# Community & Company Operations — Ditto (public community) + Armada (team ops, early)

**Verified: 2026-07-09** — Armada correction pass: 2026-07-09

---

## Two Products, Not One Gap

"Community AND company operations, can it do filesharing" turns out to map onto **two separate Soapbox products**, not a gap in one:

| | Ditto | Armada |
|---|---|---|
| Job | Public, branded community server (Mastodon-API shaped) | Discord-shaped team chat (Concord protocol) |
| Maturity | Mature, ~2 years of public releases | **Real, but 26 days old** — created 2026-06-13, shipping ~daily |
| Encryption | No (community content is public-by-design) | Yes, by default |
| Filesharing | CAN (media) / PARTIAL (no drive) | CAN (encrypted media) / UNCONFIRMED (non-image files) |

Ditto (below, unchanged from the first research pass) is the public-facing answer. **[Armada](#armada)** — added in this correction pass — is the internal-team answer.

---

## The Armada Verdict — Corrected 2026-07-09

The verdict below was **wrong** in the prior draft. Re-verified this pass by fetching the GitLab repo, its CHANGELOG, a sibling plugin repo, and Soapbox's own product page directly.

| Question | Answer |
|---|---|
| Does Soapbox.pub make a product called "Armada"? | **Yes.** |
| Confidence | High — primary-sourced (repo, CHANGELOG, sibling repo, landing page) |
| What it is | An E2E-encrypted, Discord-shaped Nostr chat app on a new "Concord" protocol — full section below |
| Repo | [gitlab.com/soapbox-pub/armada](https://gitlab.com/soapbox-pub/armada) — created 2026-06-13, AGPL-3.0, 484 commits, 46 releases as of this research [33] |
| Why the first pass missed it | **26 days old** at verification time, no blog announcement, absent from both `soapbox.pub/tools/` and `soapbox.pub/toybox` — the two index pages the first pass correctly and thoroughly checked. Only discoverable via the GitLab group directly, or one nav-menu link on the soapbox.pub homepage to `/armada` [36][41][42][43]. A product-index search was the wrong instrument for a 26-day-old, unannounced repo. |
| Flotilla — still correct | Flotilla (flotilla.social) is a real but **separate, unrelated** project (hodlbod/Coracle, not Soapbox) — that part of the original verdict stands [6]. |
| `armada.buzz` | Re-tested this pass (https, http, archive) — still fails to resolve. **Not** Armada's domain; the real one is `soapbox.pub/armada` [44]. |

> **Sidebar — Flotilla, in one paragraph:** A separate, Discord/Slack-shaped PWA built on "relays as groups" (NIP-29) [6]. Where Ditto is one branded server = one community, Flotilla lets a single relay host many independent group spaces. Not part of Soapbox's stack. Armada (below) is Soapbox's own answer to the same "Discord-shaped internal chat" need — and unlike Flotilla, it's E2E encrypted by default.

---

## What Ditto Is

> "Ditto is a Nostr community server. It has a built-in Nostr relay, a web UI, and it implements Mastodon's REST API." [7]

> "Ditto is a self-hosted server featuring a community-centered Nostr relay with a built-in UI." [8]

Confidence: **High** (both quotes are from Soapbox's own blog). Note a real wrinkle: Ditto's *current* marketing copy pitches a lighter framing — "Deploy it on a $5 VPS, GitHub Pages, or a Raspberry Pi in your closet" [9] — that describes the static React/Vite **frontend** build [10][11], not the stateful Deno+Postgres **backend** that actually runs your relay, moderation, and Mastodon API [7][12]. GitHub Pages cannot run a database. Both descriptions are true of *different halves* of the same repo; see Architecture below.

---

## Capabilities Matrix

| Capability | Status | Detail | Confidence |
|---|---|---|---|
| Built-in Nostr relay | Yes | Ships with the server; your instance is also a relay [7] | High |
| Mastodon-API compatible | Yes | "Works with most Mastodon apps" via NIP-46 bunker login — 50+ apps documented (Ivory, Tusky, Elk, etc.) [13][14] | High |
| Custom domain + branding | Yes | Themes (9 presets, 19 CSS tokens), NIP-05 domain-based identity | High |
| Bridges to Mastodon/Fediverse | Yes | Via Mostr Bridge [15] | High |
| Bridges to Bluesky | Yes, indirect | Mostr → Bridgy Fed relay chain; 15+ min propagation delay | Medium |
| Admin/moderator roles | Yes | Distinct admin & moderator roles; reports, post deletion, user approval [16] | High |
| Custom moderation policies | Yes | Scriptable policies incl. an OpenAI-backed content-scoring policy [16] | Medium |
| Full-text search | Yes | Postgres full-text search (NIP-50) [17] | Medium (search-summary sourced) |
| Native private DMs | **Not documented** | NIP-17/NIP-04 absent from Ditto's own official NIP reference list [18] | Medium |
| NIP-29 relay-groups (Discord-style) | No | That's Flotilla's model, not Ditto's [6] | High |
| NIP-72 Reddit-style communities | Partial | Listed in Ditto's NIP reference [18], but Ditto's actual community unit is the *server/domain*, not a NIP-72 sub-group — Chorus and Amethyst are the NIP-72-native clients [19][20] | Medium |
| Hosted (no self-host) option | Yes, one | `ditto.pub` — the official flagship instance, open enrollment, light moderation, free username [21] | High |
| Multi-tenant paid hosting | Not found | No pricing tiers or "spin up your branded instance for $X/mo" product located | Medium |

