Bluesky Dev
Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)
Previous group of messages
  1. alexeyalbert joined the room
  2. Brittany Huntzberry joined the room
  3. @10allday:matrix.org
    Is it possible to send files as text and have it decoded on the other end, because I don't know if you actually have the ability to send files?
  4. damon/
    I don’t think they’re handing that many out anymore
  5. Jeff Shannon joined the room
  6. Jeff Shannon set a profile picture
  7. morrowprime joined the room
  8. @tillkruss:matrix.org joined the room
  9. morrowprime
    If there is any lingering invite codes out there. I would greatly appreciate one. Thank you 🙏
  10. @10allday:matrix.org
    Did black markets form that sell invite codes?
  11. MarkF joined the room
  12. @shigop:matrix.org joined the room
  13. whyrusleeping
    sigh
  14. tobiastyler left the room
  15. @dead10ck:dead10ck.com

    https://atproto.com/guides/identity#example-self-hosted

    Example: Self-hosted#

    Let's consider a self-hosting scenario. If using did:plc, it would look something like:

    • The handle: alice.com
    • The DID: did:plc:12345
    • The hosting service: https://alice.com

    However, if the self-hoster is confident they will retain ownership of the domain name, they can use did:web instead of did:plc:

    • The handle: alice.com
    • The DID: did:web:alice.com
      The hosting service: https://alice.com

    So if I'm understanding this right, the DID is supposed to be the permanent identifier of the person and always forever be associated with the content they post in bsky.

    If I have this right, then does this mean that if you use did:web instead of did:plc that your id will always permanently be tied to the domain name you choose, and that you can never change your domain name and still keep your content?

    But furthermore, from my reading here, did:plc is supposed to be "temporary" (thus the name), so assuming some suitable DID method is added to the standard, how does this affect users? How do they migrate to this new standard method if their DID is supposed to be static forever?

  16. Jeff Shannon
    I've lost domains due to an expired CC and someone took it. I've wondered how this would work if you used a domain and that situation occurred
  17. @dead10ck:dead10ck.com
    Right, exactly. This happens all the time
  18. @10allday:matrix.org

    In reply to this message

    Ask VeriSign to revert the change of ownership as they control .com.
  19. Can't do that with blockchain domains, so don't use those if they are added to atproto.
  20. snarfed

    In reply to this message

    I think the answer is alsoKnownAs inside the DID document, but it's early for those kinds of q's, they probably have more to flesh out on the DID migration case
  21. (and again, the current DNS handle thing is not did:web)
  22. mvij joined the room
  23. Tou joined the room
  24. @10allday:matrix.org
    Could .eth tlds be officially supported?
  25. Very popular with cryptobros.
  26. snarfed
  27. nzheretic

    In reply to this message

    Is there any plan for the future for atproto to include a standardised ability for clients to host local plugins in a wasm/webassembly sandbox?

    (edited)
  28. snarfed

    In reply to this message

    clients can do anything they want, but that's orthogonal to the protocol
  29. @10allday:matrix.org
    Would it be possible to use the tld to create special communications for organizations like schools which use .edu, or for American government entities like .gov, or even for the American Department of Defence .mil?
  30. nzheretic

    In reply to this message

    With a plugin sandbox along with substantial digital signing tied with limiting access to local client storage , you could adopt any sort of crypto system you want.
  31. snarfed
    you can build your own applications on top of ATP that use your own lexicons and do whatever you want
  32. @10allday:matrix.org

    In reply to this message

    Discord has this same feature for students to connect with other students using a .edu domain of their school.
  33. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    well... not yet. you'll get something like this if you send an unknown lexicon to

    : {"error":"InvalidRequest","message":"Lexicon not found: lex:app.bsky.feed.poste"}

    Hopefully soon though.

  34. Ramon joined the room
  35. @10allday:matrix.org

    In reply to this message

    It's stupid that it's not a programming language.
  36. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    huh?
  37. snarfed
    oh sure, not literally on the current PDS. eventually, when they ship federation, on other PDSes
  38. Aaron Goldman

    In reply to this message

    That what is not a programing language?
  39. @nagatokikka:matrix.org joined the room
  40. @10allday:matrix.org

    In reply to this message

    PDS. If it was a programming language native to the platform, like how JavaScript is native to the web-browser. What we have now is just talking to a brick wall and hoping the other end, understands gibberish.
  41. @nagatokikka:matrix.org left the room
  42. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    not sure how this would work...
  43. a pds is just a server which holds your records etc
  44. snarfed
    also this is how basically all standard protocols work. no "native programming language" needed. you standardize the data format and the behavior expectations on each end. interop can be tough to get right, but it generally does work
  45. nzheretic
    To expensive hosting script execution on servers, better to do in client sandbox - standardised subset of wasm/webassembly with protocol defined client side plugin APIs/interfaces.
  46. @10allday:matrix.org

    In reply to this message

    Can't indexers work together to process these?
  47. nzheretic
    Keeping such workings on the client side works better to preserve privacy & security.
  48. @10allday:matrix.org
    This would probably be part of version 2, as it be a non-breaking charge, but a permanent change nonetheless.
  49. Along with other improvements included in version 2.
  50. @dead10ck:dead10ck.com

    In reply to this message

    You're really not making any sense at all. Asking why a web server isn't a programming language is like asking why a house isn't a hammer 🤕
  51. @10allday:matrix.org
    It looked like you were going to program stuff in json, while a normal programming language is better suited for doing actual tasks.
  52. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    json is just the data format xrpc uses?
  53. @dead10ck:dead10ck.com

    In reply to this message

    No one programs anything in json 🤔
  54. alfons haffmans joined the room
  55. @dead10ck:dead10ck.com
    Regarding user names, one thing that wasn't quite clear: if you wanted to host your own bsky, would you be able to have @domain.com for yourself, and also use subdomains for other users on the same PDS, e.g. @alice.domain.com, @bob.domain.com, etc? I assume this is the case
  56. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    totally! domain usernames aren't actually linked to the pds, so there's nothing stopping you 🙂
  57. you would probably want to use something like the cloudflare dns api to automate username registration though!
  58. @10allday:matrix.org

    In reply to this message

    Do you need to run a dns server?
  59. @dead10ck:dead10ck.com

    In reply to this message

    Not necessarily. I use Route 53 myself. You just need a domain name and a DNS provider of some kind, AWS, Cloudflare, etc
  60. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    yeah exactly. Route 53, Cloudflare, etc will probably make it easier to automate the dns record creation
  61. @10allday:matrix.org
    Could Google ever legally use .google as a username on Bluesky?
  62. @dead10ck:dead10ck.com

    In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    totally! domain usernames aren't actually linked to the pds, so there's nothing stopping you 🙂
    I did find it interesting that the "resolution" as specified by ATproto is implementation agnostic; there just has to be a web server that can respond to the xrpc method call with the correct format. I just looked up
    the reference implementation
    for the handler of this method, and it's literally just doing DNS TXT record lookups on _atproto.{handle}, pretty neat. So yeah, nothing prevents having a TXT record for both _atproto.domain.com and _atproto.alice.domain.com
    (edited)
  63. @10allday:matrix.org

    In reply to this message

    Does it contact the root name servers?
  64. @dead10ck:dead10ck.com
    Does make me curious though, if the spec itself is implementation agnostic, nothing prevents someone from running a server that uses something completely different, like their own Postgres table or something. The only thing stopping fragmentation would be network effect
  65. mikuhl
  66. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    Yeah, I've seen people create bots with usernames as subdomains of their main :-)
  67. mikuhl

    In reply to this message

    So like this, do old posts get updated
  68. @dead10ck:dead10ck.com

    In reply to this message

    Yeah if it's just TXT records, Google would just store their own DID handles in their own nameservers. It's the same way anyone could use their own domain name on
    bsky.social
    , for example
  69. @10allday:matrix.org

    In reply to this message

    So, Verisign could register their username as com?
  70. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    this was discussed earlier on bluesky. no, you can't register tlds as usernames
  71. @dead10ck:dead10ck.com
    Presumably yes. That would be pretty confusing though lol
  72. @10allday:matrix.org
    @google is a better username than @
    google.com
    .
  73. @dead10ck:dead10ck.com

    In reply to this message

    Oh really? Why not? If they own the nameservers, what stops them from having a _atproto.com TXT record?
  74. Theron Dill joined the room
  75. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    I don't actually know if it's a technical limitation but Jay said it's not possible right now
  76. @10allday:matrix.org
    Message deleted
  77. @10allday:matrix.org
    Didn't mean to post that.
  78. @dead10ck:dead10ck.com

    In reply to this message

    I mean technically that's not a spec compliant host name, but that doesn't stop a name server from doing what it wants
  79. @10allday:matrix.org

    In reply to this message

    Um, using domain names as usernames isn't spec compliant ether.
  80. @dead10ck:dead10ck.com
    This is a pretty silly hypothetical anyway, since I can't imagine any DNS registrar doing this, but technically speaking, I don't see anything preventing it
  81. @10allday:matrix.org

    In reply to this message

    How else would google join the platform?
  82. moved to @shreyan:beeper.com@shreyanjain:matrix.org
  83. @10allday:matrix.org
    It's the most Google thing for them as a company.
  84. Aaron Goldman

    In reply to this message

    You would not believe what people program in json. I have seen apps with lisps embedded in json lists
  85. It was horrible
  86. And slow
  87. Also the things kubernetes does with yaml 😨
  88. @10allday:matrix.org
    Google also has international country specific domain names, could that make company subsidies easier to find, as it's just
    name.country
    ?
  89. So, you could for example do a search for Google listed by country and see all of the company subsidies right from within the app.
    (edited)
  90. Aaron Goldman
    I've never tried to register a name that starts with a _
  91. _atproto.TLD 🤔
  92. @pizza
  93. f3t3012 joined the room
  94. @10allday:matrix.org
    It's unfortunate that usernames can't be top level domains, as you can't currently register a brand new one.
    (edited)
  95. @dead10ck:dead10ck.com

    In reply to this message

    I was actually referring to

    which says that labels should start with a letter, but I think I was actually just misremembering; it appears this is just a recommendation, and not a requirement.

