Bluesky Dev
Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)
Previous group of messages
  1. Aaron Goldman
    this is how records you don't follow end up in your timeline
  2. Aaron Goldman

    In reply to this message

    The true answer, we don't know yet.
    My answer is that the users will pay for the PDSs, by credit card or viewing ads, and the PDS operators will pay the BGSs so that they have plenty of content to give a good experience. If people are responding and you don't see it that is not a good experience.
  3. dandyandy3
    This is all pretty interesting, thanks for helping out a noob, I've gone from 0% understanding to, well, something > 0
  4. Is the plan for Bluesky to launch with its own PDS, BGS and no federation?
  5. Aaron Goldman
    Someday I need to put down my compiler and go do the prof thing.
  6. In reply to this message

    They did launch with a PDS.
    https://bsky.social/xrpc/com.atproto.sync.getHead?did=did:plc:toxy3kpelhv5gwubytayrsbw
    When people say "Bluesky invite" what they mean is invite to
    bsky.social
    the PDS operated by Bluesky PBLLC.
    Federation? soon
    BGS? ... less soon but coming
  7. dandyandy3
    I don't think I understand how you can have federation (Bluesky knows about and reads from other PDS's?) without having a BGS implemented to aggregate all that PDS data together
  8. The federation docs are pretty light https://atproto.com/guides/overview#federation and do mention BGS but don't make the picture super clear
  9. Which probably means I don't understand the definition of federation as AT coins it
  10. @nuhvi:matrix.org
    Well, it is hard to win that debate, and it will never change from server side now. But if there wasn't an MST, and users just submitted signed blobs, maybe winning that debate would have been a bit easier. Is that why you are working on Ceramic now?
  11. Aaron Goldman

    If you have a user that trys to follow a handle.

    1. user puts in a handle e.g. aarondgoldman.bsky.social
    2. PDS looks up the handle to get the did. https://aarondgoldman.bsky.social/.well-known/atproto-did did:plc:toxy3kpelhv5gwubytayrsbw
    3. read the plc directory to find the PDS for that DID. https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw
    4. get the repo https://bsky.social/xrpc/com.atproto.sync.getRepo?did=did:plc:toxy3kpelhv5gwubytayrsbw
    5. check for update periodically https://bsky.social/xrpc/com.atproto.sync.getHead?did=did:plc:toxy3kpelhv5gwubytayrsbw
      Note: don't put the handle in the folow list only the DID otherwise you will break handle update. Users should be able to update their handle without losing thier followers.
      https://github.com/bluesky-social/atproto/blob/85e3cdaf7b06e40627b198ca1288c1a1028c65ae/lexicons/com/atproto/sync/getRepo.json#L17
    (edited)
  12. The DID Document could point to any PDS if the PDS is on the allowlist then you pull the repo. That is federation. The tricky part is getting
    bsky.social
    to allowlist your PDS.
  13. For now a PDS can pull all the repos it can find there just are not that many soon that will get very expensive in both bandwidth and storage and we will need the BGSs
  14. If we don't get indexes that live in a single data center and indexes on each continent then the performance will not be competitive with organization that centralized solutions
  15. search fans out a lot. that's where the speed comes from
  16. for now we cheat by being small
  17. retr0id

    In reply to this message

    With cooperation of the PDS, it's theoretically possible for a client to sign their own posts, with the (slightly weak) assumption that you trust the signature of the previous commit to your repo.

    It could be done like so:

    You submit a new post to the PDS, the PDS updates the MST, and returns back to you:

    1. The record you just submitted
    2. the chain of MST blocks leading back to the root of the new commit
    3. For every block referenced by the blocks in 2), chain of MST blocks leading back to the root of the previous commit

    Your client can then be sure that it has visibility of any new data being added to the MST (and for the referenced blocks it can't see directly, it is sure that they were in the previous commit and therefore trusted), and assuming it all checks out, then it signs the new commit and returns that signature to the PDS.