---

## Architecture & Self-Hosting

```mermaid
flowchart TB
    subgraph Client["Client layer"]
        A["Ditto Web UI<br/>(React+Vite static build)"]
        B["Any Mastodon app<br/>Ivory / Tusky / Elk"]
        C["Any Nostr client<br/>(reads relay directly)"]
    end
    subgraph Server["Self-hosted server — Deno + Postgres"]
        D["Ditto backend (Deno)"]
        E[("PostgreSQL<br/>events + full-text search")]
        F["Built-in Nostr relay"]
        G["Mastodon REST API layer"]
    end
    subgraph Storage["Media storage — pick one"]
        H["Blossom server"]
        I["S3 bucket"]
        J["Local disk"]
        K["nostr.build (hosted default)"]
    end
    subgraph Bridges["Protocol bridges"]
        L["Mostr → Fediverse"]
        M["Bridgy Fed → Bluesky"]
    end
    A --> D
    B --> G
    C --> F
    D --> E
    D --> F
    D --> G
    D -.one of.-> H
    D -.one of.-> I
    D -.one of.-> J
    D -.one of.-> K
    F --> L --> M
    D -. Nginx + Certbot .-> Net(("Internet"))
```

Two independently-corroborated paths reach this same shape:

1. **Manual VPS path** (third-party, detailed, technical — Linux/macOS only, Windows unsupported): install Deno v1.45.2, PostgreSQL, Nginx, Certbot; create a `ditto` system user; `deno task setup` generates `.env` (domain, DB credentials, media backend choice); provision Postgres; configure Nginx; `certbot --nginx` for TLS [12].
2. **Docker path** (community-maintained, not first-party): the `arteeh/ditto` image + a Postgres container on a shared network. Required env vars: `DITTO_NSEC` (relay keypair), `DATABASE_URL`, `LOCAL_DOMAIN`, `PORT` (default 6996), optional `DITTO_POLICY` [22]. Linux amd64 only.

Confidence: **Medium-High** (both paths are documented, but neither is the current first-party `about.ditto.pub` guide, which 404'd during verification — official docs appear to be mid-migration between `docs.soapbox.pub` and `about.ditto.pub` as of this writing).

---

## Filesharing Verdict

**Precise question: can a team use this stack instead of Google Drive/Dropbox?**

| Use case | Verdict | Why |
|---|---|---|
| Post images/video/audio in a feed or chat | **CAN** | Native Blossom upload path, configurable per-server [12][23] |
| Arbitrary file types (PDF, .docx, .zip) | **PARTIAL** | Blossom stores any blob by SHA-256 hash — protocol-agnostic to file type — but Ditto's own UI is built around *feed content*, not a file browser [23][24] |
| Folder structure / organized drive | **CAN'T (workaround lapsed)** | "Blossom Drive" (a separate, third-party app) layered folders on Blossom blobs via kind-30563 events — not a Ditto feature [25], and now **deprecated/unmaintained upstream**; its named successor Bouquet is an ad-hoc blob manager, not a drive (see ch. 06, Files & Media) |
| Team permissions on shared files | **CAN'T** (not found) | No sharing/ACL mechanism documented beyond "public server, anyone with the hash/URL can fetch it" [23][25] |
| Version history / collaborative editing | **CAN'T** | No documented feature; blobs are immutable, content-addressed — a new version is a new hash, not a revision | 
| Size limits | Known ceiling | Blossom spec: **100 MiB hard cap**, 20 MiB on free-tier servers, "no limit on total uploads or retention" beyond that [26][27] |
| NIP-96 (older HTTP file-storage NIP) | Deprecated | Formally marked "unrecommended," superseded by Blossom [28] |

**Bottom line:** Ditto can absolutely carry a team's *social/community* media (photos, video, voice notes, event flyers). It is **not** a Drive/Dropbox replacement for internal document collaboration — no folders, no permissions, no version history, no office-doc preview, and the 100 MiB ceiling rules out most video-editing or design-asset workflows. The one folder-layer workaround has effectively lapsed — Blossom Drive is deprecated upstream (successor Bouquet manages blobs, not folders; ch. 06) — so the gap stands unbridged. Confidence: **High** on the CAN/CAN'T calls, **Medium** on exact size figures (spec-level, not Ditto-instance-verified).

