Thu, Jun 8, 2023
- Aaron Goldman00:16this is how records you don't follow end up in your timeline
- Aaron Goldman00:22
In reply to this message
The true answer, we don't know yet.
My answer is that the users will pay for the PDSs, by credit card or viewing ads, and the PDS operators will pay the BGSs so that they have plenty of content to give a good experience. If people are responding and you don't see it that is not a good experience. - dandyandy300:23This is all pretty interesting, thanks for helping out a noob, I've gone from 0% understanding to, well, something > 0
- 00:24Is the plan for Bluesky to launch with its own PDS, BGS and no federation?
- Aaron Goldman00:25Someday I need to put down my compiler and go do the prof thing.
- 00:28
In reply to this message
They did launch with a PDS.
https://bsky.social/xrpc/com.atproto.sync.getHead?did=did:plc:toxy3kpelhv5gwubytayrsbw
When people say "Bluesky invite" what they mean is invite tobsky.socialthe PDS operated by Bluesky PBLLC.
Federation? soon
BGS? ... less soon but coming - dandyandy300:31I don't think I understand how you can have federation (Bluesky knows about and reads from other PDS's?) without having a BGS implemented to aggregate all that PDS data together
- 00:31The federation docs are pretty light https://atproto.com/guides/overview#federation and do mention BGS but don't make the picture super clear
- 00:32Which probably means I don't understand the definition of federation as AT coins it
- @nuhvi:matrix.org00:40Well, it is hard to win that debate, and it will never change from server side now. But if there wasn't an MST, and users just submitted signed blobs, maybe winning that debate would have been a bit easier. Is that why you are working on Ceramic now?
- Aaron Goldman00:46
If you have a user that trys to follow a handle.
- user puts in a handle e.g.
aarondgoldman.bsky.social
- PDS looks up the handle to get the did.
https://aarondgoldman.bsky.social/.well-known/atproto-did
did:plc:toxy3kpelhv5gwubytayrsbw
- read the plc directory to find the PDS for that DID.
https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw
- get the repo
https://bsky.social/xrpc/com.atproto.sync.getRepo?did=did:plc:toxy3kpelhv5gwubytayrsbw
- check for update periodically
https://bsky.social/xrpc/com.atproto.sync.getHead?did=did:plc:toxy3kpelhv5gwubytayrsbw
Note: don't put the handle in the folow list only the DID otherwise you will break handle update. Users should be able to update their handle without losing thier followers.
https://github.com/bluesky-social/atproto/blob/85e3cdaf7b06e40627b198ca1288c1a1028c65ae/lexicons/com/atproto/sync/getRepo.json#L17
(edited) - user puts in a handle e.g.
- 00:47The DID Document could point to any PDS if the PDS is on the allowlist then you pull the repo. That is federation. The tricky part is gettingbsky.socialto allowlist your PDS.
- 00:49For now a PDS can pull all the repos it can find there just are not that many soon that will get very expensive in both bandwidth and storage and we will need the BGSs
- 00:52If we don't get indexes that live in a single data center and indexes on each continent then the performance will not be competitive with organization that centralized solutions
- 00:52search fans out a lot. that's where the speed comes from
- 00:53for now we cheat by being small
- retr0id04:46
In reply to this message
With cooperation of the PDS, it's theoretically possible for a client to sign their own posts, with the (slightly weak) assumption that you trust the signature of the previous commit to your repo.
It could be done like so:
You submit a new post to the PDS, the PDS updates the MST, and returns back to you:
- The record you just submitted
- the chain of MST blocks leading back to the root of the new commit
- For every block referenced by the blocks in 2), chain of MST blocks leading back to the root of the previous commit
Your client can then be sure that it has visibility of any new data being added to the MST (and for the referenced blocks it can't see directly, it is sure that they were in the previous commit and therefore trusted), and assuming it all checks out, then it signs the new commit and returns that signature to the PDS.
- @planetoryd:matrix.org04:47rsa accumulators and zkps when
- retr0id04:54
In reply to this message
in other words, the PDS is saying "here's all the new blocks we need to add your repo, and here's proof that all the CIDs referenced in those new blocks were already in the previous commit of the repo. please sign here" - @nuhvi:matrix.org04:54
Honestly at this point the value of authenticated data structures is very vague and hand wavy.
Either:
- The PDS is cooperative and then it will send ranges without censoring any values.
- The PDS is censoring some values, and there is nothing you can do about it, other than just detect it.
Seems like signing individual blobs is more versatile, especially if only servers are going to verify signatures.
The only issue left is caching, and I believe detecting that nothing changed so far is not that expensive, using Xor fingerprints like here https://github.com/hoytech/negentropy
- 04:56Yeah I thought about that approach, and it should work. Just more round trips, and then you need to obtain a lock too, because you can't do this concurrently with two clients.
- 04:57So it is the worst of all worlds, not only is it Not offline-first, it blocks concurrent writing too, might as well just let the server sign.
- retr0id05:00why is concurrent writing important?
- 05:00I can't imagine a situation where I'm simultaneously posting from two different clients
- 05:03The general model of atproto seems to be that you trust your PDS to be well-behaved. If your PDS isn't cooperating then you move to a new PDS
- @nuhvi:matrix.org05:03Because you are thinking of Bluesky. But if you are doing PDSs to be like S3 but open and key-based, then bots are a thing, games are a thing, uploading/streaming video from one device and backing up your code on another device is also a thing.
- 05:03I admit it might be niche case, but it exists.
- retr0id05:04hmmm true
- 05:05I think those usecases are essentially out of scope for atproto, but if they could be supported without compromising anything else then it would be nice
- @nuhvi:matrix.org05:06This is a recurring problem with this space, there is never a defined scope :D
- 05:07For example Nostr started as "notes over relays that are simple enough they have a chance to succeed", now people want to replace the web with Nostr
- goykasi05:07In fact, atproto most likely wouldnt be a good use for apps that require such low latency and high concurrency. Not everything needs to be shoehorned into distributed protocols
- @nuhvi:matrix.org05:07And you can bet that PDSs that are advertised as "data servers" and "git-like" will be used for anything it can be used for and more.
- 06:29@nic:matrix.nicfab.it left the room
- Aaron Goldman11:30I would say that the scope is `"at://*" -> [u8]` It's a protocol for giving mutable names to records that only the controller can mutate but anyone can cache/validate. With a defined consensus group (PDS) for when you want consistent updates and a definition of latest.
- 11:33You can sign something locally and it's now a candidate head. If the PDS accepts it it is now the head. If the PDS then accepts something new it is a past head. That's the life cycle. Candidate head -> head -> previous head. No guarantee that any commit will ever advance.
- @nuhvi:matrix.org11:44Url => blob, is the scope of almost everyone in the space, some people do it in a round about way like Nostr, but still. That being said, Url => blob doesn't require authenticated data structures, signed blobs work, and they make it easier for users to sign blobs instead of managing trees or asking the PDSs to prepare a root for them. Versioning blobs is easy too without MSTs, the only things that one loses (at least without extra layer of abstraction) is collection range authentication and versioning, but not sure who asked for that in the first place. I love the git for data stuff, but I want to make sure I am not adding complexity for personal bias. Finally signed blobs are versatile and allow apps to reason better about their "invariance", I think!
- retr0id14:05individually signed blobs are more expensive to verify in bulk
- 14:05(in relative terms, at least)
- 15:32jack joined the room
- Aaron Goldman16:43Nostr is doing well with signed blobs. If the unit of atomic update you are interested in is always a single record this + set reconciliation should work fine. I think git gained a lot from having repos and not just versioning for single files. I just prefer a world where the system is constantly committing to the past. My post points at your post and the hash is a commitment not only to your post but your whole repo. then later someone comments on a difrent one of my posts. This is them commiting to my whole repo and your hole repo. The hash references propagate to to the point where most references pin down the whole web of content addressed repos. A signed blob is a commitment to that blob. A web of repos is a light cone of commitment.
Fri, Jun 9, 2023
- @nuhvi:matrix.org00:18Counter argument (against git) https://marc.info/?l=git&m=124121401124923&w=2
- @nuhvi:matrix.org00:31
constantly committing to the past
I understand this sentiment, but:
1- This is definitely a blockchain mindset (adversarial thinking, authenticity, and audibility), where it really isn't needed.
2- You can build append-only logs or DAGs with signed blobs if you want, just don't make it a requirement without a clear reason that justifies the cost.A web of repos is a light cone of commitment.
Who asked for that though? What is the purpose of this? because we all know the massive cost.
Finally, the web is loose liquid, and chaotic, trying to force structure on it will fail, just like trying to force semantics on it failed, entropy wins, because the alternative is too expensive.
I don't actually mind that PDSs are doing repos under the hood, as long as you stick to the server doing the signing, and only one canonical server at a time, because the cost, in this case, is low, and versioning/verifying becomes cheap.
Except it:
1- Makes PDSs more complex and harder to independently implement by others (centralization like in Matrix).
2- Makes running a PDS more involved, as you need to worry about rebasing as we see happening right now on Bluesky. - @planetoryd:matrix.org00:47Message deleted
- 04:42@oliveolive111:matrix.org changed their profile picture
- 07:03Olive changed their display name to Oliver
- 07:19Midou (Away, coming back at 10/6) changed their display name to Midou
- AlbertoV13:15Hi I have installed a Go web server as described in build instruction running AT Protocol https://github.com/AlbertoVari/social-app/blob/main/docs/build.md what HANDLE I have to use because I dont't have yer a Bluesky user ? ./bskyweb serve --pds-host=https://staging.bsky.dev --handle=<HANDLE> --password=<PASSWORD> TThank you !
- 14:00Karl Abbott changed their display name to Karl Abbott (Away Until 19-June-2023)
- Aaron Goldman15:23I think git changed the nature of open source software. In a way that ftp directories didn't. Yeah merge can be hard but push, pull, and local work matter a lot. Even if a hub can refuse to accept your change unless it is a fast forward. However git is not a URL. I think having content centric addressed repos that designate a consensus group for the latest head extended git with the kind of references that we need to turn to GitHub for today. I think this halfway point between git and http will allow users to publish without handing control to websites like Facebook or GitHub. It's the mutation model of git with the URLs that make it part of the web. I want documents to be able to reference a URL and repo controllers to not need to rely on someone like GitHub to maintain that URL. I just don't think git would have been as successful with individual blobs as the unit of versioning instead of the repo.
- Aaron Goldman23:22
In reply to this message
Just read this at your recommendation.
I think this is pointing out the kinds of things that are solved by splitting large objects into many small objects and using a MST instead of a prefix tree. Pull just the collections you need. Update just the records you need. Rebuild the tree without needing anything other than the path to the root. You don't need the whole tree to update and sign. Just the logarithmic path. Sat, Jun 10, 2023
- 00:30andrew (@young.af) changed their display name and profile picture
- 01:44notdaniel joined the room
- @nuhvi:matrix.org02:40Yes, Git doesn't have that luxury because it is not a search tree and adding or deleting one file will change everything to the right of it. But you still in MST tangling lots of stuff together, that is probably useful in many cases, and it works great for At Protocol choices, especially signing on server side.
- 08:31Aaron Folmer set a profile picture
- 12:02@erichf:matrix.org joined the room
- 13:49andrew changed their profile picture
- yigitcan16:28I have a
did:web
setup for my personal domain. Want to use Blue Sky as my PDS without any self-hosting. Is this possible at all, or do I have to spin up my own PDS if I don't want to usedid:plc
?(edited) - Aaron Goldman18:18Sorry If I misunderstood your question. If what you want is to use your domain as a handle you need control of either `_atproto.name.example.com` TXT `did=your_did` or `https://name.example.com/. well-known/atproto-did` resolve to `your_did` A separate question is wether that DID is a did:web or a did:plc. That is about whether you want to trust the PLC directory or the CA system for your DID.
- Sabir Ibrahim21:26Hi everyone... I have an invite code. First person who replies to this message gets it (I'll DM it to you). All I ask is 3 things: 1) you're actively involved in AT Protocol- or Bluesky-related development, 2) you use it for yourself, not someone else, and 3) you don't already have an account.
- goykasi
- Sabir Ibrahim
- Aaron Goldman22:20
In reply to this message
Is it just that you don't want to run a PDS or is it that you want a domain name as the root of trust instead of a key - 22:39confidant1118 changed their display name to confidant1118 (per/per)
Sun, Jun 11, 2023
- 02:18@tillkruss:matrix.org left the room
- 04:09@confidant1118:matrix.org left the room
- n-three04:32First version can be tested at https://yellowskyweb.xyz
- yigitcan04:46
In reply to this message
Hey Aaron, thanks for the reply. Mostly that I want to disconnect my account handle + did completely from a specific server. I want to manage my own keys. I have already setup
.well-known/atproto-did
for my domain, but I can not login to BlueSky with it. Changing the handle also fails because it expects the did to be set todid:plc
. I don't want to host my own PDS as well, unless I really have to(I can if the answer is "you have to").My assumption was that the UI would not work with a
did:web
, since BlueSky has no chance to access my keys but I could at least send some posts via CLI/HTTP requests by signing on the client-side myself.Checking the PDS code a little bit, it seems like PDS is doing the signing in the backend (BlueSky). So unless I add their signing key to my
did:web
, they won't be able to add posts to the PDS? - 08:03uxuyuz joined the room
- uxuyuz08:13Hey all, good to be here!
