Exported Data

Bluesky Dev

Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)

Previous group of messages

highly-original-name

i asked abt that, apparently it's not impl yet, requires support

which seems interesting for hosted instances

@tthh5577:matrix.org

…

xy2e45 joined the room

bnewbold

yeah, change email is not yet implemented, and we also don't pre-emptively verify emails (yet). both are important!

mikuhl

gn, cast this spell: https://staging.bsky.app/profile/spells.bsky.social/post/3jtlukig7js2f ❤️

Fumiaki Matsushima joined the room

@numero6:codelutin.com

so... is there any ATproto project which have a dedicated matrix room (anything from a client, index, library, tool...)?

@bemre:matrix.org joined the room

bemre changed their display name to emre

paroxxx joined the room

@udo_woodo:matrix.org joined the room

@udo_woodo:matrix.org left the room

xnf0k

Hi, does anyone know any app/website/frontend for bluesky which uses the UserAgent "undici"?

Our server

stems.social

is being spammed with resolveHandle requests for

bsky.social

and

stems.social

(which are pds servers, not handles)

KingYoSun

In reply to this message

Probably, it is nodejs http client
https://github.com/nodejs/undici

xnf0k

interesting, probably a script. Assuming no malicious intent, it's probably a bug asking to resolve handle of a server

jesopo

In reply to this message

update: you can

question for people working on atproto: if people want to stick arbitrary data in to existing lexicons, should the keys for them be nsids or similar to avoid collisions on the future?

e.g. app.bsky.actor.profile with {"uk.jesopo.isBot": true}

(to clarify, arbitrary lexicon extensions appear to be allowed https://github.com/bluesky-social/atproto/issues/832#issuecomment-1513383096)

also, the image picker for avatars and banners appears to be broken:

mikuhl

The nav bar always on x games mode for real 😂

Pretty sure you have to use one of those fancy viewport height units

paulghostsuk

Are there any plans to add live video to bluesky social soon or audio chat rooms

moved to @shreyan:beeper.com@shreyanjain:matrix.org

probably not any time soon

jesopo

In reply to this message

interested in an answer for this, because i might start suggesting people put an isBot on the profile of their bots and suggesting library authors check for that

(unless "arbitrary keys on existing lexicons is valid" meant that it has to be considered valid but is not encouraged)

(edited)

Chris Lace

🗣️Which invite code should I use to invite someone to the platform??

or how do I use the invites I have ..?🤔

damon/

You send them by copying and pasting. You can use whichever you want to use as long as it’s available

Chris Lace

In reply to this message

Ok cool 😎 Thanks!

In reply to this message

Didn’t work can’t open links

moved to @shreyan:beeper.com@shreyanjain:matrix.org

{"collection"=>"app.bsky.feed.post", "$type"=>"app.bsky.feed.post", "repo"=>"did:plc:ofpi7p2eniusp5ckakb52p76", "record"=>{"$type"=>"app.bsky.feed.post", "createdAt"=>"2023-04-18T16:24:24.369-07:00", "text"=>"testing ruby"}}

is this a valid post?

based on the atproto docs I think it's valid, so I'm trying to figure out whether the issue is in how I'm sending it to the PDS or in the data itself

jesopo

where are you sending that blob?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

https://bsky.social/xrpc/com.atproto.repo.createRecord

snarfed

what error are you getting? I assume you're including the Authorization header with a valid token?

jesopo

looks right to me; are you getting any errors back from the API?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

Net::HTTPBadRequest from Ruby's Net::HTTP library

Tried it with HTTParty and it worked, so not sure what was wrong, probably just syntax

jesopo

bad request should also come with a body that tells you what you did wrong

e.g.

12345678910$ curl -D- -s "https://bsky.social/xrpc/com.atproto.repo.listRecords?repo=jesopo.bsky.social"                             
HTTP/2 400 
date: Tue, 18 Apr 2023 23:49:52 GMT
content-type: application/json; charset=utf-8
content-length: 90
x-powered-by: Express
access-control-allow-origin: *
etag: W/"5a-pmHQNHIFybI8B7L3TfzslQ8vLV8"

{"error":"InvalidRequest","message":"Error: Params must have the property \"collection\""}

(edited)

moved to @shreyan:beeper.com@shreyanjain:matrix.org

Probably just a quirk of ruby's net-http gem?

oh wait it was the content header

{"error":"InvalidRequest","message":"Wrong request encoding (Content-Type): application/x-www-form-urlencoded"}

added "Content-Type" => "application/json" to headers and it works

moved to @shreyan:beeper.com@shreyanjain:matrix.org

gem bskyrb pushed to

rubygems.org

btw, any other name suggestions for an ATProto ruby gem? Just went with bskyrb on a whim

Alex C. joined the room

Alex C.

Message deleted

snarfed

shreyanjain++ congrats!

神宮寺匁トロロ&あかね教祖様【TV】 joined the room

神宮寺匁トロロ&あかね教祖様【TV】

Thank you. I'm a Japanese game streamer,YouTuber. and programmer. I can use JAVA, C language, C#, JAVAscript, sql.mysql. Message me if there's anything I can do to help

神宮寺匁トロロ&あかね教祖様【TV】 set a profile picture

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

found this: https://atproto.com/guides/lexicon#extensibility

Forest Truth joined the room

NEON Spectrum joined the room

jesopo

In reply to this message

oooh

ooooooh >:3

@dsenjoyer:matrix.org joined the room

@dsenjoyer:matrix.org

hello, I am having trouble understanding the docs. In the identity guide, we tie DNS names to DID's. What happens if two DID's try to tie to a DNS name at the same time? The protocol has no blocks, so how would you achieve consensus?

@dsenjoyer:matrix.org

In reply to this message

I found this discussion, have you managed to find a solution?

also with posts, what happens if two posts are pushed with the same ID?

and can big-world indexers be run by any user?

In reply to this message

is curation and moderation here defined by other protocol users, or is it enforced by some central entity?

thanks in advance

anothersky joined the room

guruguruhyena joined the room

stephend9 joined the room

xylobol joined the room

xylobol

snarfed the front fell off?

jackofdreams joined the room

MRCASHKING joined the room

itsjim joined the room

chrisackermann joined the room

MRCASHKING set a profile picture

snarfed

In reply to this message

???

xylobol

it was a long shot, figured you might be another plan 9 fan

it's the 9 term for copying something to the clipboard

(snarf)

snarfed

ah lol. plan 9 is great!

@dsenjoyer:matrix.org

In reply to this message

and how is the consensus reached in regards to valid and invalid signatures?

(edited)

squishthoughts joined the room

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

plan 9 the rather obscure operating system?

xylobol

we stan glenda on matrix

snarfed

hey bluesky team, how flexible are record keys (ie PDS paths)? https://atproto.com/guides/data-repos#identifier-types says they should be based on TIDs, which https://staging.bsky.app/ post URLs mostly seem to follow, minus the dashes. will federation depend on rkey format though? ie if I wanted to use an entirely different rkey path scheme, would that be fine?

Enrique Pérez joined the room

mikuhl

So would a custom server be needed to accept custom xrpc calls?

and then for example, when federation comes into play, any extra data added will be ignored by clients that don't use it?

snarfed

yes and yes. assuming the new data is new lexicons/defs, PDSes that don't understand those objects should hopefully just ignore them, yes

gayboredape joined the room

Renan Tomazini joined the room

Brawl Strats joined the room

jesopo

In reply to this message

curious, does the current live atproto implementation actually have stuff specifically to preserve extensions in this format

jesopo

if so I'll write up some deserialisation stuff for it in the morning

lamrongol joined the room

lamrongol set a profile picture

mikuhl

In reply to this message

if though I publish a post to the bluesky servers with, for example, a poll, will the bluesky servers remove that data?

jesopo

In reply to this message

no https://github.com/bluesky-social/atproto/issues/832

mikuhl

ahh interesting

jesopo

bsky.social

will not, however, accept records it does not have a lexicon entry for. i.e. xrpc/com.atproto.repo.createRecord?collection=uk.jesopo.test will fail

mikuhl

Its probably possible to then to make a client with lightning network zaps, as there just needs to be a lightning address extension on profile

(edited)

lamrongol

Are we allowed to talk about client side APIs in this room? "bluesky" is not a unique name and a search for "bluesky api" brings up pages for other services like weather and data analysis and I can't find the documentation. Are they contained at https://atproto.com/docs ?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

yep

mikuhl

Does the protocol allow for custom validation of a record entry? Obviously by the custom server. For example a "org.bitcoin.lightning.zap" (similar to

app.bsky.feed.like

), server would have to validate the lightning invoice and preimage, to tell if the user actually paid the invoice.

invoice would probably contain the id of the post they are zapping, so you cant use a random paid invoice and preimage and say you zapped a post.