---

## Company-Ops Fit

| Need | Ditto's answer | Verdict |
|---|---|---|
| Private 1:1 or group DMs | Not in Ditto's documented NIP set (no NIP-17/NIP-04 listed) [18] | Gap — use a different Nostr client, or Flotilla, for private chat |
| Team/relay-based groups (Discord-shaped) | Not Ditto's model | Use Flotilla (NIP-29) instead |
| Public communities / sub-groups (Reddit-shaped) | Interop-level only; native unit is the whole server | Use Chorus (NIP-72-native) for this shape instead |
| Announcements | Local feed + Explore tab, domain-scoped | Works |
| Events/calendar | NIP-52 calendar events supported [18] | Works |
| Bots / automation | Any Mastodon-API bot framework (access tokens), or native Nostr bots against the built-in relay [14][29] | Works, standard tooling |
| Search | Postgres full-text search across the instance [17] | Works |
| Data export / backup | Philosophical guarantee only — "your identity, content, and connections belong to you... take everything with you" [30] — **no documented one-click export/GDPR tool** found | Gap — portability is structural (signed events, any key), not a shipped export button |
| Multi-account / staff management | Admin + moderator roles; username revocation, admin promotion documented in v1.3 release notes [16][31] | Works, basic |

---

## Pricing & Access

| Path | Cost | Notes |
|---|---|---|
| Join the flagship instance | Free | `ditto.pub`, open enrollment, light moderation [21] |
| Self-host, manual VPS | ~$5-10/mo (VPS) | Your time + a domain; AGPL-3.0, no license fee [12] |
| Self-host, Docker | ~$5-10/mo (VPS) | `arteeh/ditto` is community-maintained, Linux amd64 only [22] |
| Branded multi-tenant hosted plan | **Not found** | No evidence Soapbox sells managed hosting; self-host or join the flagship are the only two documented doors |

---

## Setup Runbook (as documented)

1. Provision a Linux VPS (Ubuntu recommended) and point a domain's DNS at it [12].
2. Install system packages: `git curl unzip nginx postgresql-contrib certbot python3-certbot-nginx` [12].
3. Install Deno (pinned version, e.g. v1.45.2) [12].
4. Create a dedicated `ditto` system user; clone the repo to `/opt/ditto`, chown to that user [12].
5. Run `deno task setup` — generates `.env` with domain, DB credentials, and your media-backend choice (Blossom / S3 / local / IPFS / nostr.build) [12].
6. Provision the Postgres database and user (`dittodbuser` / `dittodb` by convention) [12].
7. Copy and edit the Nginx site config with your `server_name` [12].
8. Run `certbot --nginx` to obtain and wire up TLS [12].
9. Visit your domain to confirm the Ditto template renders [12].
10. **Docker alternative to steps 2-8:** run the `arteeh/ditto` + Postgres compose stack with `DITTO_NSEC`, `DATABASE_URL`, `LOCAL_DOMAIN` set, behind your own reverse proxy [22].
11. Set admin role on your own pubkey, then use the admin dashboard to configure moderation policies, NIP-05 approval flow, and theme [16].

Confidence: **Medium** — steps 1-9 are a verified third-party walkthrough, not the current first-party guide (which redirected/404'd mid-research); version-pinned details (Deno v1.45.2) may have drifted.

---

## Armada

**Verified: 2026-07-09. Repo is 26 days old at time of writing — expect drift; re-check before relying on specifics.**

### What Armada Is

> "Armada is an end-to-end encrypted community chat app built on Nostr." [34]

> "Discord without the company. Your keys. Your people." [41]

Discord-shaped: servers, channels, threads, voice, roles, DMs, events/RSVP, emoji reactions, markdown [41]. Unlike Ditto, encryption is the default, not absent — every chat/invite/rekey event is sealed before it touches a relay [34]. Confirmed sibling repos (`armada-relay`, `openclaw-armada`) independently corroborate the product and protocol name [36].

### The Concord Protocol

> "A serverless, end-to-end encrypted community protocol... All control/chat/invite/rekey traffic is gift-wrapped (NIP-59) over generic Nostr relays." [34]

Concord is Soapbox's own protocol — numbered **CORD-01 through CORD-07**, a sibling spec built on top of Nostr's NIPs, not a NIP itself. It runs on standard public Nostr relays (no special server), using NIP-59 gift-wrapping for every event plus NIP-42 relay auth with per-session derived keys [38].

| Spec | Function | Confidence |
|---|---|---|
| CORD-05 | Invite links — encrypted key bundle + community identity check | High (plugin docs) [38] |
| CORD-06 | "Rekeys and refoundings" triggered on membership change | High (plugin docs) [38] |
| CORD-07 | Blind LiveKit token broker for voice — broker "learns nothing about the community" [34] | High (README quote) |
| CORD-01–04 | Not identified in sources found this pass | Open question |

> "Who sent it, which community it belongs to, even the community's name — all sealed." [41]

That metadata-privacy claim is stronger than typical E2EE (which usually still leaks who's-talking-to-whom). It is a **DOCUMENTED claim** in the README and marketing copy — this pass found no independent security audit confirming it holds up. Whether CORD-06 rekeying gives MLS- or Signal-style forward secrecy is **not stated anywhere found** — treat as unconfirmed, not as "it's MLS."