  18. @planetoryd:matrix.org
    rsa accumulators and zkps when
  19. retr0id

    In reply to this message

    in other words, the PDS is saying "here's all the new blocks we need to add your repo, and here's proof that all the CIDs referenced in those new blocks were already in the previous commit of the repo. please sign here"
  20. @nuhvi:matrix.org

    Honestly at this point the value of authenticated data structures is very vague and hand wavy.

    Either:

    • The PDS is cooperative and then it will send ranges without censoring any values.
    • The PDS is censoring some values, and there is nothing you can do about it, other than just detect it.

    Seems like signing individual blobs is more versatile, especially if only servers are going to verify signatures.

    The only issue left is caching, and I believe detecting that nothing changed so far is not that expensive, using Xor fingerprints like here https://github.com/hoytech/negentropy

  21. Yeah I thought about that approach, and it should work. Just more round trips, and then you need to obtain a lock too, because you can't do this concurrently with two clients.
  22. So it is the worst of all worlds, not only is it Not offline-first, it blocks concurrent writing too, might as well just let the server sign.
  23. retr0id
    why is concurrent writing important?
  24. I can't imagine a situation where I'm simultaneously posting from two different clients
  25. The general model of atproto seems to be that you trust your PDS to be well-behaved. If your PDS isn't cooperating then you move to a new PDS
  26. @nuhvi:matrix.org
    Because you are thinking of Bluesky. But if you are doing PDSs to be like S3 but open and key-based, then bots are a thing, games are a thing, uploading/streaming video from one device and backing up your code on another device is also a thing.
  27. I admit it might be niche case, but it exists.
  28. retr0id
    hmmm true
  29. I think those usecases are essentially out of scope for atproto, but if they could be supported without compromising anything else then it would be nice
  30. @nuhvi:matrix.org
    This is a recurring problem with this space, there is never a defined scope :D
  31. For example Nostr started as "notes over relays that are simple enough they have a chance to succeed", now people want to replace the web with Nostr
  32. goykasi
    In fact, atproto most likely wouldnt be a good use for apps that require such low latency and high concurrency. Not everything needs to be shoehorned into distributed protocols
  33. @nuhvi:matrix.org
    And you can bet that PDSs that are advertised as "data servers" and "git-like" will be used for anything it can be used for and more.
  34. @nic:matrix.nicfab.it left the room
  35. Aaron Goldman
    I would say that the scope is `"at://*" -> [u8]` It's a protocol for giving mutable names to records that only the controller can mutate but anyone can cache/validate. With a defined consensus group (PDS) for when you want consistent updates and a definition of latest.
  36. You can sign something locally and it's now a candidate head. If the PDS accepts it it is now the head. If the PDS then accepts something new it is a past head. That's the life cycle. Candidate head -> head -> previous head. No guarantee that any commit will ever advance.
  37. @nuhvi:matrix.org
    Url => blob, is the scope of almost everyone in the space, some people do it in a round about way like Nostr, but still. That being said, Url => blob doesn't require authenticated data structures, signed blobs work, and they make it easier for users to sign blobs instead of managing trees or asking the PDSs to prepare a root for them. Versioning blobs is easy too without MSTs, the only things that one loses (at least without extra layer of abstraction) is collection range authentication and versioning, but not sure who asked for that in the first place. I love the git for data stuff, but I want to make sure I am not adding complexity for personal bias. Finally signed blobs are versatile and allow apps to reason better about their "invariance", I think!
  38. retr0id
    individually signed blobs are more expensive to verify in bulk
  39. (in relative terms, at least)
  40. jack joined the room
  41. Aaron Goldman
    Nostr is doing well with signed blobs. If the unit of atomic update you are interested in is always a single record this + set reconciliation should work fine. I think git gained a lot from having repos and not just versioning for single files. I just prefer a world where the system is constantly committing to the past. My post points at your post and the hash is a commitment not only to your post but your whole repo. then later someone comments on a difrent one of my posts. This is them commiting to my whole repo and your hole repo. The hash references propagate to to the point where most references pin down the whole web of content addressed repos. A signed blob is a commitment to that blob. A web of repos is a light cone of commitment.
  42. @nuhvi:matrix.org
  43. @nuhvi:matrix.org