@anjuhime:matrix.org joined the room

snarfed

mikuhl: yes. your own server can do anything you want. lexicon does basic XRPC and data object type checking; your server would do anything more involved

snarfed

validation code would probably be triggered by the com.atproto.repo methods that create/edit records, and/or any of your own XRPCs

lamrongol

In reply to this message

Thank you. Hmmm, so that means clear documentation like Mastodon's doesn't exist yet.

I would like to know especially if there is a Streaming API, to create a trend analysis system. The image is from an actual Twitter bot (this bot is currently frozen).

I am not very familiar with web technology, but if it doesn't exist, I would have to join the development of the AT Protocol itself?

mikuhl

I dont think theres a stream of records, no

lamrongol

OK, I'll give it some more thought.

@Daegalus:matrix.org joined the room

Rez Haque joined the room

@guuu0000:matrix.org joined the room

@guuu0000:matrix.org removed their display name (guuu0000)

@guuu0000:matrix.org left the room

空気椅子 joined the room

noz_amd joined the room

@alexandre_:matrix.org joined the room

@alexandre_:matrix.org left the room

Andro Plus joined the room

ryuya_0124 joined the room

serdar joined the room

librateva joined the room

yuuya Kamikaw joined the room

ナオ joined the room

jesopo

there is one stream api

it's a websocket endpoint and it gives you all of the updates to

bsky.social

's repos. xrpc/com.atproto.sync.subscribeRepos

@dsenjoyer:matrix.org

In reply to this message

Ping

@dsenjoyer:matrix.org

Is the site at https://staging.bsky.app/ a single PDS? Or does it have multiple PDS's which interact in between each other?

In reply to this message

And does it have it's own crawling indexer?

jesopo

Message deleted

xnf0k

In reply to this message

That website is a frontend and connects to PDS'

There's an account switcher and the accounts can be on different servers, but no PDS' don't interact right now

@dsenjoyer:matrix.org

In reply to this message

In reply to this message

thank you, so this is actually a PDS selection screen, right?

(edited)

xnf0k

In reply to this message

Yup

@dsenjoyer:matrix.org

In reply to this message

nice thank you

オールリンクス富田 joined the room

出古広志（Hiroshi Deco） joined the room

henryzhao007 joined the room

@seiya133:matrix.org joined the room

Anoop Bhatia joined the room

Anoop Bhatia

Please, somebody, give me a bluesky invite code

(edited)

richardlitt

I'm seeing https://staging.bsky.social redirect to

bsky.social

. Where is the beta app?

A I joined the room

snarfed

In reply to this message

https://staging.bsky.app/

richardlitt

Thanks!

@cyberbiopunk:matrix.org

Where do I get an invitation code?

David joined the room

Nobody Nearby

Yep, waiting for the bsky invite code 🥲

deescasechloe joined the room

bnewbold

In reply to this message

stuffing random fields in is really only allowed to make it easier to roll out schema changes. we don't want folks to stuff in fields randomly, because those records could end up being invalid in the future if the fields are formalized in a different way. also don't want there to me multiple variant ways of doing things on the same record type (NSID).
the mechanism for evolution and extension is to create entirely new records under a new NSID namespace

jesopo

understood

snarfed

In reply to this message

totally makes sense! you all will eventually want to settle on consensus for best practices like these, eg https://github.com/bluesky-social/atproto/discussions/844#discussioncomment-5675913 wasn't quite aligned here: "I think you can get most of what you like by adding an extra key to the record that includes the canonical url in the other network"

jesopo

there is https://atproto.com/guides/lexicon#extensibility, but i can also see this being used as "extensions from the lexicon 'owner'" rather than extensions by arbitrary people

jesopo

Message deleted

jesopo

but at the very least that method of doing extensions contains NSIDs

bnewbold

a short talk by paul on some of the original thinking about schema negotiation: https://dwebcamp.org/videos/schema-negotiation/

hah, I don't actually remember ever seeing that $ext trick linked above, i'm not sure that is supported at all or a think going forward. we will be reviewing docs in the near future, they haven't had an update pass in a long time

In reply to this message

the DID/handle mapping needs to be bi-directional. there is a known issue right now where there can be multiple DNS TXT records with different DIDs, and there isn't a clear way to chose which is canonical (they can come back in ~random order). we haven't decided what the correct behavior is in that situation yet, but generally "just don't do that" for now

In reply to this message

staging.bsky.app

is actually not even a PDS, it is just a web app. the actual PDS server is

bsky.social

. the proliferation of domains is somewhat confusing, we know. but basically

bsky.social

is the atproto-level server and identity namespace we are running; and

bsky.app

is the application protocol (app.bsky.* schema) and client apps to speak that (soon across any federated servers)

In reply to this message

it is not crawling any external servers yet. we will describe our plan and protocol for federation soon. there are hints in the source code, and the plan is pretty solid, but we are not ready to write down documentation with all the details, or to describe all the details in conversation

In reply to this message

there will definitely be a "firehose" of all the records from our PDS (that exists already, but isn't documented, and the edge cases are still being worked out). there will also be a "firehose" of the full network (~all federated PDS instances). unclear how or who might provide a service to filter down that full torrent of events (which, if we succeed at growing, will be thousands per second)

In reply to this message

the question of what it takes to deploy a new application with new lexicon is one we have thought about a lot. eg, in what situations does a new lexicon (schema) and application require changes in: PDS, client applications, appview (aggregator), BGS (relay/firehose provider),

if you need to go around and get all the PDS implementations and hosts to make changes, that will make it hard to roll out new applications and services. if, instead, you just have the PDSs proxy some endpoints to your own appview servers, and have some client extensions, that makes roll-out and experimentation much easier. but TBD how much we can pull that off, what what the ecosystem will look like

snarfed

In reply to this message

the hints I'm currently following are the MST and com.atproto.sync methods. kinda racing myself to see if I can get a prototype implementation of all of those up and running before you all publish and half obsolete all my work 😆

mikuhl

Is there any security concerns of allowing to insert data that doesn't have a schema that the pds knows about?

jesopo

In reply to this message

so the way stuff like BGP handles conflicting answers is pick a criteria that is stupid but reliable, e.g. alnum sort and then pick the first, or just consider this to be an unsupported case and fail

mikuhl

Cause I hear you can add extra data to existing things that have schemas, but not ones that don't have any schemas

bnewbold

polls are a good example. to add polls, as a new record type, you definitely need something to consume all the poll records and validate/count them. it would be nice to have in-client support, but you could have your own client, or do something clever via web interface. you shouldn't need to make changes to PDS

mikuhl

Polls would be a good test to extend functionality

jesopo

In reply to this message

as just discussed, just because you can add arbitrary extra data to existing lexicons doesn't mean you should

bnewbold

there is a concept of middle-boxes being able to pull arbitrary lexicons and validate them, without having to actually understand the lexicon or do anything special. that is one way this could work out. but we haven't spec'd or implemented that fetching of lexicons generically

snarfed

In reply to this message

(the space of things I shouldn't do but can do is often the most fun 😎)

jesopo

the problem is you have to accept unknown keys on known lexicons: remote servers may tell your server about these payloads, and the payloads are signed so you cannot just remove things you don't know about

or signatures will fail

not to speak out of turn, but it sounds like "it's possible because it has to be possible, but it's discouraged and shouldn't be relied upon" (at least, that what it sounds like the current answer is)

bnewbold

yeah, IIRC the flexibility is a forwards-compatability thing: you need to be able to import a "new" repo with "new" style records into an "old" PDS implementation (to make account portability easy)

snarfed

In reply to this message

only if you (a PDS) accept unknown keys on known lexicons, right? and afaik that's an open question?

jesopo

In reply to this message

you, a PDS, have to accept unknown keys on known lexicons when receiving records from other servers

snarfed

oh was that decided officially? I hadn't seen that conclusion yet

jesopo

but when you're receiving records from your own clients, i think it might be an open question

snarfed

and the adoption problem is interesting.when a lexicon is updated, there's a window that your PDS isn't using the updated version yet, and it will reject valid objects with the new lexicon

(sorry, that's only if you reject, which it sounds like we won't)

mikuhl

All I think I would need is to allow a custom collection.

org.bitcoin.lightning.zap

bnewbold

just to be clear, you are all asking great and important questions, and we know we need to have clear answers to all of these. you are just running a bit ahead of our final decisions and documentation

(edited)

snarfed

In reply to this message

yeah totally understood and accepted. apologies! we're eager. "not yet" is a fully ok answer

also jesopo's point about sigs is a good one, PDSes can't strip unknown fields and still store and handle those records, the CIDs won't match

ATProto could say unknown fields aren't allowed, but there's still the upgrade window problem, so jesopo seems right

mikuhl

Just brainstorming for me :)

jesopo

right you need to consider the two different circumstances; there's one where you're receiving a record from your client, at which you can tell them to piss off if they've done something wrong, but if you're an AT server receiving a record that already exists from another AT server, you don't have much choice

bnewbold

I have to step away for a bit now

mikuhl

Maybe could have voting for custom schemas to be allowed on the server

jesopo

thanks for your time

mikuhl

I'm thinking of a custom collection, like "org.bitcoin.lightning.zap" and a field on the existing profile object of a LNURL server. When the user presses the zap button from a custom client it would make a request to the LNURL server located in the profile, with the specified post id in the query. When the user pays the returned invoice the receiver will insert a zap object into their repo, showing that a zap was successful.

pfrazee

okay schema guy here

let me give a kind of top down explainer here

mikuhl

🤪

pfrazee

apologies for covering stuff you likely already know!