A second, non-default path exists: NIP-29 relay-groups for operators who want a self-hosted server instead of the serverless default [34]. Two live implementations already coexist in the codebase — `concord-v1/` and `concord-v2/` — the protocol has already been rebuilt once in under a month [39].

### Architecture

```mermaid
flowchart TB
    subgraph Client["Client layer"]
        A["Web app (React 19+Vite)<br/>incl. mobile Safari/iOS"]
        B["Android app<br/>Capacitor, Zapstore, BT mesh"]
        C["Electron desktop<br/>Linux / Windows"]
        D["OpenClaw AI agents<br/>(bot community members)"]
    end
    subgraph Concord["Concord protocol — default, serverless — CORD-01..07"]
        E["Gift-wrapped events (NIP-59)<br/>chat / invite / rekey"]
        F["Invite links (CORD-05)<br/>key lives in URL fragment"]
        G["Rekey & refounding (CORD-06)<br/>on membership change"]
        H["Blind LiveKit token broker (CORD-07)<br/>voice, blind to community"]
    end
    subgraph SelfHost["NIP-29 path — self-hosted, optional, early"]
        I["armada-relay<br/>(1 commit, day-old)"]
        J["Relay = server;<br/>channels = NIP-29 groups"]
    end
    subgraph Media["Media"]
        K["Blossom server(s)<br/>configurable"]
    end
    L(("Generic public Nostr relays<br/>no special server required"))
    A --> E
    B --> E
    C --> E
    D -->|NIP-42 auth, derived keys| E
    E --> F
    E --> G
    E --> H
    E -->|attachments| K
    E --> L
    A -.optional.-> I
    I --> J --> L
```

Confidence: **High** on client/protocol shape (README + landing page agree); **High** that the NIP-29 self-host path is real but immature (`armada-relay` = 1 commit, created the same day as this research) [37].

### Capabilities Matrix

| Capability | Status | Detail | Confidence |
|---|---|---|---|
| E2E encrypted group chat (Concord, default) | Yes | NIP-59 gift-wrapped chat/invite/rekey traffic over generic relays [34] | High |
| Metadata privacy (sender/community sealed) | Claimed | "Who sent it, which community it belongs to... all sealed" [41] | Medium — claim, not audited |
| Servers / channels / threads / roles | Yes | Discord-shaped, role-based moderation [41] | High |
| Voice + screen share | Yes | WebRTC/LiveKit; screen share shipped v0.1.0; 1:1 calls v0.9.0; identity verification v0.18.0 [35] | High |
| Voice privacy (blind broker) | Claimed | CORD-07 broker "learns nothing about the community" [34] | Medium |
| Image/media attachments in encrypted channels | Yes | Blossom-backed; encrypted images "decrypt and display inline" (v0.6.0, v0.8.3) [35][39] | High |
| Non-image files (PDF / .docx / .zip) | Unconfirmed | No changelog or doc evidence either way | Low — open question |
| Bluetooth mesh chat (offline) | Yes | Android only, v0.13.0 [35][41] | High |
| Push notifications without Google services | Yes | Android, v0.3.0 [35] | High |
| Self-hosted server option (NIP-29) | Yes, but immature | `armada-relay`: 1 commit, created 2026-07-09 [37] | High it's real; High it's immature |
| AI agent / bot community members | Yes | `openclaw-armada` plugin — agents decrypt invites, join, respond, DM [38] | High |
| Native iOS app | No | Web app only, works in mobile Safari [41] | Medium |
| Data export / portability | Not documented for Armada specifically | Nostr-key portability philosophy presumably applies (per Ditto's pattern) but not stated for Armada | Low — inferred |

### Filesharing Verdict — Armada

**Same precise question as Ditto: can a team use this instead of Google Drive/Dropbox?**

| Use case | Verdict | Why |
|---|---|---|
| Post images/media in a channel or DM | **CAN** | Blossom-backed (`BlossomServerListEditor.tsx` in-repo) [39]; encrypted images decrypt and display inline inside Concord communities [35] |
| ...and is it E2E encrypted, not just server-hosted? | **CAN — stronger than Ditto** | Attachments ride inside the same gift-wrapped Concord protocol as messages, a real architectural difference from Ditto's plaintext-on-Blossom-URL model |
| Arbitrary file types (PDF, .docx, .zip) | **UNCONFIRMED** | No changelog/doc evidence of non-image attachment handling; Blossom itself is blob-type-agnostic, but Armada's UI behavior for non-image blobs isn't documented anywhere found |
| Folder structure / organized drive | **CAN'T (not found)** | No Blossom Drive or folder layer mentioned in README, CHANGELOG, or landing page |
| Team permissions on shared files | **CAN'T (not found)** | No ACL beyond community membership itself documented |
| Version history | **CAN'T** | Not documented; same content-addressed-blob limitation Blossom has generally |
| Size limits | **Not confirmed for Armada** | Underlying Blossom spec ceiling (100 MiB, per Ditto's research above) presumably applies but wasn't confirmed as Armada's actual configured limit |