    constantly committing to the past

    I understand this sentiment, but:
    1- This is definitely a blockchain mindset (adversarial thinking, authenticity, and audibility), where it really isn't needed.
    2- You can build append-only logs or DAGs with signed blobs if you want, just don't make it a requirement without a clear reason that justifies the cost.

    A web of repos is a light cone of commitment.

    Who asked for that though? What is the purpose of this? because we all know the massive cost.

    Finally, the web is loose liquid, and chaotic, trying to force structure on it will fail, just like trying to force semantics on it failed, entropy wins, because the alternative is too expensive.

    I don't actually mind that PDSs are doing repos under the hood, as long as you stick to the server doing the signing, and only one canonical server at a time, because the cost, in this case, is low, and versioning/verifying becomes cheap.

    Except it:
    1- Makes PDSs more complex and harder to independently implement by others (centralization like in Matrix).
    2- Makes running a PDS more involved, as you need to worry about rebasing as we see happening right now on Bluesky.

  44. @planetoryd:matrix.org
    Message deleted
  45. @oliveolive111:matrix.org changed their profile picture
  46. Olive changed their display name to Oliver
  47. Midou (Away, coming back at 10/6) changed their display name to Midou
  48. AlbertoV
    Hi I have installed a Go web server as described in build instruction running AT Protocol https://github.com/AlbertoVari/social-app/blob/main/docs/build.md what HANDLE I have to use because I dont't have yer a Bluesky user ? ./bskyweb serve --pds-host=https://staging.bsky.dev --handle=<HANDLE> --password=<PASSWORD> TThank you !
  49. Karl Abbott changed their display name to Karl Abbott (Away Until 19-June-2023)
  50. Aaron Goldman
    I think git changed the nature of open source software. In a way that ftp directories didn't. Yeah merge can be hard but push, pull, and local work matter a lot. Even if a hub can refuse to accept your change unless it is a fast forward. However git is not a URL. I think having content centric addressed repos that designate a consensus group for the latest head extended git with the kind of references that we need to turn to GitHub for today. I think this halfway point between git and http will allow users to publish without handing control to websites like Facebook or GitHub. It's the mutation model of git with the URLs that make it part of the web. I want documents to be able to reference a URL and repo controllers to not need to rely on someone like GitHub to maintain that URL. I just don't think git would have been as successful with individual blobs as the unit of versioning instead of the repo.
  51. Aaron Goldman

    In reply to this message

    Just read this at your recommendation.
    I think this is pointing out the kinds of things that are solved by splitting large objects into many small objects and using a MST instead of a prefix tree. Pull just the collections you need. Update just the records you need. Rebuild the tree without needing anything other than the path to the root. You don't need the whole tree to update and sign. Just the logarithmic path.
  52. andrew (@young.af) changed their display name and profile picture
  53. notdaniel joined the room
  54. @nuhvi:matrix.org
    Yes, Git doesn't have that luxury because it is not a search tree and adding or deleting one file will change everything to the right of it. But you still in MST tangling lots of stuff together, that is probably useful in many cases, and it works great for At Protocol choices, especially signing on server side.
  55. Aaron Folmer set a profile picture
  56. @erichf:matrix.org joined the room
  57. andrew changed their profile picture
  58. yigitcan
    I have a did:web setup for my personal domain. Want to use Blue Sky as my PDS without any self-hosting. Is this possible at all, or do I have to spin up my own PDS if I don't want to use did:plc?
    (edited)
  59. Aaron Goldman
    Sorry If I misunderstood your question. If what you want is to use your domain as a handle you need control of either `_
    atproto.name.example.com
    ` TXT `did=your_did` or `https://name.example.com/. well-known/atproto-did` resolve to `your_did` A separate question is wether that DID is a did:web or a did:plc. That is about whether you want to trust the PLC directory or the CA system for your DID.
  60. Sabir Ibrahim
    Hi everyone... I have an invite code. First person who replies to this message gets it (I'll DM it to you). All I ask is 3 things: 1) you're actively involved in AT Protocol- or Bluesky-related development, 2) you use it for yourself, not someone else, and 3) you don't already have an account.
  61. goykasi