- uxuyuz08:19I had a question around the experience for users of applications built with AT Protocol. To my understanding, above the surface, the only real UX distinction is how the application handles user profiles (as shown in blueSky).
- xb5krnf29715:02Message deleted
- 21:01@blueb:matrix.org joined the room
Mon, Jun 12, 2023
- 03:57@itspranitsingh:matrix.org joined the room
- 03:59@itspranitsingh:matrix.org left the room
- SGOTI09:03Yay, I'm in
- @farribeiro:matrix.org09:37In the chat or in bluesky platform?
- 09:40@arcterius:matrix.org left the room
- Aaron Goldman14:27
In reply to this message
In practice today all mutations to the MST are signed on the PDS. Using the
verificationMethod
id
#atproto
key. Updates to did:plc are signed byrotationKeys
. If you were using thebsky.social
PDS then you can upload your own recovery key as the highest priority rotation key. You could then rotate the PDS' keys and leave only your key. This means there is a path from the PDS controlling your DID to controlling it yourself.In design but not anywhere close to implemented yet. The same logic applies to
verificationMethod
id
#atproto
You could store all the atproto verificationMethod keys on your clients and sign all the repos there. Only uploading the signed roots to the PDS that have been signed on the client. The PDS would then enforce theprev
field points to the head that the PDS has. If it does not the PDS will reject your update and tell you to rebase your client and try again with theprev
that does point to the current head. No forking.Short term I would say you need to run your own PDS to control your keys but the protocols core data structure MST and did:plc were both designed to empower users to gradually take more and more responsibility over their own keys. You should be able to start with a DID and repo that are controlled by the PDS.
When you are ready, add your rotation key so you can recover.
When you are ready, remove the PDS rotation key so the PDS can't steal your DID.
When you are ready, move signing from the PDS to your user agents so the PDS can't publish as you.It is important to have low friction adoption by having high trust in the PDS but that this is redeemable as user come to value their repos more, they can take more responsibility.
Warning: If you remove your PDS' keys from your rotationKeys then the PDS has no ability to help you recover your account.
- 14:30The server is enforcing the lack of forks but this is independent of the question of where the MST is updated or signed.
- Aaron Goldman14:51
The
did:web
vsdid:plc
there are non-trivial tradeoffs. On thedid:web
site we are trusting DNS and the CA system to certify that the DID Document returned is authentic. Just like any other https connection. This means that is DNS and a CA move your domain to someone else's control they move your repo to their control. Granted we rely on this system for a lot of very valuable https connections and it does mostly seem to work. On thedid:plc
side we are relying on the hash from the DID string to auth the initial state of the DID Document and the rotation keys in each version to auth the next delta. If you keep your rotation keys secure no one but you can update your DID Document. If you are careful not to fork your DID Document then this is good. If two rotation key holders each try to update the DID Document we have a data race so one fork must win and become the curent DID Document and the other fork must be pruned. This is where the directory comes in. The directory is the timestamp server and the first to file a delta with the directory wins. The second filer gets rejected as having an invalidprev
field. Any PDS that is presented with conflicting document logs must go to the directory to find out who is the curent and who is pruned.The did:plc is the more secure architecture as the directory is given far less trust than the DNS, and CA system is given for did:web but the directory has also done far less to earn our trust then the DNS, and CA system that have years of technical and legal work put into earning our trust.
- 16:22@sterkte:matrix.org joined the room
- @farribeiro:matrix.org16:22Hello... Does BlueSky have clients to access the platform, like tweetdeck?
- moved to @shreyan:beeper.com@shreyanjain:matrix.org17:24Yes
- 17:25Well none of them are really similar to tweetdeck yet
- @farribeiro:matrix.org18:04i see i found the atproto community project with the clients... web/phone (iOS and Android)... i using the bluesky client and is good for the goal, I was saying to a friend what I not know tweetdeck
- 18:04i thinking the tweetdeck is a chrome extension
- 18:05not a web "client" for twitter and official(edited)
- Aaron Goldman
- Aaron Goldman18:40
In reply to this message
https://tweetdeck.twitter.com/ is an official https://twitter.com client - @farribeiro:matrix.org
- 22:14@sdsi:matrix.org left the room
Tue, Jun 13, 2023
- 02:10Mark Poulsen joined the room
- yigitcan05:23
In reply to this message
Aaron Goldman Firstly, huge thanks for taking your time to give detailed answers. I really appreciate the time and energy you put into these messages.
I definitely understand how
did:plc
can be safer thandid:web
given that I may forgot to renew my domain and someone else can buy the same domain. Or that someone may hack my hosting to change the.well-known
files. However, I still think thatdid:web
is a very strong contender in the DID methods space. As you have said, both domain registration and CA certificate issuance is what the internet is running on for the last few decades. Even though they may have their shortcomings, I think it is a very valid way of managing a digital identity, especially for things like sending BSKY posts.For these reasons, I want to use
did:web
, notdid:plc
. I am not choosingdid:web
because ATProto supports it alongside withdid:plc
. I am choosing to use ATProto, because it supportsdid:web
. Hope that makes my standpoint more clear 😃 More context: I have been working with SSI and DIDs for the last few years. So thedid:web
setup I have is not just for using ATProto.(edited) - 05:28
The reason I am writing is, I want to understand how the current ATProto spec and the current implementation of BSKY can be used to work with the
did:web
I have setup.You mentioned that I can sign "repos" on the client side and then upload "roots" to the PDS. Does this mean I can do that right now with BSKY. So I can use my
did:web
with BSKY? Or does the current implementation of the spec / BSKY not support it? - 08:51@xinguankeli:matrix.org left the room
- 08:53kou029w joined the room
- Aaron Goldman10:38
The curent implementation only does server-side signing. 😭
I think the PDS if
username.example.com/.well-known/atproto-did
resolves to your did web DID String,
your DID Document has alsoKnownAs your handle, verificationMethod atproto, and service atproto_pds
then you should be able to use your did:web.123456789101112131415161718
"alsoKnownAs": [ "at://username.example.com" ], "verificationMethod": [ { "id": "#atproto", "type": "EcdsaSecp256k1VerificationKey2019", "controller": "$Your_did_web", "publicKeyMultibase": "$Your_Key" } ], "service": [ { "id": "#atproto_pds", "type": "AtprotoPersonalDataServer", "serviceEndpoint": "https://bsky.social" } ]
e.g.
https://aarondgoldman.bsky.social/.well-known/atproto-did
https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/ - 10:38I now need to go look at the code but I thought it currently will resolve only did:plc and did:web
- goykasi10:41Can the well-known/atproto-did endpoint serve a full did document? instead of plc did?
- Aaron Goldman10:41There is also the DNS record way of pointing
username.example.com
at your DID but is so you don't need to run a web server which you are clearly already doing as you want to use did web - 10:45
In reply to this message
Nousername.example.com/.well-known/atproto-did
is just way for the domain to assert that the name is bound to the repo. The long term identity of the repo is the DID not the handle. Think like twitter. You can change your handle and not lose all your followers. The UserID did not change. Follows are for users not handles. The.well-known/atproto-did
is just a way to resolve a handle to a DID. - 10:46DID -> DID Document is method specific and not related to handle to DID binding.
- yigitcan13:51Aaron Goldman thank you very much for all the answers. I will check self-hosting as an option and the code a little bit. This was a very insightful discussion 👍
- Aaron Goldman15:18I hope my jumping back and forth between the theory behind the protocal and reality of the curent implementation is not too confusing.
- 18:55Nghia Cao joined the room
- @chrishobcroft:matrix.org19:51Twitter Spaces is audio-only. Bluesky Spaces can have video, here is the infrastructure: https://docs.livepeer.org/guides/developing/multiparticipant-stream.en-US
- 19:54The infra is fronted by a US Inc. with foundations as a decentralised video transcoding network. A self-hosted infra option is in the works.(edited)
- Deavial Drake21:07interesting take on how skyspaces works. where did this info come from?
- Sabir Ibrahim21:13I apologize if this is not the right forum for this kind of inquiry, but does anyone know if there's an entrepreneur-focused meetup or group for developers of decentralized platforms (like developers of AT Protocol apps, ActivityPub apps, etc)? Alternatively, is there one just for developers of AT Protocol apps? If no one here knows of one, might there be some interest in starting one?
- 21:38@jmkrds:matrix.org joined the room
- 21:40@jmkrds:matrix.org left the room
- Aaron Goldman
- 22:51@louipc:matrix.org left the room
- 23:53@shippage:mozilla.org left the room
Wed, Jun 14, 2023
- pizzaknight01:07Hey all, we atbsky.nycjust sent a proposal to set up a StackExchange Q/A page for Bluesky + ATProto: https://area51.stackexchange.com/proposals/127870/at-protocol-and-bluesky?referrer=MzhiN2Q3YmJhOTNkODA2NWQ2Yzg0MjllZWIxODM1OTA0YzQ1ZWM5ZTU0NDkwZDZkYTMwYjRmYWVkYmIyMTQ2ZO1B_I0ysf7EwKJ7b49XB1qz2jXDxRv-Fe0EwDoCzZ210 Kindly check it out and follow it to help get it approved 🙏 I think the way to show support is by asking questions there and sharing the link for others to do the same and interact.
- Sabir Ibrahim01:28
In reply to this message
These are interesting, but I was thinking more along the lines of an informal, regular meetup group (virtual or in person). Most people can't attend a retreat in the Redwoods. - @chrishobcroft:matrix.org03:34
In reply to this message
I'm not quite sure what you mean tbh. This isn't so much a "take on how skyspaces works" more an option for how "skyspaces" could work, based on a sustainably-operated infrastructure. The information came from Livepeer community via me. More about Livepeer here: https://livepeer.org/primer - Deavial Drake04:17
In reply to this message
ah thank you for the clarification. i understand what you are saying now - 07:180xmu joined the room
- 14:33moeinghezelbash joined the room
- 19:07Nick S joined the room
- 23:08Siddhartha Golu set a profile picture
- 23:18siddharthagolu changed their display name to Siddhartha Golu
- 23:56jbrr joined the room
Thu, Jun 15, 2023
- 05:48ion palamarciuc set a profile picture
- 07:38@nedrikegne:matrix.org joined the room
- 08:34@nedrikegne:matrix.org removed their display name (nedrikegne)
- 08:34@nedrikegne:matrix.org left the room
- 12:09//ADB changed their profile picture
- 13:18gmwaniki joined the room
- 17:12nullpointer2023 joined the room
Fri, Jun 16, 2023
- 00:31fr33domlover changed their display name to pere/fr33
- 00:33pere/fr33 changed their display name to pere (fr33)
- 01:32@leohoo_sdu:matrix.org joined the room
- @leohoo_sdu:matrix.org01:47What actions should I take to meet the requirements for the waitlist? I've been waiting for several days and would appreciate guidance on how to qualify.😂
- Yumeka01:50
In reply to this message
I heard that there are people that registered at last year(october), but still not received one. So... you will just need to "wait"(edited) - @leohoo_sdu:matrix.org01:57So it's hard to understand the reason for getting the invitation code. Is there any concrete information regarding the transition of Bluesky from a private beta to a public one?
- Yumeka02:00atproto itself is not finished.(as I aware of) for example, federation is impossible. which means only users from same server can communicate each other.
- @leohoo_sdu:matrix.org02:05i got it, thank you 👏
- 10:18@oliveolive111:matrix.org left the room
Sat, Jun 17, 2023
- 03:43@lucusjules:matrix.org joined the room
- 14:15James joined the room
- 14:51@ddoan:matrix.org joined the room
Sun, Jun 18, 2023
- 10:40Joran Honig joined the room
- 14:42KlonAmy changed their profile picture
- 14:42KlonAmy changed their profile picture
- 16:27@levisio:matrix.org left the room
- 17:42@ajcxz0:matrix.org joined the room
Mon, Jun 19, 2023
- 06:20@swappyfx:matrix.org joined the room
- 06:21@swappyfx:matrix.org changed their profile picture
- 07:29Karl Abbott (Away Until 19-June-2023) changed their display name to Karl Abbott
- 08:02@lucusjules:matrix.org left the room
- 15:02sshayanh joined the room
Tue, Jun 20, 2023
- 02:47@sublimeclemency:matrix.org joined the room
- @sublimeclemency:matrix.org02:47i am really looking forward to bluesky
- 02:49In May 2023, Bluesky was made open source under the MIT license
- 02:49really nice!