**Bottom line:** narrower than Ditto's filesharing story, but more private where it exists. Armada CAN carry E2E-encrypted image/media drops inside a private team chat today — a genuinely stronger privacy story than Ditto's, since the content itself (not just the transport) is sealed. It is **not confirmed** to handle arbitrary document types, and there is **no evidence at all** of folders, permissions, or version history — so it's still not a Drive/Dropbox replacement, for different reasons than Ditto (missing breadth here, vs. Ditto missing E2EE and hitting a hard size cap). Confidence: **Medium** overall — image-attachment behavior is CHANGELOG-confirmed; everything else in this table is an absence-of-evidence call on 26-day-old software, not a confirmed "no."

### How to Try It Today

1. Web: `soapbox.pub/armada` → "Open Armada" — works in any browser, including mobile Safari/iOS (no native iOS app) [41].
2. Android: native app via Capacitor; configured for Zapstore distribution (`zapstore.yaml` in-repo) [39][46]; native push bypasses Google services; Bluetooth mesh works fully offline [35][41].
3. Desktop: Electron builds for Linux and Windows (no Mac build found or mentioned) [34][41].
4. Join a community via an invite link — the unlock key rides in the URL fragment, so it never touches a server [41].
5. Self-host (NIP-29 path): marketing copy claims a "complete open-source server stack," but the backing repo (`armada-relay`) had **one commit**, created the same day as this research — treat self-hosting as not yet real-world ready [37][41].
6. `armada.buzz` does not resolve — use `soapbox.pub/armada` [44].

### Maturity Warning

**26 days old, ~daily releases, self-described as "Early version (0.x)" on its own landing page** [41]. In the 17 days since v0.1.0 (2026-06-22), the protocol has already gone through a v1→v2 rebuild, an encryption-label change reversed days later, and a self-host backend that only started today [35][39][37]. The most recent 25 releases (v0.17.0 → v0.25.3) landed in just five days (2026-07-05 to 2026-07-09) — velocity is accelerating, not settling [40]. At least two named committers (Alex Gleason, Chad Curtis) — a small team, not a solo project, but this pass found no visible external community contributions [40]. Good to pilot and watch closely; **do not bet confidential company operations on it without your own review** — nothing here has been independently security-audited.

---

## Incumbent Comparison

| Dimension | Ditto-centered Nostr stack | Armada (Concord) | Slack | Discord | Circle | Mighty Networks |
|---|---|---|---|---|---|---|
| **Community (public)** | Strong — branded server, themes, bridges out to Bluesky/Mastodon, no platform lock-in | Weak fit — private-by-default, no branded public-server story | Weak fit (internal-tool DNA) | Strong, mainstream, zero setup | Strong, purpose-built | Strong, purpose-built |
| **Internal company ops** | Weak — no native private DM spec, no threads-as-Slack-channels model | Promising but **26 days old** — Discord-shaped, E2E encrypted by default, zero track record | Best-in-class | Good (voice-first) | Moderate | Moderate |
| **Filesharing** | Weak — 100 MiB cap, no folders/permissions/versioning | Partial — E2E-encrypted image/media, but no folders/permissions/versioning; non-image types unconfirmed | Good (with Drive/Box integration) | OK (free tier capped ~10-25 MB/msg; paid raises it) | Good (course/doc-shaped) | Good (course/doc-shaped) |
| **Cost at small-team scale** | ~$5-10/mo self-host, or free (flagship, no admin control) | Free (hosted default relays); self-host (NIP-29) path exists but backend repo has 1 commit as of this research | Free tier thin; Pro ~$7.25-8.75/user/mo [32] | Free; Nitro $4.99-9.99/mo optional [32] | From $89/mo [32] | From $41/mo [32] |
| **Data portability** | Structurally strong (your keys, signed events) but no shipped export tool | Same Nostr-key philosophy presumably applies; not independently confirmed for Armada specifically | Low (vendor lock-in) | Low | Low-Moderate | Low-Moderate |
| **Setup effort** | High (VPS + Deno + Postgres + Nginx, or Docker) | Low for default path (open web app, invite link); self-host path not yet production-real | None (SaaS) | None (SaaS) | None (SaaS) | None (SaaS) |
| **Where Nostr loses outright** | No mature private-DM story on Ditto itself, no file-drive replacement, self-hosting is real ops burden, no managed multi-tenant SaaS to buy | Unaudited crypto, protocol already rebuilt once (v1→v2) in under 30 days, ~2 named committers, self-host not production-ready | — | — | — | — |

Confidence: **High** on Ditto-column facts (cited above); **High** on Armada being real, **Medium-Low** on its unaudited/unconfirmed claims (marked throughout); **Medium** on incumbent pricing (current as of search date, subject to normal SaaS pricing drift) [32].