* snarfed prepares to copy paste into github discussions

mikuhl

Interested to hear your take!

pfrazee

right so schemas, first things first, you create them under domain-names that you own. Very important you control the domain; never create new schemas under com.atproto.* or something like that

we call those reverse-dns identifiers "NSIDs" (NameSpaced IDentifiers) and basically the last segment of it is free-form while every leading segment is reverse dns

so if I'm putting my schemas under pfrazee.com then I would do com.pfrazee.whateverIWant

in the com.atproto and app.bsky we break it down into a lot of subdomains for organizational purposes

next up: conformity

once a schema has been put into use, you can never publish a breaking change. You can't add new required fields, you can't make a formerly required field optional, you can't remove or add a constraint like maxLength. I mean, you can, but you will absolutely break software that's in the field and applying old rules

it's subtle what you can and cant do but the easy rule is that there's only one safe thing to do: adding new optional fields

snarfed

^ learned the hard way in the RPC community, including internally at Google over the better part of a decade

pfrazee

yeah not intuitive and totally sucks

snarfed

(RPC/data serialization communities)

but true!

pfrazee

to give an example: if we ever decided "you know what, character limits suck, let's bump it to 5000" (we wont decide this) then we'd have 2 options

mikuhl

I think Google went hard with the "everything is optional" rule. So even protobuf 3 I don't think there's even an OPTION to add required fields.

pfrazee

the first option would be to add a new longText field to the post record with the 5000 character limit. It would have to be optional and, importantly, any records we create would need to populate the old text field with a truncated version

snarfed

mikuhl: right, after many many years of trying all the other ways

(internally)

pfrazee

the second option would be to create an entirely new post record type like `post-v2`

(edited)

with that understood, let's touch on stuffing unspecced fields into records

George Antoniadis

In reply to this message

Adding a “v1” to your schemas is always a nice way to get people who might use it to start thinking about what they do when “v2” comes out eventually.

pfrazee

again, you can put data in unspecced fields on a record. It doesn't fail validation and it's not considered invalid. However we strongly recommend against it

mikuhl

I feel like required fields make type safe coding hard

pfrazee

there are two reasons we recommend against it: 1) it's entirely possible that the person controlling the schema will eventually use that field as a new optional field. Now you're hosed. 2) there's very little semantic information attached to these unspecced fields so you're going to end up with siloes of compatibility

George Antoniadis

In reply to this message

The doesn’t fail validation part, is that defined on the spec or up to pds/client implementaters?

mikuhl

Even if the data is a wrong type you can always give it a default value

pfrazee

In reply to this message

that's according to spec

there may be usecases where it's actually the right call to stuff unspecced fields into records and that's why we don't stop it

for a simple example, you're just trying to track something on your bot's posts. There's no reason for us to get in your way on that; the point of all this is to help people coordinate and get work done; not to be dicks

okay so that's unspecced fields, so how do we extend schemas

Lexicon has two "complex" types for that, the Union reference and the Unknown reference

a Union reference type is equivalent to this in typescript: foo: Foo | Bar | unknown

and the Unknown reference is foo: unknown

you can actually specify a "Closed Union" which is the equivalent of foo: Foo | Bar but we recommend against it strongly because you can never add values to the field if you do that

when a Union or Unknown is used, the value of the field is now flexible; you have to look at the object it has (Unions and Unknowns can only ever have typed objects as their values)

this is where the $type field comes into play. You look at the $type of a Union/Unknown value to determine what its schema is. (The value will be an NSID)

generally speaking an open Union only differs from an Unknown by suggesting some well-known possible values. Technically you can put an object of any schema in there

the consumer of a Union/Unknown looks at the $type and then first establishes if it supports that schema at all. If not, it decides how to handle that (ignore, panic, etc). If it does support that schema, it then runs additional validation on that known schema

mikuhl

If you don't want data on existing schemas, you can have a collection with just one item right?

pfrazee

correct; if you make a new record schema you can do whatevs, and there's a pattern similar to SQL extension records which we're looking at that could use backlinks to essentially accomplish JOINs

snarfed

pfrazee: in the panic case, that means that PDS would handle forward compatibility by rejecting records until it gets upgraded with the new version of the lexicon, and then it would "catch up" with other PDSes's records that include that new field/type?

pfrazee

In reply to this message

this isn't true yet, but the goal is to make the PDS indifferent to application schemas and provide generic behaviors only; that way adding some new schema doesnt run the risk of losing forward progress

snarfed

oh true good point. it's the app layer that would panic until it's upgraded, but the records would get accepted and stored before that

pfrazee

correct

but this segues well into the last item!

and that's the "Schema Negotiation" idea, which we're still thinking about how to do well. That idea is essentially, "How do we deal with unsupported schemas that are embedded in supported schemas?" like when somebody creates a new poll schema and embeds it in a post. This is actually pretty important

the thing is, you need to be able to predict what other software is going to do when they hit your new schemas

if you can't predict it then you'll never feel safe adding new features and why even bother

mikuhl

The extension array seems good because it has the specific domain things like collections, so less chance of it conflicting later

pfrazee

the broad idea is to find a way to include information within the records that explain to a consumer what to do if a piece of information is not supported

that could be instructions like "please abort if you don't understand this extension; you will fuck up and cause issues for my users"

they could also be "please display this fallback message / link"

they could also be "try this other object, maybe you'll know that schema"

mikuhl

That seems to be what the extensions array shows rn

pfrazee

and they could also be "just ignore it's fine"

well the extensions array -- if you're referring to $ext -- isnt actually implemented. That was an early iteration of Lexicon that I dropped for v1

mikuhl

Ohh

pfrazee

the interesting challenge is finding a way to encode this information in a way that works for a lot of very different scenarios

mikuhl

The only other question I would have is in terms of performance, let's say you want to get custom reactions for each post, how would you tell the server to do that without calling an endpoint for EVERY post.

pfrazee

instructing a client how to react to an unknown post embed is very different than reacting to an unknown like record, for instance

so we decided to defer the answer to schema negotiation until we had more real world information

In reply to this message

this gets into creating sufficiently generic APIs and indexes, which is an ongoing piece of work by the protocol team

moved to @shreyan:beeper.com@shreyanjain:matrix.org

This is probably a really silly idea, but I can imagine a schema for just letting people add random unspecced fields and play. Early Twitter I think used to let profiles have a feed of what was essentially arbitrary json that wouldn’t appear on your main profile but other apps could interact with it.

mikuhl

I feel like we're the founding fathers drafting the constitution for years to come 🫡

snarfed

bluesky team at least 😎

pfrazee: hopefully the indexing part can be handled mostly out of scope, locally by PDSes as an implementation detail, globally with the big world indexing part?

mikuhl

Blue sky team is the founding fathers and we are all the flys on the wall nagging them for our use case 🤪

pfrazee

In reply to this message

indeed! And there are some pretty solid generic indexes we can make, like backlinks, that should be able to do a lot of useful things

In reply to this message

this basically exists already; you can create any arbitrary collection you want under your own schema and then enumerate records from it

snarfed

pfrazee mind if I copy all this into https://github.com/bluesky-social/atproto/discussions ? or is it too early? totally ok either way

pfrazee

no go for it! <3

mikuhl

In reply to this message

I thought this isnt possible? Someone said that it would error if the server does not know the collection

pfrazee

oh is that right? Okay maybe I'm wrong about that, the backend bois are the keepers of such knowledge

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

Let me try real quick and see

pfrazee

well that's the intended design there, apologies

mikuhl

What would be to stop people, however using blue sky as an unlimited file storage?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

{"error":"InvalidRequest","message":"Lexicon not found: lex:app.bsky.feed.post3"} yep unfortunately

snarfed

done, https://github.com/bluesky-social/atproto/discussions/855

pfrazee

thanks snarfed!