- 02:50i wonder if elon still supports bluesky...
- damon/05:36No need to wonder. He never did support it.
- 08:34@anekoneko:matrix.org joined the room
- Aaron Goldman09:40I don't think he likes that it's hard to steer the conversation in federated platforms. Not that the attempts to install a steering wheel on Twitter's conversation have worked particularly well. People seem to just leave when their timelines no longer reflect their interests.
- grin11:51Anyone calculated how much real money does it cost to actually host a bluesky node (or whatever it is called nowadays)? I haven't checked recently but it required some "crypto" to be bought.
- Fred12:15I've got a few extra invites. I'll be looking at engaged users in the conversation who contribute and just send to them privately
- Aaron Goldman12:44
In reply to this message
Not sure I follow. How many users with how much data will drive the cost. Have you tried running the PDS on a single small node?
https://github.com/bluesky-social/atproto/blob/main/Makefile#L26 - grin12:46
In reply to this message
Thanks but no, I did not mean the resource costs. I have some vague memories that to host a full featured server (I don't remember the terminology, and I haven't read it again just yet) one needs to give money for some "crypto" which is compulsory for the server (for some kind of Proof-of-stake system I suppose). But correct me if I remember wrong. - Aaron Goldman12:47should be just the resource costs
- grin12:47Okay, then something's changed. I'll check again, thanks.
- Aaron Goldman12:47disk can get expensive https://www.digitalocean.com/pricing/volumes
- grin12:48Aaron Goldman: I am hosting dozens of free services, like this matrix server I'm using ;-)(edited)
- Aaron Goldman12:4810 USD/GB/Month
- grin12:49But I'll re-check the architecture, my memory may be flaky (but unfortunately it's usually correct)
- 12:50Let me see how BGS hosting works...
- Aaron Goldman12:50If the PDS uses a lot of your servers resources you should come back and complain here. Scale down is also important not just scale up
- grin12:50
In reply to this message
well if you ever seen a matrix server you'd know it's probably cannot be a bother - Aaron Goldman12:53I never ran a matrix server what is your experience of normal resource costs there?
- grin12:55
In reply to this message
I cannot translate it to cost, but a server with ~1000 people uses about 8-10 continuous threads of a server-grade cpu, about 5-8 GB RAM, and about 100 GB/year storage-wise - 12:56Plus about the same for a db
- 14:13Chris Chabot joined the room
- 15:51jaz (iftas.org) joined the room
- jaz (iftas.org)
- 16:02Believe*
- 16:13Anselm Schumacher (@schumi:tchncs.de) joined the room
- Matthew16:20
In reply to this message
matrix scales based on the membership size of the rooms you're participating in. - 16:20or conversely a server with loads of users which only hosts DMs can be pretty efficient.
- 16:20I quite like the asymmetric bluesky approach where BGS does the heavy lifting and PDS is only as popular as you are
- 16:21on the matrix side, we're trying to address it by making everything go fast (e.g. via lazyloading) while keeping things symmetrical.
- moved to @shreyan:beeper.com@shreyanjain:matrix.org
- Matthew16:23nope, too busy in matrixland. looks cute though
- 16:23we are making good progress on account portability in matrix though so you could point a did:plc at a matrix account and so use matrix for DMs for bluesky
- 16:23(especially in combination with plonkingrnmatrix.cominto the bluesky app)
- 16:24the best solution would be to run matrix as a atproto lexicon tho
- 16:24but i'm hoping that demonstrating identity interop is a good first step regardless.
- 16:50@swappyfx:matrix.org left the room
- Matthew16:53(aaron: i've poked arcalinea about this proposal via a few different routes and haven't got a reply, so please feel free to yell at us to back off if this sounds like a bad idea)
- 16:54also, the guy leading the matrix account portability work (kegan) is going to be at dwebcamp in case folks from bluesky are there and want to sync/hack/geek in person
- 16:54(i was hoping to make it but am stuck in the UK for element funding fun.)
- Aaron Goldman18:09I should probably read the matrix account portability docs but what do you need in a DID Document for that DID to be used as a matrix ID?
- 18:12Kegan joined the room
- Aaron Goldman18:12Is https://github.com/matrix-org/GSoC/blob/master/IDEAS.md#decentralised-accounts what I should read?
- Matthew18:12nope, that's about 5 years old :)
- 18:13https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/pseudo-ids/proposals/4014-pseudonymous-identities.md is current state of the art, but very much from the Matrix PoV
- 18:13(afk)
- Kegan18:14
In reply to this message
In theory just the matrix user ID (expressed as a URI for compliance with the DID document format) and a home server URL as the service - Joanna18:17Hi guys,
I’m on a mission to free the people,
Can we join forces to make it happen faster ? - moved to @shreyan:beeper.com@shreyanjain:matrix.org18:18
In reply to this message
Brilliant, the next step would probably be how to verify it on the Matrix end - Kegan18:22givenplc.directoryis a free-for-all, it would make sense for any kind of verification to go direct to it - though this hurts the decentralization goals givenplc.directoryis so centralized currently, and making a bunch of decentralised services all use that as a choke point is unfortunate
- Aaron Goldman18:36
alsoKnownAs
is a json_array. Should be able to just add a matrix URI in there and have a symmetricat://
uri in your matrix profile. This should give mutual auth. - 18:38keep in mind you don't want to look at
https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/
you want to usehttps://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/log/audit
and replay the delta log yourself so the directory can't lie. - Kegan18:38yep, I'm aware
- 18:39the problem is matrix profiles aren't fully extensible, so there's no place for your
at://
URI to live - 18:39and really it should be a DID not
at://
surely? - 18:39for the folks who prefer did:web
- Aaron Goldman18:40There are already client that are using the directory to build the doc. This was for humans and validating your replay code for direct use. 😞
- 18:43did:web, did:key, did:plc, did:somthing_from_the_future If it was me I would just say it needs to be a AKA list that are URIs but yeah mostly DIDs
- 18:44I am hoping that most social networks or anything with profile really will add an
alsoKnownAs
list of URIs and that if it is mutual then it is a valid AKA. - 18:45web2, web3, keys whatever
- 19:50bluecentipede joined the room
- 22:53@caiostob:matrix.org left the room
Wed, Jun 21, 2023
- 00:24Sora Morimoto joined the room
- kcchu03:29Hi. I am looking into using the event stream API (https://atproto.com/specs/event-stream) to synchronize profile data in my app (bsky.directory). It seems that the official @atproto/api client doesn't support this (yet). Are there any third-party NodeJS client library for using the event stream?(edited)
- syui01:13I get the following error in sandbox. What could be the cause? Error: Profile not found Error: Error: Params must have the property "actor Error: Profile not found
- 07:54@alexl:kde.org left the room
- 10:23Adnan joined the room
- moved to @shreyan:beeper.com@shreyanjain:matrix.org10:52Don't know about nodejs but I know of Python and Ruby libraries
- 11:30Jake Gold joined the room
- 11:45Emil Jansson joined the room
- 11:47Emil Jansson left the room
- 11:51Emil Jansson joined the room
Fri, Jun 23, 2023
- 13:28glenschl joined the room
- 14:29Karl Abbott changed their display name to Karl Abbott (OOO at Conference - back on 29-June)
- 14:33@glassofwater369:the-apothecary.club joined the room
- 14:54vegemike joined the room
- 15:45Eren changed their profile picture
- 15:57xell joined the room
- 18:57Eren changed their profile picture
Sat, Jun 24, 2023
- 06:12anirudhisonline joined the room
- 07:48aurilly joined the room
- 07:48aurilly set a profile picture
- 17:39@gu26mer:tum.de joined the room
- 17:44@gu26mer:tum.de left the room
- 18:03kickmule joined the room
- 18:34jhantkw changed their profile picture
Sun, Jun 25, 2023
- goykasi00:37Nice job getting the federation sandbox released! But Im having some issues with the users that I have created on two separate PDS servers. I am not able to interact with the sandbox since my PDS always returns "Failed to load profile" (on the web site) and "Actor not found" (on the api side) Im able to do some basic things: signup, signin, swap users, change my handle, set languages but thats about it. Any suggestions for debugging this? https://plc.bsky-sandbox.dev/did:plc:6giklpeoa4de73ilizosaj36 https://plc.bsky-sandbox.dev/did:plc:wfvnbec6pkuk2pps2m4dwraf
- 02:30Max (@max:maxstuff.net) changed their profile picture
- 10:29subbu changed their display name to Subramani
- 10:29Subramani changed their display name to SJ
- 12:11paul joined the room
Mon, Jun 26, 2023
- 00:10bottom ⛓ chained 🇺🇦 🏳️🌈 🏳️⚧️ joined the room
- 06:44Антон Минаев joined the room
- 12:03Robert Long joined the room
- 17:40maze changed their display name to Kito
- 18:09Kito changed their profile picture
- @sanktmax:matrix.org19:16Message deleted
- Sabir Ibrahim
- curiouskoa19:32Sabir Ibrahim: hi Sabir — if you’ve got a 2nd invite code - I would SOOOO appre
- @sanktmax:matrix.org19:33Message deleted
- 19:55@porus99:matrix.org left the room
- @sanktmax:matrix.org20:06Message deleted
- 20:14ThatLinuxUser joined the room
- 20:17@darknesstobright:matrix.org joined the room
- @sublimeclemency:matrix.org20:40i noticed bluesky becuse of the wikipedia page said it turned open source recently
- 20:40but bluesky has been in development even before elon took over twitter, so i'm not sure why twitter's intentions were in making bluesky
- 20:46curiouskoa set a profile picture
- Sabir Ibrahim21:13
In reply to this message
The concept of federation and social media platforms built on open protocols started to gain mainstream publicity in 2017 when Mastodon experienced a surge in popularity. I think they hit another surge in 2019, which is what got Twitter's attention. The Bluesky project was started by Twitter in 2019 to capitalize on that trend. - @sublimeclemency:matrix.org
Tue, Jun 27, 2023
- 07:23@anekoneko:matrix.org removed their display name (neko neko)
- 07:23@anekoneko:matrix.org left the room
- ThatLinuxUser09:51Ello
- 09:51How long does the wait list usually take? Just out of curiousity
- Brad Brown09:52from what i’ve seen so far, you’re much more likely to get an invite from someone than you are to get your email from the waitlist anytime soon, but ymmv
- @sanktmax:matrix.org
- 13:35I 2nd this Github request. Would be really cool to see Bluesky app on F-Droid.
- ThatLinuxUser14:07I agree
- Aaron Goldman14:22
In reply to this message
I can tell stories but not usually in quite as public a forum.
Short version Jack was looking for ways to protect his legacy and the public conversation from the whims of the stock market Wed, Jun 28, 2023
- @sublimeclemency:matrix.org
- 09:30Thib changed their profile picture
- Aaron Goldman09:55The idea of the two most important forums for political speech in the US, Twitter and Facebook, being shareholder corporations dedicated to shareholder returns is a little scary 😱
- 09:55Granted you can easily argue with the premise
- 10:09Thib changed their profile picture
- alphadec17:39how do I get a invitecode. ?(edited)
- Whizanth
Thu, Jun 29, 2023
- Freezlex01:51Do you have any left? 🤷 😅
- kcchu01:52Hi. Just published Node.js library for using AT Protocol's event streams and firehose endpoint. https://www.npmjs.com/package/atproto-event-streams
- 01:53It also include a CLI for displaying the Bsky firehose
- 01:54Let me know if you have any comments/feedbacks
- 07:00Karl Abbott (OOO at Conference - back on 29-June) changed their display name to Karl Abbott
- 07:07igurin.06530 joined the room
- O08:13go Bluesky team, go! ❤️
- 08:19@glassofwater369:the-apothecary.club changed their profile picture
- 10:57Aditya Aggarwal joined the room
- Whizanth
- 12:36I DMed you one.
- Freezlex12:46👑🫶
- 14:04glenschl set a profile picture
Fri, Jun 30, 2023
- 07:31@obsmatr:matrix.org left the room
- 16:54bingusdetector joined the room
Sat, Jul 1, 2023
- 01:59@itspranitsingh:matrix.org joined the room
- 10:38milliondreams joined the room
- milliondreams10:43Hi all, what's the best place to start looking at to run your own at:// server? Can my own at:// server federate with bluesky's at:// servers?