---

## Integration Points

| Connects to | Mechanism | Enables |
|---|---|---|
| Mastodon apps (Ivory, Tusky, Elk, 50+ others) | Mastodon REST API + NIP-46 bunker login | Staff can use familiar mobile/desktop clients against your Ditto server [13][14] |
| Fediverse (Mastodon servers) | Mostr Bridge | Cross-posting/following between Ditto and any ActivityPub server [15] |
| Bluesky | Mostr Bridge → Bridgy Fed relay chain | Indirect follow/reply bridging, ~15+ min lag | 
| Blossom media servers | BUD-03 upload spec, SHA-256 addressing | Resilient, mirrorable media hosting decoupled from any one server [23][26] |
| Any Nostr client (Damus, Amethyst, primal, etc.) | Standard relay connection to your built-in relay | Members aren't locked into Ditto's own UI [7] |
| Shakespeare (Soapbox's AI site builder) | "Edit and remix the entire platform" [9] | Rebrand/customize a Ditto or MKStack-based deployment without deep React expertise |
| MKStack-built apps (Chorus, Plektos, etc.) | Shared Nostr event layer | Content posted in sibling apps (events, groups) can surface in a Ditto feed if event kinds overlap [19][20] |
| OpenClaw AI agents (Armada) | `openclaw-armada` plugin — CORD-05 invite decrypt, NIP-42 multi-key auth | Bots/AI agents join Concord communities as real members, monitor channels, respond, DM [38]. OpenClaw itself is an independent open-source agent framework, not a Soapbox product [45] |
| Blossom media servers (Armada) | Same BUD-03 upload spec as Ditto, configurable per-client | Encrypted image/media attachments inside Concord channels [39] |
| Zapstore (Armada) | `zapstore.yaml` release config in-repo | Android distribution outside Google Play, cryptographically signed releases [39][46] |
| Generic Nostr relays (Armada) | NIP-59 gift-wrap + NIP-42 auth, no special server required | Concord communities run on any standard public relay — no Armada-specific infrastructure needed [34] |
| NIP-29 relays (Armada self-host path) | `armada-relay` (early — 1 commit as of this research) | Operator-controlled team server, trading some Concord privacy for admin control [34][37] |

---

## Open Questions

- Is `about.ditto.pub`'s canonical self-hosting guide currently live at a different path than what redirected/404'd during this research pass? Worth re-checking directly before an actual deployment.
- Whether Ditto's NIP-72 listing in its own reference means it *reads and displays* NIP-72 community events from other clients (interop) or only that some internal code path touches the kind — not confirmed either way.
- Whether any DM capability exists via a non-listed NIP or a Mastodon-API "direct" visibility mapping — not found in official docs, but not exhaustively ruled out either.
- Whether "Stacks" (`getstacks.dev`) is a Docker-compose bundler specifically for Ditto, or a broader "AI project template" sharing site unrelated to production deployment — direct fetch only returned a page title, inconclusive.
- Exact current numeric count behind the "27+ content types" marketing claim vs. the "60+ event kinds" reference-doc claim — likely two different countings (curated UI content types vs. raw protocol event kinds) but not reconciled to a single verified number.
- **Armada:** What are CORD-01 through CORD-04? Only CORD-05 (invites), CORD-06 (rekey/refounding), and CORD-07 (voice broker) were identifiable in sources found this pass.
- **Armada:** Does CORD-06 rekeying provide forward secrecy comparable to MLS or Signal's double ratchet? Not stated anywhere found — don't assume either way.
- **Armada:** Are attachment blobs encrypted client-side before reaching the Blossom server (true E2EE at the storage layer), or only the message pointer/metadata? The CHANGELOG's "decrypt and display inline" language implies the former but doesn't say so explicitly.
- **Armada:** Does the UI actually support non-image file types today? No evidence either way was found.
- **Armada:** Is `armada.buzz` a domain Soapbox owns and intends to launch on, or unrelated/parked? Unresolved after three independent failed fetch attempts across two research passes — use `soapbox.pub/armada` regardless.
- **Armada:** Is a native iOS app planned, or is web-only a deliberate design choice? Not stated.
- **Armada:** How real is the "one-command server stack" self-host claim on the landing page, given `armada-relay` had exactly one commit at time of writing? Worth re-checking in a few weeks.