    In reply to this message

    Ill take it! I fulfill all three of the reqs
    (edited)
  62. Sabir Ibrahim

    In reply to this message

    DM sent.
  63. Aaron Goldman

    In reply to this message

    Is it just that you don't want to run a PDS or is it that you want a domain name as the root of trust instead of a key
  64. confidant1118 changed their display name to confidant1118 (per/per)
  65. @tillkruss:matrix.org left the room
  66. @confidant1118:matrix.org left the room
  67. n-three
    First version can be tested at https://yellowskyweb.xyz
  68. yigitcan

    In reply to this message

    Hey Aaron, thanks for the reply. Mostly that I want to disconnect my account handle + did completely from a specific server. I want to manage my own keys. I have already setup .well-known/atproto-did for my domain, but I can not login to BlueSky with it. Changing the handle also fails because it expects the did to be set to did:plc. I don't want to host my own PDS as well, unless I really have to(I can if the answer is "you have to").

    My assumption was that the UI would not work with a did:web, since BlueSky has no chance to access my keys but I could at least send some posts via CLI/HTTP requests by signing on the client-side myself.

    Checking the PDS code a little bit, it seems like PDS is doing the signing in the backend (BlueSky). So unless I add their signing key to my did:web, they won't be able to add posts to the PDS?

  69. uxuyuz joined the room
  70. uxuyuz
    Hey all, good to be here!
  71. uxuyuz
    I had a question around the experience for users of applications built with AT Protocol. To my understanding, above the surface, the only real UX distinction is how the application handles user profiles (as shown in blueSky).
  72. xb5krnf297
    Message deleted
  73. @blueb:matrix.org joined the room
  74. @itspranitsingh:matrix.org joined the room
  75. @itspranitsingh:matrix.org left the room
  76. SGOTI
    Yay, I'm in
  77. @farribeiro:matrix.org
    In the chat or in bluesky platform?
  78. @arcterius:matrix.org left the room
  79. Aaron Goldman

    In reply to this message

    In practice today all mutations to the MST are signed on the PDS. Using the verificationMethod id #atproto key. Updates to did:plc are signed by rotationKeys. If you were using the bsky.social PDS then you can upload your own recovery key as the highest priority rotation key. You could then rotate the PDS' keys and leave only your key. This means there is a path from the PDS controlling your DID to controlling it yourself.

    In design but not anywhere close to implemented yet. The same logic applies to verificationMethod id #atproto You could store all the atproto verificationMethod keys on your clients and sign all the repos there. Only uploading the signed roots to the PDS that have been signed on the client. The PDS would then enforce the prev field points to the head that the PDS has. If it does not the PDS will reject your update and tell you to rebase your client and try again with the prev that does point to the current head. No forking.

    Short term I would say you need to run your own PDS to control your keys but the protocols core data structure MST and did:plc were both designed to empower users to gradually take more and more responsibility over their own keys. You should be able to start with a DID and repo that are controlled by the PDS.

    When you are ready, add your rotation key so you can recover.
    When you are ready, remove the PDS rotation key so the PDS can't steal your DID.
    When you are ready, move signing from the PDS to your user agents so the PDS can't publish as you.

    It is important to have low friction adoption by having high trust in the PDS but that this is redeemable as user come to value their repos more, they can take more responsibility.