    It appears there is actually no restriction whatever on labels, save for length:

    https://stackoverflow.com/questions/25199202/which-rfcs-specify-the-syntax-of-hostnames-and-constraints-on-dns-hostnames

  96. In reply to this message

    I was thinking more of the case of registrars that control TLDs like Verisign with com, but yeah in the case of privately owned suffixes, this makes a lot more sense, like just google or just amazon, rather than google.com or amazon.com, if they wanted one account to officially represent the whole company
  97. mikuhl
  98. the most descriptive class
  99. @dead10ck:dead10ck.com
    They own the nameservers on those TLDs, so nothing prevents them from making TXT records on _atproto.google
  100. Aaron Goldman
    It's fine as long as it's internal 😈
  101. @10allday:matrix.org
    Microsoft can move onto Bluesky seemlessly and ensure that it looks like all their other social media usernames. Source: https://icannwiki.org/.microsoft#:~:text=.microsoft%20is%20a%20new%20Brand%20gTLD%20delegated%20in,Microsoft%20with%20back-end%20registry%20services%20provided%20by%20Verisign.
  102. @dead10ck:dead10ck.com
    On this note too, nothing would prevent arbitrary aliasing to the same DID. You could make any number of TXT records point to the same DID
  103. @10allday:matrix.org
    Would brand tld applications increase due to everyone incorporating a company, or whatever the requirements are to get one?
  104. @dead10ck:dead10ck.com

    In reply to this message

    I had the same thought, would we see an explosion of private suffixes?
  105. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    yep, but the did does need to point back to the domain
  106. @dead10ck:dead10ck.com

    In reply to this message

    You mean the service URL? But that can be anything, right? Doesn't have to be the same domain as the handle. Otherwise, this would not allow having your own domain as a handle on a different service provider
  107. @10allday:matrix.org

    In reply to this message

    Tlds wouldn't be capable of being used for any besides being used for a username.
  108. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    nah I mean there should be a field somewhere like "alsoKnownAs":["at://
    mikuhl.bsky.social
    "]
  109. sorry mikuhl , I just used you as an example because your did was in my clipboard for some reason 🤣
  110. mikuhl
  111. @10allday:matrix.org
    at://
    example.com
    would be a valid way to contact the user called
    example.com
    ?
  112. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    yep
  113. @10allday:matrix.org
    Could it be possible to get the organization behind
    example.com
    ,
    example.net
    , and
    example.org
    , as they are owned by the same company, to create decentralized identifiers for each domain, so you are able to mention them in a conversation on the app, and have them highlighted as a normal user, but have a notice that it is a demonstration domain when clicking on, or hovering?
  114. Dörte Schröder joined the room
  115. ncheck joined the room
  116. ncheck
    It is my understanding that as a federated service, anyone can set up an ATP server and interact with Bluesky and other servers on the network. I also understand that ATP's system separates the moderation layer from the data storage layer, and that moderation basically works by assigning labels to objects in the storage. ...
  117. So Bluesky, the company, who will presumably be operating the biggest, most popular ATP server, provides both the storage and the moderation layers as part of their service, right?
  118. @10allday:matrix.org
    How much would it cost to register to Bluesky and would Bluesky charge any fee for switching networks, on top of any fees for joining the new network, if any?
  119. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    none
  120. @10allday:matrix.org
    Would there be data caps or on going payment for accessing the service, would some features be locked by packages that you need to pay for to unlock the feature(s)?
    (edited)
  121. Its starting to look like a hybrid of telecommunications, if cable, internet, and phone carriers were to make a similar platform.
  122. Very exciting opportunities for people to start servers and do the "telecommunications approach".
  123. What category would atproto fall under if it is similar to telecommunications, but is based on primary the internet? What sub category of the internet tecom would it fall under?
  124. Atul Shukla joined the room
  125. mikuhl
  126. Got quotes working in my client!
  127. Looking at the schema looks like you can quote basically any record, kind of like Nostr.
  128. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    awesome!
  129. In reply to this message

    so in theory I could quote a profile description? XD
  130. mikuhl
    possibly, I am sure that nothing would display on the app though haha
  131. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i'm curious - how do quote records work? are they just facets or something else?
  132. mikuhl
    its an embed
  133. Record, or RecordWithMedia
  134. Record value is "unknown" so basically anything
  135. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    ooh nice
  136. @10allday:matrix.org
    How would you determine if a user is using atproto version one or version two which allows for blocking?
  137. Does atproto give its protocol version, before it establishes a connection?
  138. If it doesn't, that can't be fixed now that clients are using the v1 protocol.
    (edited)
  139. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    is it necessarily an issue though? there was previously a major refactor and most clients survived. it could be helpful, but new protocol releases probably won't break anything, probably just add new lexicons and things like that.
  140. @10allday:matrix.org

    In reply to this message

    It's still an issue, which is why all protocols tell their version.
  141. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i see what you mean
  142. @10allday:matrix.org
    This still can be fixed to identify v1 and newer versions by requiring v2 and up by saying their current version and possibly all features the client supports.
  143. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    kind of like a user agent header?
  144. @10allday:matrix.org

    In reply to this message

    Yeah.
  145. In reply to this message

    It's scary that the team was releasing updates to v1, when clients already used v1 before those updates.
  146. @10allday:matrix.org
    Bluesky should let a standards body manage the publication of standards, as they are applying the open source "don't worry, it can be changed instantly" mindset. They are not capable of making standards, if they are use this mindset.
  147. @planetoryd:matrix.org

    In reply to this message

    no, just move fast
  148. jhantkw joined the room
  149. @aqua:aquatica.space joined the room
  150. Anoop Bhatia
    please give me a bluesky invite code
  151. @planetoryd:matrix.org

    In reply to this message

    it doesn't exist
  152. Anoop Bhatia

    In reply to this message

    😭
  153. もが joined the room
  154. @nautical7m:matrix.org joined the room
  155. @njkekantarell517:matrix.org joined the room
  156. damon/

    In reply to this message

    So awesome. Keep up the good work
  157. @dead10ck:dead10ck.com

    In reply to this message

    This is to be expected in a very early version of a new protocol. When it is more stable, absolutely there should be a standard and backwards compatibility should be guaranteed, but not before they declare it stable. At this point, anything goes
  158. @louipc:matrix.org joined the room
  159. @dead10ck:dead10ck.com
    During early development phases of any project like this, devs need the flexibility to change things, because you simply can't get everything right on the first try. You need to be able to iterate and figure out what works in practice for a little while
  160. But stability is important, of course, so this has to stop after a certain point
  161. @louipc:matrix.org
    ohsnap this is gonna cause confusion https://github.com/bluesky/bluesky
  162. @planetoryd:matrix.org

    In reply to this message

    exkc
  163. @louipc:matrix.org
    sup. hey what's the space for bluesky
  164. @planetoryd:matrix.org
  165. @louipc:matrix.org
    there was one but matrix search doesnt show spaces
  166. @louipc:matrix.org
  167. sam
    Does anybody have an invite code so I can go into the sky, or is there a way to self-host an instance and connect to the network that way?
  168. @dead10ck:dead10ck.com

    In reply to this message

    Someone said
    yesterday
    that you could spin up your own instance, but federation is not yet turned on on the main
    bsky.social
    instance, so you'd be on an island essentially
  169. ifeeltiredboss
    cant you federate between "islands"?
    (edited)
  170. @dead10ck:dead10ck.com
    I'm not sure how the invite codes work either, if they hand them out to users for a network effect, or if they only go through the public wait-list, but I'd also be interested in a code if anyone does have one
  171. In reply to this message

    Yeah that I'm not sure. It wasn't clear to me if federation capability exists, but is just not turned on yet on the main instance, or if federation isn't done yet at a technical level
  172. ifeeltiredboss
    yeah, the second makes more sense than the first. what's the point of federation when the 'main' instance can just switch it off
    (edited)
  173. George Antoniadis
    Federation does not exist yet but is actively being worked on.
  174. I don't think they consider bsky a "main" instance. All instances should be equal once federation works.
  175. Chris Lace

    In reply to this message

    My invites are not working
  176. Bastian
    I imagine it'd be way harder to make changes to the federation apis if the network is already running
  177. ifeeltiredboss
    what the fuck @syui just broke the timespace
  178. @dead10ck:dead10ck.com

    In reply to this message

    Yeah, but I suspect just like with Mastodon and Matrix, there will end up being a large concentration of users there
  179. @planetoryd:matrix.org
    can atproto IDs be taken down
  180. Yes mastodon social has the largest amount of users but not all are active and is the 4th most active in terms of status updates.
  181. Unfortunately matrix's server stats project doesn't seem to be online right now, but I don't think the situation is that different.
  182. fred blauer
    Looking for a bluesy invite please
  183. @planetoryd:matrix.org

    In reply to this message

    delete this. spam
  184. fred blauer
    Thanks, what do you suggest to get a code?
  185. @planetoryd:matrix.org
  186. fred blauer
    What is idk?
  187. @planetoryd:matrix.org
    i dont know
  188. fred blauer
    It's hard to participate in the discussions without any way to access the platform
  189. mayankbatra
    I have been on this group for a couple of months. I want to get involved in Dev. What is a good readme to start. I have previously worked on federated protocols using xmpp in depth but a while ago.
  190. @louipc:matrix.org

    In reply to this message

    you on bluesky?
  191. @planetoryd:matrix.org

    In reply to this message

    u know IPFS ?
  192. In reply to this message

    no
  193. @louipc:matrix.org
    i wonder how many members there are now
  194. @dead10ck:dead10ck.com

    In reply to this message

    Hm, yeah, at least with regards to mastodon, you're right, mastodon.social has the most users, but it's not super concentrated. I wonder how many of that user count is active.