- 10:49Sabir Ibrahim changed their profile picture
- 11:07@itspranitsingh:matrix.org left the room
- moved to @shreyan:beeper.com@shreyanjain:matrix.org11:28
In reply to this message
https://github.com/bluesky-social/pds
You can federate with most other servers, but not the main bluesky one
Keep in mind it's currently just a sandbox to test federation, and the PLC will be wiped from time to time
- milliondreams
- 11:45@itspranitsingh:matrix.org joined the room
- 12:01@itspranitsingh:matrix.org left the room
- 13:51st_nemo joined the room
- 14:15riunia joined the room
- 14:20Dust joined the room
- 14:21Zülfikar D. changed their display name to Dust
- Dust14:21Twitter is dying
- 14:21Why aren't you making the app public?
- Sabir Ibrahim
- Dust14:35Well
- 14:36Bluesky staff I guess
- Aaron Goldman14:47Scale is hard. The limiting factor is where the current amount of infrastructure would fall over. The plan is for a thousand PDSs to serve the 10 to 100 million users not to scale Bluesky PBLLC's servers to those numbers
- Sabir Ibrahim14:53
In reply to this message
In reply toDDust
Bluesky staff I guessIn reply to
@dust88:matrix.org
Bluesky staff I guessI can't speak for Bluesky, but there are many, many valid reasons why a startup might be better served by sticking to a strategy of gradual and deliberate growth. Technical reasons, business reasons, strategic reasons, financial reasons, legal reasons, etc.
(edited) - 15:38dostoynikov joined the room
- 15:4479de joined the room
- 16:00Fatih Bildirici joined the room
- 16:00Kioraga joined the room
- Fatih Bildirici16:05Hi folks, I'm Fatih, I'm a software developer at a defence company and I'm also working on an academic study on ReFi. I also wrote probably one of the first Bluesky introductions in Turkish long before the launch: https://medium.com/@fatihbildirici.dev/madalyonun-jack-dorsey-y%C3%BCz%C3%BC-merkeziyetsiz-sosyal-a%C4%9F-protokol%C3%BC-bluesky-f781b2ad1e3e After writing my thesis, I plan to be more interested in the developer side, and now I need an invitation code to try it as a user? Who can help?
- 16:07Naomi (@0xhaunt:purplehaze.noho.st) joined the room
- 16:08Nao changed their display name to Naomi
- 16:08Naomi (@0xhaunt:purplehaze.noho.st) set a profile picture
- Whizanth
- Skyler Hawthorne16:28
In reply to this message
Oh nice, I've been waiting for this kind of install guide to try out self hosting. Thanks! - 16:36Paul Nathan joined the room
- 17:25alexanderniki joined the room
- 17:29@caffeineee:matrix.org left the room
- 17:43Jazil Zaim joined the room
- Jazil Zaim17:44Hey guys, I am a software dev. Super excited to join and discuss what Blue Sky can have for the industry as a whole. I would love to contribute code as well at some point if possible
- Jazil Zaim18:01curious to know, how would people vote on the protocol features such as upvotes and etc.? do we just discuss here or is a lot of that in beta?
- 18:02and Ik it is too early, but how far is Blue Sky away from being decentralized cuz Jack did say earlier that Blue Sky is still quite centralized to some extent? Does the AT protocol need to be fully out of beta and developed for that to happen?
- 18:45Eidolon joined the room
- 20:32jcon joined the room
- 20:51lyuya joined the room
- kcchu20:53
In reply to this message
Bluesky have released the federation sandbox https://atproto.com/blog/federation-developer-sandbox. The remaining centralized part is the PLC DID, which they didn’t talk about their plan yet.(edited) - 21:11@parfait:filly.chat joined the room
- kcchu21:17IMO, the biggest obstacle to federation isn’t technical. It is current beta users’ reluctance to live on new federation network because of its impact to trust and safety(edited)
- 21:20cainsystem joined the room
- 22:37ozwald1 joined the room
- 22:58Doctor Bluefall joined the room
- james h jackson jr
- 23:41@rkt:matrix.org joined the room
Sun, Jul 2, 2023
- 00:20@0xnima:matrix.org joined the room
- @0xnima:matrix.org00:22hey folks. any invite code please?
- cainsystem00:27Can I have an invitation code?
- Chris Lace
- cainsystem00:29Chris Lace: Thank you!
- Chris Lace
- 00:43sekihan joined the room
- 00:52sekihan set a profile picture
- riunia00:59
In reply to this message
It can federate to others in the developer sandbox, but not on production network. - @rkt:matrix.org00:59Anyone have an invitation code available? I want to develop, but I'm having trouble getting an invitation code from the official site after waiting 3 months.
- manaken0522
- 03:40pmatteo1998 joined the room
- 04:50spinderheaddy joined the room
- zestylemonade06:07
quick question about https://atproto.com/guides/identity#did-methods
A variety of existing methods have been published so we must establish criteria for inclusion in this proposal
Strong consistency [...] High availability
how exactly is consistency and availability in a decentralized system at the same time going to be implemented
(edited) - @rkt:matrix.org08:12Anyone have an invitation code available? I want to develop, but I'm having trouble getting an invitation code from the official site after waiting 3 months.
- @chrishobcroft:matrix.org08:57This is nice. Question: does an approach exist to assist non-technical people with self-hosting a Bluesky PDS?
- kcchu09:38
In reply to this message
Not right now, but someone can certainly provide a service for non-technical user to spin up a PDS as simple as hosting a WordPress site - 09:42@nuhvi:matrix.org left the room
- @chrishobcroft:matrix.org10:04Message deleted
- @chrishobcroft:matrix.org10:05
In reply to this message
Right, it's why I'm asking. We have a project to tackle this very thing: DeBoot is a bare-metal bootloader which boots into a content-hash-addressed image, loaded from dStorage. Can use it to spin up a node from e.g. a "community-curated" image. Updating is done by rebooting.(edited) - 10:08@drimus:matrix.org joined the room
- Skyler Hawthorne10:19
I'm trying to find what all the configuration options are for a PDS. The
pds guidelists a few options, but not all.I did manage to find
this classin the atproto code base, but these seem to have totally different names for the same options, and not just with a prefix.Is this the right place to look? I can't seem to find any code that translates the values from the guide into the values in this config class.
- Skyler Hawthorne10:35
Ahh I found it. The pds guide mentions a different branch.
https://github.com/bluesky-social/atproto/blob/simplify-pds/packages/pds/src/config/env.ts
It looks like the config has changed pretty dramatically. I wonder why this stuff hasn't been merged
- Aaron Goldman11:20
In reply to this message
I'm not sure if this is a quick question but I will give it a shot.
"Strong consistency" refers to the consistency vs availability trade off. The protocol chose consistency for DID PLC.
"High availability" refers to the uptime. Typically measured in 9s of availability ratio. uptime/total time.
For PLC
plc.directorywe can design a "consistent" system with a good "availability" ratio. Just not 100% availability since you can't update your did:plc offline.For did:web it's your domain name. Your DNS. Your web server. It's whatever consistency and availability you set up with your domain certificate.
did:plc is the do it AtProto way
option.
did:web is the have it your way option. - 11:51@miedinger:matrix.org joined the room
- 11:55@miedinger:matrix.org set a profile picture
- 11:56@miedinger:matrix.org changed their profile picture
- 11:59@miedinger:matrix.org changed their profile picture
- 12:04Michael Soloviov joined the room
- 12:29@whateverxyz:matrix.org joined the room
- 12:34@whateverxyz:matrix.org left the room
- 12:58Bainstor joined the room
- 13:16Nil Kraunis joined the room
- 13:27feenstra joined the room
- 16:11rudzul joined the room
- 16:12tsiyonmatrix joined the room
- 16:30@BenNevis:matrix.org left the room
- Chris Lace17:51Are the invite codes still working? 🤔
- damon/17:56Not at the moment
- Chris Lace17:57Is SIMPLE X like the inbox 📥 too (BlueSky)?
- Aaron Goldman19:07Just curious is it just me or is the fact that high availability is a property of consistent systems not available systems confusing language?
- 19:09We talk about how many 9s Google docs has because we need to connect to it. We don't talk about how many 9s Microsoft Notepad has. It's a local application that doesn't need a global consistent state to be highly available. It just is available wherever it's installed.
- kcchu20:40
In reply to this message
When discussing consistency and availability property of a system, it really usually in the context of distributed system and CAP theorem. That is the system the system functions there exist network partition failure - 20:42This definition is indeed different that the availability in HA.
- kcchu20:49For example, a SQL database cluster provide consistency but not availability under CAP theorem. But such cluster obviously provides high availability
- 20:55@bbthorson:matrix.org joined the room
- Aaron Goldman21:09Yup
- kcchu21:31And, being a little bit nitpicking, it is weird to include high availability as a criteria for selecting a DID method. High availability describes the operation performance of a system that factor in implementation, maintenance and hardware reliability, etc. You can’t measure the availability in this sense by looking at the specification
- 21:33tomich joined the room
- Aaron Goldman22:09That was to distinguish it from a P2P gossip solution. We could have had the signed DID Document deltas just considered a set. When any two PDSs synced they would perform set reconciliation so each had all the deltas of the others. In this model how long does it take for a delta to propagate to all PDSs? Log the number of PDSs but no guarantee on any time frame.plc.directorycan accept a delta and it is available for any PDS to read in tens to hundreds of milliseconds. As long as we maintain high availability.
- 22:11In the gossip model I could send the update to my PDS but it could wait an arbitrary amount of time before syncing it around.
- kcchu22:47Isn’t this case about strong consistency vs eventual consistency? If you need strong consistency you already exclude gossip.
- kcchu22:57But indeed I am not sure strong consistency really a must when DID document updates are infrequent. PDS can sends DID document updates along side data repo updates to ensure casual consistency(edited)
- 23:33Not sure how true the allegations around AT Proto are with this thread. I am assuming that Hive is being used only for content moderation right?
Mon, Jul 3, 2023
- 00:33darabs joined the room
- 04:07@notlikedion:internal-fida.ems.host joined the room
- 04:48Alex (@alsivx:mozilla.org) joined the room
- 05:12@sages:envs.net joined the room
- Soohan Park (Heartade)06:19
In reply to this message
I've been wondering if there's any progress about DMs being made on bsky and alice@aliceisjustplaying:matrix.orgtold me about something happening on the Matrix side, are there any updates on this? - Skyler Hawthorne07:17
Hi everyone, I just managed to set up a PDS on my server, and I seem to have successfully made an account through the Android app, but when I try to load my profile, I get "Failed to load profile", and I see this in the logs:
12345678910111213141516171819202122232425
Jul 03 11:53:31 dead10ck.dev bsky-pds[63781]: {"level":30,"time":1688 385211667,"pid":63781,"hostname":"dead10ck.dev","name":"pds","req":{" id":924,"method":"GET","url":"/xrpc/app.bsky.feed.getAuthorFeed?actor =did%3Aplc%3Aiss4k5djxrakxv6bvmkv2ic5&limit=30","query":{"actor":"did :plc:iss4k5djxrakxv6bvmkv2ic5","limit":"30"},"params":{},"headers":{" host":"bsky.dead10ck.dev","connection":"close","authorization":"Beare r did:plc:iss4k5djxrakxv6bvmkv2ic5","accept-encoding":"gzip","user-ag ent":"okhttp/4.9.2","if-none-match":"W/\"b-SSk8i5UPzi6JB6Bv3a+V47dp7V Q\""}},"res":{"statusCode":304,"headers":{"x-powered-by":"Express","a ccess-control-allow-origin":"*","etag":"W/\"b-SSk8i5UPzi6JB6Bv3a+V47d p7VQ\""}},"responseTime":40,"msg":"request completed"} Jul 03 11:53:34 dead10ck.dev bsky-pds[63781]: {"level":50,"time":1688 385214043,"pid":63781,"hostname":"dead10ck.dev","name":"xrpc-server", "err":{"type":"InvalidRequestError","message":"Error: Params must hav e the property \"actor\"","stack":"Error: Error: Params must have the property \"actor\"\n at <anonymous> (/opt/bsky/pds/node_modules/@ atproto/xrpc-server/src/server.ts:195:17)\n at newFn2 (/opt/bsky/p ds/node_modules/node_modules/express-async-errors/index.js:16:20)\n at Layer2.handle2 (/opt/bsky/pds/node_modules/node_modules/express/ lib/router/layer.js:95:5)\n at next (/opt/bsky/pds/node_modules/no de_modules/express/lib/router/route.js:144:13)\n at <anonymous> (/ opt/bsky/pds/node_modules/@atproto/xrpc-server/src/server.ts:377:7)\n at process.processTicksAndRejections (node:internal/process/task_ queues:95:5)","errorMessage":"Error: Params must have the property \" actor\""},"msg":"error in xrpc method app.bsky.graph.getLists"}
- 07:21Also, I'm not sure if this error is related at all, but I'm not seeing anything in the pds developer guide about well known delegation. I have my machine's host name set to
dead10ck.dev
, but the bsky server name isbsky.dead10ck.dev
and the nginx listens for requests there. But I don't see any options or docs for if I need well known delegation to make this work - 09:10Tim Miller joined the room
- Tim Miller09:18Hey folks, I'm hacking on an AT Protocol binding for .NET, and I got to dealing with records. I saw that for records (Creating posts, likes, reposts, etc) you have to set the "createdAt" timestamp when sending it. I'm interested in the thought process behind that.
