows, likes, posts) stored on-chain or in decentralized storage, rather than in a corporate database. The core architectural challenge is enabling selective data sharing: allowing users to grant granular permissions for specific data to specific applications or other users, without ceding ownership. This requires a design that separates data storage (e.g., IPFS, Arweave, Ceramic), access control logic (smart contracts), and identity (wallets, decentralized identifiers/DIDs).
The foundation is a verifiable credential model. Users store their social data—profile details, posts, connection lists—in encrypted form on a storage layer. Access to this data is governed by access tokens or capability-based keys issued via smart contracts. For example, a user could grant a social media dapp read access to their public profile and follower list, but require a separate, explicit grant for their private direct messages. Protocols like Lens Protocol implement this via NFT-based profiles where permissions are tied to token ownership.
Implementing this requires a modular stack. The data layer uses content-addressable storage (CIDs on IPFS) for immutability. The smart contract layer on a blockchain like Ethereum or Polygon manages the graph's logic: minting profile NFTs, recording connection events (follows), and holding access control lists (ACLs). The indexing layer (e.g., The Graph) queries and serves this on-chain data efficiently. Finally, a client-side SDK handles encryption, key management, and request signing, ensuring private data never leaves the user's device unencrypted.
A critical pattern is the use of delegatable capabilities. Instead of a monolithic permissions system, users can sign a cryptographically verifiable delegation, such as an EIP-712 typed message, granting a dapp temporary access to a specific data resource. This grant can be revoked at any time by the user. This architecture ensures data portability; a user can switch front-end applications while retaining their social graph and connections, as the data and permissions are not locked to a single provider.
For developers, building this starts with defining the core data schemas and relationship types. Use a library like Ceramic ComposeDB for creating and managing verifiable, mutable data streams, or Tableland for mutable SQL tables governed by on-chain rules. The access control contract can leverage standards like ERC-721 for profile ownership and ERC-1155 for managing different permission tiers. Always encrypt private data client-side using libraries like Lit Protocol for condition-based decryption or Ethereum's MetaMask SDK for secure key handling.
key-technical-components
ARCHITECTURE
Key Technical Components
Building a secure and scalable social graph requires specific cryptographic and data-layer primitives. These components enable selective sharing, user sovereignty, and interoperability.
ARCHITECTURE CHOICES
Data Storage Layer Comparison
A comparison of storage solutions for building a decentralized social graph with selective data sharing.
| Feature / Metric | On-Chain (e.g., Base L2) | Decentralized Storage (e.g., IPFS/Arweave) | Hybrid (On-Chain + Off-Chain) |
|---|---|---|---|
Data Mutability | |||
Selective Sharing Granularity | Per-transaction | Per-file via encryption | Per-field via pointers |
Read Latency | < 2 sec | 2-5 sec (cached) | < 1 sec for metadata |
Storage Cost (per GB/month) | $50-200 | $0.5-5 | $10-50 + variable off-chain |
Data Availability Guarantee | Full chain consensus | Relies on pinning services | Hybrid (on-chain for pointers) |
Developer Complexity | High (gas, state mgmt) | Medium (content addressing) | High (orchestration logic) |
Selective Update Support | |||
Privacy for Shared Data | Fully public | Encrypted content possible | Flexible (on-chain visibility) |
step-by-step-implementation
IMPLEMENTATION GUIDE
How to Architect a Social Graph with Selective Data Sharing
This guide details the architectural patterns and smart contract logic for building a decentralized social graph where users control data access.
A decentralized social graph is a network of user connections and interactions stored on-chain or in decentralized storage. The core challenge is enabling selective data sharing, where a user's posts, follows, or profile details are not public by default but can be revealed to specific individuals, groups, or under certain conditions. This requires a fundamental shift from a monolithic, public database to a system built on access control logic and encrypted data payloads. Key architectural components include a registry for user identities (like ENS names or decentralized identifiers), a graph storing connection data (e.g., 'Alice follows Bob'), and content storage with granular permissions.
The implementation starts with defining data schemas and their visibility rules. For example, a basic social graph smart contract might manage follower relationships as public on-chain events, as they are often intentionally visible. However, private messages or specific profile fields require a different approach. Here, you store only a reference or an encrypted ciphertext on-chain or on a decentralized storage network like IPFS or Arweave. The access control mechanism, often implemented as a smart contract or a Lit Protocol decentralized access condition, holds the key to decrypt this data. A user's wallet address typically serves as their primary identity for signing permissions.
Smart contract logic enforces these sharing rules. Consider a contract for private posts. The createPost function would accept an encrypted string (the content) and an array of recipient addresses. The contract emits an event containing the content's storage location (CID) and the list of authorized viewers. Only those addresses can later request the decryption key or prove their right to access. This pattern uses event-driven architecture—the contract logs permissions, while client applications listen for events and manage the subsequent fetching and decryption of off-chain data. Libraries like ethers.js or viem are used to interact with these contracts.
