Trust and safety

Protected speech needs real safety infrastructure.

PARA depends on a difficult balance: anonymity where thought needs protection, validation where civic participation needs legitimacy, and enough moderation and account control that public politics does not collapse into chaos.

This page sits outside the docs shell on purpose. Trust and safety is not just another subsection of reference material. It is a first-order product surface that shapes how identity, participation, and governance can work at all.

Identity

Profiles, political self-placement, and public-versus-private participation controls.

Moderation

Labelers, blocked and muted surfaces, adult-content settings, and interaction defaults.

Verification

Manual trust today, stricter identity validation later, without collapsing into public exposure.

Control

Settings, account switching, contact import, bookmarks, and other user-control surfaces.

Identity surfaces

Political identity is broader than a username.

The profile route already acts as a civic identity surface. It resolves handles and DIDs, applies moderation, and exposes PARA-specific tabs for votes, RAQ, highlights, and other participation modes when they exist.

Primary routes

/profile/:name, /settings/political-affiliation

Publicness model

Votes, RAQ, and highlights currently use local public/private toggles in profile state.

Current caveat

Political affiliation is still device-local personalization, not a canonical network identity record.

Moderation and safety

Safety is already part of the product model, not a support afterthought.

The moderation hub already includes moderation preferences, adult-content state, labelers, muted and blocked surfaces, and default post-interaction settings. Those are not cosmetic controls. They determine how public participation behaves.

Active surfaces

/moderation centralizes moderation preferences and content settings.
/moderation/interaction-settings controls default reply and embed behavior.
Blocked, muted, and label-preference surfaces already shape who can interact and how.

Why it matters

The trust model already reaches into the post model itself through threadgate and postgate defaults. In other words, safety preferences are part of civic participation, not separate from it.

Verification

Verification is modest today and much stricter in the long-term direction.

The currently implemented verification settings are deliberately small in scope. Today the surface is mostly about whether verification badges are shown. The larger design goal is one-person civic participation with privacy, not easy multi-account identity play.

Current state

Manual and intentionally narrow

The existing route at /moderation/verification-settings is honest about current scope: badge visibility and basic trust signaling, not a finished civic verification stack.

Future state

Private proof, not public exposure

The intended direction is official-ID validation, duplicate-use prevention across accounts, and privacy-preserving proofs for participation instead of exposing the raw credential or the person behind it.

Current product stance: verification is manual where needed. Longer term, PARA is aiming toward stronger official validation and zero-knowledge-style participation proofs rather than cosmetic badge theater.

Privacy roadmap

The privacy goal is unlinkable participation, not weak pseudonymity.

A small verified sample can still deanonymize users if the network only knows how to prove identity against a narrow pool. That is why the long-term trust model assumes much broader validation coverage than a typical badge system.

Planned proof model

Zero-knowledge-style validation of official ID plus single-account-use enforcement.

Permission spaces

Country, state, city, and community eligibility should be provable without exposing raw documents.

Identity rule

One validated civic identity per person, with optional pseudonymous public presentation.

Mexico-specific direction

One explicit line of thought is official validation against Mexican civic identity infrastructure so participation spaces can be proven without turning the full identity graph into public network data. The design goal is civic legitimacy without forced public exposure.

Account control

Settings, saved content, and distribution still belong in the same trust model.

The main settings screen is the user-control hub. Around it sit support surfaces such as contact discovery, account switching, and bookmarks. They are less distinctive than RAQ or cabildeo, but they still determine how safely and confidently users can operate.

Primary routes

/settings, /settings/find-contacts, /saved

Platform split

Contact import is native-only; bookmarks remain the standard saved-post surface.

Distribution support

/starter-pack/* and /find-contacts make network growth more portable and controlled.

Bookmarks and highlights should stay distinct in the product story. Bookmarks are saved posts. Highlights are a separate political reading layer with their own state and route family.

Trust and safety should connect product, thesis, and protocol.

About Return to the broader political thesis and democratic-friction argument. Product See how communities, voting, RAQ, and civic participation work together. Schema reference Browse the schema reference and the technical notes behind the product.