In reply to this message

we have to wrap our heads around how to deal with stuff like that. There needs to be some form of backpressure on resource usage

it might be as simple as metering disk & bandwidth usage

snarfed

also seems manageable by individual PDSes, out of band, and with a range of policies

pfrazee

yeah

mikuhl

Could add like icloud storage space but blue sky 😂

snarfed

although the burden spans PDSes so...🤷

mikuhl

You have an allotment of GB and if you go over you can pay blue sky or use your own PDS

moved to @shreyan:beeper.com@shreyanjain:matrix.org

maybe but with federation will other PDSes be willing to host it as well?

snarfed

right

mikuhl

So many interesting questions. 🤔🤔

pfrazee

In reply to this message

this isnt as hard of a problem as it sounds. For one, PDSes dont sync other users' repos by default; we have aggregators do that to ensure that it's cheap to run a PDS. (And then if you want to do your own aggregation you can)

snarfed

right. maybe PDSes can prune parts of their locally stored MSTs for remote users' PDSes, while keeping the top pruned CIDs, and then refetch them on demand

pfrazee

for two, you can choose to sync subsets of data repositories without any issue, so you can choose to just ignore schemas you dont understand if you want

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

that seems perfect

snarfed

not sure but hopefully the tree rebalancing still works in that case

mikuhl

Yeah I can't wrap my head around how, ideally, if most people ran their own PDS, how will that not be messy. Like Nostr is hella messy with all the relays.

moved to @shreyan:beeper.com@shreyanjain:matrix.org

Honestly, the ATProto model looks more like ActivityPub than Nostr to me

snarfed

the model isn't that most people run their own PDS, it's that everyone is able to easily migrate at will, and bring all of their data

mikuhl

True

lamrongol

In reply to this message

Thank you. There is no detailed description but you mean we can get all the

bsky.social

posts by sending this message https://atproto.com/lexicons/com-atproto-sync#comatprotosyncsubscriberepos ?

lamrongol

In reply to this message

I don't necessarily need all the posts, about 30 posts/second is minimum necessary.

By the way, I don't have invite code. Is it possible to distribute it to third-party developers on a priority basis?

@jonaharagon.com

Everybody wishes they could be a priority group, just join the waitlist :)

@rimuru:gentoo.chat changed their profile picture

onurgule joined the room

@willian:willian.wang joined the room

yumisen set a profile picture

lamrongol

In reply to this message

OK, I've already joined the waitlist and will wait patiently.

moved to @shreyan:beeper.com@shreyanjain:matrix.org

so the actual did:plc documents which tell the world what pds I'm using etc. Those are stored at https://plc.directory right?

askdamk joined the room

Andy Melichar joined the room

Cotodama joined the room

Cotodama set a profile picture

nuwaa joined the room

ツーリングライダー joined the room

aoi.haru joined the room

Mustafa Gezen joined the room

@meawoppl:matrix.org left the room

klhuang0504 joined the room

incident joined the room

hajimeindo joined the room

qegsub joined the room

清水隆平 joined the room

bnewbold

In reply to this message

check out http://whenitrains.glitch.me/ for an example

lamrongol

In reply to this message

You mean this site retrieves posts of bluesky? However, I can't know the way to get them.

xnf0k

In reply to this message

view-source:http://whenitrains.glitch.me/script.mjs

lamrongol

In reply to this message

Oh, sorry and thank you. if i can convert this code to java or python, I will be able to develop my system.

a a joined the room

a a set a profile picture

a a

May I ask if there is a way for Twitter developers to join Bluesky?

Justyn Temme joined the room

a a

hi whyrusleeping I just sent a DM

a a

In reply to this message

does this work (converted to python)? https://acidafghan.glitch.me/script.txt

acid afghan changed their display name to a a

Shonia Piano joined the room

anothersky

Any chance for an invite code?

behnam

I need invite code 🥺

ryuya_0124

I need invite code 🥺

doudoppel joined the room

@matorix:matrix.org joined the room

@matorix:matrix.org left the room

marinea joined the room

numa_aqours joined the room

marinea set a profile picture

numa_aqours set a profile picture

marinea

I need invite code 🥺

@planetoryd:matrix.org

In reply to this message

you dont

numa_aqours

Anyone have invite code??

Andy Melichar

Well I will jump on the bandwagon and ask too because... Why not? Can I haz codez plz?

pk910

Shared some, but I'm out of codes now :( But everyone that got one should get 10 codes himself after a day, so it would be great if they would re-share some of them ;)

t_kuroki joined the room

marinea

I understand, thank you kindly for your kindness.

MAB joined the room

lamrongol

In reply to this message

Thank you. I would prefer to write in Java, but I'll give it a try.

@andy:go.hubup.pro joined the room

MAB set a profile picture

@costanza99:matrix.org joined the room

MAB

I need invite code

@costanza99:matrix.org

Test

There we go. Element was eating my posts for some reason.

Anyway, I'm just here to ask about whether any verification systems are planned for bluesky/atproto.

I imagine something like what you see with certificates on web pages signed by external services would be extremely useful.

Of course I'm compelled to ask because of... recent events.

snarfed

@costanza99:matrix.org: it currently lets you connect your web site/domain, that's the main verification system right now

MRCASHKING

Need a code. If someone has one to spare.

xnf0k

In reply to this message

Any source for this? I read in the chat that it was 1 new code every 2 weeks

@morotesovtannu:ohai.su left the room

pk910

In reply to this message

Hmm, I don't know to be honest..
I joined a few days ago, and got 10 invites about 1-2 days after registration...

@costanza99:matrix.org

Well, phishing attacks are very prevalent. Just having an official-ish domain name is enough to trick most people. Web browsers try to mitigate that risk by surfacing a webpage's certificate info to the UI in a way that is easily understood by users (usually a lock icon next to the URL.)

There doesn't seem to be any way to mitigate that risk within atproto or Bluesky. Sure you could go to a given user's website and see if the page/domain is signed by some trusted verification service, but most won't do that.

xnf0k

In reply to this message

I get your point, it's pretty easy to register a similar domain on a different tld, etc. But SSL certificates aren't meant for / do not help with reputation. All they say is the connection is secure. https://www.troyhunt.com/how-everything-were-told-about-website-identity-assurance-is-wrong/

(edited)

@costanza99:matrix.org

xnf0k: That was a good read.

damon/

It is not 1 new code every 2 weeks. But 1 new push of codes every 1-2 weeks.

@costanza99:matrix.org

So... what can be done? I do vaguely remember seeing that Bluesky will have some sort of reputation system in place, but I don't know whether that is just for filtering out spammers and the like, or whether that extends to being able to know an account is "official" by some metric.

Vinod V. joined the room

ごんべいななしの joined the room

snarfed

right, domain verification isn't a complete solution on its own, but it's still a big useful building block! a bit more discussion: https://staging.bsky.app/profile/snarfed.org/post/3jtthqdu4w22y

@costanza99:matrix.org

snarfed: I can't view the thread... A screenshot would be appreciated.

Ah never mind, I'm able to view it using another client: https://blue.amazingca.dev/?username=snarfed.org&postid=3jtthqdu4w22y

No Respite joined the room

@vagabond0312:matrix.org joined the room

@costanza99:matrix.org

Well, I guess I'll just have to wait and see what happens. Really hoping you guys can figure this out.

mosca14 joined the room

jesopo

just to put my thumb on the scale, web browsers have been handling domain impersonation for a very long time

i think doing account verification that doesn't revolve around domains is impractical in a federated world

other servers need to be able to also verify the means by which a user claims to be who they say they are, and the best similar concept we have on the internet is domain names

this is easy in a centralised world like a facebook; you put your trust in facebook to have done the necessary verifications out of band, so you don't have to personally do the checks yourself

now what you could make an argument for is PDSes marking specific accounts as belonging to those that administrate the specific PDS

In reply to this message

i think there's probably sufficient mitigations around stuff like homoglyph domain attacks to make domains alone a reasonable only method of identity verification

@costanza99:matrix.org

Well, Bluesky will have pluggable algorithms and moderation services... maybe there could also be pluggable verification services too?

(edited)

Users, servers, aggregators, etc. could subscribe to a specific verification service's list of "verified" DIDs. It would be up to the verification service to decide if a user is worth verifying, and everyone else to decide whether that verification service can be trusted.

(edited)

I dunno, I'm just spitballing...

But it would make sense alongside everything else Bluesky is building toward.

snarfed

right! the fediverse is already trying these kinds of local/third party verification services, eg https://www.presscheck.org/ , https://verified.coop/about

verification seems to break down broadly into two buckets: technical, eg DNS and private/public key, and social, eg Twitter's legacy verification

(edited)

(and eg web of trust, reputation systems, etc)

technical is cheaper, flatter, scales better; social has the potential to avoid/prevent impersonation better

@costanza99:matrix.org

I think a good social media platform needs both.

snarfed

that does seem like a promising path, at least assuming a sustainable funding model for the social verification part, since doing it centralized like Twitter did is high touch and not cheap

@costanza99:matrix.org

Of course. I'm willing to bet that people would pay for such a service, even as a subscription, as long as they can be assured that it wasn't just being handed out to whomever.