    But I think

    is still very concentrated. You can look at the participants in this room even. There are a handful of other servers, but almost all
    matrix.org
    .

    This probably has a lot to do with discoverability and defaults (e.g. I think Element just defaulted to

    for a while), but not sure this issue has been discussed and how bsky will approach this problem when it goes GA

  195. @planetoryd:matrix.org

    In reply to this message

    yes i know. matrix sucks really hard. the federation is a joke. no routing protocols, no cryptography, nothing.
    (edited)
  196. @louipc:matrix.org
    what do you mean no crypto?
  197. there definitly is, but its wonky at least
  198. @planetoryd:matrix.org
    you know how extensively applied crypto is in projects like ethereum ? that's how cryptography should be used.
    (edited)
  199. Chris Lace
    Wow’ it seems like nobody responds back now
  200. @louipc:matrix.org

    In reply to this message

    fairly well
  201. @planetoryd:matrix.org
    Matrix isn't even using IPFS as the CDN. No CIDs, no publickey based IDs
  202. Worst protocol ever
  203. Full-mesh routing
  204. @louipc:matrix.org
    it wouldn't use ipfs, but yea it could have some protocol to distribute load over the network.. maybe a matrix-only thing
  205. @planetoryd:matrix.org
    Their android apps never survive more than 2 hours on my phone
  206. They hang my entire OS
  207. @louipc:matrix.org
    but yea matrix has so many shortcomings. i really want to abandon it
  208. so many missing moderation capabilities
  209. main server daemon cripplingly inefficient clunky
  210. @planetoryd:matrix.org

    In reply to this message

    yes, IPFS has various issues here and there. It is a well maintained project at least
  211. @louipc:matrix.org

    In reply to this message

    yea the clients horribly janky too
  212. @planetoryd:matrix.org
    the entire goal of it is some sorta decentralized Cloudflare
  213. @pathumego:matrix.org joined the room
  214. @louipc:matrix.org
    i never used ipfs really. probly should check it out
  215. i been enjoying lbry
  216. @germaingermain:matrix.org changed their profile picture
  217. Rajesh Sharma joined the room
  218. retr0id
    how do I review the operation log for my did:plc:?
  219. sylphrenetic
    going forward I feel like the best way to advertise Bluesky's invite-only paradigm is to tell people that if you want a code to get onto Bluesky, ask your friends. like, people you personally know. and for people giving invites to only give invites to people they are friends with and can vouch for and trust. like, lean into the idea of a social graph of friends being the backbone of the social network, and discourage people from breaking that social graph by asking for things from people they don't know at all.
  220. equinox joined the room
  221. sylphrenetic
    actually wait that will give you just the did document, you're looking for the deltas
  222. retr0id

    In reply to this message

    neat, who runs that and how does the data get there? (sorry for asking so many questions I'm trying to build a mental map of how everything fits together)
  223. In reply to this message

    yeah, I'm specifically looking for the create operation but also interested in the other ops
  224. sylphrenetic

    In reply to this message

    look at
    plc.directory/
    did:plc:/log/audit
  225. In reply to this message

    I'm helping build a document that explains stuff like this but it's a slow process. might need someone else to answer for now who has a more authoritative say on it
  226. lockydev joined the room
  227. qq62hsi7 joined the room
  228. snarfed
  229. In reply to this message

    https://atproto.com/specs/did-plc (the registry isn't really documented yet though)
  230. mikuhl
    I feel like "replied" should be a reason for feed post view
  231. @neoazubal:matrix.org left the room
  232. snarfed
    feel free to file an issue, https://github.com/bluesky-social/atproto/issues , but that's the backend, not the app, so severity is pretty damn low, if anything at all
  233. @tony6:matrix.org left the room
  234. crash joined the room
  235. mikuhl

    In reply to this message

    feel like its not something you should disclose publicly, pfrazee whyrusleeping can you find someone for that?
  236. George Antoniadis

    In reply to this message

    Please don't create an issue for this -- ping pfrazee whyrusleeping -- you should be able to grab cookies etc from the domain.
  237. retr0id
    I don't think there are any cookies on that domain tho
  238. document.cookie == ""
    (edited)
  239. (I am signed in to
    staging.bsky.app
    in the same browser session)
  240. George Antoniadis
    let's see what we can grab then hehe :D
  241. Jemma joined the room
  242. pfrazee
    On it
  243. mikuhl
    I hacked some image website a long time ago by uploading a php script as a .png lol
  244. George Antoniadis
    The staging site seems to store some cookies under the .
    bsky.app
    domain, so you should be able to grab something
  245. Not sure what __cf_bm is but doesn't seem to be session related so pretty tame impact I guess
  246. Session lives on local storage
  247. mikuhl
    cf is giving me cloudflare vibes
  248. Nelly joined the room
  249. pfrazee
    The
    bsky.social
    domain should be isolated from the domains that execute code so I don’t believe there’s any way to escalate access yet
  250. That said we’re going to add CSPs and mime type filters
  251. George Antoniadis
    pfrazee time for a security issue disclosure policy :D
  252. Mark Foster SSI: @mfoster.io
    I’m sure it’s JWT sessions in the cookies correct? Im seeing ajs_user_id and ajs_anonymous_id how often does the secrecy key rotation per user happen on the server side? I’m seeing the cookie expiration is set for a year
  253. pfrazee
    Yeah being worked on,
    security@bsky.app
    is available
  254. In reply to this message

    I’ll double check but I’m pretty sure we don’t do that
  255. mikuhl
    anyone who uses cookies for anything secure, JAIL!!
  256. 😂
  257. Mark Foster SSI: @mfoster.io
    Yes!
  258. retr0id

    In reply to this message

    btw my recommendation would be to not use mime sniffing anywhere in the app, front or backend
  259. take the mime specified at upload as gospel
  260. (and have a whitelist of safe mimes that an http request for com.atproto.sync.getBlob is allowed to return in the content-type header, falling back to application/binary if it's not on the list)
    (edited)
  261. retr0id
    (and make sure image/svg+xml isn't on the list of safe mimes, heh)
  262. Mark Foster SSI: @mfoster.io

    In reply to this message

    Is
    security@bsky.app
    an ATProto handle or in element?
  263. mikuhl
    email probably lol
  264. Mark Foster SSI: @mfoster.io

    In reply to this message

    The Internet is getting complicating there was emails webfinger/Mastadon SolidProject then Twitter handles, ATProto handles, matrix, discord etc it’s time for @interop @ptotolookup
  265. mikuhl
    username@domain is also bitcoin lightning address fromat
  266. retr0id
    we need a new namespace naming namespace
  267. Mark Foster SSI: @mfoster.io
    Yes I forgot Nostr user and the sat symbol or s/vB mikuhl
    (edited)
  268. In reply to this message

    I put a lot of thought into that, we also need a UI namespace beyond the traditional.tld .com etc.
  269. In reply to this message

    This is where I have been looking 👀 at DIDs
  270. pc_load_letter joined the room
  271. pc_load_letter changed their profile picture
  272. retr0id
    I think the hard problem is not how to visually represent the namespace, but how you decide who gets to pollute it
    (edited)
  273. Mark Foster SSI: @mfoster.io

    In reply to this message

    Pollute or Populate it 😂
  274. retr0id
    same difference :P
  275. Mark Foster SSI: @mfoster.io

    In reply to this message

    😂
  276. mturro joined the room
  277. LG joined the room
  278. l g changed their display name to lLG
  279. lLG changed their display name to LG
  280. @logic-gate:matrix.org joined the room
  281. ncheck
    I'm curious about moderation in Bluesky Over on Mastodon, if people misbehave on another server, it's common to ban the entire server rather than just the misbehaving users. The reason being, if you run a Mastodon server, you have enough trouble moderating your own users. You don't want to have to moderate other servers too. Is Bluesky going to offer moderation labelling for the whole network?
  282. mayankbatra

    In reply to this message

    Yes theoretically really well. In Dev very basic.
  283. simon987 joined the room
  284. @10allday:matrix.org

    In reply to this message

    The users won't want this as in their eyes, it "defeats decentralization".
  285. George Antoniadis

    In reply to this message

    https://blueskyweb.xyz/blog/4-13-2023-moderation check out jay’s post on moderation
  286. jeed317 joined the room
  287. @10allday:matrix.org
    How can we ensure that you have to pay to access any server on the Bluesky network? What norms will need to be accepted to ensure that this happens and models after Usenet subscriptions?
  288. jeed317
    I would love an invite
  289. Mark Foster SSI: @mfoster.io

    In reply to this message

    It’s controllable by the Apps and Networks, repositories are Merkle Tree
    IPLD.io
    CARs with Self Authentication and DIDs. There will be many algorithms and labeling services to choose from that query Lexicons https://atproto.com/guides/lexicon
    (edited)
  290. @10allday:matrix.org

    In reply to this message

    In reply to
    @10allday:matrix.org
    How can we ensure that you have to pay to access any server on the Bluesky network? What norms will need to be accepted to ensure that this happens and models after Usenet subscriptions?
    @mfoster:matrix.org
    (edited)
  291. Abdur Rahman Bilal joined the room
  292. богдан зажигин joined the room
  293. Aaron Goldman
    https://bsky.social 48413 DIDs https://stems.social 5022 DIDs looks like
    stems.social
    Is now the second biggest server.
    (edited)
  294. punnie joined the room
  295. nandanmoto joined the room
  296. ncheck
    "There will be many algorithms and labeling services to choose" Does Bluesky offer a labeling service? Assuming it does, will Bluesky label everything in the federation, or only posts on their own PDS?
  297. mekhi joined the room
  298. @dym-sh:matrix.org joined the room
  299. @dym-sh:matrix.org set a profile picture
  300. Aaron Goldman

    In reply to this message

    It's an interesting question how little you can get away with labeling.

