3.7 KiB
3.7 KiB
ADR-0011 · Communication & transparency
Status: accepted Date: 2026-05
Context
Blocao Labs is starting a content engine around the project (a wiki → WordPress publisher) and adopting a build-in-public posture. The immediate commercial goal is to sell the products (Sovereign Phone, the Blocao platform), not to raise investment. In a market whose value proposition is sovereignty, trust is the product: open source, auditable schemes, and honest documentation are themselves the strongest sales argument.
Two product lines have opposite appetites for transparency:
- The Sovereign Phone, the UI design language, and the sovereignty philosophy benefit from maximum openness — auditability is a feature.
- The forensics platform serves security-sensitive customers;
wdmUIis marked internal. Publishing fine-grained architecture of a hardened OS or of forensics internals hands a map to attackers and competitors.
"Build in public" therefore cannot mean "build everything in public".
Decision
Adopt build-in-public with layered transparency. Every artifact is classified into one of three tiers:
- Public-first: Sovereign Phone, design language / tokens, the why of decisions (ADRs are narrative gold), cookbooks, open-source components.
- Private-by-default: the forensics platform — only its vision / philosophy layer is public; technical internals are not.
- Never public: customer identity, hardening details that materially aid an attacker, keys / secrets, pricing and sales specifics.
Operating rules:
- Editorial bar: the only test for publishing is "does this help a buyer trust and a technician audit?" — not investor optics.
- Licenses & attribution: every published piece declares the licenses and attributions of everything it uses. Non-negotiable; it is both ethics and brand.
- RF / regulatory rule: every cookbook touching radio spectrum states its regulatory framework at the very top. We document only the legal path (shielded / lab dev, shared or licensed spectrum, coordinated and authorized emergency use). We explicitly do not publish clandestine-network or interception recipes — that is the opposite of the brand.
- Resilience framing: recipes target real-world degraded conditions (off-grid, ad-hoc) and are explicit about which comms family they belong to (unlicensed ISM / LoRa / WiFi HaLow vs spectrum-sensitive LTE / SDR).
- Pipeline & gate: the wiki is the source of truth; a public / private tag on each page is the editorial firewall; the publisher only touches pages tagged public, always draft-first into WordPress for human review. One cookbook = one post.
Consequences
Good:
- Transparency reinforces the core sale (sovereignty) instead of leaking the things that would undermine it.
- A single, simple rule (the tag) keeps confidential material out of the public pipeline.
- License / attribution discipline pre-empts the credibility attacks that routinely hit privacy products.
- No investor narrative to maintain means less spin, more signal.
Bad / trade-offs:
- Classifying every artifact adds friction to publishing.
- The public / private boundary needs periodic review as the products evolve.
- Building in public invites scrutiny; claims must hold up, which raises the documentation bar.
Alternatives considered
- Full build-in-public (everything open): maximal trust signal, but unacceptable for the forensics platform and its customers.
- Fully closed / marketing-only blog: safe, but forfeits the trust advantage that is the entire point of a sovereignty brand.
- A separate public-only repo for all public content: cleaner confidentiality boundary, but fragments the source of truth; revisit if the tag-gate proves insufficient.