(edited)

The verification services themselves would be responsible for garnering and maintaining their own reputations, to justify whatever prices they charge.

(edited)

@costanza99:matrix.org

Also I do just want to mention that verification systems, complete with badges, are ubiquitous on social media platforms. Facebook, Instagram, Youtube, TikTok, Linkedin, Discord... all feature it in one way or another.

Linkedin in particular stands out, as they seem to be using external verification services to accomplish it: https://www.theverge.com/2023/4/12/23679998/linkedin-verification-badge-system-clear-microsoft-entra

My point is there is plenty of precedent to making such a system built right into AT Protocol.

(edited)

snarfed

they've already shipped a first step there with the DNS/did:web technical mechanism

but as for a social mechanism, how would you put a social process into a technical protocol?

apart from depending on a centralized third party

@costanza99:matrix.org

Not sure. I imagine it would be like how you can choose different algorithms (which ultimately comes down to centralized third parties serving posts to you arbitrarily(?))

You choose which centralized third party you want to serve verified badges to you.

(edited)

snarfed

right. arguably their composable moderation plans already allow for this to some degree. https://blueskyweb.xyz/blog/4-13-2023-moderation

George Antoniadis

In reply to this message

The team could have allowed what you are describing just by not restricting the dids that can be used to plc, but they had reasons not to. I recall some being in the faq. Considering the did supported is a placeholder as the name suggests, that could indeed change.

Has it ever been discussed if the plc did is here to stay or if it will be changing before bsky being considered “stable”?

mikuhl

I have been thinking, I guess unknown collections should be allowed on the server, because if you transfer your data to a PDS that does not know that collection you would not want them to delete it.

snarfed

they've been pretty clear that did:plc is semi-long-lived but temporary, not permanent. also the protocol encourages but doesn't strictly require did:plc, it looks like you'll be able to federate with pure did:web ids

afaik they haven't defined roadmap milestones like "stable"

@costanza99:matrix.org

In reply to this message

Hmmm.... maybe...

I guess the issue is to what extent labels actually let you modify your experience. They seem intended for hiding posts/users or keeping them behind warnings; could a theoretical "verified" label be used to place a check mark next to someone's handle?

That article doesn't mention it as a possibility which makes me think that kind of control over the user's experience wouldn't be allowed on any Bluesky app. Like, you won't be able to define a label that highlights posts containing a certain word; you will only ever be able to hide them.

(edited)

George Antoniadis

In reply to this message

Yeah, I’m just kind of assuming that anything temporary need to go away or have a migration path before many pds start to pop up and it’s too late to put the cat back in the bag.

snarfed

yup, you need an evolution path regardless. eg DID usage might be pretty baked, but expansion to other DID types could be straightforward

(edited)

jesopo

In reply to this message

labels are currently used in the real world to label accounts as spam, so, maybe?

e.g.

@costanza99:matrix.org

Ooh, is that actually using the label system under the hood?

It gives you an icon and everything... neat.

jesopo

12345678910111213141516171819202122232425$ curl -s -H "Authorization: Bearer redacted" "https://bsky.social/xrpc/app.bsky.actor.getProfile?actor=blama.bsky.social" | jq
{
  "did": "did:plc:hnuikc4m7blmew4i6hzkne6z",
  "handle": "blama.bsky.social",
  "displayName": "BLama",
  "description": "I am a digital alpaca.\nAlso going by the name of Dalai BLama\nExperimenting a bit with the blue sky.",
  "avatar": "https://cdn.bsky.social/imgproxy/nX7NqxmiVxs8opE7cn_e2ZDITYyNsqxTdnx4YL00-J0/rs:fill:1000:1000:1:0/plain/bafkreiheu5633mqmhyzixapo6obq7c6sxrp3ede7gpdnjjtslz3yev6vku@jpeg",
  "banner": "https://cdn.bsky.social/imgproxy/JU-dUNskStBOz5-f6D57EJglOkhrk4FZKGtg_6YpRXk/rs:fill:3000:1000:1:0/plain/bafkreigfdevwa7lkoya4oeqlcpshewnmnwc64cqgrlbhynpn5dntku6by4@jpeg",
  "followsCount": 1283,
  "followersCount": 299,
  "postsCount": 1503,
  "indexedAt": "2023-04-15T16:37:20.381Z",
  "viewer": {
    "muted": false
  },
  "labels": [
    {
      "src": "did:plc:ar7c4by46qjdydhdevvrndac",
      "uri": "did:plc:hnuikc4m7blmew4i6hzkne6z",
      "val": "spam",
      "neg": false,
      "cts": "2023-04-18T00:33:33.495Z"
    }
  ]
}

@costanza99:matrix.org

Whoa!

I guess that'll do it.

(edited)

Tetrus

i wish there was federation right out of the box in first place instead of this nonsense. :(

George Antoniadis

In reply to this message

I expect that would make it much harder for the team to iterate on the protocol early on. The docs were out of date for a long time and most likely still are. The bsky team has a lot of things to take into account from this private test phase and a lot of things they only have one shot of getting right. After that things become really hard. Moxie has an interesting talk about the difficulties on building decentralised systems.

(edited)

@costanza99:matrix.org

I think it would also have to be made clear where a given label is coming from. Obviously anyone would be able to define a "verified" label, so the source of a given label should be extremely visible and/or easy to find from the frontend.

(edited)

damon/

I believe Lens actually in headed in the right direction for this issue

https://www.lens.xyz/garden

https://www.lens.xyz

snarfed

Daniel Holmgren et al, I've been working on MST code. mind if I ask, in serialize_node_data, why does this line use .pointer and not .getPointer()? and line 85 too. shouldn't they make sure the CIDs are recalculated if they're out of date? https://github.com/bluesky-social/atproto/blob/4ecd3878a0dfa20343e81d42b92776a82315e17d/packages/repo/src/mst/util.ts#L73

bnewbold

In reply to this message

you mentioned this above and I don't know if anybody replied, but our PDS, and PDSs in general, should definitely allow record CRUD operations (create, update, etc) on novel/unknown collections (NSID). you might need to set verify=false if the PDS don't know the lexicon for that collection. there is a vague plan for PDSs to be able to discover lexicon schema files (JSON) somehow based only on the NSID (which encodes a domain), but that hasn't been worked out yet.
the rules of the road here are if you control an actual domain, you can invent whatever lexicons and record types under the relevant NSID and stuff things in there. up to reasonable limits around resource abuse and rate-limits
the whole "DNS domains can get lost/transfered" is current unresolved weak point of this, but seems managable

we could imagine a community of devs having a domain like CPAN or npm where lexicons are collaboratively developed, and the overall domain is stable

and have/invent their own governance and decision making process.
also folks can register/invent more temporary domains for prototyping and experimentation. you can also insert '.v0.' or '.dev.' or other things in NSIDs to communicate they are not-long-term

In reply to this message

the label fields are terse, but src the authority that created the label. in the future these may be signed. the idea is that labels are abundant and chaotic, but accounts/clients configure the authorities (DIDs) they actually trust and care about, subscribe to labels created from that source, action those in clients/infra, and ignore all the rest.
right now in

bsky.social

we have one PDS, one app, and one label-creator, but these are technically all unbundled and can be operated by independent folks. that is the composable/community moderation concept

tblfruit joined the room

@costanza99:matrix.org

In reply to this message

Interesting stuff. I'll be looking forward to seeing how it'll all work in practice, once decentralization actually begins.

ad4_bello joined the room

@waitd:matrix.org joined the room

ad4_bello

Hello

ad4_bello

Am new here and honestly,I need blue sky invitation code 🥺

Alireza joined the room

Alireza

Hi Somebody give me invitation code plz Thanks in advance

damon/

Please scroll up and view the chats. This is not for invites

You can create or check inside of a thread. There is also a subreddit that has an invite thread that when codes become available they share codes.

If it’s about decentralisation there are a host of other apps/sites available with good experiences

ad4_bello

In reply to this message

ofrazy joined the room

@vagabond0312:matrix.org

I need invite code, please.

@waitd:matrix.org left the room

alrozzi joined the room

lamrongol

In reply to this message

I can't find CarReader of

ipld.car

for python(can find for javascript). Could you tell me how to install?

snarfed

In reply to this message

if it helps, I'm using https://dag-cbor.readthedocs.io/ for reading/writing DAG-CBOR binary CAR files. doesn't necessarily help get that script running though

Marcio Alves

Twitter we had the tweets on BlueSky are the Skys

yibe joined the room

jesopo

In reply to this message

curious, do you have example code of using that lib?