    At first glance anything by anyone who one of your users followed would need labels or worse the full content of your Indexer but actually it may be much less than that. Most content is boring and no one will ever see it rise to the level of their timeline or search results. We may be able to only run the labelers over stuff that has enough base rank that it is likely to be recommended

  301. Radha joined the room
  302. nkn6fcs4cw changed their display name to Radha
  303. @10allday:matrix.org

    In reply to this message

    What if there was a default algorithm automatically given to users who follow other users?
  304. I don't know why you guys want a chronological feed without even calling it a chronological feed, instead the team calls it a user-curated "algorithm".
  305. ivandemurard joined the room
  306. Agusti

    In reply to this message

    If u have a chrono feed and follow 100k acct gl
  307. Aaron Goldman
    User probably wants to curate the set of repos in the Chrono feed more than the full follow list 🤷‍♂️
  308. Cody joined the room
  309. KatZ YaZ joined the room
  310. Lleyton “Lea” Gray changed their profile picture
  311. Lleyton “Lea” Gray changed their profile picture
  312. Lleyton “Lea” Gray changed their profile picture
  313. @dead10ck:dead10ck.com

    In reply to this message

    Hmm, pressing show more doesn't do anything for me
  314. snarfed
    hmm, me neither now, and nothing in console. maybe a bug
  315. @10allday:matrix.org
    How do you sign into bluesky?
  316. bnewbold
    hi folks, popping in quickly to say: we miss you! has been a wild week and have not had time to keep up here. we have even paused all github interactions for a week. we intended to land a round of dev docs and info about federation around now, but things are getting pushed back b/c we have urgent moderation needs. keep an eye out for that soon. we can't build this whole ecosystem ourselves, and know that we are not doing well w/r/t docs and support right now, but hope to get our attention back to it soon
  317. @10allday:matrix.org
    Can atproto be reconfigured to work like matrix, without messing with the Twitter portion of the protocol?
  318. @10allday:matrix.org

    In reply to this message

    In reply to
    bnewbold
    hi folks, popping in quickly to say: we miss you! has been a wild week and have not had time to keep up here. we have even paused all github interactions for a week. we intended to land a round of dev docs and info about federation around now, but things are getting pushed back b/c we have urgent moderation needs. keep an eye out for that soon. we can't build this whole ecosystem ourselves, and know that we are not doing well w/r/t docs and support right now, but hope to get our attention back to it soon
    Will the docs say how you can get a membership and how to pay for it? This is a huge problem with decentralization, because only cryptocurrencies can solve the payment issue, but the pushback from people is not going to move the space forward.
    (edited)
  319. We cannot rely on PayPal or banks directly to send and receive payments, because they cannot be integrated directly into the protocol.
  320. How can the community be more involved in developing the integrations with blockchains and cryptocurrencies, so we can remove any reliance on centralized payment platforms?
  321. We cannot have 1000 different ways to pay on different servers, because of centralized payments.
  322. We will use this thread for discussion on ways to improve the payment system of Atproto, or creating the payment system, if it doesn't exist.
  323. Who wants to go first and discuss the first topic of this thread regarding payments?
    (edited)
  324. I've created a thread, so the community has the chance to engage in discussions on payments when using Atproto. (I don't work for bluesky, it's up to them to implement any proposed features discussed in the thread.) Thread Link: Message
    (edited)
  325. @jonaharagon.com
    Why does it need an integrated payment system?
  326. @10allday:matrix.org
    Is someone going to actually respond to issues, I am talking about? Nine people have already seen my posts. There needs to be discussion on this, otherwise it's going to become a place where it's not possible/profitable to run hosting for accessing the network, because users have become accustomed to using atproto for FREE.
    (edited)
  327. @danny-hpy:matrix.org joined the room
  328. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    why is that an issue?
  329. I don't really understand why it being free is an issue
  330. @10allday:matrix.org

    In reply to this message

    People pay for internet, do you want the internet to be free?????
  331. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    if it's practical for something to be provided for free I don't see why to make someone pay
  332. @jonaharagon.com

    In reply to this message

    yes ngl
  333. @10allday:matrix.org

    In reply to this message

    Why would you run a business for free?
  334. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    well with a protocol like bluesky do I really trust it to be controlled by an incentive for profit?
  335. i would much rather imagine such a protocol as something as basic as being able to publish content to the internet
  336. rather than a business meant to be run to make money for some faceless shareholders
  337. Jonah (he/him) changed their display name to @jonaharagon.com
  338. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    this, to me, is a big part of why open protocols matter
  339. @10allday:matrix.org
    Mastodon is facing a crisis where server owners can't afford to keep the instance profitable. Do we really want to incentivize a culture of users on atproto, to ditch a server, because it isn't profitable?
  340. @jonaharagon.com
    Is Mastodon facing that crisis in reality? I run a Mastodon server which is profitable.
  341. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    the two major mastodon instance shutdowns ive heard of had nothing to do with money
  342. xylobol

    In reply to this message

    these aren't mutually exclusive either
  343. I can see a lot of mid-sized instances that charge monthly
  344. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    true :-)
  345. @jonaharagon.com

    In reply to this message

    I don’t understand what you’re asking for, do you want a mechanism to pay PDS providers, or a mechanism to facilitate user to user payments on Bluesky, or both? or something else?
  346. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i do think the primary incentive shouldn't be profit, though
  347. @10allday:matrix.org

    In reply to this message

    Payment should be built in to atproto, so you don't rely on centralized services.
  348. @jonaharagon.com
    What’s the issue with reliance on centralized services?
  349. xylobol
  350. go use Bitcoin or mail cash around if you're worried about visa 1984ing you
  351. @10allday:matrix.org

    In reply to this message

    Bro, why are you even asking this? 💀
  352. @jonaharagon.com
    If we really wanted payments for some reason, why couldn’t a plugin system exist, where I could install a “Stripe plugin” and accept payments via that service, or a “PayPal plugin” or whatever.
  353. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    why? payments can be handled elsewhere, no? it doesn't have to be in the social protocol imo
  354. xylobol

    In reply to this message

    see above
  355. Brad Brown
    i’ll be blunt — this feels like a “how do we inject crypto into {x}?” sorta thing more than an attempt to fill an actual pressing need.
  356. xylobol
    yeah
  357. @10allday:matrix.org

    In reply to this message

    Okay, but you need the protocol to store that the user paid for access to the instance, otherwise it's pointless.
  358. xylobol
    or the instance just does the accounting itself
  359. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    that is probably a better solution
  360. the protocol shouldn't be too bloated
  361. @10allday:matrix.org

    In reply to this message

    It wouldn't be decentralized.
  362. @jonaharagon.com
    I don’t really understand why cryptocurrency users don’t understand that online payments have existed for decades before cryptocurrency became a thing…
  363. xylobol
    cool
  364. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    but if it's handled by the instance itself why does that matter
  365. xylobol
    this is not a problem because we are talking about access to a single instance
  366. @jonaharagon.com
    if this is a problem, it’s already been solved 🤷‍♂️
  367. @10allday:matrix.org

    In reply to this message

    Cryptocurrencies are designed to work without the use of a bank.
  368. @jonaharagon.com
    I’m still not convinced there’s a need here though…
  369. Yeah but who wants to pay without using their bank account?
  370. That’s where my money is lol
  371. xylobol
    we're dealing with a cryptobro here
  372. @10allday:matrix.org

    In reply to this message

    What if you don't have a bank account?
  373. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    who realistically does not have a bank account in 2023
  374. xylobol
    then you can arrange someone else with whoever is running the instance
  375. this really isn't difficult
  376. *something else
  377. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    why build it into the protocol? it's kinda pointless imo
  378. Cody

    In reply to this message

    Adding on to this if anything banking is more accessible than crypto. It's very easy to open a bank account when you're 13-17 but you can not legally use exchanges in the US till you're 18+
    (edited)
  379. @10allday:matrix.org
    Could the protocol allow for decentralized bank transfers to and from different banks?
  380. @jonaharagon.com
    why would we want it to do that?
  381. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    also one of the major attractions of bluesky/atproto is that it doesn't rely on or use a blockchain or cryptocurrency
  382. xylobol

    In reply to this message

    web3.0 blockchain decentralization obviously
  383. @10allday:matrix.org

    In reply to this message

    In reply to
    @jonaharagon.com
    why would we want it to do that?
    So, it uses the normal financial system without relying on paypal or patron.
    (edited)
  384. xylobol
    it already does that via not caring about payments at all because they're out of scope
  385. @10allday:matrix.org
    How are clients going to allow third party payments without it being built-in to the protocol?
    (edited)
  386. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    thats the beauty of atproto, things dont need to be built into the protocol. anybody can just write new lexicons?
  387. @jonaharagon.com
  388. again you’re assuming payments need to exist in the first place though
  389. it seems pretty clear that they don’t tbh
  390. maybe you should check out Nostr instead 🙃
  391. @10allday:matrix.org

    In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    thats the beauty of atproto, things dont need to be built into the protocol. anybody can just write new lexicons?
    How do clients even get sent lexicons?
    (edited)
  392. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    when you get a repo it contains all the types the client just needs to be able to parse them
  393. @10allday:matrix.org

    In reply to this message

    Can you forward lexicons to all indexers?
  394. Cody
    From my shallow look it seems that clients would need to specifically implement specific lexicons they want to support. Correct me if I'm wrong
    (edited)
  395. moved to @shreyan:beeper.com@shreyanjain:matrix.org
  396. that's correct
  397. @10allday:matrix.org

    In reply to this message

    There's no point doing that if no client other than client103 would be able to see the lexicon.
  398. Cody

    In reply to this message

    Get your client to be popular. There are many popular ActivityPub (a similar protocol) clients out there such as Mastodon, Misskey, Peertube, exc.
  399. Landon Schropp joined the room
  400. xylobol
    how does that force crypto adoption though
  401. Cody
  402. @10allday:matrix.org