- 09:19For the hell of it, I created a new post at 0001-01-01 and it worked. The post showed up as the first post on my profile. The timestamp on the site uses the indexedAt date so it showed I just created it.
- 09:22That feels like something the server recieving the request should set (since it set the indexedAt time at creation, that would be the createdAt time too I would think, and that would populate to other instances as they saw it) but I feel like I'm missing context and there is a reason behind it.
- 09:23@parfait:filly.chat left the room
- Soohan Park (Heartade)09:30I believe it takes migration into account. For example there's an app that imports your entire Twitter archive into bluesky, by@ian5v:matrix.org
- Tim Miller09:37But that's a weird choice though, IMO.
- Matthew09:37on the Matrix side we're still playing with this; just shipped initial support for pseudo-IDs in Dendrite (the golang Matrix server)
- Tim Miller09:37That means anyone can say any new post was made at any time.
- 09:38so am hopeful that by demonstrating how it could work, and that it could be layered over atproto as a lexicon in future, we can avoid a dystopia where bsky ends up reinventing the DM bits of Matrix
- Tim Miller09:39I guess it doesn't matter in the end (If I'm hosting my own instance, I can set dates to whatever I want and whenever someone else federates into that instance, that's the only truth you know)
- 10:56da changed their display name to denis
- 12:21Adi Cohen joined the room
- Soohan Park (Heartade)12:32Thanks for sharing!! This looks really promising 🔥
- 13:53@netman:kotous.cz joined the room
- Dust14:25Wonder if you are going to add hastags and messaging.
- 14:48Hashtags are on the roadmap, and I mentioned you on another thread about DMs!
- 14:52Btw Aaron Goldman: may I ask you what's your bsky handle?
- 14:53AFAIK this seem to be a misunderstanding caused by some ToS legal jargons
- 15:23@elijahemerald:matrix.org joined the room
- 15:32Karl Abbott changed their display name to Karl Abbott (OOO, back on 5-July-2023)
- 15:32@elijahemerald:matrix.org left the room
- Aaron Goldman
- Aaron Goldman16:51
In reply to this message
Technically not, you could split the task of asserting time from the task of distributing deltas.
Imagen we had a set of servers that were time witness servers. When I make my DID I pick a time witness to be the authority for my DID.
When I need to do an update it is in a pending state until the time server witnesses it.
I send the hash to the time server it sends back{hash, timestamp, witness_public_key, witness_signature}
now I gossip the delta and the time witness. The time witnessing gives us a total order so we can have consistency but the time witnessed delta is being gossiped around - Aaron Goldman17:08The time witnesses could have very little state. As low as the secret and a counter. The ever-growing state it stored by the PDSs that care about those
did:plc
s no one needs to store the dids they don't care about but we can still have total order. - 17:09we did not go this way becuse we could not guaranty high availability of the latest state of any particular did
- 17:09plc.directoryis both the source of time and the delta distribution server.
- @sterence:sleeby.cafe18:05i wanted to try publishing a feed on the sandbox environment and it mentions you can using the sandbox bgs (bgs.bsky-sandbox.dev) though when trying to publish the feed it just says the server isn't ready to accept published custom feeds yet. did something get changed with this somewhere along the way or have i set it up wrong?
- 18:16cheezenaan joined the room
- 18:45Alex Eftimie joined the room
- retr0id19:14you publish the feed via a record in your own PDS
- 22:47Brian King joined the room
Tue, Jul 4, 2023
- 02:11Aer0xander joined the room
- kcchu02:18
In reply to this message
In this design, how a client know that a DID document version is not staled without checking with the time witness for the latest timestamp of the DID?(edited) - Aer0xander02:28Hey all! I'll need to do a bit more research on the protocol myself, but just wondering if anyone already looked into linking a crypto wallet to an AT account. I'd probably want to use zkSync account abstraction, so if somehow an AT account could control the smart contract wallet that would be awesome (or if you could just log in with a crypto wallet alone)(edited)
- Soohan Park (Heartade)02:34Thanks!! The user search in the app isn't working great rn
- lyuya04:18If anyone has an extra invitation key, I would like to receive it.
- 04:50@axayacal:matrix.axayacal.space joined the room
- 08:22Kyle joined the room
- 08:58cogspace joined the room
- cheezenaan09:04If anyone has an extra invitation key, I would like to receive it.
- 09:10@axayacal:matrix.axayacal.space left the room
- Aaron Goldman
- kcchu09:30
In reply to this message
That’s the point. If slated data can be returned, it couldn’t meet strong consistency requirement, isn’t it?(edited) - Aaron Goldman11:36I recommend https://jepsen.io/consistency to try to get to consistent definitions. That said. If you have an asynchronous system the value can be updated at any time. If I do a read there is no guarantee that the value was not updated as the packet with the head is on its way back to me. So, the value can always be stale. What we can have been bounded staleness. If I asked the consensus group for latest as of sometime then it will remain the latest as of that time. There is some fuzzy ness as you get close to now but there is also a time in the past that has reached finality. https://docs.google.com/presentation/d/1qDizupgoYDUgk2dEuxx7KWLBN0E7u1EKVZFetqBUcjk/edit#slide=id.g125f79a75c4_0_241 We need one of: Compare and Swap (CaS) Stop and wait (Locks) In order transaction processing (Queues) to get consistency. By witch I mean a value that it the last value as of some time will always be the last value as of that time. It is the applications decision as to what bounded staleness is acceptable for the use case. E.G. A browser like thing may have a default 300 second bound for a name lookup but when the user does a hard refresh uses a 1 second bound. The only way to do better than bounded staleness is an atomic broadcast that requires unanimity but I personally find that finality and bounded staleness is sufficient. Unanimity just has such poor liveness it's hard to work with. Did I understand the question?
- 11:47commie★Ⓐ☭ joined the room
- commie★Ⓐ☭11:50is there a server implementation yet? i searched github and found a client.
- Aaron Goldman
- 11:59@sadecebakicam:matrix.org joined the room
- 12:08@sadecebakicam:matrix.org removed their display name (Hamideddin Moğulkoç)
- 12:08@sadecebakicam:matrix.org left the room
- 12:18chymerajade joined the room
- 12:26Niku Palamarciuk joined the room
- 12:43@morpheus:matrix.gridp7.de joined the room
- 15:06Jeff joined the room
- 15:15jeff changed their display name to Jeff
- 15:15Jeff set a profile picture
- Jeff15:28Message deleted
- commie★Ⓐ☭17:17ty
- 18:19alireza joined the room
- alireza18:19anyone have invite code ?
- 18:20i need to join blusky
- damon/18:20need?
- alireza18:20want
- damon/18:21This isn’t a chat for codes. Just development
- 18:21@jinkiesscoob_:matrix.org left the room
- alireza18:21so how to receive code ?
- damon/18:21Sign up on the website
- alireza18:22ok signed up
- damon/18:22Good luck and have a good day
- alireza18:27thanks
- moved to @shreyan:beeper.com@shreyanjain:matrix.org18:52
In reply to this message
It doesn't matter that much, because client can use the indexedAt property instead - kcchu19:26
In reply to this message
This definition of strong consistency based on ordering still requires knowing of staleness. In the design you described, a process (e.g. client) can read a newer version of DID document from one node and then read the older version from another node, violating the global order. The process can’t know whether the second read is newer unless it stores the timestamp which add unbounded storage requirements to all reading process. - 19:32ゆき joined the room
- 19:42sneak joined the room
- kcchu19:42Indeed, it doesn’t mean gossip-based DID method design doesn’t work. I only say this doesn’t meet strong consistency requirement stated in Atproto design doc. However, what I don’t understand is that why strong consistency is desirable for DID document storage. The gossip-based method like you described seems perfectly fine as a replacement of the currently centralized PLC method(edited)
- 19:53mamume joined the room
- 20:13Eren changed their profile picture
Wed, Jul 5, 2023
- 00:53alireza1992 changed their display name to alireza
- 00:57Júlio Scholz joined the room
- 01:02pere (fr33) changed their display name to pere (away until Sunday)
- 06:25@drimus:matrix.org left the room
- 07:16Karl Abbott (OOO, back on 5-July-2023) changed their display name to Karl Abbott
- 07:36@dezeter:matrix.org joined the room
- 09:12@liink:matrix.org joined the room
- 09:15@rimuru:gentoo.chat changed their profile picture
- @liink:matrix.org09:16Message deleted
- 09:30@liink:matrix.org set a profile picture
- 09:31@liink:matrix.org changed their profile picture
- 09:55Ågent joined the room
- Ågent09:55Hallå Galaxy 🌌
- 10:13@dezeter:matrix.org left the room
- @liink:matrix.org10:51Message deleted
- Aaron Goldman11:02
In reply to this message
So, my logic for consistency in the DID has a few steps and may well be reversed now that I am no longer on the team but here it is.
- Adoption is key to success of AtProto
- Key management is a speedbump. Use just want to sign up and not think about keys.
- By letting the server control the keys we get minimal friction and account recovery works.
- Some users will come to value their Identities and want to take controll of their repos after their initial creation.
- This requires the ability to permanently transfer an identity from one party to a different party
- If there is not an update mechanism with finality the PDS that created an Identity could withhold a update and publish it late to take back an Identity controlled by a user
(edited) - 11:07If the PDS needs to be able to mint the DIDs for users that have no idea that a DID is even a thing they could care about. We want users to be able to take gradual responsibility
- Aaron Goldman11:13
At first you just have a website that you use like https://bsky.social/ then at some point you decided you want to control your ID so you can move to any PDS and https://bsky.social/ can't steal your ID. (note: we have already seen the first bug where a pds was tricked in to giving away someones DID) When you want even more control you mode to client side repo signing where the PDS host your repo but can't publish without the cooperation of one of your user agents.
There are a number of levels of trust in your PDS
rotationKeys: PDS only | PDS and User Agent | User Agent only
atproto verificationMethods: PDS only | PDS and User Agent | User Agent only - 11:16The PDS taking back an Identifier that had been transferred to the users control is a version of the dubble spend problem and so needs a consistent update to allow for gradual responsibility for the user and gradual disempowerment for the PDS.
- 11:20This is one reason it will be nice to have the User Agent supplier, the PDS operator, and the Directory operator as three difrent entities. If you get the User Agent from the PDS you are trusting the PDS. We use the Directory to allow migrating Identifiers to new PDSs without the permission of the old PDS
- 11:24I want users to be able to just click "sign in with Google" and when they realize it is a terrible idea because they now need Googles permission to speak as themselves they will switch to using keys they control to control their repo.
- 11:27@chrishobcroft:matrix.org changed their profile picture
- 13:01AJax joined the room
- @liink:matrix.org14:20Message deleted
- Aer0xander14:50need a bot that removes those messages asking for invite code lol(edited)
- @liink:matrix.org14:52Message deleted
- 15:31ejmg joined the room
- Kyle16:26Message deleted
- Paul Nathan18:59Query: is the software on the GitHub account sufficient to build a "blue sky" deployment? I'm still wrapping my head around it all. :)
- 19:29hadim joined the room
- Drewry Pope19:37Not yet, eventually.
- Paul Nathan19:43How can a random backend eng / SRE help out, given I work a regular job? :)
- Aaron Goldman20:09Run a PDS, complain about operational annoyance
- 20:41TC Foxtaur joined the room
Thu, Jul 6, 2023
- 03:33@lukuniklo:matrix.org left the room
- 03:55@greyxor:matrix.org left the room
- 04:07@yun2dot0:matrix.org joined the room
- retr0id04:13or better, write a PDS :P
- 04:13@yun2dot0:matrix.org left the room
- 04:58ivnt joined the room
- 05:37@iamusualguy:var1able.network joined the room
- 05:38@iamusualguy:var1able.network set a profile picture
- Kyle09:24Message deleted
- 10:12sdr_ath0 joined the room
- 10:52thepoladov13 joined the room
- thepoladov1310:54Hi, I'm sorry, can anyone give me an invite code for blesky?
- @planetoryd:matrix.org
- 10:55@uvfgmrx:matrix.org joined the room
- 10:57@uvfgmrx:matrix.org left the room
- thepoladov13
- @planetoryd:matrix.org10:59no, do not
- ejmg11:36forgive the cross-post, but i created a feed for people who are building on/around at-proto and bsky in hopes of facilitating a stronger dev community on the application itself (and beyond the dev team of bsky itself lol). I tried to keep it simple with a single hashtag, #atdev (case insensitive). https://bsky.app/profile/ejmg.bsky.social/post/3jzuju3h5722i
- Nezteb11:46If I don't have a Bluesky invite, is there still a way I can easily build applications that interact with Bluesky? i.e. can I still get an API token somehow?