---

## Sources

1. [Star Wars: Armada Fleet Builder](https://apps.apple.com/us/app/armada-fleet-builder/id1277395821) — unrelated app, false-lead check. Accessed 2026-07-09.
2. [Soapbox Tools](https://soapbox.pub/tools/) — full product/tool list with URLs; no Armada listed. Accessed 2026-07-09.
3. [Soapbox Toybox](https://soapbox.pub/toybox) — full experiments list; Armada absent as a project. Accessed 2026-07-09.
4. `https://armada.buzz` / `http://armada.buzz` — fetch failed both protocols (SSL `WRONG_VERSION_NUMBER`). Accessed 2026-07-09.
5. Web search `"armada.buzz"` — zero Nostr/Soapbox-related results. Accessed 2026-07-09.
6. [Flotilla — GitHub](https://github.com/coracle-social/flotilla) — "A nostr relay-based communities PWA modeled after discord." Accessed 2026-07-09.
7. [Announcing Ditto — Soapbox Blog](https://soapbox.pub/blog/announcing-ditto) — original server architecture (Deno, Postgres, built-in relay, Mastodon REST API). Accessed 2026-07-09.
8. [Creating Curated Communities on Nostr with Ditto](https://soapbox.pub/blog/curated-communities-with-ditto/) — community/moderation model. Accessed 2026-07-09.
9. [Soapbox Launches Massive Update to Ditto](https://soapbox.pub/blog/announcing-ditto-2) — relaunch marketing copy, "$5 VPS, GitHub Pages, Raspberry Pi." Accessed 2026-07-09.
10. [gitlab.com/soapbox-pub/ditto](https://gitlab.com/soapbox-pub/ditto) / raw README — React 18 + Vite + TypeScript frontend stack. Accessed 2026-07-09.
11. [github.com/soapbox-pub/ditto](https://github.com/soapbox-pub/ditto) — README mirror, same frontend-stack description. Accessed 2026-07-09.
12. [Setting up your own nostr community with Ditto — freedomweaver.tech](https://freedomweaver.tech/diy/nostr/ditto/index.html) — third-party manual VPS self-hosting walkthrough (Deno, Postgres, Nginx, Certbot). Accessed 2026-07-09.
13. [Unlocking 50+ Mastodon Apps for Nostr with Ditto](https://soapbox.pub/blog/unlocking-mastodon-apps/) — Mastodon-API client compatibility. Accessed 2026-07-09.
14. Web search — Mastodon API access-token/bot-automation mechanics applied to Ditto. Accessed 2026-07-09.
15. [Introducing Mostr: a Fediverse Nostr bridge](https://soapbox.pub/blog/mostr-fediverse-nostr-bridge/) and [How to Follow Bluesky Accounts from Nostr](https://soapbox.pub/blog/follow-bluesky) — bridge mechanics, Bluesky via Bridgy Fed relay chain, ~15 min+ lag. Accessed 2026-07-09.
16. [Ditto 1.3: Explore Nostr — Soapbox Blog](https://soapbox.pub/blog/ditto-1.3/) — admin tools (username revocation, admin promotion), moderation features. Accessed 2026-07-09.
17. Web search summary of [stacker.news/items/863195](https://stacker.news/items/863195) discussion — full-text search in Postgres, moderator/admin capabilities (direct fetch returned no content; sourced via search snippet only — lower confidence). Accessed 2026-07-09.
18. [Ditto Nostr Reference — about.ditto.pub/reference](https://about.ditto.pub/reference) — official supported-NIPs list and event-kind count. Accessed 2026-07-09.
19. [NIP-72 — Moderated Communities](https://nips.nostr.com/72) — spec definition, kind 34550/4550. Accessed 2026-07-09.
20. [Chorus — GitHub (andotherstuff/chorus)](https://github.com/andotherstuff/chorus) and [Chorus: An Experiment in Vibe Coding](https://soapbox.pub/blog/chorus-vibe-coding/) — NIP-72-native community app built with MKStack, distinct from Ditto's model. Accessed 2026-07-09.
21. [ditto.pub](https://ditto.pub/) and web search on its flagship-instance status — free, open enrollment, light moderation. Accessed 2026-07-09.
22. [arteeh/ditto — Docker Hub](https://hub.docker.com/r/arteeh/ditto) — community-maintained Docker image, env vars, Postgres dependency. Accessed 2026-07-09.
23. [Blossom — GitHub (hzrd149/blossom)](https://github.com/hzrd149/blossom) and [NIP-B7 — Blossom media](https://nips.nostr.com/B7) — protocol spec, SHA-256 addressing, mirroring. Accessed 2026-07-09.
24. [Blossom Uploader — Nostrify](https://nostrify.dev/upload/blossom) — integration reference. Accessed 2026-07-09.
25. [Blossom Drive: Store & Retrieve Data on Public Servers](https://www.nobsbitcoin.com/blossom-intro/) — folder/drive layer on top of Blossom, kind 30563 events. Accessed 2026-07-09.
26. Web search on Blossom spec limits — 100 MiB hard cap, 20 MiB free-tier convention. Accessed 2026-07-09.
27. [blossom.nostr.build](https://blossom.nostr.build/) — example Blossom server, up to 100MB. Accessed 2026-07-09.
28. [NIP-96 — HTTP File Storage Integration](https://nips.nostr.com/96) — marked unrecommended, superseded by Blossom. Accessed 2026-07-09.
29. Web search — Nostr bot / Mastodon API automation patterns (nostrdon bridge example). Accessed 2026-07-09.
30. Web search summary — Ditto's "your identity, content, and connections belong to you" data-portability claim. Accessed 2026-07-09.
31. [Ditto 1.3 release notes](https://soapbox.pub/blog/ditto-1.3/) — staff/role management features. Accessed 2026-07-09.
32. Web search — current Slack, Discord Nitro, Circle.so, Mighty Networks pricing tiers (2026). Accessed 2026-07-09.

