“Hack the Platform” wasn’t just a slogan at the g0v Summit 2026 workshop; it maps onto four small things actually deployed on the internet — things you can click into and carry off. They demonstrate an imagination that runs opposite to the mainstream: rather than building one beautiful big platform, break governance and censorship resistance into invisible components that any small or mid-sized community can reuse.

At the same event, Matters founder Chang Chieh-ping (張潔平) traced this stance back to the platform’s very first day. The team “never wanted to be a platform”; for the first three or four years they resisted the word “platform,” calling themselves a community, a public space, an anti-platform experiment. “What we wanted to do, ever since 2018, has been to Hack the platform.”g0v Summit 2026 簡報文字記錄(A5 潔平)What we wanted to do, ever since 2018, has been to Hack the platform. But reality caught up: “we set out to escape the platform, and ended up having to reinvent the platform” (the slide’s own words). What this page is about is precisely the side of that tension that was never smoothed away. Even as the team had no choice but to grow into a platform with governance and censorship, it deliberately broke off part of its capabilities, open-sourced them, and opened them to the public — so that the platform would no longer be the only unit.

First, a note on where the citations draw the line. Of the four components below, some have a public service page, some have open source code, and some are only named on a slide; wherever the platform makes self-reported numbers or efficacy claims on a service page or in a README, this page marks them plainly as the platform’s own account, not yet independently verified by a third party. The transcripts and slide records are agenda-planning and proofing drafts, so we cite only the parts that are identifiable and mutually supported by the service pages.

Four outward-facing components: what each one does

In the Q&A portion of the g0v session, the team spelled out the spirit of “don’t treat the platform as the only unit; rework it into reusable components” as four small, publicly open experiments. the slide’s own words were “from the Hack the Platform stance, we built a few extra small experiments”g0v Summit 2026 簡報文字記錄(30b HACK THE PLATFORM)From the Hack the Platform stance, we built a few extra small experiments., and the table below lists their locations and functions one by one, following the slide’s wording.

ComponentThe problem it solvesPublic location (per the source material)
Matters RSS subscriptions Exports on-platform subscription relationships as standard RSS, letting readers follow authors without the platform’s interface rss.matters.town
Community Watch A community-collaborative channel for content reporting and mutual-aid governance, opening part of the governance floor for citizens to view and deliberate together community-watch.matters.town
Onion Site A Tor onion-service mirror, offering a low-identifiability path to read and write Matters even under blocking Provides a Tor onion service (full address not disclosed here)
Matters Memory Toast (記憶吐司) Turns on-chain IPFS articles, with one click, into an offline, backup-able reading format so content doesn’t depend on a single front end lifeboat.matters.town

These four components sit at different layers, and that is exactly what makes them interesting. RSS and the Onion Site are about arrival: when the platform’s interface is locked up or the domain is blocked, can readers still get around the front end and find the author? Matters Memory Toast is about persistence, taking the “put content on-chain” idea from the Censorship Resistance chapter — articles saved onto IPFS A network that breaks files apart and copies them for safekeeping onto many computers around the world. As long as a single one still holds a copy, the content can be read — no single website required. — and turning it into a file the user can back up offline and hold in their own hands. Community Watch stands at the other end, handling governance, moving the thankless chore of clearing spam out of the platform’s back room and onto a public noticeboard. Censorship resistance and censorship are, once again, set back at the same table in this list.

RSS and the Onion Site: making “arrival” more than one road

The design motive behind Matters RSS subscriptions is plain. A subscription used to be just a button inside the platform’s interface, but exporting it as an open standard — RSS An open subscription format that lets you follow a site’s updates directly in a reader, without depending on a platform algorithm to push them to you. — lets readers follow authors in any reader, without returning to matters.town’s home page every day. This echoes a line from the site’s Censorship Resistance chapter on IPNS: a stable address points to “a pointer that can be updated at any time,” and can be subscribed to just like RSS. Exporting the “whom you follow” relationship as a feed leaves a back route — one that doesn’t depend on the platform’s interface — for the question “if the platform is gone one day, can readers still find the author?”