- @samme:schizo.cafe11:49
In reply to this message
https://github.com/bluesky-social/pds you can create (or join) a server in the federation sandbox - Nezteb
- 12:51@ddoan:matrix.org left the room
- Aer0xander13:10Is there a plan on how to make videos work?
- 13:14Alexander Klus changed their display name to Aer0xander
- 13:14Aer0xander set a profile picture
- Aer0xander13:18I once built a solution for my own decentralized app where the user just encodes the video locally with ffmpeg.wasm + HLS, but it's not optimal as you need a powerful device
- ejmg14:15that is pretty cute as a solution though lol
- Sabir Ibrahim
- 14:47Apologies for the slightly off-topic post, but did anyone catch the note about ActivityPub and federation in Meta's announcement of Threads? How does this affect the future of AT Protocol? Can Meta (or anyone else, for that matter) support federation on both ActivityPub and AT Protocol? Or are we headed for another VHS-Betamax war (I know I just dated myself with that reference, lol)?
- ejmg14:54can't say what an official reply looks like but members of the bsky devs/team has repeatedly stated that they're doing their own thing and they're going to keep doing their own thing and that, if anything, they wish good luck to the Threads team etc
- moved to @shreyan:beeper.com@shreyanjain:matrix.org14:55
In reply to this message
Ultimately I think that depends on which protocol gains more traction. Right now, ActivityPub is much more mature, and so it's a much more obvious choice for Meta to support. Eventually I could imagine them supporting AT Protocol in Threads as well. - ejmg14:56
In reply to this message
given the current state of the ecosystem and the purported goals of Bluesky PBLLC, this seems like the correct approach to take afaic - 14:59yeah at-proto is its own thing and breaking its own ground so that's another angle that makes framing the situation as 1:1 competitors not the best way to, well, frame the situation imo.
- Kyle16:08I deleted my account and was wondering if I emailed support that I could get it back or have to get another invite code to join?
- 16:56@holmosapien:holmosapien.com joined the room
- 17:07timo keller joined the room
- james h jackson jr
- 17:33@palmlive:matrix.org joined the room
- Skyler Hawthorne18:06
In reply to this message
Also, I do not consider it a Bad Thing for multiple federation protocols to exist. Having two protocols isn't exactly axkcd 927situation. Having 2 or 3 protocols can have benefits, as the projects can learn from one another, and motivate feature adoption. Saturation is obviously bad, but a little competition can be a good thing. - Aaron Goldman18:28If I was trying to avoid making a new standard I would have just used nostr to advertise git hashes rather than make AtProto 😎
- Aer0xander20:50Ok so if we want to link crypto wallets to a DID (particularly Account Abstraction/smart wallets if we assume that's the future of wallets), we need "chainproofs" https://github.com/ChainAgnostic/CAIPs/pull/218. I guess it's best to wait until they finalize it and then look at integrating it into AT
- 20:51Kinda need it rn if I want to port my app over..
- Aaron Goldman21:34Add your account as an AKA URI in the list
- Aer0xander22:00
In reply to this message
But how would you provide proof that you own the wallet/smart contract? Maybe creating a zk proof of smart contract ownership that can be verified locally by other users is the best way? (even then it won't be tied to the DID, so I think that's why we need the chainproof)(edited) - Aaron Goldman22:10Can't you put the did:plc in the ChainProofFact? ChainProofFact links the wallet to the did:plc AKA links the did to the wallet. Mutual auth. Did I misunderstand your use case?
- 23:52red joined the room
- red23:53H i
Fri, Jul 7, 2023
- 03:30Lucas joined the room
- 04:17svin matrixman joined the room
- 05:56@xelofan_:matrix.org joined the room
- 06:02xelofan_ changed their display name to Xelofan
- 06:02@xelofan_:matrix.org left the room
- 07:20Mohammad joined the room
- Mohammad07:21Does anyone know when we can get Blusky accounts?
- @holmosapien:holmosapien.com08:16
I stood up a PDS yesterday, generated an invite code, and created an account, but it seems to be in some half-working state. I can log in via the web sandbox app, but I can't do anything meaningful because everything results in a
Profile not found
XRPCError.Rough sequence of actions from the logs:
1234
2023-07-07 00:55:33.479 /xrpc/com.atproto.server.createInviteCode 2023-07-07 00:55:54.681 GET /xrpc/com.atproto.server.describeServer from https://app.bsky-sandbox.dev/ 2023-07-07 00:57:13.516 POST /xrpc/com.atproto.server.createAccount from https://app.bsky-sandbox.dev 2023-07-07 00:57:13.952 "Profile not found" in app.bsky.actor.getProfile
Given that it can take some time for the on-the-fly certificates to become available, I waited a while and created a couple posts. However, even now after letting it simmer overnight, anything like attempting to post or follow results in
Actor not found
errors in the logs.Would anyone have any suggestions for how to go about troubleshooting this?
(edited) - 08:32Jacob joined the room
- 09:24OmriOn joined the room
- ejmg09:34running a sandboxed pds is what i should be doing if i'm trying to stand up my own client or test bots/scripts that run against the bsky api, right?
- moved to @shreyan:beeper.com@shreyanjain:matrix.org11:02
In reply to this message
Hmm. That sounds like the BlueSky AppView isn't aware of your PDS. Did you use the bluesky-social/pds repo or bluesky-social/atproto? - @holmosapien:holmosapien.com11:06
In reply to this message
I used the
bluesky-social/pds
repository. Instance seems healthy (according to the healthcheck), and caddy and pds aren't throwing any errors other than the "Profile not found" and "Actor not found" messages when I try to do anything.12
$ curl https://pds.holmosapien.com/xrpc/_health {"version":"0.2.0-beta.5"}
- moved to @shreyan:beeper.com@shreyanjain:matrix.org11:15huh, that's really odd. I tried using the resolveHandle endpoint on your PDS with my federated handle, and it worked... so that means your PDS is federating in some capacity.
- @holmosapien:holmosapien.com11:30That is interesting. If I query my server I can resolve my own handle, but if I query your server I can't resolve mine.
- 11:32🦋 joined the room
- moved to @shreyan:beeper.com@shreyanjain:matrix.org11:32what's your handle?
- @holmosapien:holmosapien.com
- 11:35Not to be confused with the other daniel with a similar last name. I get all sorts of mentions on bsky from people who apparently type
@dholm
and pick the first autocomplete result that pops up. - 11:35Almost all of them people trying to get invite codes.
- moved to @shreyan:beeper.com@shreyanjain:matrix.org
- mikestaub12:05
In reply to this message
possibly, but its not clear how to link to DIDs and create group threads - Skyler Hawthorne12:43
In reply to this message
I have the same exact problem. Been trying to dive through the source code to see if maybe there's some undocumented config setting that's missing, but to no avail - 12:47I am guessing it has something to do with the
hostname
setting. My server's actual FQDN isdead10ck.dev
, and that's what I tried making my handle under, but I host other services on it, so I tried to set it up with thehostname
set tobsky.dead10ck.dev
so that I could set up my nginx to serve bsky requests through that host name. I checked my DID document in the sandbox PLC and it does show a service endpoint on the subdomain. But I wonder if this use case just isn't handled in the source code yet, where the service endpoint is on a subdomain of the actual FQDN - @holmosapien:holmosapien.com13:48
In reply to this message
That should be supported, since I see other people in the network with their servers hosted on subdomains. Now, you did mention nginx. Configuring the reverse proxy isn't part of the official documentation -- it assumes the PDS will be handling the traffic directly -- so I built a config similar to what I use for the other services that I host on this server; it handles
pds.holmosapien.com
(which is my $HOSTNAME) and*.pds.holmosapien.com
and proxies to the Docker container using HTTP 1/1.Since we're both having this problem and we're both using nginx, as well as the guy in
this issue here, maybe this weekend I'll try moving some things around so that nginx is out of the path to see if that changes anything. At least then we'll have the fewest moving parts for troubleshooting. - retr0id
- 13:49(behind nginx too, with other services on the apex and other subdomains)
- 13:50although that reminds me, with nginx, do you have the correct config set to let websockets work?
- 13:50because the firehose won't work without them
- @holmosapien:holmosapien.com13:52
In reply to this message
Yeah, these are the important parts for websockets:
1234
proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade";
- @holmosapien:holmosapien.com14:09Reading that ticket, I noticed the documentation says to set
PDS_BSKY_APP_VIEW_ENDPOINT
, but the actual environment variable used in the code (I just grepped to verify) isPDS_BSKY_APP_VIEW_URL
. That might be relevant. - Kyle14:21Any idea when support will email back? It's been a while. Looking for some account support, if not here then does someone mind to point me in the right direction?
- Skyler Hawthorne15:29
In reply to this message
Oh that's a good catch! Alas, it did not fix the problem. My profile still doesn't load, and logs show the same error - @holmosapien:holmosapien.com15:29Okay, I figured out my problem. I had a fundamental misunderstanding of how wildcard certificates work. I thought I could generate a certificate for
holmosapien.com
and*.holmosapien.com
to use in nginx, and that would handleholmosapien.com
,pds.holmosapien.com
, and*.pds.holmosapien.com
. In reality, wildcard certificates only traverse one level of depth;holmosapien.com
andpds.holmosapien.com
👍️,dan.pds.holmosapien.com
👎️. I generated a new certificate forpds.holmosapien.com
and*.pds.holmosapien.com
, changedPDS_BSKY_APP_VIEW_ENDPOINT
toPDS_BSKY_APP_VIEW_URL
, and my profile pretty much immediately became available. - Skyler Hawthorne15:30Also I was missing the web socket headers, but that didn't fix it either
- @holmosapien:holmosapien.com15:31So you'll want to use curl to hit
https://<username>.<subdomain>
and see if you get an SSL error. If you do, that's going to be your problem. - Skyler Hawthorne15:31
In reply to this message
... interesting. I also have a wildcard only under the first level, but does it need*.<hostname>
if you don't have any handles under that subdomain? - @holmosapien:holmosapien.com15:33
In reply to this message
I would guess that in your case you'd need a certificate forbsky.dead10ck.dev
and*.bsky.dead10ck.dev
. - Skyler Hawthorne15:36Thanks, I'll try this out later tonight
- 15:48Bruno P joined the room
- 15:51brpaz changed their display name to Bruno P
- Dust15:59Hello. In Android app, what's hot feed doesn't load more than 3 posts.
- 16:00Also can't see post dates, because some usernames are too long.(edited)
- 16:03Here is a screenshoot.
- 16:04Posting dates of the first two posts are not visible.
- Aer0xander16:13
In reply to this message
I think we're on the same page, I thought by add your account you meant just pasting your own address in the AKA list. So you're saying in the chainproof method, you would also include the DID as a parameter/requirement so that there's proof that you own both the DID and the wallet? - ejmg16:30
In reply to this message
i believe the "long user handles -> breaks UI stylings" bug is known and is known/being worked on. Not sure what's going on with the only 3 posts being loaded bug, would need more info. - 16:31if you just made the account, i could also see it just being a client syncing issue thing. Also, sometimes the server just farts for a few moments from too much activity and fails to load posts.
