The Sovereign Tech Fund is backing Mastodon with a €614,000 service agreement to fund a series of improvements across Mastodon and the wider fediverse ecosystem. Of that, €90,000 is earmarked for other federated projects wanting to implement the protocols developed during this work. Mastodon is already hiring two backend developers to handle five main areas covered by the agreement.

End-to-end encrypted messages, done right

The headline feature is end-to-end encryption for private messages. Right now, DMs on Mastodon aren’t encrypted, which means instance admins could technically read them by accessing the database. It’s a known issue that’s been sitting around for years, and previous attempts to fix it never reached production quality.

This time is different. Mastodon won’t build a proprietary protocol but instead adopt MLS over ActivityPub, a spec currently in draft stage at the W3C. MLS, already used in RCS messaging, is built to handle large groups well. The Social Web Foundation is coordinating the technical work and has brought in two fediverse projects, Emissary and Bonfire, to develop interoperable implementations. According to We Distribute, initial deliverables are due by June 2026.

Mastodon will only roll out support once the W3C task force finalizes the spec and interoperability is proven. The timeline is 2027, not tomorrow, but it’s realistic.

Moderation and infrastructure

The agreement covers other things that matter to people running fediverse instances. By end of 2026, blocklist synchronization arrives via the open FIRES protocol, letting admins subscribe to shared block lists and decide whether to apply them automatically or review them case by case.

Also by year’s end, a new media storage system launches. This is one of the biggest headaches for anyone running a Mastodon server. Each instance keeps local copies of media files circulating the federated network, and storage and bandwidth costs spiral fast. The proposed solution is called Fediverse Auxiliary Service Provider and lets multiple servers share storage and processing.

The third piece deals with automatic content detection, giving admins voluntary tools to flag spam and illegal material while staying transparent about how user data gets handled. This lands by mid-2027.

Timing matters

The timing of this announcement is worth noting. Instagram is removing end-to-end encryption from messages and TikTok explicitly refuses it for DMs. While big platforms retreat or drag their feet, the fediverse is building an encrypted messaging solution on open standards, funded by European public money, and designed for interoperability from day one.