@00c:matrix.org joined the room

@00c:matrix.org

Hello!

anothersky set a profile picture

@tthh5577:matrix.org

Does anyone have invite codes? 🥹

moved to @shreyan:beeper.com@shreyanjain:matrix.org

App Passwords rolled out!

@tthh5577:matrix.org

Do you mean invite codes? I want one, please

andrew joined the room

HAL 1984 joined the room

ryzalen joined the room

mikuhl

Do you think its possible for multiple users to share an object? For example on Instagram you can post an image together with another user, and the post will be shown with two authors.

@foxyzlove:matrix.org joined the room

@foxyzlove:matrix.org

please give me invite code...🙏🙏

@foxyzlove:matrix.org set a profile picture

shemah joined the room

lamrongol

In reply to this message

It seems that a complete rewrite is needed: there is no cbor_x as well as

ipld.car

, and WebSocket is not present in Python by default. I tried https://dag-cbor.readthedocs.io/en/latest/decoding.html but got error "DAGCBORDecodingError: Encode and decode must operate on a single top- level CBOR object. unexpected start byte of a second top-level CBOR object". I can't find any information about this error. I also tried cbor2.decoder.loads(data), but all data was "decoded" to "{'t': '#commit ', 'op': 1}".

nikolay joined the room

raymondz (@crystalcultures:matrix.org) joined the room

mikuhl

In reply to this message

or possible to sign an arbitrary message to know someone had a say in an object

nikolay

Can you guys spare an invite, please? 🙏

mikuhl

In reply to this message

because I am thinking of sending a record to a lnurl server that is signed by the sender, and then after payment the receiver also signs it and gives it back to the sender to publish to their collection

GaoGao Dinosaur (がおがお) joined the room

antpb joined the room

nikolay

It is not nice to thumb down a genuine request for an invite. I am a software engineer, and a future contributor, who wants to keep the matching GitHub/Twitter/LinkedIn/Facebook username. If you disrespect people treasuring their digital identity, then your project is missing a point. Yes, I have the .com and could host this myself, but can I host every single service myself and should I?! You should have secured the Twitter usernames of people with 1,000+ followers and 5+ years - that was the proper thing to do, and not allowed random guys steal usernames, because the pseudorandom dice were in their favor!

mikuhl

You don't have to worry about someone stealing your username, as your username will be your domain.

Oh I see you mentioned that, but you dont have to host anything to use your domain.

@chrishobcroft:matrix.org

Any way to create an account from an invite using only an Android smartphone? Web app doesn't work in mobile browser (not even in desktop mode) and native app doesn't have the registration flow.

moved to @shreyan:beeper.com@shreyanjain:matrix.org

wait native android app doesn't have registration?

mikuhl

In reply to this message

What browser are you using, I was using the web app for a long time before android app came.

andrew

Android app absolutely does have the registration flow (invite code required), the web app (https://staging.bsky.app/) was also recently updated to be usable on mobile devices (previously only worked on desktop)

(edited)

andrew changed their display name to andrew (@young.af)

nikolay

In reply to this message

I get that, too. But what made Twitter big is the @username - people immediately got what it meant. That's why people still use www. although most websites have removed it and redirect to apex.

mikuhl

In reply to this message

the default bluesky usernames are ugly lol, you want a domain name instead.

nikolay

In reply to this message

and you think www. is pretty? 🙂

mikuhl

In reply to this message

www. is not in the username unless you specifically tell it that. My username is @mikuhl.me

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

Unfortunately that does require much more centralization.

mikuhl

better than @mikuhl.bsky.social

Noah B joined the room

Noah B set a profile picture

Noah Beshah changed their display name to Noah B

Noah B

Hello👋

nikolay

In reply to this message

(Digital) beauty is in the eye of the beholder! 😄

mansuoor joined the room

Marshal joined the room

mikuhl

Haha whoops I managed to create two profile records with the same cid and I cant delete both of them.

Called com.atproto.repo.createRecord with app.bsky.actor.profile collection. :P

and no rkey.

mikuhl

@mikuhl.bsky.social technically the first profile with lightning address lol

123456789101112{
	"$ext": {
		"org.bitcoin.lightning.lud16": {
			"value": "mikuhl@ln.tips",
			"$fallback": "This profile includes a lud16 which your client can't render.",
			"$required": false
		}
	},
	"$type": "app.bsky.actor.profile",
	"description": "Test profile, do not mention, please ignore.\n\nSee also: @mikuhl.me",
	"displayName": "Not Mikuhl"
}

(edited)

moved to @shreyan:beeper.com@shreyanjain:matrix.org

adding of extra data like that is currently discouraged

mikuhl

I know lol, just going by this: https://atproto.com/guides/lexicon#extensibility

SOFY HIRO joined the room

mikuhl

Someone said something about a linktree styled list of urls, so that would work too.

ad4_bello

magicofazi: interesting project

When project launching

mikuhl

In reply to this message

When they allow putting data in records that dont exist, you would probably have a self record for org.bitcoin.lightning.profile

moved to @shreyan:beeper.com@shreyanjain:matrix.org

makes sense

and then clients could look that up in a collection

Lleyton “Lea” Gray changed their profile picture

@foxyzlove:matrix.org changed their profile picture

soumikmatrix joined the room

soumikmatrix

Hey I'm new to here Legacy membe's, walk me thorugh the project

George Antoniadis

In reply to this message

Welcome, https://atproto.com/docs is a great start.

@itspranitsingh:matrix.org joined the room

@itspranitsingh:matrix.org left the room

@neoazubal:matrix.org joined the room

Masami Sugiura joined the room

emrecoban joined the room

emrecoban

Hello folks! I use

matrix.org

the first time. I've not registered bluesky yet, because of intivite code. How could I get invite code? By the way, I created a pull request for the at protocol website one week ago. Hope someone will review it.

(edited)

emrecoban set a profile picture

@anond:matrix.org joined the room

nikoline_nik joined the room

-official- Ga96 joined the room

Masami Sugiura set a profile picture

Fantasma do Comunismo joined the room

HLu joined the room

@kromerx:matrix.org joined the room

HLu

I need invite code.🙏

@neoazubal:matrix.org

Me too 🙏

Jonathan

Heya, i've recently poked bluesky, and poked the atproto docs, but one thing is still unclear; how exactly does an atproto server resolve the latest commit to a DID document, given its DID identifier?

i see some IPFS-related things sprinkled through the docs, such as CIDs and IPLD, but i dont think y'all are using the p2p swarm, right?

Alireza

And me :D

@neoazubal:matrix.org

I am even amazed that this system does not yet have a flaw like arc browser

Jonathan

what im particularly interested in is the guarantee that such a search/fetch process gets the latest commit to the DID document more or less semi-reliably, and how resistant that process is so attacks to eclipse the network from newer updates

Rudy Fraser 🌱 joined the room

derina chan joined the room

Kristian L. Thomassen changed their profile picture

あいうえお joined the room

misty46 joined the room

@toyohaji:matrix.org joined the room

damon/

I don’t understand. How is Arc browser comparable ?

@neoazubal:matrix.org

These are two products that have a strong demand and which have both adopted an invitation system, except that arc is circumventable

misty46 k changed their display name to misty46

sercanyildirim joined the room

@kromerx:matrix.org removed their profile picture

@kromerx:matrix.org removed their display name (ukw2d)

@kromerx:matrix.org left the room

@matorix:matrix.org joined the room

bltavares ⚡️ joined the room

@fischers_masai:matrix.org joined the room

foxyzlove changed their display name to Overdose Ⅳ

Overdose Ⅳ changed their display name to foxyzlove

damon/

How is it? People that are able to download still are prompted to enter the invite code

@neoazubal:matrix.org

https://youtu.be/4_7vPfcjFH4

damon/

If you see the updates it no longer works. This was resolved months ago

k1ngzee joined the room

damon/

He even mentions it in the comments to the video as well

KUS ZE joined the room

Basix joined the room

Basix

hey folks, is com.atproto.handle.resolve xrpc method really a thing? the docs says you should do this to get the did but i don't think adding TXT record automatically makes my domain XRPC-aware

Basix

Message deleted

raymondz (@crystalcultures:matrix.org) left the room

raymondz (@crystalcultures:matrix.org) joined the room

Basix

Is the Bluesky's DID:PLC server public? I want to query myself so I can look inside my did

Johan Van Zijl joined the room

Basix

answer to the latter one: https://plc.directory/

(edited)

Manuel joined the room

Anoop Bhatia

Please give an invite code🙏🏻

mikuhl

a tid makes it so two identical records don't have the same cid right?