    In reply to this message

    I was talking yesterday about programming languages. Lexicons should be based on common grammar that can be made to form complex programs readable by every client.
  403. xylobol
    embed JS in the protocol
  404. Cody
    Well only by the clients that support your lexicons. I mean you could from my understanding make an ATProto client that doesn't support lexicons like app.bsky.feed
  405. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    they are, it's just plain json
  406. @10allday:matrix.org

    In reply to this message

    Lexicons are broken if they work like that.
  407. In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    they are, it's just plain json
    We need a browser rendering system to make lexicons similar to web apps.
    (edited)
  408. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    there's not really any other practical way to do it I'm afraid.
  409. xylobol
    ok this guy is trolling
  410. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    containing an entire web app in every post is a naturally bad idea.
  411. jimmyjblake joined the room
  412. @10allday:matrix.org

    In reply to this message

    What? Lexicons would just contain stuff readable by the client, so it can be portable across clients
  413. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    so, exactly what they do right now?
  414. json is extremely portable
  415. @10allday:matrix.org

    In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    so, exactly what they do right now?
    Yes, but with browser-like features that JavaScript uses to communicate with the page.
    (edited)
  416. jimmyjblake
    ooops. might have followed the wrong link in here. is this the only matrix room, or am I missing one for general people interested? (don't want to sabotage the dev chat with my prayers for an invite, lol)
  417. xylobol
    don't worry you're not interrupting anything
  418. this is the dev room, I'm not aware of a general purpose one though
  419. there probably is one somewhere
  420. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    #general-bsky:matrix.org is general purpose I think
  421. Cody

    In reply to this message

    Is there a space with all the rooms?
    (edited)
  422. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    it seems to be the dSocialCommons Discord bridged to Matrix.
  423. @10allday:matrix.org

    In reply to this message

    In reply to
    @10allday:matrix.org
    Yes, but with browser-like features that JavaScript uses to communicate with the page.
    This is the only way to ensure that lexicons can do complex things.
    (edited)
  424. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    but we don't want lexicons themselves to do complex things do we?
  425. Cody
    Lexicons should just store data, it should be up to the client to interpret that
  426. A big pro to open protocols like this is the ability to use custom clients. Most people using Matrix use Element sure, but a large amount of users don't
  427. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    I can send this message with confetti in element, but other clients can just ignore it
  428. Cody

    In reply to this message

    The Matrix client I use on my phone has a stories feature where it interprets specific types of messages as stories, other clients can ignore this.
  429. @10allday:matrix.org

    In reply to this message

    Then the protocol should specify how to interpret lexicons, and make lexicons have a universal syntax, like how JavaScript has special features for interacting with every web browser, the same way.
  430. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    it does tho
  431. @10allday:matrix.org

    In reply to this message

    Atproto clients cannot see certain things, so it doesn't.
  432. Why are you guys making Internet Explorer 2.0????
  433. Cody

    In reply to this message

    Lexicons have an intended way their supposed to be interpreted and they all use a common language (JSON)
    (edited)
  434. @jonaharagon.com
    It’s very funny that you think JavaScript and other web technologies interact with web browsers “the same way”
  435. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    this happens with browsers and the web too?
  436. Cody
    Every browser interprets things differently, those interpretation differences are typically slight but not always
  437. @10allday:matrix.org

    In reply to this message

    No, you can run the same JavaScript in any web browser, and it will just work.
  438. Cody

    In reply to this message

    Look at Lynx, it's a (rarely used) terminal based web browser. The way it interprets HTML has to be different as it is fundamentally trying to achieve a different viewing experience.
  439. The fact that is able to exist is a good thing
    (edited)
  440. In reply to this message

    https://caniuse.com/ exists for a reason, because browsers do have different feature sets
    (edited)
  441. @10allday:matrix.org
    You guys just need to enforce how lexicons can be rendered, in a more strict way, as to avoid the issue of the web, like you guys mentioned.
  442. @jonaharagon.com
    The web doesn’t have an “issue” that’s just your interpretation.
  443. @10allday:matrix.org

    In reply to this message

    No no, I never had an issue with how the web works.
  444. xylobol
    no it has an issue and it's not one which should be recreated via overengineering the shit out of atproto
  445. Masayuki Sunahara joined the room
  446. xylobol

    In reply to this message

    this is because developers bend over backwards because users expect to "run the same JavaScript in any web browser" and have it just work
  447. @10allday:matrix.org
    Could lexicons just be removed from the protocol, so users don't complain they can't access XYZ?
  448. Cody
    Lexicons are like the core of the protocol
  449. @10allday:matrix.org

    In reply to this message

    They don't really work across clients.
  450. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    hmmm, html doesnt really work across browsers. it should be removed from the web
  451. @10allday:matrix.org
    I've already brought up my solution for making them cross platform, and you guys rejected it.
    (edited)
  452. xylobol
    because that solution came down to "staple a JS engine into every client and make every post a web page"
  453. Cody

    In reply to this message

    They do, ActivityPub has a similar concepts to lexicons called ~~ActivityStreams~~ Activity Vocabularies. Despite this ActivityPub has multiple clients such as Mastodon, Misskey, Peertube, exc. that work with eachother fine

    https://www.w3.org/TR/activitystreams-core/
    https://www.w3.org/TR/activitystreams-vocabulary/

    (edited)
  454. Even Matrix, the app were talking on right now, gives clients freedom to interpret messages in special ways and it still works fine
  455. @10allday:matrix.org

    In reply to this message

    The clients would all ready have the capability to render them, but the lexicon syntax wouldn't contain everything necessary to make sure everything could be rendered in the client.
  456. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    @10allday:matrix.org: I sincerely recommend you read the docs at https://atproto.com. That may help you gain a clearer understanding of why the issue you want to solve doesn't exist and why your solution is impractical.
  457. @10allday:matrix.org
    This doesn't make any sense? Why are you defining the syntax for each lexicon individually and then sending it to the client?
  458. @dead10ck:dead10ck.com

    In reply to this message

    Damn dude, you have some very strong and aggressive opinions for someone who doesn't know the first thing about what they're talking about
  459. @srid:matrix.org joined the room
  460. @dead10ck:dead10ck.com

    In reply to this message

    Just a tip for the future, this is not how human beings interact with each other. If you want people to engage with you, you should try to avoid rudely demanding their time and attention. If no one responds to your question, take the hint and don't push it.

    "PAY ATTENTION TO ME AND VALIDATE MY OPINIONS" is behavior that even my 4 year old has learned doesn't work

  461. Aaron Goldman

    In reply to this message

    Rarely used?!, You have no idea what unspeakable horrors pearl scripts do with the output from lynx for hacky corporate Intranet scraping tools.
    ...
    Lynx is great 😃👍
  462. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    lmfao I tried using lynx as my main browser on a raspberry pi once
  463. Cody

    In reply to this message

    That sounds very painful lol.
  464. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    still use it for gopher, lol
  465. @jinkiesscoob_:matrix.org joined the room
  466. Cody

    In reply to this message

    I've only ever used Lynx seriously on servers, it is definitely occasionally useful in those situations.
    (edited)
  467. Aaron Goldman

    In reply to this message

    In reply to
    @dead10ck:dead10ck.com

    Just a tip for the future, this is not how human beings interact with each other. If you want people to engage with you, you should try to avoid rudely demanding their time and attention. If no one responds to your question, take the hint and don't push it.

    "PAY ATTENTION TO ME AND VALIDATE MY OPINIONS" is behavior that even my 4 year old has learned doesn't work

    I would very much like validation of my opinions. Thank you 🙏
    ...
    Content Centric Web > Connection Centric Web
    ...
    CIDs forever
    (edited)
  468. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    w3m is a pretty worthy successor to lynx imo :-)
  469. In reply to this message

    for sure, although in a pinch curl will do
  470. Aaron Goldman

    In reply to this message

    On a dark day when you find yourself 4 ssh tunnels into the production server your trying to debug and the Java Flight Recorder (JFR) will only output the metric you need by running the metric server webUI.

    Can you manage to plum port 8088 all the way back to your laptop?

    Will that open a major security hole?

    Do you even know how to get a command to the SSH sessions in the middle of your terrible SSH chaining?

    And then you remember Lynx can read the web and show you text. The ancient ones have sent you a gift from the past and have saved your present.

  471. Cody

    In reply to this message

    This is way too specific to be a work of fiction. I'm am so sorry you had to suffer through this situation
  472. Aaron Goldman
    I mean I definitely don't have any trauma from operating systems before kubernetes was a thing... Or after.
  473. letb joined the room
  474. @dead10ck:dead10ck.com
    Message deleted
  475. @dead10ck:dead10ck.com

    In reply to this message

    Now you just have kube trauma
  476. @10allday:matrix.org
    Could NSID's contain version identification, which could be added at the start of the lexicon's name or after it's name?
    com.example.XYZ
    .trafficLight or
    com.example.trafficLight.XYZ
    XYZ is just a place holder for v1, v2, etc.
  477. Aaron Goldman
    By the way Java Flight Recorder (JFR) is good and you should learn it if you live in a JVM
  478. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    why were you doing this? what situation could possibly lead to such a terrifying scenario? 😆
  479. @10allday:matrix.org
    The reason for why I'm asking is because, as the documentation says, once a NSID is published, it can't be changed because a script could have relied on it. Is this the correct interpretation?
  480. moved to @shreyan:beeper.com@shreyanjain:matrix.org
  481. *shouldn't be changed. it is always possible to change but you probably shouldn't
  482. @dead10ck:dead10ck.com