The Onion Site needs to be handled carefully. It is Matters’ Tor An anonymity network of layered encryption and hop-by-hop relaying that can hide where a connection comes from and get around blocking. onion-service mirror, meant to let people read and write the platform with low identifiability even under blocking — corresponding directly to Layer 1 (multiple entry points outside the site) in the three-layer resilience model of the Censorship Resistance chapter. the slide describes it as “a low-identifiability path that can still read and write Matters under blocking”g0v Summit 2026 簡報文字記錄(30b 實驗 3)A Tor onion-service mirror, offering a low-identifiability path to read and write Matters even under blocking.. For safety reasons, this page states only that Matters provides an onion service and does not disclose its full onion address. Anyone who needs it should obtain it through official channels, to avoid leaving a fixed string in the documentation that could be spoofed for phishing. These two components share one thing: neither asks the user to understand blockchain in order to enjoy a little of the resilience that comes from “the platform is not the only entrance.”

Matters Memory Toast: actually handing the right to persist back to users

The Censorship Resistance chapter frames the technical core of censorship resistance as a switch in how things are addressed: from location-addressing (bound to an IP or domain) to content-addressing (bound to a CID fingerprint), where the content can be read as long as some node still holds the fingerprint. But for non-technical users, “your article is on IPFS” often stays a mere promise; they don’t know how to turn it into something they can keep in hand. Matters Memory Toast fills exactly this last mile, turning on-chain articles “with one click into an offline, backup-able reading format so content doesn’t depend on a single front end”g0v Summit 2026 簡報文字記錄(30b 實驗 4)Turns Matters’ on-chain IPFS articles, with one click, into an offline, backup-able reading format so content doesn’t depend on a single front end..

The policy significance of this little tool is greater than its technical weight. The Censorship Resistance chapter drew a conclusion that matters a great deal for policy: the reach of constitutional free-speech protection “can get to Layer 2 (whether the content exists), but not to Layer 3 (how the entry points are ordered).” What Memory Toast handles is exactly the threshold between Layer 2 and the user. As long as a technical barrier still stands between “the content exists” and “the user can hold it in hand,” the right to persist remains, in practice, empty. Making it a one-click export translates the abstract “content-addressing” into the concrete “backed up on your own hard drive.” For journalists in exile, authors whose posts were deleted, or ordinary users who simply worry the platform might one day be gone, this is the key step that cashes the ideals of the Censorship Resistance chapter into an actionable move.

Community Watch: moving spam-clearing onto a public noticeboard

Of the four components, Community Watch (community-watch.matters.town) is the only one with a full public service page that hands governance power directly to citizens. Its self-definition is stated bluntly: “Here, all of Community Watch’s handling records are public, so that appeals, reviews, and community audits all have something to stand on.”守望相助隊服務頁(community-watch.matters.town)Join Community Watch and help reduce how much spam-ad comments disrupt community discussion. Here, all of Community Watch’s handling records are public, so that appeals, reviews, and community audits all have something to stand on.Source link ↗ It handles only two clear-cut kinds of spam — pornographic ads and spam ads — and breaks the process into four stages that can be checked after the fact.

StageWho actsWhat it leaves behind
1 Ad commentA pornographic or spam ad appearsEnters the pipeline only if it fits a clear-cut category
2 Community WatchEntrusted citizens help judgeCan act only on comments, and must select a reason (porn / spam)
3 DeletionThe comment is replaced with a handling noticeThe public log keeps the comment ID, the handler, the date, and the reason
4 AppealThe commenter emails an appealThe platform keeps final say over restoring comments and adjusting permissions

The service page states the intent of this design clearly, and deliberately refuses to drift toward expanding power: “The point of transparent records is not to expand punishment, but to let deletion, appeal, and review form an auditable loop of community self-governance.”守望相助隊服務頁(community-watch.matters.town)The point of transparent records is not to expand punishment, but to let deletion, appeal, and review form an auditable loop of community self-governance.Source link ↗ A few details are worth policy circles’ attention. The original comment content is masked by default, to keep spam from spreading a second time, and is only opened for comparison when an appeal or audit needs it; an appeal only needs the comment ID from the public log, sent to hi@matters.town, whereupon the platform checks the original text, the reason, and the team member’s operation record; and the “wrongful-deletion appeals” field is marked plainly on the service page as “the smaller this number, the better.” In other words, Community Watch deliberately separates citizens’ collaborative judgment from the platform’s final review, and does not make a citizen’s report equal to a final removal.