**Armada correction pass (2026-07-09) — sources 33-46:**

33. [gitlab.com/soapbox-pub/armada](https://gitlab.com/soapbox-pub/armada) — main repo page: created 2026-06-13, AGPL-3.0, 484 commits, 17 branches, 62 tags, 46 releases. Accessed 2026-07-09.
34. [gitlab.com/soapbox-pub/armada/-/raw/main/README.md](https://gitlab.com/soapbox-pub/armada/-/raw/main/README.md) — verbatim definition of Armada and the Concord protocol, NIP-59 gift-wrap mechanics, NIP-29 self-host alternative, install instructions. Accessed 2026-07-09.
35. [gitlab.com/soapbox-pub/armada/-/raw/main/CHANGELOG.md](https://gitlab.com/soapbox-pub/armada/-/raw/main/CHANGELOG.md) — chronological feature history v0.1.0 (2026-06-22) through v0.25.x (2026-07-09): encrypted image attachments, voice/screen-share, Bluetooth mesh, Concord v2 cutover. Accessed 2026-07-09.
36. [gitlab.com/api/v4/groups/soapbox-pub/projects](https://gitlab.com/api/v4/groups/soapbox-pub/projects) — GitLab group API listing; confirms `armada`, `armada-relay`, and `openclaw-armada` as sibling repos under soapbox-pub. Accessed 2026-07-09.
37. [gitlab.com/soapbox-pub/armada-relay](https://gitlab.com/soapbox-pub/armada-relay) — self-hosted backend repo: 1 commit, 1 branch, 0 releases, created 2026-07-09 — key maturity signal for the self-host claim. Accessed 2026-07-09.
38. [gitlab.com/soapbox-pub/openclaw-armada/-/raw/main/README.md](https://gitlab.com/soapbox-pub/openclaw-armada/-/raw/main/README.md) — confirms Concord protocol spec numbering (CORD-01–07), NIP-59/NIP-42/kind-3313/kind-1059 mechanics, and OpenClaw AI-agent integration. Accessed 2026-07-09.
39. GitLab repository-tree API for soapbox-pub/armada (root + recursive `src/`) — confirms parallel `concord-v1/` and `concord-v2/` implementations and `BlossomServerListEditor.tsx` (media/attachment config UI). Accessed 2026-07-09.
40. GitLab releases API for soapbox-pub/armada — 25 dated releases v0.17.0 through v0.25.3, spanning 2026-07-05 to 2026-07-09; named authors Alex Gleason and Chad Curtis. Accessed 2026-07-09.
41. [soapbox.pub/armada](https://soapbox.pub/armada) — the actual product landing page (not linked from `/tools/` or `/toybox`): tagline, feature list, encryption claims, self-host claim, "Open Armada" CTA. Accessed 2026-07-09.
42. [soapbox.pub/blog/](https://soapbox.pub/blog/) — full blog index (101 posts); confirms `/armada` exists only as a main-nav link, no dedicated announcement post found. Accessed 2026-07-09.
43. [soapbox.pub/tools/](https://soapbox.pub/tools/) — re-verified this pass; Armada still absent from the product/tools index, consistent with the original chapter's finding and explaining the discovery gap. Accessed 2026-07-09.
44. `https://armada.buzz`, `http://armada.buzz`, and a web-archive lookup — re-tested this pass; all three fail (SSL `WRONG_VERSION_NUMBER` on both protocols; archive fetch could not connect). Confirms this is not Armada's working domain. Accessed 2026-07-09.
45. [github.com/openclaw/openclaw](https://github.com/openclaw/openclaw) and [open-claw.bot/docs/channels/nostr](https://open-claw.bot/docs/channels/nostr/) — background confirming OpenClaw is an independent open-source AI-agent framework (not a Soapbox product) with an existing Nostr channel plugin pattern. Accessed 2026-07-09.
46. [zapstore.dev](https://zapstore.dev/) and [github.com/zapstore/zapstore](https://github.com/zapstore/zapstore) — background on Zapstore, the Nostr-native Android app store Armada's repo is configured for (`zapstore.yaml`); Armada's own live listing was not independently confirmed. Accessed 2026-07-09.