    In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    for sure, although in a pinch curl will do
    curl + xmlstarlet is honestly probably more reliable than lynx if you find yourself in such a Dante's Inferno
    (edited)
  483. @10allday:matrix.org
    Would doing com.example.trafficLight.v1 be unnecessary because I see revision?: number is listed in the schema format category, is this a valid thing to put in a lexicon? https://atproto.com/guides/lexicon#schema-format
  484. @dead10ck:dead10ck.com
    curl is one of those projects that's so insanely versatile and useful that the author gets hate mail for it. There's the famous
    "I will slaughter you" email
    he posted about
    (edited)
  485. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    people who hate on opensource devs are truly insufferable
  486. @10allday:matrix.org
    The subject RecordType can point to com.example.trafficLight or any public schema?
  487. @10allday:matrix.org
    If
    bob.com
    is logged into the application everything they click would use at://
    bob.com/this.is.the.thing.bob.wants.to.interact.with.com/why-do-numbers-go-here
  488. The frontend makes buttons use at://
    logged-in-user.com/feature.com/random
    numbers?
    (edited)
  489. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    no, at:// is an internal scheme used by the protocol that isn't usually exposed to users
  490. @10allday:matrix.org
    Who does the frontend contact to send a follow?
    (edited)
  491. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    sends a POST request to https://yourpds/xrpc/com.atproto.repo.createRecord with json that looks something like this:

    123456789{
            "collection" => "app.bsky.graph.follow",
            "repo" => session.did,
            "record" => {
              "subject" => resolve_handle(session.pds, username)["did"],
              "createdAt" => DateTime.now.iso8601(3),
              "$type" => "app.bsky.graph.follow"
            }
          }
    
  492. copy pasted directly from my ruby code so the fields contain some variables + methods + classes which wont be useful
    (edited)
  493. @10allday:matrix.org

    In reply to this message

    The frontend needs to get your did when you first sign up? What happens if you never give your did?
  494. @10allday:matrix.org
    Here is another question. Let's say "Road Decentralized Autonomous Organization" wants to move their DAO onto Bluesky, so they can better vote on, what needs to be done for roads in America. How could they use lexicons to let members join, leave, and vote on important issues.
    (edited)
  495. @10allday:matrix.org
    Are lexicons the replacement of smart contracts?
  496. In reply to this message

    In reply to
    @10allday:matrix.org
    Here is another question. Let's say "Road Decentralized Autonomous Organization" wants to move their DAO onto Bluesky, so they can better vote on, what needs to be done for roads in America. How could they use lexicons to let members join, leave, and vote on important issues.
    Could the docs have these types of questions that could be interactive and let the community test their knowledge, especially if the documentation is structured, where these questions would be at the end of every chapter?
    (edited)
  497. beatty joined the room
  498. @10allday:matrix.org
    Message deleted
  499. @10allday:matrix.org
    Can you stack messages together as a way to reply to one message, which is the main message, which contains your stacked replies YOU made, but it could be different than a regular reply, because each reply would be different topics relating to the main message. Above each stacked reply would contain a description of what topic is contained in the stacked reply, which is relevant to the main message, which holds all stacked replies. How could this show up in clients which can't format the messages stacked together?
    (edited)
  500. @10allday:matrix.org
    Would it be correct to say that something is on-chain if it can be used by another personal data repository. Blockchain technology popularized the term on-chain.
  501. @10allday:matrix.org
    For example, you get your money from
    com.money
    when your employer's PDR located at inc.crypto, makes a request on-chain to tell
    com.money
    's PDR to give you $5.00 at your personal data repository located at com.bob.
    (edited)
  502. mikuhl
    I think the post thread json needs to be reworked.
  503. I suppose its okay to send all the parent posts, but each reply thread should only contain one reply that is the best fit
  504. this is a little confusing
  505. I am pretty sure twitter prioritizes the replies that are the OP of the post you are looking at, and then probably by likes or something.
  506. or sometimes they dont even send any replies to a reply
  507. @10allday:matrix.org

    In reply to this message

    In reply to
    mikuhl
    I am pretty sure twitter prioritizes the replies that are the OP of the post you are looking at, and then probably by likes or something.
    The algorithm is open source, but there are restrictions on its use.
    (edited)
  508. mikuhl

    In reply to this message

    probably should also send them in a single list, because unrolling the deeply nested threads is a little difficult
  509. @10allday:matrix.org

    In reply to this message

    Looks like my reply was unnecessary, as you probably have this taken care of.
  510. @10allday:matrix.org
    Does anyone know if lexicons can be copyrighted?
  511. @planetoryd:matrix.org

    In reply to this message

    you cant copyright an idea
  512. just the code i think
  513. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    for questions like these, once again, the docs at https://atproto.com are in fact really helpful. just read the lexicons section again.
  514. Ashton joined the room
  515. ayubmetah joined the room
  516. Thiago Pinto joined the room
  517. Chad W. Bennett joined the room
  518. zestylemonade joined the room
  519. Chad W. Bennett
    How do developers get an invite code so that we can jump in and start helping?
  520. @10allday:matrix.org
    How could the protocol have a clone of Twitter spaces or some sort of voice message system?
  521. Twitter won't be able to migrate to Atproto, if they can't bring existing Twitter spaces onto the protocol.
    (edited)
  522. The protocol needs Twitter and they need the protocol as the CEO wants to cut costs.
  523. @10allday:matrix.org

    In reply to this message

    Is it worth the time to cater to Twitter to make it easier for them to migrate?
  524. agn0stik3301 joined the room
  525. agn0stik changed their display name to agn0stik3301
  526. Lily joined the room
  527. Elio Qoshi joined the room
  528. @planetoryd:matrix.org

    In reply to this message

    why would they
  529. @dead10ck:dead10ck.com
    I know it's Jack Dorsey and all, but I don't think "steal all Twitter users" is an explicit goal of the project
  530. George Antoniadis
    Jack is no longer even part of twitter so…
  531. I don’t see why it would be cheaper for twitter to run on top of atp. Pretty sure it would even be more expensive as they now need to aggregate an insane amount of federated server in order to run their algorithms etc.

    Mastodon has the same issues, a lot of bandwidth is needed if you care about showing your users trends and posts from “all” servers.

  532. I’m also waiting for the time when pdses start having weird terms of services. ie posts from this server should not be used for training, should not be displayed together with ads, etc
  533. @Coxxs:matrix.org joined the room
  534. @dead10ck:dead10ck.com
    I was wondering the same thing. I've seen people complain about the tos of the
    bsky.social
    instance, saying things like "it says they own all your posts", which I have no if that's true or not, but it did get me wondering how in the world copyright works in a federated system like this. Supposing for the sake of argument that an indexer does claim ownership of the content of some kind, and another indexer has a conflicting tos and/or licensing claim, which one wins?
  535. Elementeer joined the room
  536. George Antoniadis

    In reply to this message

    There was a thread on twitter about terms on bsky. Let me dig it up.
  537. ^ discussion about bsky owning your posts and jay’s response
    (edited)
  538. emrecoban
    They really has interesting policy
  539. George Antoniadis

    In reply to this message

    I wonder how much they got spammed before they closed it down
  540. As for the xss paul is aware and working on it.
  541. emrecoban

    In reply to this message

    me too :) because there is no spam.
  542. @dead10ck:dead10ck.com

    In reply to this message

    Ah interesting, thanks! I'm not really concerned about BSky's policy, I always figure fear mongering like that is at least part exaggeration, part out of context, etc, and regardless, being a decentralized system, if you don't like their policy, you can use a different instance if you really want to

    But I am curious what happens legally to content that ends up on their indexer from other federated instances, how much of their tos applies, if any, since any user on a different indexer couldn't have reasonably been expected to agree to such terms

  543. sizumita joined the room
  544. Midou (Moved to envs.net, same username. Please invite me to another room if it seems necessary, and if i do happen to be admin somewhere ping me.) joined the room
  545. djr5252 joined the room
  546. @glownigger:matrix.ralnet.org joined the room
  547. jamanfredi
    Does the timeline cursor only get posts in one direction? 🤔
  548. George Antoniadis
    Has anyone checked if hellthreads are a client or server issue? I’m wondering if we can make a hellthread by repeatedly liking/unliking a post or whether they really need to be actual posts.
  549. Aaron Goldman

    In reply to this message

    It may be better to answer the why is it cheaper as a more general
    AtProto vs https
    or
    content centric vs connection centric

    In a protocol with connection centric security you authenticate who you are connected to and then ask questions. If I read

    I ask Twitter what Randall Munroe said. There is no computer but one with the
    twitter.com
    TLS certificate that can answer my question. Twitter wants a good users experience so the need Points-of-Presence all over the world to terminate the TLS and they need to be high trust since they have the TLS certificate. The CDN market gets consolidated to a few monopolistic expensive but trusted companies. akamai, cloudflare, fastly The CDN often costs more in a year than the persistent storage.

    Vs

    A content centric security you authenticate the content. The commits to the repo are signed. When I try to load a repo I could pull it from anyone that has it.
    For someone like Twitter they no longer need to pay for operating PoPs or an expensive CDN. They can use whatever cheapest co-lo server they can get in a region as a content cache MUCH cheaper. There is no trust in the caches just blobs.

    Bonus Points: Twitter is not the only one that could catch the data. If any ISP wanted to give a good users experience they could add their own caching. Users could add their own caching. Client could use P2P tech to add community caching.

    The whole content distribution chain has radically different economics.