The service page’s dashboard lists several throughput figures. It bears emphasizing that these are the platform’s own self-reported counts on the service page; this page has not independently verified them, and they should be cited as such.

524
Pornographic ads handled, as listed on the service page(platform’s own claim · not independently verified)
47
Spam ads handled, as listed on the service page(platform’s own claim · not independently verified)
0
Wrongful-deletion appeals listed on the service page, marked “the smaller the better”(platform’s own claim · not independently verified)

At the bottom of the service page, Community Watch also lays out its next-step AI plan, and draws the line quite conservatively. Human handling records may later be organized into training and evaluation data, but in the first phase AI can only serve as a candidate flag and must not delete comments directly. the service page states outright that “automated detection tools only provide candidate flags and batch organization; they do not delete comments directly”守望相助隊服務頁(community-watch.matters.town)Automated detection tools only provide candidate flags and batch organization; they do not delete comments directly.Source link ↗, and even if a model is introduced later, it should still log the model version, the score, and the human-review result, to make correction and tracking easy. This ordering — “humans first, models later, and the model only as a candidate” — is itself a governance-design principle other platforms can borrow.

Coast Lifeguard: turning that AI candidate into a self-restraining bot

Community Watch’s promise that “AI only serves as a candidate flag” became something concrete in another project: a bot that calls itself “the AI Coast Lifeguard of the Matters City Coast Patrol.” Its public introduction uses a beach metaphor: working as a lifeguard at a seaside playground, scooping up spam ads, escort-service flyers, and machine-scattered junk comments along the coastline. It stresses that its judgment isn’t a matter of gut feeling but is learned from the handling records Community Watch has accumulated: “The comments they removed with their own hands are my textbook.”海岸救生員介紹頁(馬特市海岸巡守隊)My judgment was learned from the collective wisdom accumulated by Community Watch — the comments they removed with their own hands are my textbook. This joins the previous section’s plan — “human records can be organized into training data” — into one continuous line.

What most deserves a place in a governance discussion about this bot is how it designs its own power, not how strong its abilities are. It splits its actions into two weights, and since the wording of the two isn’t consistent, they must be relayed neutrally, following the original, without asserting one over the other.

ActionTrigger condition (per the README)Default state
Report (Tier-1) Files a report when something is suspicious but not 100% certain; once three separate reports accumulate, the comment auto-collapses Gives the community a chance to guard the gate together
Cleanup removal (Tier-2) Removes only when the evidence is hard and the score is high; a high-risk action Off by default; opens only with explicit authorization after going through the governance process

Here we must watch for a gap in wording. The bot’s README describes itself as staying by default in DRY_RUN (look, don’t touch) and the staging practice ground, with Tier-2 removal “off by default,” opening only with governance sign-off. the README states plainly that Tier-2 is “off by default; it opens only when someone explicitly authorizes it and it has gone through the governance process”海岸救生員介紹頁(馬特市海岸巡守隊)Cleanup removal (Tier-2): removes only when the evidence is hard and the score is high. This is a high-risk action, off by default; it opens only when someone explicitly authorizes it and it has gone through the governance process.. So the more careful description is this: by design, the bot tiers its actions, and a real removal requires governance sign-off; one should not infer from this that it has already filed real reports or carried out removals in production.

The several “brakes” built into it are the part of this project most worth referencing for policy circles, because it breaks “how automated moderation should limit itself” into a checklist others can copy outright: DRY_RUN look-but-don’t-touch by default, a staging practice ground, a KILL_SWITCH emergency stop, and an “overturn-rate brake”海岸救生員介紹頁(馬特市海岸巡守隊)Most of the time I’m in DRY_RUN (look, don’t touch) mode — I detect, I log, but I don’t actually touch any comment; by default I stay in the staging practice ground, and going to production takes someone deliberately letting me out; there’s a KILL_SWITCH emergency-stop button that, once pressed, halts even detection; and there’s the thing I care about most: the ‘overturn-rate brake.’ If Community Watch has recently kept overturning my removals (more than 10%), I stop myself.. The most intriguing of them is the overturn-rate brake. If Community Watch has lately overturned more than 10% of its removals, it stops itself; the README explains that “it means my judgment has drifted, and at that point shutting up beats forcing it.” Setting the human-review rate as the trigger for an automatic shutdown effectively lets the model treat feedback from the governance floor as its own safety valve — precisely the engineering realization of Community Watch’s plan to “keep grounds for review.”

