# Notflix Protocol — LLM Context Document > This file is designed for AI assistants, LLMs, and anyone who needs to quickly understand the Notflix Protocol without reading all the source code. ## What is Notflix Protocol? Notflix Protocol is an open-source system for decentralized 1:1 media lending that mirrors physical lending rights. If you own a DVD, you can lend it to one friend at a time. While they have it, you can't watch it. When they return it (or time expires), you get it back. Notflix enforces this digitally using Ethereum smart contracts, encrypted content on IPFS, and threshold cryptography via Lit Protocol. The tagline: "Own it. Lend it. Never kneel." ## The Problem Streaming services revoke access, raise prices, and remove content without notice. You never own anything. Physical media (DVDs, Blu-rays) give you real ownership and lending rights under the First Sale Doctrine, but they're inconvenient and fragile. Notflix bridges this gap: the ownership rights of physical media with the convenience of streaming. ## How It Works (Simple Version) 1. You own a movie file (ripped from your DVD/Blu-ray) 2. You run `notflix add movie.mp4` — this encrypts it into 5-second segments, uploads to IPFS, and registers a token on Ethereum 3. Only your wallet can decrypt and stream it 4. You run `notflix lend 1 alice 7` — Alice gets access for 7 days, you're locked out 5. Alice opens a URL in her browser, creates a wallet (no MetaMask needed), and streams the movie 6. After 7 days (or if Alice returns early), you get access back ## How It Works (Technical Version) ### Layers 1. **IPFS** — encrypted content storage (peer-to-peer, no central server) 2. **SQLite** — local catalog of tokenized titles, wallets, user aliases 3. **Ethereum Smart Contracts** — MediaLending.sol enforces 1:1 lending on-chain 4. **Lit Protocol** — threshold cryptography gates AES key release to authorized wallets 5. **WASM** — browser-side decryption, key never leaves WebAssembly memory ### Encryption - AES-256-GCM per segment (same key, unique IV per segment) - ~5-second fragmented MP4 chunks - Format: [12-byte IV][16-byte auth tag][ciphertext] - Manifest on IPFS lists all segment CIDs ### Smart Contract (MediaLending.sol) ```solidity register(tokenId) — Owner registers a title lend(tokenId, borrower, dur) — Owner lends (borrower gets access, owner locked out) returnTitle(tokenId) — Borrower returns early claimExpired(tokenId) — Anyone reclaims after expiry hasAccess(tokenId, user) — View: is this wallet authorized to decrypt? ``` MediaLendingV2.sol adds: - `lendWithPermit()` — borrower signs a message (free), owner submits on-chain - Guestbook notes (80 chars per lend, stored in event logs) ### Browser Playback The player is a single HTML file with inline CSS/JS. No build step for the HTML itself. Dependencies: - WASM module (Rust → WebAssembly) for AES-256-GCM decryption - Lit SDK (esbuild bundle) for threshold key decryption - viem for Ethereum chain reads - Media Source Extensions (MSE) for streaming playback Wallet creation in the browser uses WebAuthn passkeys (preferred) or browser-local keys. No MetaMask or browser extension required. Borrowers never need ETH. ### CLI Interactive shell: `npm run notflix` Commands: add, probe, encode, list, status, play, lend, return, claim, request, approve, wallet, users, import ## File Structure ``` notflix_protocol/ ├── packages/ │ ├── crypto/ — AES-256-GCM + Lit Protocol integration (Node.js) │ ├── ipfs/ — IPFS Kubo RPC wrapper │ ├── player/ — Browser player (index.html = Netflix dashboard, testplayer.html = dev) │ │ ├── lit-bundle.js — Bundled Lit SDK for browser (built with esbuild) │ │ └── pkg/ — Compiled WASM │ └── contracts/ — MediaLending.sol, MediaLendingV2.sol (Foundry + Hardhat) ├── scripts/ │ ├── notflix.mjs — CLI tool (SQLite, viem, interactive shell) │ └── tokenize.mjs — Segment, encrypt, upload, register ├── docker/ — API server, IPFS, local chain ├── docs/ — Documentation └── data/ — SQLite database (gitignored) ``` ## Legal Position This is critical to the project. The protocol is designed to be legally tighter than physical lending: - **No copies created** — encrypted stream, ephemeral decryption in WASM memory - **One viewer at a time** — enforced by smart contract, not policy - **Time-limited** — automatic expiry - **No central server** — IPFS is peer-to-peer - **Content always encrypted** — no plaintext exists on IPFS - **No commercial advantage** — open source, nonprofit - **Code is speech** — project publishes a framework, not a service Key precedents distinguished: Hachette v. Internet Archive (they hosted copies — we don't), ReDigi (transfer = copy — we stream ephemerally). ## Getting Involved ### Run it locally ```bash git clone git@github.com:nathanabrewer/notflix.git cd notflix npm install docker compose up -d npm run build:wasm npm run build:lit npm run notflix > add ~/Movies/movie.mp4 > play 1 ``` ### What needs work - **L2 deployment** — deploy to Base/Arbitrum for penny-cost lending - **OrbitDB catalog** — decentralized title catalog (replace local SQLite) - **GitHub Pages deployment** — static player with public IPFS gateway - **Guestbook UI** — show 80-char lend notes in the dashboard - **Title metadata** — poster images, descriptions, genres - **Multi-title lending** — lend a "shelf" of titles - **Mobile playback** — test and optimize for iOS/Android browsers - **Rate limiting** — prevent key request abuse (anti-rip) - **Per-segment key rotation** — HKDF(masterKey, segmentIndex) for defense in depth ### Tech stack - **Languages:** JavaScript (Node.js), Rust (WASM), Solidity - **Chain:** Ethereum (Sepolia testnet, any EVM L1/L2 for production) - **Storage:** IPFS (Kubo) - **Key management:** Lit Protocol v8 (Naga) - **Database:** SQLite (better-sqlite3) - **Build:** esbuild (Lit bundle), wasm-pack (Rust → WASM) - **Testing:** Hardhat + Chai, Foundry forge test ### Philosophy - Physical ownership rights, digitally enforced - No micropayments — this is about rights, not monetization - Tighter than physical, not looser - Decentralized — no single point of failure or censorship - Borrowers pay nothing — owners bear the (minimal) cost - Code is the license — the contract IS the lending agreement ## Contact - GitHub: github.com/nathanabrewer/notflix - Movement site: noflixgiven.com - EFF consultation recommended before production launch