(edited)

syamoji joined the room

Rudy Fraser 🌱

Are there any servers running besides

bsky.social

? Or clear guides/documentation for running a server?

alice

one or two but federation is not enabled yet on

bsky.social

so they are completely isolated

Rudy Fraser 🌱

Is federation not yet implemented? https://atproto.com/specs/atp#server-to-server-api

alice

not sure about implemented, i think the devs said it's jsut not turned on, period

In reply to this message

* Jonathan friendly poke for this room

i want to know how a completely independent server/actor/user would (start to) query such a document, or how knowledge of new commits to the document comes to be known

(edited)

mikuhl

Made a document on my brainstorming of zaps: https://github.com/MichaelPriebe/bluesky-zaps/blob/master/README.md

sercanyildirim set a profile picture

snarfed

In reply to this message

right. (two identical records would be odd though)

mikuhl

If you see in my document the zap record is quite simple, unlike likes and reposts which you cannot do more than once, zaps can be done more than once.

snarfed

In reply to this message

sure: https://github.com/snarfed/bridgy-fed/blob/main/atproto_mst.py#L953-L964

In reply to this message

correct. afaik bluesky's current DNS TXT record verification isn't XRPC-based, at least not to your domain. adding that TXT record doesn't mean your site then serves a did:web DID or XRPCs

mikuhl

I assume that the handle as domain via DNS is just custom logic specifically for the

bsky.social

PDS, I suppose technically a nefarious PDS can let anyone use any handle.

snarfed

In reply to this message

between PDSes, this is the com.atproto.sync methods and others, eg com.atproto.sync.getHead, which takes a PDS DID and returns its root CID, and com.atproto.identity.resolveHandle, which takes a handle and returns its PDS's DID (I think)

In reply to this message

I think the more important use of the TID is in the the at:// URL path, which consists of the collection NSID and a record key, which is always always required to be a TID right now: https://github.com/bluesky-social/atproto/discussions/844

(edited)

snarfed

my current status: I think I've grokked and implemented the MST ok, and I've started on a bunch of com.atproto.sync methods. I thought I got getRepo working, but now I'm not sure

I was just serializing the root MST and returning that, but looking at what I get back from

bsky.app

's getRepo, I think that's wrong. I think I need to include commits too, not MST and leaf nodes, but I haven't constructed commits yet

(edited)

looking at what

staging.bsky.app

's getRepo returns, it includes app.bsky objects, and MST nodes, but also commit objects with data, prev, sig, etc, which I don't have yet. hrm

Kosuke Konishi joined the room

snarfed

if anyone's implemented/constructed ATP commits, please send any hints you might have!

snarfed

getting a little farther grokking this. the repo is the linked list of root nodes and commits, third diagram on https://atproto.com/guides/data-repos#data-layout . the MST is a parallel data structure that only includes rkeys and CIDs, and is primarily used for efficient cross-PDS data synching

(anyone on the team is very welcome to correct any of this, obviously)

snarfed

(I guess the MST is also used for efficient object lookups by rkey)

remaining open question: is the order of the blocks returned by eg getRepo significant? maybe not? since if you can get a PDS's current head with eg getHead, you can then look up that commit and its root node in the repo, and get the MST's root from there

ok, taking a break for now, apologies for the stream of consciousness here

bogdanu joined the room

@saleh-:matrix.org joined the room

@saleh-:matrix.org

Message deleted

Jonathan

In reply to this message

so this means that PDSs need to be kept in sync constantly in their discovered federation, and that there needs to be some kind of bootstrap that indeed gets it to know some network, like that?

does a PDS query every other PDS it knows about, and when syncing, does it broadcast the sync to every other PDS it indeed knows about?

when one wants to resolve a DID that it cannot find locally, does it simply keep querying known PDSs until it does find one?

im trying to figure out what approaches a PDS/user would have on querying a "very unknown" DID, and which kinds of pointers it could have to find some semi-authoritative server where it can fetch it from, when any other server does not have the data ready

yeah, im seeing here that the DID document does contain a user's PDS, but what if you'd only have their handle / @, or their did identifier? how'd some server go about "finding" that user properly?

actually, thinking about this, i dont think its the biggest problem, but maybe supplying some additional glue record next to a DNS record to someone's DID, to point to (a collection of) PDSs where one could fetch someone's DID doc if they've never heard of them before, would help with bridging some things, when starting from 0 or even when trying to recover someone's access to an account, when their PDS is compromised, and they want to start with a new one, keeping their did

snarfed

In reply to this message

yes. this is the com.atproto.sync.requestCrawl, subscribeRepos, etc methods
we/I suspect it's pub/sub, based on those methods and maybe others
no, DID resolution is separate from PDS data sync

Jonathan

how exactly does DID resolution work, then? i thought that it was linked to "finding" the DID document in any PDS that would have a copy of it?

snarfed

for identity and DID resolution, see https://atproto.com/guides/identity and linked docs

(edited)

DIDs are a big standard that's outside ATProto itself, but that's ^ where to start on how they interact

Jonathan

hmmm alright

snarfed

right now ATP only supports did:web and did:plc. see https://w3c-ccg.github.io/did-method-web/#read-resolve and https://atproto.com/specs/did-plc for how those two resolve

Aaron Goldman

In reply to this message

plc.directory

@sanktmax:matrix.org joined the room

Jonathan

.....right, so that part is centralised

@sanktmax:matrix.org

Is there an APK for Android for those of us with custom roms?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

for now, yep

Jonathan

where can i read discussion/plans on how to decentralise it?

wolix

hey guys do you know be pretty soon bluesky android version

Aaron Goldman

In reply to this message

The problem there is that the plan to decentralize the directory is dependent on what the PDS operators are willing to accept. Most likely a Asynchronous Byzantine Fault Tolerant consensus algorithm for appending new DID document deltas to the leger. Should it be PoW, PoS, invitational that depends on what the community of operators are willing to accept and that community does not yet exist

Jonathan

Right, understandable, and the problems you're pointing at is pretty much exactly what I wanted to press when I first heard of the decentralised mechanism, it's pretty good, but it depends on those records being reliably accessible for the people whom they're relevant for, which requires some kind of network which is not susceptible to eclipse attacks, but I think you formulated it better, so I'll keep it here

Blue sky I may not be so interested in (I have already found my niche in fedi/mastodon), but atproto looks very promising for all kinds of decentralised network applications. It's a shame it doesn't look to be merged or unified with activitypub though

(edited)

It brings back a more personal feeling of domain names, which I really really want again

Aaron Goldman

So right now it's an append only log. And right now it's tiny. I would encourage anyone operating a PDS to download from their last download to the current tip every hour. It is hard for blue sky PBLLC to make any changes if every PDS is storing a full copy of the history.

The records are less than 1k Even if there were the same number of did PLCs is there are Facebook accounts there would still be somewhere on the order of one terabyte of log

And there will be much less than a few billion did PLCs for a long time

@saleh9:matrix.org joined the room

Aaron Goldman

The tricky part is not disseminating the log it's deciding who has the right to sign things into it.

snarfed

also fwiw I think did:plc isn't strictly required right now, pure did:web DIDs (ie that don't resolve to did:plcs) are theoretically supported too. not sure where I saw that, may have been in the code or a GH discussion. and probably not supported in practice on the official PDS yet

Aaron Goldman

Did Web is in some sense cleaner. We all long history of adjudicating who controls domain names. Assuming you trust the DNS system and the CA system which on today's internet you kind of have to.

snarfed

yup. nothing's perfect, including DNS and especially SSL CAs, but they've worked in practice and scaled way farther than anything else

https://snarfed.org/bluesky-satellite-contest-entry#Decentralization

JJ joined the room

snarfed

In reply to this message

https://play.google.com/store/apps/details?id=xyz.blueskyweb.app

bestonecrazy joined the room

bestonecrazy

I looked at screenshots, why are peoples' identifiers subdomains

snarfed

In reply to this message

https://blueskyweb.xyz/blog/3-6-2023-domain-names-as-handles-in-bluesky

superirale joined the room

bestonecrazy

thanks

adoair250 joined the room

adoair250 removed their profile picture

@saleh-:matrix.org

How to get a code?

damon/

@saleh-:matrix.org

I did it.. months ago

yaserdxb joined the room

wadeg joined the room

@novacosmos:matrix.org joined the room

moved to @shreyan:beeper.com@shreyanjain:matrix.org

does anybody have an example of did:web being used with ATProto?

snarfed

no, afaik all of them in both the main PDS and others like

boobee.blue

are did:plcs. the domain handles use alsoKnownAs, not did:web (I think)

@itspranitsingh:matrix.org joined the room

21shiki joined the room

樺島大介 joined the room

supermb1 joined the room

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

ah alright, yeah you're right they're alsoKnownAs

P changed their display name to Pranit

lamrongol

In reply to this message

I run http://whenitrains.glitch.me/script.mjs by Deno and send post to my Java program by

Socket.IO

and now my system is prepared to start( CarReader.fromBytes() sometimes throw error).

lamrongol

In this time, 5 posts per minute(excluding repost) and 65% is English and 25% is Japanese according to my program.

mutugorou joined the room

mutugorou

I heard that I can get an invitation code if I write here, is that true? I have heard that I can get an invitation code, is this true?