- Aaron Goldman17:09
In reply to this message
A binding should be symmetric or considered invalid. If my Twitter points to a DID it could be me or I could be lying. Same for the reverse. If they both claim to be alternative identifiers for each other then they are. - Aer0xander17:13Ok think I understand, new to DIDs so still trying to wrap my head around it, want to do it right the first time so it can become a standard for AT 😃
- Skyler Hawthorne18:17
In reply to this message
Do you happen to have your nginx in a sharable state? Even with a wildcard cert, I still can't load my profile - retr0id18:18
I'm not using a wildcard cert fwiw, but my main config looks like this
1234567891011
location / { proxy_pass http://localhost:31337/; proxy_http_version 1.1; proxy_set_header Connection "upgrade"; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 1d; access_log off; }
- 18:18ignore the janky indentation lol
- Skyler Hawthorne
- retr0id18:26it's all just letsencrypt boilerplate
- 18:27
but for the sake of completeness
1234567891011121314151617181920212223242526272829303132333435
server { server_name pds.dev.retr0.id; location / { proxy_pass http://localhost:31337/; proxy_http_version 1.1; proxy_set_header Connection "upgrade"; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 1d; access_log off; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/pds.dev.retr0.id/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/pds.dev.retr0.id/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = pds.dev.retr0.id) { return 301 https://$host$request_uri; } # managed by Certbot server_name pds.dev.retr0.id; listen 80; listen [::]:80; return 404; # managed by Certbot }
- Skyler Hawthorne18:31
In reply to this message
Thanks, just wanted to confirm there wasn't some basic config setting I was missing or set wrong. Is your machine's actual host name a parent domain of that? And is your handle on a parent domain, or a subdomain? - retr0id18:31idk what my server's canonical rdns is
- 18:32there's a whole bunch of domains pointing at it
- ejmg18:32standing up a pds was surprisingly easy
- retr0id18:32
In reply to this message
handle isdavid.dev.retr0.id
, which doesn't have a DNS record itself, but a TXT record at_atproto.david.dev.retr0.id
does exist(edited) - 18:33(note that I'm using my own PDS software, I'm not sure how handle resolution works in the official PDS builds)
- Skyler Hawthorne18:36
In reply to this message
........ ok, so when I'm saying I have a problem with the reference pds, and you say "it works for me", one will naturally assume you also running the reference pds. Saying your own PDS works means absolutely nothing in the context of a problem with a different PDS - retr0id18:37it's the same protocol 🤷
- Skyler Hawthorne18:37I didn't say "I'm having a problem with ATproto". I said the reference PDS throws an error. I'm reporting a problem with a specific implementation
- retr0id18:40And I know the precise meaning and origin of those error messages
- 18:42but yes, perhaps we weren't on the same page here
- Skyler Hawthorne
- retr0id18:44ok first of all, which error messages exactly
- 18:47and what's your PDS's domain, and what's your handle
- @holmosapien:holmosapien.com18:59
My nginx is similar to retr0id's, but here's how I have it configured to handle both port 80 (which is necessary for the auto-SSL generation) and 443:
1234567891011121314151617181920212223242526272829303132333435363738
server { listen 80; listen [::]:80; server_name ~^(.+\.)?pds.holmosapien.com$; location / { proxy_pass http://localhost:16780; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen [::]:443 ssl; listen 443 ssl; server_name ~^(.+\.)?pds.holmosapien.com$; location / { proxy_pass https://localhost:16743; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_ssl_server_name on; proxy_ssl_name $host; } <certbot stuff goes here> }
- retr0id18:59
In reply to this message
using my mystical powers of psychic debugging, the issue is that your account,@dead10ck-sandbox.dead10ck.dev
, has not posted anything yet, so the AppView is unaware of its existence - Skyler Hawthorne
- retr0id20:02yeah
- 20:03at least one commit
- Skyler Hawthorne20:03Interesting. Thanks, I'll give that a try
- Skyler Hawthorne20:10
In reply to this message
Amazing. That actually worked. Thanks for your help. Seems like a pretty glaring UX issue - Skyler Hawthorne20:16Has anyone been able to set up an account with
did:web
? It doesn't seem like this is supported yet in the app account creation workflow, so I'm assuming the only choice is calling the xrpc endpoint directly, after you've already set up your DID document in your DNS resolver? The docs don't mention at all how to set one up, and the W3C docs are pretty labyrinthine - retr0id20:16I've managed it onbsky.social
- 20:17but it required a custom client to make the signup request
- 20:17there's nothing in the UI for it
- Skyler Hawthorne20:18Yeah I figured as much
- 20:18You can probably do it with curl right?
- 21:17bohurricane joined the room
- 23:00Alex (@hawley:matrix.org) joined the room
Sat, Jul 8, 2023
- 01:43photogsteeler joined the room
- Dust02:20Anything new?
- 08:48Gary Robinson joined the room
- Gary Robinson08:53I apologize for asking such a newbie question as the one I'm going to ask. But I AM an utter newbie, interested in the potential of Bluesky. It occurs to me that the federate nature of Bluesky will mean that all data will be free of charge to access. This is very different from Twitter, where the Enterprise API costs $42K per month(!). Is that true? Or will the reality be more like: atproto is a federated protocol, but there will be a huge Bluesky node run by the Bluesky entity, and to get the kind of access that the Twitter Enterprise API allows for, developers will have to pay Bluesky some as-yet-unknown amount?(edited)
- Aaron Goldman09:30
In reply to this message
First no need to apologize "newbies" are welcome and more importantly anyone trying to learn or share information about the protocol. A good question can move a community just as much as a good code contribution.
As for whether federation implies free API use it is a little complicated so I will split the question.
A repo is a Hash Tree with a signed root. This implies that if you have the data you can validate the signature and trust the repo as if you got it directly from the user or their PDS. So you could get the repo from anyone who has it driving down the cost of retrieving the repo to the lowest bidder.On the flip side a PDS has no obligation to talk to you. They could put a charge for serving the content.
So you might end up in a situation where a PDS charged $10 per GiB for API but there is a BGS that is changing $10 per TiB. Your PDS would try to get the data from the cheap BGS before bothering the PDS. This kind of structure could allow PDSs that don't have much bandwidth to push traffic to catches that can handle it better.
On the flip side you would not expect popular content to be expensive because resellers would buy the expensive content and sell it for much less. Only rare content that only the original PDS cares to store would likely be expensive.
My expectation is that API costs for most major PDSs and BGSs would be about the AWS egress costs and small PDSs will be free but when overloaded will redirect to a BGS that indexed them.
Does that make sense?
- 09:37@miker2049:groupchattt.page left the room
- Gary Robinson09:41Message deleted
- Gary Robinson09:43
In reply to this message
It makes sense in principle, and is helpful, but it doesn't fully resolve my question. The reason I am still unsure is that I expect that the vast majority of atproto users won't have their own personal data servers, and will instead be relying on a PDS supplied by the Bluesky corporation. And while that PDS will be federated with independent PDSs, to get the equivalent to the developer experience of accessing the Enterprise-level Twitter API, one will have to get the data from that particular PDS.
You say: “On the flip side a PDS has no obligation to talk to you. They could put a charge for serving the content.”So, it seems like the Bluesky corporation could choose to charge $42K per month for access to user “tweets” beyond a certain number per month. Am I wrong?
(edited) - @holmosapien:holmosapien.com09:53Bluesky corporation could charge that much, but that would effectively neuter federation and cause the data to get concentrated in the few large silos that can afford to pay those types of rates. If the goal is to support widespread federation, on the other hand, then the pricing would naturally balance to what the market can bear.
- valka09:55The "enterprise level" data would be coming from a BGS, not the PDS, because the bgs serves as a collection layer for all federated PDSes
- Gary Robinson09:57
In reply to this message
Yes... which is exactly what I'm afraid of. Google once had the motto "Don't be evil." But over time, they realized that growing their business meant doing things that would have been called "evil" in the early days of the internet (speaking specifically of the tracking mechanisms they depend on). And they removed that motto.
So my inclination is to assume that Bluesky corporation would naturally tend to follow that same long-term path. It's not what I WANT to believe, but the history of big, financially successful corporations points in that direction. This would imply that while, today, it's of benefit to Bluesky to tout the federated nature of the atproto, in the long run, IF it is successful and gets many millions of users, it won't depend on the goodwill it achieves by touting that any more. It could start charging extravagantly for the data and its users wouldn't be going anywhere, and in fact its user base could still grow at about the same rate.
And once that CAN happen, Bluesky shareholders could demand that it DOES...
Sorry if all this seems cynical, but I've been involved in, and have watched, the tech business since the early 80's, and this is what I see...
(edited) - valka09:58That's the exact idea/philosophy behind the protocol design of bluesky: protect the community from the whims of the company
- 09:58As in, anyone could run a BGS, and in that way there would be open market competition
- 10:01Anyone could fork the code, and in that sense could "hard fork" the community away from the main instance if it were to become evil
- Gary Robinson10:03
In reply to this message
But couldn't such a BGS be forced to pay for access to Bluesky's huge data server?(edited) - valka10:04No, you can already start indexing everything from the beginning of bluesky history if you so choose, and the BGS code will be open source
- Gary Robinson10:05
In reply to this message
I can now, but what's to stop Bluesky from eventually charging $42K/mo for that data? (That is, the data on the massive Bluesky server where the vast majority of users will be?)(edited) - valka10:06if the API wasn't open then federation wouldn't work
- 10:07so it would become unfederated
- 10:09of course I imagine some large PDSes could potentially band together and whitelist each other (and their own BGS) for access and deny all other connection, but that's about at the limit of my knowledge of the protocol(edited)
- Gary Robinson10:10
That's true, but what I'm imagining is one of the following scenarios.
-
It would become unfederated, but Bluesky's shareholders could demand that at some point because they would make more money if Bluesky started charging for the data on its huge server. That would be the equivalent of Google's depending on tracking people and therefore dropping its "don't be evil" motto.
-
There could be a middle ground where BGSs could get a certain amount of data for free, but pay the same amount as on twitter for the whole firehouse. So, they would still be federated, but there would be different BGSs perhaps serving different interests, each having a limited amount of the data.
-
- 10:12
In reply to this message
What I'm imagining is that only ONE PDS would be needed for the Bluesky corporation to make a ton of money. That's its own PDS, which would have the vast majority of Bluesky users on it. - valka10:13I think they'd have to become evil pretty fast for that to happen, based on the progression of the federation code, and they'd be shooting themselves in the foot
- 10:14the company is not a normal for profit so in that sense cannot be immediately sullied by investors' wishes in that sense
- Gary Robinson10:14
In reply to this message
But what I don't understand is how, financially, they'd be shooting themselves in the foot. The Bluesky shareholders wouldn't care about the status of the code. They'd care about the money they could make. - valka10:15Of course there must be trust in the team at this point because it's not a fully entrenched/federated/community driven ecosystem *yet*
- 10:16I do agree there will almost definitely be limited data BGSes for different use cases or applications/lexicons, but I don't think that's a bad thing. The BGS funding model is still a bit TBD
- 10:17What shareholders?
- 10:18There are investors for sure (see recent announcement), but the team is composed of people who really care about the philosophy of the decentralised web now, and as soon as all of that code is out in the open it would be a race to the bottom
- Gary Robinson10:18BTW, for amusement's sake, I'll mention that I have a special interest in this tracking stuff and its relationship to "don't be evil". Google owns my patent that is the first description anyone seems to know of, teaching how to make a tracking cookie, and which coins that phrase. But my patent has a ton of stuff in it about giving the user control over their data, which was not used. For more on that see https://www.garyrobinson.net/2021/07/did-i-invent-browser-cookies-for-advertising.html(edited)
- valka10:20I can't really speculate on that since I'm not a business person, but as far as I know there's very little history of open source decentralised protocols going public
- 10:22since it's not a monolithic platform per se, it's a protocol built to do a certain thing, with all sorts of different clients and data providers and models
- Gary Robinson10:22
In reply to this message
The protocol wouldn't go public. That's open source, as you say. The danger I see is that Bluesky will own a massive server containing the vast majority of user data. Anyone will be able to make their own PDS, but the other PDSs won't have those millions of users on them. It's the user data, not the protocol, that will have value to Bluesky shareholders who will be financially motivated to demand that Bluesky charges as much for it as Twitter does.(edited) - valka10:25you can see this in other decentralised spaces which rely on RPC or indexing services: all the data is public, but if you need to access it in an super enterprisey/efficient/reliable way then you can pay third parties who are ingesting and delivering that data if you need, but if you're not a business or have development skills you can get the exact same data via self hosting or figuring it out on your own
- 10:26
In reply to this message
It's kind of useless when someone could index all of it and provide it for free and there's no barrier to those users jumping ship to another PDS since account transference is built in - 10:30The outcome of BGSes charging PDSes to ingest their data in order to deliver it to users would be perhaps interesting, as then a "main" BGS could hold the federation hostage, but I also see people being able to come together and pitch in to run their own BGSes in that circumstance, and some sort of fallback or hierarchical data retrieval being built-in not to rely on a single BGS which controls all data flow, but again that's at the limit of my knowledge
- Gary Robinson10:32
In reply to this message
Yes, that's how decentralized spaces work. What I'm suggesting is that Bluesky shareholders could demand that it stop being decentralized (or fully decentralized). If the vast majority of users are using Bluesky's servers instead of independent PDSs, Bluesky could choose to lock it up in order to make more money, and then it wouldn't be decentralized (or fully so) anymore but Bluesky shareholders would be richer.
" there's no barrier to those users jumping ship to another PDS since account transference is built in"
Yes, but the normal user would have zero reason to do that in a world where the vast majority of user repos are on Bluesky's data server.
What I'm asking is, is there anything to stop Bluesky from violating what, TODAY, are its core principles, but won't necessarily be its core principles when it goes public?
OK, you wrote more while I was writing the above. I think the outcome of our discussion is just that if Bluesky "holds the federation hostage" as you put it, people will band together to fight it. I don't trust, at all, that that they would be powerful enough to have much effect. But maybe there's nothing more to talk about unless someone chimes in who knows more than either of us.
(edited) - Aaron Goldman10:52If the Bluesky PBC PDS has most of the users on it that probably means we failed.