  550. Troll joined the room
  551. George Antoniadis

    Troll joined
    Well… that sounds ominous. 😂

  552. Kjartan
    As far as I get the protocol (and as it seems de facto to be standard by the clients I have seen), right now creating an account always has to happen on one of the "offered" handle domains. Is there any good reason not to allow creation with a custom domain right from the start? I'm thinking of something like "bring your own domain"-only instances? Because once federation arrives, one might not want to let just whoever act with one's domain publicly but might be fine to host them.
  553. Troll

    In reply to this message

    I am a nice troll :) yes it is very rare but it exists :D
  554. George Antoniadis

    In reply to this message

    Welcome! :D
  555. Kjartan

    In reply to this message

    While I see no issue to implement it server-side - it's pretty useless if clients aren't ready for it
  556. Xeyn joined the room
  557. O
    anyone knows an existing guide / intro to using IPLD queries over atproto data?
  558. George Antoniadis

    In reply to this message

    Worst case is that you need to register on the pds via web before using any other client to login.
  559. In reply to this message

    Check out the indigo repo, it’s in golang but has a bunch of helpers to grab the cara and manipulate the repos. Should be a way to run queries on them i guess but not sure how
    (edited)
  560. Kjartan

    In reply to this message

    Yeah, but could be avoided if such situations get explicitly allowed/ mentioned in the specs :D
  561. O

    In reply to this message

    thanks I appreciate the pointer!
  562. yeahbirds joined the room
  563. yousefed
    Hi! Is there support for permissions / authorization in at proto yet? E.g. allow certain users to read / write specific objects / stores? What are the best resources on this?
  564. @dead10ck:dead10ck.com

    In reply to this message

    In reply to
    yousefed
    Hi! Is there support for permissions / authorization in at proto yet? E.g. allow certain users to read / write specific objects / stores? What are the best resources on this?
    From what I've heard in this chat room so far over the last couple days, there is no access control yet
    (edited)
  565. Are there any docs yet on setting up an instance? I've seen that indigo code base, but it also looks like the ATproto repo has a bunch of typescript in it, so not sure which one you run, or both, which one is or has the PDS vs the indexer, etc
  566. @artikbanana:matrix.org joined the room
  567. @artikbanana:matrix.org left the room
  568. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    while you don't have one, I recommend just playing with the GET endpoints.
  569. @wahidislamlinad:matrix.org joined the room
  570. @wahidislamlinad:matrix.org
    will bluesky api support 3rd party clients to make?
  571. giteauser joined the room
  572. @wahidislamlinad:matrix.org

    In reply to this message

    aah my bad just learned about atprotocol today, is there any dev servers to test without the invitation code? I'd like to try to make an app
  573. @nazir:matrix.org joined the room
  574. Bastian
    idk sorry, currently trying to play around with some of the docker images to see if I want to port my wip android mastodon client to bluesky/atproto because I don't have an invite yet either
    (edited)
  575. fred blauer

    In reply to this message

    Neither do I
  576. Bastian
    using this https://github.com/bluesky-social/indigo/blob/main/cmd/fakermaker/docker-compose.yaml then doing the last step from
    hacking.md
    and optionally picking one of the open source web clients to connect seems to work
  577. fred blauer

    In reply to this message

    hacking.md
    is a broken link
  578. Bastian
    oh yeah sorry I meant the https://github.com/bluesky-social/indigo/blob/main/HACKING.md file in the indigo repo
  579. fred blauer
    Thanks, but I don't think I will be able to figure it out. I'll have to wait
  580. skeetsorg joined the room
  581. skeetsorg
    Message deleted
  582. skeetsorg
    Sorry for the stupid question: I'm a bit confused on the role of Bigsky/BGS servers. Is each instance supposed to run their own BGS, or is it a shared event relay that many instances/PDS can connect to?
  583. @dead10ck:dead10ck.com

    In reply to this message

    I'm just learning about bsky/ATproto myself, but my understanding is that it could be either way. You can run your own BGS if you want or just run a PDS only and use a third party BGS
  584. skeetsorg
    For federation to work, do each server need to call com.atproto.sync.requestCrawl on every BGS to start federating, then, or is server discovery passed along?
  585. Benjamin Reed joined the room
  586. nikolay
    this is what the misguided scarcity leads to: https://www.ebay.com/itm/256058523376 - meanwhile Twitter is full of scams for invite codes.
  587. @dead10ck:dead10ck.com

    In reply to this message

    While this is unfortunate, how else should they have done it? They needed real user testing, but it's not ready for general consumption
  588. nikolay
    I listed a few ideas a few days ago. For example, let people with established Twitter accounts keep their identity. If their account is 2+ years old, for example, and has 500+ followers, let them keep their username. Reserving usernames does not mean they get invites immediately. At the end of the day, you're trying to offer an alternative to Twitter, but people still want to keep their nicknames.
  589. Another guy is offering a "Pay it forward train" that does not guarantee anything, but he charges you $75 for a ticket and claims that over 100 people got invites "on the train": https://twitter.com/Felix_Josemon (he used to charge $50, to be fair).
  590. @dead10ck:dead10ck.com

    In reply to this message

    Sorry, I just joined a couple days ago. I could read your messages if you have a permalink.

    But also, not really sure what user names have to do with gradually increasing the user base in a controlled manner?

  591. I don't think the primary driver of the demand has to do with trying to make sure they get their same user name, I think it's just trying to actually get access to the platform to try it out because it's new and hyped up
  592. @jadedctrl:tedomum.net joined the room
  593. Benjamin Reed
    i was reading https://blueskyweb.xyz/blog/4-28-2023-domain-handle-tutorial about the DNS resolution for user handles and it seems to have more info than the protocol specs. it seems vulnerable to DNS poisoning. is there more details somewhere about how the resolution is done?
  594. Benjamin Reed
    oh right i can also look at the code! thank you skeetsorg . this seems problematic.
  595. nikolay
    Yes, they "steal" the identity of somebody established. I've applied for an invite on day 1 you announced the plans, yet, I have no invite. It was on the old invite form. Later, you asked for mobile platform and Twitter username, I re-submitted, again, ASAP, yet, no invite. (A nice person invited me though.) My point is that this can push people away, not attract more people with scarcity.
  596. This is another profile that does not exist on Bluesky and offers doctored screenshots showing available invites: https://twitter.com/akankshu_luv (I reported her to Twitter for fraud, but so far, no response.)
  597. Reported another guy selling invalid invites for $100 apiece here: https://blueskyinvites.gumroad.com/ through a hacked popular Twitter account!
    (edited)
  598. In general, these invites are defrauding tons of people!
  599. galimba joined the room
  600. @njkekantarell517:matrix.org

    In reply to this message

    the link doesn't work,it goes to a 404 page
  601. @dead10ck:dead10ck.com

    You're saying "you" like I personally ignored you out of spite lol. I am not involved in the project in any way whatever. I'm just a person in this chat room, who is curious how else you would have gradually let new users into the platform.

    I still don't understand what identity "theft" (if you can even call it that) has to do with making a very early version available to a limited audience, i.e. scarcity. They seem like only tangentially related issues. And I still have yet to hear a suggestion for how else they could have let only a limited number of new users in without an invite code system

  602. nikolay
    I said I reported them for fraud.
  603. @10allday:matrix.org

    In reply to this message

    How does this kind of peer to peer invite system work, and how does it get started?
  604. Bastian
    as I understand is there is no federation yet, you can only host your own island
  605. snarfed

    In reply to this message

    they haven't fully published the federation protocol yet. they expect to soon. we've made educated guesses at it based on the MST and repo docs and the com.atproto.sync.* code in the TS repo, but those are just incomplete guesses so far
  606. Dhurandhar Bhatawadekar joined the room
  607. @10allday:matrix.org
    Does the DNS resolution use DNSSEC?
  608. snarfed

    In reply to this message

    the current main PDS runs the TS repo's server. indigo will maybe run it in the future, and it runs some other service(s) like invite code handling now. current search is Elastic, afaik not open source, and not really part of the future "big world" indexing design. docs on running instances are thin, since federation isn't fully published or enabled, but there are bits here and there, eg https://gitlab.com/bnewbold/adenosine/-/blob/main/notes/atproto_quickstart.md , https://github.com/bluesky-social/atproto/tree/main/packages/dev-env#readme
  609. In reply to this message

    probably not
  610. @10allday:matrix.org
    How would Twitter users react if Twitter switched to atproto?
  611. @dead10ck:dead10ck.com
  612. @10allday:matrix.org
    Will people only use atproto, because they "hate" twitter, or will the userbase be less toxic?
  613. Kjartan
    I'm interested in atproto, because I can host it myself - the single point of failure is only limited to my hosting skills
  614. At Twitter I lost my business account, because Twitter thought my business is underaged and eventually closed my account, even though I sent them all the documents they requested
  615. @10allday:matrix.org

    In reply to this message

    In reply to
    @10allday:matrix.org
    Will people only use atproto, because they "hate" twitter, or will the userbase be less toxic?
    By this, I mean right-wing conservatives, who don't think Twitter is doing enough for "free speech".
    (edited)
  616. What do you guys think? Could these users overflow onto the main instance?
  617. Kjartan

    In reply to this message

    🤷
  618. @dead10ck:dead10ck.com
    No one has a crystal ball
  619. In reply to this message

    But the vast majority of users dgaf what is making a web site work
  620. ncheck
    It's great they got blocking implemented. Not a moment too soon. It's not ideal that a user's blocklist is publicly available, even if the app doesn't expose it normally Are there any plans to make blocklists more private? They would have to build more infrastructure for private and follower-only posts as well.
  621. @10allday:matrix.org

    In reply to this message

    Why is the blocklist made public anyways?
  622. Kjartan

    In reply to this message

    How else shall another instance know that some of their users are blocked from someone's content?
  623. ncheck
    It depends what the goal of blocking is. If the goal of blocking is to prevent people from viewing your public posts, then it's basically impossible as one could simply use a second account or incognito window.
  624. But another goal of blocking, which I would argue is more important, is to prevent certain people from replying to your posts
  625. Could that be accomplished while keeping the blocklists private?
  626. Kjartan

    In reply to this message

    I don't think so, but I haven't reached the replying part in code yet :D
  627. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    Jay did say they're working on trying to figure out how to store more "private" data in ATProto. I guess for now we just have to rely on clients not exposing people's blocklists.
  628. It's not the best, but at least it exists.
  629. @10allday:matrix.org
    How exactly can the atproto protocol documentation be more detailed and similar to a specification from w3c? How are client developers making atproto clients without detailed specifications?
    (edited)
  630. Kjartan