@foxyzlove:matrix.org

In reply to this message

ここ開発用のチャットみたいなので貰えないみたいです。
This is chat space for developer.

@00c:matrix.org set a profile picture

mutugorou

Thanks for letting me know.

Marcelo Iepsen joined the room

@nobodyu:matrix.org left the room

Chiziaruhoma Ogbonda joined the room

@jonan:c-base.org joined the room

ifeeltiredboss joined the room

ifeeltiredboss

so bluesky does not have its own instance of Matrix? lmao

Federated social
Connect with anyone on any service that's using the AT Protocol.

and then points to the biggest instance that has like >85% ppl on Matrix

ifeeltiredboss left the room

jesopo

>doesnt understand how rooms work

(edited)

paulmiwatson joined the room

val joined the room

@00c:matrix.org changed their profile picture

@ethcat:asra.gr joined the room

ノーモア映画泥棒 joined the room

@andy:go.hubup.pro left the room

るんるん joined the room

@yabasta:matrix.org left the room

emrecoban

I cannot request review: https://github.com/bluesky-social/atproto-website/pull/27

@itspranitsingh:matrix.org left the room

thedenoff joined the room

冷雲 joined the room

Mihigo Rugamba joined the room

bignessie joined the room

kp joined the room

mikuhl

Technically on Android you can "augment" the app by sharing a post to a custom app which draws over Bluesky.

jamanfredi joined the room

mikuhl

You can make a fake sheet that pops up and does whatever. But I would love to see maybe something official like that, possibly like an iframe inside a sheet. Because drawing over apps is not a thing on iOS. But they do have a similar idea called app clips.

mikuhl

Bluesky can inject a custom API so the web page knows the current user.

knuxbbs joined the room

Marcio Alves

The BlueSky app will also be part of the Huawei Appgallery store

@planetoryd:matrix.org

Message deleted

moved to @shreyan:beeper.com@shreyanjain:matrix.org

In reply to this message

https://staging.bsky.app/profile/pfrazee.com/post/3ju2lriwsqn2p Looks like they do definitely have plans to support did:web

pfrazee

moved to @shreyan:beeper.com@shreyanjain:matrix.org

nice 👍

pfrazee: can you expand a little more on this idea?

pfrazee

so at protocol is essentially a suite of systems for communicating between services

the data repository is a distribution network for signed records

the X in XRPC stands for "Cross-service"

the cryptographic systems are designed to enable distributed authentication

and Lexicon is designed to create semantic agreement between the systems

which all boils down to being able to exchange JSON between services successfully

this means that systems like custom algorithms will have a set of lexicons that are essentially the "algorithm provider interface"

and by providing APIs and behaviors that conform with that, they can integrate into the existing software ecosystem

in the ideal world this will mean developers creating services that feel just like anything else in an atproto app

almost like browsing static websites

but then because of the higher level semantics than what HTML provided, these services can integrate into flows other than just showing a page

jadaar joined the room

pfrazee

and that would include things like being added to the user's list of algorithms that then can drive the feed experience

make sense?

moved to @shreyan:beeper.com@shreyanjain:matrix.org

yep 👍

xerz joined the room

Matthew Rideout joined the room

Mert (@mertbhey:matrix.org) joined the room

yugyug joined the room

Nuh joined the room

emrecoban

While many developers are waiting to learn about what's going on inside and contribute to the development, random people/regular users are getting invite codes. What is your solution, dear authorities?

rawkode joined the room

rawkode

👋

@sanktmax:matrix.org

I put an a request to be invited to Bluesky in October of last year, any word yet when more people will be allowed to join the beta?

gradius joined the room

gradius set a profile picture

@quarkfour:matrix.org joined the room

@quarkfour:matrix.org

Message deleted

Alessio Gravili joined the room

@cauanzorzenon:matrix.org joined the room

@cauanzorzenon:matrix.org set a profile picture

cauanzorzenon changed their display name to cauan_zorzenon

@saleh-:matrix.org left the room

mikuhl

Will unknown collections be allowed at some point?

(edited)

@valynor:matrix.org joined the room

@valynor:matrix.org left the room

thorwolpert joined the room

grizzly-cafe joined the room

uakihir0 joined the room

yihwan joined the room

uakihir0 set a profile picture

uakihir0

👋 Hi, Bluseky Dev team! Regarding the format of data returned by subscribeRepo, could you please consider a common data format, CBOR is still very quirky and CAR seems to be language-bound. It would be great if you could consider this for the sake of the ecosystem.

snarfed

DAG-CBOR and CAR aren't that language bound, there are functional libraries in a number of languages. Go, JavaScript, Python, Rust.

uakihir0

Thanks for the reply. I am currently trying to write a client library in Java, and while CBOR had a publicly available library, I am having trouble finding a library for CAR. I consider it somewhat uncommon from that point of view.

ekana joined the room

snarfed

Java, maybe so. you could be the first!

ATProto is pretty deeply bought into the IPLD stack at this point, including DAG-CBOR etc. it seems pretty unlikely that they'd switch to something else anytime soon

uakihir0

Understood, it would be helpful if you could just recognize that there are programming languages that do not handle subscribeRepo well.

snarfed

definitely! acknowledged

(edited)

Takayuki joined the room

太田貴之 changed their display name to Takayuki

peterrood set a profile picture

snarfed

published the version version of https://github.com/snarfed/dag-json just now, need it to read ATP repo nodes

a a

just sent a PM!

Craig joined the room

khaled891 joined the room

lamrongol

Message deleted

atck3r joined the room

@tiaomu:matrix.org joined the room

cameron joined the room

jyoo joined the room

Ltrademark joined the room

morooka joined the room

諸岡孝親（もろおか） changed their display name to morooka

alrozzi

Anyone got an invite for me?

@neilalexander:matrix.org

In reply to this message

This is a developer room, please don't ask for invites here

0bl joined the room

0bl

hey

0bl set a profile picture

George Antoniadis

In reply to this message

I'm starting to miss discord where people have to read/accept a bunch of rules before chatting :D

Naadir Jeewa joined the room

@bemre:matrix.org left the room

Anthony Manning-Franklin joined the room

gxhduddbjj joined the room

gxhduddbjj

Message deleted

@numero6:codelutin.com

In reply to this message

I don't. When bluesky was on discord, it was a constant flux of cryptobros who kept asking where to buy the token

@neilalexander:matrix.org

On the flipside, the public Matrix network has a huge cryptospam problem, so they'll get you somewhere somehow

aoto joined the room

emrecoban

In reply to this message

Wow! Thanks Neil for reminding. We didn't know it.

lecstor joined the room

emrecoban

Everyone was thinking this room was the place to ask for invite code before seen Neil's text.

George Antoniadis

In reply to this message

Unfortunately this seems to be the case.

Naadir Jeewa

maybe worth adding to room description/rules

Naadir Jeewa set a profile picture

@quarkfour:matrix.org left the room

panji.bsky.social

is there a blue thick verification sign on bluesky in the future?

GoldyyDev joined the room

damon/

I highly doubt it as there are already mechanisms in place for verification which have been discussed pretty regularly here

naim joined the room

naim94a changed their display name to naim

soonday119 joined the room

@ritsu:fx45.in joined the room

rawkode

Ive been reading through the protocol spec. My inderstanding is that Bsky is PDS and that as such anyone with a Bsky account can only ever microblog, unless Bsky expand there lexicon; is that correct?

George Antoniadis

In reply to this message

The bsky lexicon currently only has microblogging atproto schemas yes.
If you (as a dev) would like to build a... events/calendar thingie based on atproto, you could create your own lexicon/schemas for them.
I don't think that the bsky PDS would accept them but you could create something on your own.

@germaingermain:matrix.org joined the room

rawkode

So id need to run my own PDS, but im assuming i could still use bSky by supporting their lexicon?

Mark Wiseman joined the room

@fischers_masai:matrix.org removed their display name (fischers_masai)

@fischers_masai:matrix.org left the room

rawkode

This is one if the things ActivityPub servers support vis C2S, in that the backend saves arbitrary butes and the clients can request particular types. Im wondering how ATProtocol will allow people to use Instagram, Twitter, YouTube, etc with a single identity?

@planetoryd:matrix.org

activitypub sucks

ivan

Message deleted

Next group of messages

Mon, Apr 17, 2023

Tue, Apr 18, 2023

Wed, Apr 19, 2023

Thu, Apr 20, 2023

Fri, Apr 21, 2023

Sat, Apr 22, 2023

Sun, Apr 23, 2023

Mon, Apr 24, 2023