Yes, this is a great thread. It will take me some time to read it again and maybe address each point separately, but let me start from the recurring items.
There is a fine line between criminality and liberty. Leaving the philosophical debate alone, the government is drawing this line and they can redraw it whenever it suits them. The whole idea of modern cryptography, the internet, and the cypherpunks group that gave us BitTorrent, Blockchain, PGP and other tools mentioned here, is that the government is NOT the omnipotent master of the universe and we do know better what to think, what to discuss or what information to share. That's it, all that copyrights, censorship and, most recently, CSAM are different sides of the same coin, which is to shape human interactions on the internet in a way that the media, the politicians or other inside parties have their interests protected. You cannot fight the government and help the government at the same time.
This being said, there are different trilemmas regarding p2p networks, like the scalability trilemma: you can't have a network that is perfectly scalable, secure and decentralized at the same time, there is always a tradeoff here. This also affects anonymity, privacy, data throughput, cost efficiency, UX/UI and so on. There are people who work on various cryptographic algorithms that make these tradeoffs less hurtful, but to no surprise, the centralized services are "almost" perfect in all applications, with the only drawback being centralized so "that one lawsuit can easily kill" them. When we want to achieve decentralization, we need to let go of some other parameters. I'm not prepared at the moment to offer an up-to-date analysis of the portfolio, but there are some good starting points:
https://en.wikipedia.org/wiki/Comparison_of_instant_messaging_protocols https://www.privacytools.io/ https://anonymousplanet.org/
One item that I see missing in this debate is the Freenet Project and, inside of it, the FMS – Freenet Message System. It does implement the Web of Trust in a secure manner, but is terribly slow. There are numerous papers on the topic but let's just explain the basics: every peer maintains their trust list onto which either they embark specific trustees by hand (friends) or let the algorithm compute the effective trust level of a given peer, based on the "trust list trust" of the peers they already trust multiplied by the direct trust those peers have against that given peer. Example: I don't know C, but my friends A and B say they trust him 10% and 80% respectively, but since I value my friends opinion as 50% and 20% respectively, I get C = (A*A'+B*B')/(A'+B') =
(0.1*0.5+0.8*0.2)/0.7 = 30% effectively. This way, any single friend cannot manipulate me into not trusting C just because they don't trust C, yet if everyone has no trust to C (e.g. C is a spammer), I receive the recommendation (which I can still manually override) of low trust to C. In such a system, every peer can exist and use the network to some extent and even if every other peer except one wishes them dead, they can still communicate with their partner.
A similar approach is recently emerging on BlueSky, however all the major frontend apps are still subscribed to the central moderation service. I still haven't read 133 pages of the BlueSky thread, but I see the potential of this network, given they fork the network to disconnect from troonspace. Matrix is obviously beyond that point already, but since the network is not 100% p2p (the homeservers are different node types than clients), the plausible deniability argument does not adhere. In Freenet, everyone would process the data of everyone else, just not knowing what is inside of encrypted messages they process (and thus not falling under any criminal liability), which is not true for the Matrix instance admins. Perhaps morg developers will eventually (or already did) provide the means of protecting hs cache from malicious agents but there is also another way, namely onion instances. You may or may not know, but running synapse is already Tor-aware (can't say it's supported though) and currently possible to run both in onion-onion and dns-onion manners. The former is only reachable from homeservers that "understand" onion addresses and the latter can serve as a gateway, e.g. hosts a room where both morg and onion users can meet and have conversations. I can provide a full technical tutorial on how to set up such instances and if you are familiar with matrixspace, you've seen such ones already (not saying it is easy to set up or problem free though).
In the final paragraph, I would also like to say a few good things about SimpleX. It has done some progress in the last year or so. If you connect via Tor, it is so far probably the easiest UI/UX for a normie to find and creating a private encrypted room for 10+ users is feasible. They do, however, struggle with litigation and currently debate on how to bork the protocol a little so that CSAM is eliminated. Evgeny is quite a reasonable guy, open to arguments so if you actually have ideas on how to improve the protocol, I encourage you to join the "SimpleX users group" room and engage in the discussion. They do have those algorithm guys I mentioned, an official client for all major platforms that doesn't suck and are currently not in the monetization phase so there is a hope.
