UCANs (User-Controlled Authorization Networks) propose a capability-based authorization model for decentralized systems. Instead of global identities and centralized access control, UCANs use cryptographically signed tokens that delegate specific permissions from one actor to another, scoped and time-bound by design.

This approach reframes security around intentional delegation. It aligns naturally with peer-to-peer and local-first architectures, where authority must travel with data and actions. UCANs offer a way to express trust without institutions, and permissions without platforms.