    In reply to this message

    Mh, getting a modified client is more hassle than just simply logging out (which would prevent the block as well) - so I doubt it's really relevant (not because people shouldn't be able to block others, but preventing A, if B can't be prevented and is already less hassle than A)
  631. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    yeah
  632. @10allday:matrix.org
    Could the algorithms for atproto, be able to sell what's treading to a media rating company, that helps media companies prioritize what consumers want?
    (edited)
  633. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    the specs are pretty detailed already so this isn't really a huge issue
  634. the docs do need to be updated though
  635. no idea what this means, sorry
  636. @10allday:matrix.org

    In reply to this message

    Should they add interactivity to the documentation, so you can learn by solving?
  637. Would the documentation renderer need to be changed to accommodate for increased technical capabilities?
    (edited)
  638. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i don't really see how this is relevant
  639. Kjartan
    Something I haven't seen often, but i found incredibly useful when dealling with data "modification" (like here hashing, signing and what all), was to have example/reference values provided. You can write your implementation and can directly check if you got it right after each singly step (and easily figure out which step might be incorrect)
  640. Like here: http://gtker.com/implementation-guide-for-the-world-of-warcraft-flavor-of-srp6 (if you scroll down to about the middle you always get files with input values and the expected output)
  641. @10allday:matrix.org

    In reply to this message

    What's not relevant?
  642. @rston777:matrix.org joined the room
  643. curiouskoa joined the room
  644. curiouskoa
    Message deleted
  645. ifvictr joined the room
  646. ifvictr set a profile picture
  647. @10allday:matrix.org
    What did curiouskoa send because they deleted it?
    (edited)
  648. ??????? What happened to the mention? Matrix is very strange.......
    (edited)
  649. @ztb:matrix.org changed their profile picture
  650. ztb changed their display name to zach
  651. @ztb:matrix.org changed their profile picture
  652. @ztb:matrix.org changed their profile picture
  653. @ztb:matrix.org changed their profile picture
  654. nzheretic
    I think not having hashtags is a good idea , but what about preregistered Newsgroup as in Usenet, subject to vote as was non-alt usenet domains. You could set a SINGLE topic newsgroup for a post using "!organizers.domain.groupname" only at the start of the post, and filter posts starting with that to only view posts to that group. ( BTW I've yet to get a invite to to bluesky )
  655. Kjartan left the room
  656. @10allday:matrix.org

    In reply to this message

    Will bluesky not want this because they may consider it "bloat", because the pds's can add it?
  657. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    this could probably be done by adding something like a "topic" field into a post lexicon somehow
  658. mikuhl
    I think bluesky should implement A LOT of features to stop different people from creating incompatible versions of it.
  659. Think of if two PDS used different format for hashtags
  660. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i dunno, i prefer the minimal approach similar to nostr, where clients are left to handle almost everything
  661. In reply to this message

    this is probably more of a client thing than a pds thing anyways
  662. mikuhl
    Client can easily just extract hashtags from the text, but the correct way to do it would be a facet entry.
  663. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    true
  664. @10allday:matrix.org

    In reply to this message

    This is why atproto will not achieve mass adaptation.
  665. mikuhl
    I feel clients should only implement niche features that would rarely ever become official supported features.
  666. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    e.g. lightning zaps 😉
    (edited)
  667. they could officially be supported eventually tho
    (edited)
  668. i don't know how practical this is, but i want the official client to offer like a "plugins" system where people can build plugins for such features
  669. @10allday:matrix.org

    In reply to this message

    Would two people need the plugin installed on their client to view data?
  670. mikuhl

    In reply to this message

    That's why I'm doing it 🫡
  671. Me waiting politely for unknown collections.
  672. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    yeah fr
  673. mikuhl
  674. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    need those badly
  675. i can wait till after federation though
  676. mikuhl
    We need unknown collections and a collection query procedure
  677. Probably like Map<JsonPath,List<QueryOperation>>
  678. Where all records matching the filter get returned or counted maybe based on the type of query
  679. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    i think you can already fetch all records from a specific collection right? thats at least a start
  680. mikuhl
    Yeah but v inefficient on data, we don't wanna be Nostr here!!
  681. @10allday:matrix.org

    In reply to this message

    In reply to
    @10allday:matrix.org
    Would two people need the plugin installed on their client to view data?
    Why can't lexicons contain a small binary file that can be downloaded to every client that has access to the pds, so the client can show the data, without the developers of the client needing to add support for a lexicon beyond reading the binary file, for example, letting the client show fireworks when you follow someone?
    (edited)
  682. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    its a good idea, yeah
  683. mikuhl

    In reply to this message

    Paul said something about features that embed directly into the client like native feature. So I can see maybe like a Minecraft Resource Pack you can install to add a feature.
  684. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    yeah thats pretty much what i meant by a plugin system
  685. like browser extensions i suppose
  686. mikuhl
    I can also see a bottom sheet that can pull up an embedded web page, (like maybe a lightning zap screen!)
  687. @10allday:matrix.org

    In reply to this message

    If the lexicon could automatically modify parts of the client, then its going to allow for all clients to be able to display content.
  688. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    that would probably be harder but maybe!
  689. (replying to mikuhl )
  690. In reply to this message

    that will make it almost impossible for people to quickly develop new clients
  691. @10allday:matrix.org
    There cannot be any user intervention beyond disabling the ability for all lexicons to add custom content to the client.
  692. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    lexicon already practically describes itself
  693. it is extremely easy to do code generation from the files in the atproto repo
  694. @10allday:matrix.org

    In reply to this message

    It's ether that or a opt-in plugin system which all users would need to enable, to review a lexicon.
  695. In reply to this message

    They don't tell how the client can handle them.
  696. nzheretic
    I've mentioned using WASM/Webassembly subset as the basis for a sandboxed plug in system. You could host a plug in ether in the browser client or embedded into the app , or better yet as a separate process/server running on the host or elsewhere.
  697. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    check here for an example of quick code generation in ruby: https://github.com/ShreyanJain9/bskyrb/blob/main/lib/bskyrb/codegen.rb
  698. nzheretic

    In reply to this message

    server running on the client or elsewhere
  699. @10allday:matrix.org
    If you don't send a binary file that discribes how a client should display the lexicon, it would be up to client developers to develop that system. The binary file could be a browser applet that can be portable to every client, if we tell how a client developer can code a browser engine in what ever programming language they want.
    (edited)
  700. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    well, yeah... that's by design. the client developers DO have to implement how to parse each lexicon themselves. that's not a bad thing.
  701. making a binary file that's portable to every client seems like it's basically just gonna send us right back to json
  702. nzheretic
    At first limit the WASM plugs to thos pre-approved by bluesky or some group who evaluate the plugins. Having the core of the functionality of the communication app in the client but extending functionality where possible via cross-platform WebAssembly would help compatibility & speed up development once being widespread deployed.
  703. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    you can't be binary and also be portable to every client / language like that easily
  704. json already solved this problem
  705. why reinvent the wheel?
  706. nzheretic
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org): It you strictly define client to WASM APIs , you can.
  707. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    even wasm is a bit of overkill for lexicon
  708. maybe as a plugin system like you said tho
  709. retr0id

    In reply to this message

    nope, pretty sure they're just a single spoofed UDP packet away from having domain takeover issues
  710. skeetsorg
    I'm trying to run Bsky with the repo host pointed at
    bsky.social
    to mirror its contents. However, the sync seems to hang unless I make it single threaded (put an await in https://github.com/bluesky-social/atproto/blob/6a4258c9736b1eca8dd8276394137769c9b506c5/packages/bsky/src/subscription/repo.ts#L57)? With single threaded, it downloads posts at 1/second, though... What's the right way to get it to mirror the Bsky timelines?
  711. @10allday:matrix.org

    In reply to this message

    In reply to
    moved to @shreyan:beeper.com (@shreyanjain:matrix.org)
    maybe as a plugin system like you said tho
    It doesn't make any sense, if the user has to manually enable it, this is literally why it has to/should be opt-out.
    (edited)
  712. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    you mean like fetching the firehose?
  713. @10allday:matrix.org
    Why is everything about atproto, just the worst parts of Mastodon?
  714. skeetsorg
    Yes (I'm running it with REPO_PROVIDER="wss://bsky.social)
  715. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    oh i didnt know it had websockets
  716. @10allday:matrix.org

    In reply to this message

    Everything that could make the experience better is shot down, or not added, because it is bloat.
  717. @10allday:matrix.org
    Why is the culture around Bluesky so horrible, that features that can increase the usefulness of the protocol, get rejected?
    (edited)
  718. nzheretic

    In reply to this message

    Just at the moment the good folks at Bluesky are desperately working to produce a scale-able minimum viable product. Give them some slack.
  719. skeetsorg
    For federation, is each PDS expected to have a copy of the repo of every other user on the network, or will that be the job of the BGS?
  720. And how does repo storage work between PDS and Bsky? Would the Bsky app call subscribeRepos on PDS, on BGS, or something else? What about syncing a new server from scratch; would you need to replay every transaction through subscribeRepos?
  721. xylobol

    In reply to this message

    show me an example
  722. (this is the last time I feed the troll I promise)
  723. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    I might have to follow your example
  724. xylobol
    I'm kind of surprised they haven't been banned yet
  725. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    I've never blocked/ignored anyone on Matrix before but
  726. @dead10ck:dead10ck.com

    In reply to this message

    Dude. Seriously you need to back off. I'm not even involved in this project and it makes me angry how much you shit talk. People not liking your ideas is not a "culture problem". Your ideas are bad, and frequently betray fundamental ignorance. But that's not even the bad part. You don't get to waltz into someone else's project and tell them how to run it. Period. No one owes you time, attention, or consideration. Not your project, not your call. If they don't like your ideas, you move on.
  727. @10allday:matrix.org: Just because you are interested in the project does not mean you get a seat at the table. I don't know where you get this sense of entitlement. I can't even begin to imagine how insufferable you are in real life.
  728. tree joined the room
  729. snarfed

    In reply to this message

    short answer is, we don't definitively know any of these answers yet. they haven't published the federation design yet. they say it's pretty much finalized, so we hope we'll hear soon
    (edited)
Next group of messages