For more dynamic conditions beyond a static allowlist, integrate decentralized access control protocols. Services like Lit Protocol allow you to set conditions such as 'allow access if the viewer holds a specific NFT' or 'if today's date is after a certain timestamp.' The encrypted data and the access conditions are stored together. When a user's client attempts to access the data, it requests a signed JWT from the Lit network nodes, which only sign if the on-chain conditions are met. This decouples complex logic from your main contract and leverages a battle-tested network for conditional cryptography.
Finally, the client application must orchestrate this flow. A typical user journey involves: 1) The user signs a message to create a post, 2) The client encrypts the content for the specified recipients using a symmetric key, 3) That key is itself encrypted to the access control conditions (e.g., to each recipient's public key), 4) The ciphertext and encrypted key are stored on IPFS, and 5) The resulting CID and access conditions are logged via the smart contract. To view a post, the client checks the contract for permissions, fetches the ciphertext from IPFS, verifies conditions with Lit, decrypts the key, and finally decrypts the content. This architecture ensures user sovereignty over social data.
resource-links
DEVELOPER GUIDES
Tools and Resources
These tools and frameworks help you design a social graph with selective data sharing, where relationships, content, and metadata can be shared conditionally across apps, chains, and trust boundaries. Each resource focuses on a different layer: identity, storage, access control, and protocol-level social graphs.
ARCHITECTURE PATTERNS
Implementation Examples by Use Case
Lens Protocol & Farcaster
Core pattern: User-owned social graphs with on-chain relationships and off-chain content. This architecture uses a hybrid data model.
Key components:
- Profile NFTs (e.g., Lens Profile NFT) act as the root identity, owned by a user's wallet.
- Follow NFTs represent directed edges in the graph, minted when a user follows another profile.
- Publication references (posts, comments) are stored off-chain (IPFS, Arweave) with content hashes recorded on-chain for verification.
- Access control is managed via token-gating; a profile can restrict post visibility to holders of a specific NFT (e.g., a Follow NFT or a community token).
Selective sharing flow: A user creates a "friends-only" post. The post metadata specifies that only addresses holding their "Follow NFT" can decrypt the content URI. Client applications fetch the encrypted content from IPFS and use the user's wallet to verify NFT ownership for decryption.
SOCIAL GRAPH ARCHITECTURE
Frequently Asked Questions
Common technical questions and solutions for developers building decentralized social graphs with selective data sharing.
A decentralized social graph is a user-owned map of connections and interactions stored on a blockchain or decentralized network, rather than on a centralized company's servers. The key architectural difference is data sovereignty. In traditional models (e.g., Twitter, Facebook), the platform owns the graph and controls access. In a decentralized model, user relationships are represented as on-chain attestations (like Lens Protocol handles or Farcaster's on-chain IDs) or verifiable credentials, allowing users to port their social capital across applications. This shifts the fundamental architecture from a centralized database to a permissionless, composable data layer where applications are clients reading from and writing to a shared graph.
conclusion-next-steps
ARCHITECTURAL SUMMARY
Conclusion and Next Steps
This guide has outlined the core principles for building a decentralized social graph with user-controlled data sharing.
Architecting a social graph with selective data sharing requires a layered approach. The foundation is a decentralized data layer, typically using a protocol like Ceramic for mutable data streams or IPFS for immutable content. User identity and permissions are managed via a decentralized identifier (DID) system, such as those provided by SpruceID or ENS, which act as the root of trust. Smart contracts on a blockchain like Ethereum or Polygon handle access control logic, mapping DIDs to encrypted data pointers and managing consent revocations.
The next step is implementing the selective sharing mechanism. This involves encrypting user data with a symmetric key, which is then encrypted to the public keys of authorized parties. A common pattern uses the X25519 key agreement protocol. For example, a user's social connections list might be stored as a Ceramic stream, with read permissions granted by encrypting the stream's symmetric key to the public keys of their approved followers. Revocation is handled by rotating the data encryption key and re-encrypting it for the remaining authorized users.
To move from theory to practice, start by exploring existing frameworks. Lens Protocol and Farcaster Frames provide composable building blocks for social graphs. For a custom build, use libraries like @stablelib/encrypt for encryption and @ceramicnetwork/http-client to interact with the data layer. Your development roadmap should prioritize: 1) Setting up DID-based authentication, 2) Defining and publishing data schemas on Ceramic, and 3) Writing and deploying the minimal smart contracts for access control lists (ACLs).
Consider these advanced topics for future development. Zero-knowledge proofs (ZKPs) can enable sharing provable claims (e.g., "I am over 18") without revealing underlying data. Attribute-Based Encryption (ABE) allows for more granular policies (e.g., "share with any user who is a 'developer'"). Furthermore, integrating with oracles like Chainlink can bring off-chain data (e.g., POAP ownership) into your permissioning logic, enabling complex, verifiable social contexts.
The final and most critical phase is security auditing. Have your smart contract access logic reviewed by a professional firm. Conduct thorough threat modeling on your key management and encryption flow to prevent data leaks. Start with a closed testnet, invite a small group of users, and iterate based on their experience with the sharing and revocation features before considering a mainnet launch.