- 10:54The only way to keep federation healthy is if the network needs no one PDS as much as that PDS needs the network
- 10:55No protocol can help you then their insensitive would be to kill the community and just be the network themselves. See XMPP/Jabber chat
- mayankbatra11:12
In reply to this message
As someone who worked with xmpp / jabber I concur. Just curious how did mastodon overcome this or will it fall in the same trap? Also is there a service that can help push 1 click server setups for these? That essentially should help right? - Gary Robinson11:28OK, but what's to stop that kind of failure? How is Bluesky going to prevent that from happening? A problem Mastodon has faced is that new users don't know which server to join. So, now, when you get the iPhone app, it gives you two choices on the main screen: "Mastodon.social" or "another server". If you click through to one of those other servers, there's no compelling reason to use one of those instead ofmastodon.social. I strongly suspect that most users of the iPhone app are joiningmastodon.social, but I am having trouble finding recent comparative stats. So, I have to suspect that Bluesky will do the same thing: Have a big Bluesky server that people join who don't know or care about the world of other servers. And that would lead to most of the users being on it. Moreover what I've been asking is that even if that dynamic weren't the case, why wouldn't investors force it to happen so that they can leverage the power of a dominant server to make more money? However, I may have found one answer while writing the current post. Several daus ago, Bluesky published a post that begins: "Bluesky is a public benefit corporation with the mission to “to develop and drive large-scale adoption of technologies for open and decentralized public conversation.” Given their status as a public benefit corporation, it seems like they could be able to resist shareholder pressure to "not be evil" in a way Google couldn't. I need to process this! https://blueskyweb.xyz/blog/7-05-2023-business-plan#
- Aaron Goldman11:35
In reply to this message
I guess this was a very good question based on the conversation you triggered 😁 - 11:38
In reply to this message
With XMPP your identity was still tied to a domain name. It was the service providers that had the leverage to enter or leave XMPP.
With AtProto look at migrate to a new PDS at any time. If you were on a PDS even
bluesky.socialand they decided they don't like federating. Just migrate your repo to a PDS that does.Getting up Google chat, AIM, or MSN messenger because they stop supporting XMPP would mean rebuilding your social network.
A mass exodus frombluesky.socialIf they decided to stop supporting AtProto with just mean migrating your repository to new PDS - 11:39Users need to hold the rotation keys to their did:plc in order to have leverage over their PDS to behave well.
- 11:40It's a problem that right now we allow you to create an account without a recovery phrase
- 11:40Even though most people would probably lose that recovery phrase I need to generate a new one when they start taking the repo seriously.
- 11:41The default should be that both the PDS and the user have a rotation key. Once the user is serious about their account then they can change things so that only they have a rotation key and not the PDS.
- 11:42Authenticated data is just very different economics than authenticated connections. Authenticated connections You push power from the users to the servers. With authenticated data you push power from the servers to the users
- 11:43It separates the ability to be the controller of your repository from the ability to maintain a high availability web service
- 11:44The choice of whether or not to use XMPP went to the people who could run a high availability web service
- Gary Robinson11:53It seems that one thing that would help Bluesky achieve its decentralization aims would be transparency about how many users have their repos on each server. I assume that as long as a server is fully available to BGSs, that will be trivial to determine. And it would be stupid for a server not not be available to BGSs unless it was so dominant that it could ignore the rest of the world and people wouldn't leave it. I can imagine a site dedicated to monitoring the decentralization of Bluesky and reporting on factors that may threaten it. Bluesky is definitely a public benefit if it can maintain that. Please let me know if I'm right: that's it's trivially easy to know the count of users on any non-isolated atproto server.
- Gary Robinson
- valka12:40It might be interesting if the "main" client could, in a sense, load balance sign ups, to avoid the centralised federation issue (matrix has this problem as well). Some sort of round robin based on a calculation of reliability of the PDSes which are open to public signups and connected to the federation (could also have a human element, not just some measure of uptime/latency)
- 12:43The default server problem is due entirely to new user UX, which is understandably extremely important, and there's only a few ways around it unless I'm not thinking outside of the box enough
- valka12:50really this comes down to clever "workarounds" to retain a good new user flow and at the same time tie into a bit of game theory/incentive system which would reward people for running reliable PDSes available for public sign up, which is also a problem in the matrix and mastodon systems. i know a lot of people are understandably cautious around talking about things like this but if we rely on the goodness of people's hearts it may only go so far (the matrix server my account is on turned off public signups a long time ago now).
- retr0id14:03
In reply to this message
this is already both doable, and done. the website you want is https://atscan.net/ - 14:07The main feature that'll prevent PDS centralisation, is that it'll be trivial to migrate between instances, with no negative side-effects
- 14:07Personally I'm not too worried about PDS centralisation, but I am worried about centralisation of BGS and AppViews (given the resources it'll take to run them, in the future)(edited)
- Gary Robinson16:10
this is already both doable, and done. the website you want is https://atscan.net/
That's great, thanks!
- Skyler Hawthorne16:11
I'm curious about this command that the pds sandbox guide has to generate your repo signing key:
openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32
I don't know if my search fu is just failing me, but I can't find anything about the DER format. What are those first 8 bytes it's skipping, and why is it only reading the next 32? I'm assuming those 32 bytes are the private key, and it's discarding the public key?
But I also noticed that the public key ends up in the DID document in the PLC after you create an account. If the above is true, then how is the pds getting the public key? Is it deriving it from the private key?
I tried to independently verify the public key by parsing it with
openssl
, but it can't parse it.1234
❯ : aws ssm get-parameter --with-decryption --name /bsky/repo_signing_key | from json | get Parameter.Value | xxd -r -p | openssl ec --inform DER read EC key Could not read private key from <stdin> unable to load Key
- 18:27@frabrunelle:matrix.org joined the room
- 19:41Phuck Eiu joined the room
- retr0id21:56
In reply to this message
how is the pds getting the public key? Is it deriving it from the private key?
yes
- 22:00DER is a binary serialization of asn.1, and the tail/head dance is an incredibly janky way of pulling out the raw value of the privkey, minus the asn1 container and metadata (edit: and also minus the pubkey)(edited)
- 22:01
as an example, you can parse the DER like so:
12345678
$ openssl ecparam --name secp256k1 --genkey --noout --outform DER | openssl asn1parse --inform DER 0:d=0 hl=2 l= 116 cons: SEQUENCE 2:d=1 hl=2 l= 1 prim: INTEGER :01 5:d=1 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:902EC3ED40076142F87898103369E16FA38E337CB2742E38C60C3B1DB7ACF743 39:d=1 hl=2 l= 7 cons: cont [ 0 ] 41:d=2 hl=2 l= 5 prim: OBJECT :secp256k1 48:d=1 hl=2 l= 68 cons: cont [ 1 ] 50:d=2 hl=2 l= 66 prim: BIT STRING
- Aaron Goldman22:44^hope that is just an example and not your secret key
- 22:44The fact that you generate fresh and don't read the file system is a good sign
- retr0id
Sun, Jul 9, 2023
- 01:50scatterflower joined the room
- scatterflower01:51hello y'all
- 01:56@viktormaruna:matrix.org joined the room
- 02:05@intrnl_:matrix.org joined the room
- 02:26@davidprieto:arada.club joined the room
- @davidprieto:arada.club02:51
So, guys. I've been reading a bit about the infrastructure and I've got a couple questions.
It seems your data is stored on your PDS, which you may manage yourself. But then that data gets sent to a BGS and processed.
What is sent, exactly? If I write a message and attach a picture, does the BGS store the whole message? Or does it simply know that I sent a message, and that's it?
- @davidprieto:arada.club03:06Also, could the BGS censor contents from a PDS by rejecting its data? Or does the model not work like that?
- 03:09Same goes for the PLC. Could it censor contents from a PDS, e.g. refusing to give its users DIDs?
- kcchu03:14
In reply to this message
All data in current AT Protocol is public. So, the BGS could mirror the entire data repo or only store the necessary data for its functions. There isn’t a hard requirement on what BGS stores or does not store. - @davidprieto:arada.club
- 03:19So, what about the censorship thing? From what I got, that looks like a great deal of centralization. How much power does the admin of the BGS and PLC have?
- kcchu03:19
In reply to this message
BGS are free to do whatever moderation it sees fit. It is expected that there will be competing BGS services and operating a new BGS shouldn’t be cost prohibitive, so users could choose a BGS that has a policy matching their needs. - @davidprieto:arada.club03:23
In reply to this message
OK... but would that lead to fragmentation? I.e. would I, as a user, have to choose between a BGS that doesn't censor certain contents, and a bigger BGS that serves more content? - kcchu03:30
In reply to this message
In practices, most users will stick with the defaults. So, users choose the app, and the app provides the defaults. I imagine that there will be apps that are mainstream and has stricter moderation, and apps that are like “anything-goes”.
I am not affiliated with Bluesky team, so I am speaking to my understanding of the protocol
- @davidprieto:arada.club
- 03:34
I don't know, it seems to me that the people managing the PLC and the BGS hold all the power as to what people are or aren't allowed to see.
I don't see how that's different from a classical centralized model like Twitter's, except for hosting costs.
I hope I'm gravely misreading the situation, though
- kcchu04:16
PLC is currently centralized and it is intended to be replaced with a different design that is decentralized. So, yes, there are risks that censorship happen at this layer before it is replaced.
For BGS, why would you consider it centralized when anyone can run a BGS without needing permission?
- @davidprieto:arada.club04:24
In reply to this message
I'm imagining a situation where there's a big BGS and, even though anyone can set up competing BGSs, no one wants to use them because they have no critical mass and all the content is on the big one - 04:25But I'm not sure that's how it would work. And honestly, I hope it isn't
- 04:28Could you point me to some sort of documentation where it says that PLCs are centralized now, but intended to be decentralized at some point?
- kcchu04:31I think we need to define what decentralization mean to a social network. I think the most important criteria of a decentralized system is the separation of powers facilitating user choice. If eventually most users choose one particular service provider because it provides a very good service at very low cost, it shouldn’t be a problem as long as it couldn’t prevent users from switching to a competing provider (e.g. it is easy to switch and user won’t lose content or follower)(edited)
- 04:36
In reply to this message
It is in the protocol doc https://atproto.com/guides/identity#did-methods - @davidprieto:arada.club04:59
In reply to this message
I agree... mostly. But if most users choose one particular service provider because all the content is there, and can't switch to another provider without losing access to all that content, that would be a problem - 05:01
In reply to this message
Thanks, I hadn't read that yet. I'll make sure to read it before making further, possibly unfounded criticisms 😅 - kcchu05:07
In reply to this message
The content is in PDS and public, so anyone running a BGS could get all the data as it want. There shouldn’t be a case where one BGS getting all content.(edited) - @davidprieto:arada.club05:09Hm, I see. Then the situation seems to be better than I thought
- kcchu05:15Their relationship is like web server and crawler. Most web servers doesn’t block web crawlers. But the web server owners are technically able to block specific crawler (by IP, User Agent, etc)
- @davidprieto:arada.club05:17I see
- 05:18I gotta process all this, thanks a lot for walking me through it
- 05:19Oh, just one more thing. Does the documentation explain what type of data the BGS needs to collect from the PDS, in order to function?
- kcchu05:20There isn’t a specific requirement on BGS yet
- @davidprieto:arada.club05:27That makes sense, since federation is only being tested
- 07:22Orpheus changed their display name to O
- Skyler Hawthorne07:48
In reply to this message
Huzzah, I finally got it!
123456
❯ : open did.json | get verificationMethod.0.publicKeyMultibase | mul tibase decode | into binary | bytes add 0x[a0 07 06 05 2b 81 04 00 0a a1 44 03 42 00] | bytes add (cat repo_signing.private.key | xxd -r - p | into binary) | bytes add 0x[30 74 02 01 01 04 20] | openssl pkey --inform der --pubout --pubcheck --noout Key is valid
Thanks to your example, I was able to find the bytes that always repeat in a new key, which are the container metadata
- 09:01pere (away until Sunday) changed their display name to pere
- Skyler Hawthorne10:09How is it going to work when the main Bluesky instance turns on federation? Are all the posts you make on your PDS that was just hooked up to the sandbox up until that point going to be suddenly live on the production network? Or will it only be posts from that point forward?
- scatterflower10:33
In reply to this message
the bigger concern imo is that the computational resources required to run a BGS with any appreciable view of the network will become so high that only a massive corporation has the resources to run one that indexes network-wide - kcchu10:57
In reply to this message
Certainly it wouldn’t be like someone running in a home server. But even at Twitter’s current scale of 500M tweets per day, it is a scale that is attainable by an average funded start up company. The question is how would these BGS monetize. Would there be enough monetization to subsidy enough independent BGS, or only one BGS that achieve economic of scale(edited)