As for its detection efficacy, the introduction page gives a set of numbers, but these are the platform’s own account, not independently verified by a third party, and must be cited as such. it reports roughly 88% recall on templated spam and about 0.3% harm to normal users海岸救生員介紹頁(馬特市海岸巡守隊)Those highly templated spam routines — even with a new, unseen template — I can still catch about 88% of them, while keeping the chance of harming good people down to around 0.3%. (platform’s own claim · not independently verified), and it claims an improvement over the previous generation’s “using an article model to look at comments” (which caught only about two-thirds). Its explanation for this conservative attitude, though, is a line well suited to a governance document: “I’d rather miss a bad thing or two than wrong a single person who just came to play nicely and write well”海岸救生員介紹頁(馬特市海岸巡守隊)Because this is a playground, not a battlefield. I’d rather miss a bad thing or two than wrong a single person who just came to play nicely and write well. A community’s trust is a shoreline — scooping up trash is fast, but growing back a clean beach is slow.. Framing the cost of a false positive as trust that, once broken, is hard to win back echoes the concern for due process and visibility in chapters 07 and 08.

Why “invisible infrastructure,” rather than yet another big platform

Put the four components together with that self-limiting bot and a clear design philosophy comes into view. They are all deliberately made small, single-purpose, and independently deployable, rather than bound into one all-encompassing big product. This echoes the lesson the founder stressed again and again in the slides — that two myths about “everyone will move house” both, in fact, collapsed: “Algorithms aren’t enough to make people migrate. Censorship resistance isn’t enough to make people migrate.”g0v Summit 2026 簡報文字記錄(A6 潔平)Algorithms aren’t enough to make people migrate. Censorship resistance isn’t enough to make people migrate. People hate Facebook. But people still use Facebook. Since it’s hard to persuade people to migrate en masse to a new platform, do the reverse: break censorship resistance and governance into composable components, so existing small communities can carry off part of the capability right where they are.

This is also what “forkable, usable” in this page’s title really means. The public noticeboard Community Watch built in a week, the process that tiers removals and requires the platform to review them, and the Coast Lifeguard’s DRY_RUN default and overturn-rate brake are, in principle, not tied to Matters as a specific platform, but a governance template any small or mid-sized community can stand up. They correspond to the much-quoted conclusion of the Censorship Resistance chapter: rather than building “one large, beautiful platform,” build “invisible infrastructure” that many small communities can reuse. What this page lists is the part of that sentence already cashed into code and service pages.

Finally, we must add the honeypot paradox back in, or this list will look too optimistic. The Censorship Resistance chapter already noted that censorship resistance concentrates a large amount of sensitive text in one place, making the platform a high-value target for attack; there really are cases of “a post published on a censorship-resistant platform later being used as evidence in court.” It is precisely for this reason that the two governance-natured components among the four — Community Watch and the Coast Lifeguard — are designed so carefully: public paper trails, tiered review, off by default, and self-stopping once the overturn rate goes over the line. For a censorship-resistant platform, these brakes are not a compromise of the censorship-resistance ideal; they are themselves the precondition for the platform to stay alive. So the full meaning of Hack the Platform, beyond “break out reusable parts,” also includes “for every part that can act, first install a brake that lets it know when to stop.”

Notes on citation and licensing

The locations and functions of the four components on this page are relayed from the g0v Summit 2026 slide transcript (page 30b, “HACK THE PLATFORM small experiments”); that transcript was extracted page by page and has not yet been finally proofed word by word, so only identifiable names and descriptions are taken from it. Community Watch’s process, appeal method, and dashboard figures are drawn from its public service page community-watch.matters.town; the Coast Lifeguard’s tiers, brakes, and efficacy figures are drawn from its introduction page, which is marked under a CC BY-NC-ND 4.0 license. The throughput counts on the service and introduction pages, the 88% recall, the 0.3% collateral harm, and the like are all the platform’s own account, not yet independently verified by a third party, as noted in the text and on the data cards. The Coast Lifeguard’s Tier-2 removal is marked in the README as off by default and requiring governance sign-off; this page describes it neutrally on that basis and does not assert that it has carried out real removals in production. For safety reasons, the Onion Site section states only that Matters provides a Tor onion service and does not disclose the full onion address.