    Warning: If you remove your PDS' keys from your rotationKeys then the PDS has no ability to help you recover your account.

  80. The server is enforcing the lack of forks but this is independent of the question of where the MST is updated or signed.
  81. Aaron Goldman

    The did:web vs did:plc there are non-trivial tradeoffs. On the did:web site we are trusting DNS and the CA system to certify that the DID Document returned is authentic. Just like any other https connection. This means that is DNS and a CA move your domain to someone else's control they move your repo to their control. Granted we rely on this system for a lot of very valuable https connections and it does mostly seem to work. On the did:plc side we are relying on the hash from the DID string to auth the initial state of the DID Document and the rotation keys in each version to auth the next delta. If you keep your rotation keys secure no one but you can update your DID Document. If you are careful not to fork your DID Document then this is good. If two rotation key holders each try to update the DID Document we have a data race so one fork must win and become the curent DID Document and the other fork must be pruned. This is where the directory comes in. The directory is the timestamp server and the first to file a delta with the directory wins. The second filer gets rejected as having an invalid prev field. Any PDS that is presented with conflicting document logs must go to the directory to find out who is the curent and who is pruned.

    The did:plc is the more secure architecture as the directory is given far less trust than the DNS, and CA system is given for did:web but the directory has also done far less to earn our trust then the DNS, and CA system that have years of technical and legal work put into earning our trust.

  82. @sterkte:matrix.org joined the room
  83. @farribeiro:matrix.org
    Hello... Does BlueSky have clients to access the platform, like tweetdeck?
  84. moved to @shreyan:beeper.com@shreyanjain:matrix.org
  85. Well none of them are really similar to tweetdeck yet
  86. @farribeiro:matrix.org
    i see i found the atproto community project with the clients... web/phone (iOS and Android)... i using the bluesky client and is good for the goal, I was saying to a friend what I not know tweetdeck
  87. i thinking the tweetdeck is a chrome extension
  88. not a web "client" for twitter and official
    (edited)
  89. Aaron Goldman

    In reply to this message

    https://blue.amazingca.dev/ is not very tweetdeck like
  90. In reply to this message

    Maybe https://skypulse.dvy.io/ is a little closer?
  91. Aaron Goldman
  92. @farribeiro:matrix.org

    In reply to this message

    yes
  93. @sdsi:matrix.org left the room
  94. Mark Poulsen joined the room
  95. yigitcan

    In reply to this message

    Aaron Goldman Firstly, huge thanks for taking your time to give detailed answers. I really appreciate the time and energy you put into these messages.

    I definitely understand how did:plc can be safer than did:web given that I may forgot to renew my domain and someone else can buy the same domain. Or that someone may hack my hosting to change the .well-known files. However, I still think that did:web is a very strong contender in the DID methods space. As you have said, both domain registration and CA certificate issuance is what the internet is running on for the last few decades. Even though they may have their shortcomings, I think it is a very valid way of managing a digital identity, especially for things like sending BSKY posts.

    For these reasons, I want to use did:web, not did:plc. I am not choosing did:web because ATProto supports it alongside with did:plc. I am choosing to use ATProto, because it supports did:web. Hope that makes my standpoint more clear 😃 More context: I have been working with SSI and DIDs for the last few years. So the did:web setup I have is not just for using ATProto.

    (edited)
  96. The reason I am writing is, I want to understand how the current ATProto spec and the current implementation of BSKY can be used to work with the did:web I have setup.

    You mentioned that I can sign "repos" on the client side and then upload "roots" to the PDS. Does this mean I can do that right now with BSKY. So I can use my did:web with BSKY? Or does the current implementation of the spec / BSKY not support it?

  97. @xinguankeli:matrix.org left the room
  98. kou029w joined the room
  99. Aaron Goldman

    The curent implementation only does server-side signing. 😭

    I think the PDS if username.example.com/.well-known/atproto-did resolves to your did web DID String,
    your DID Document has alsoKnownAs your handle, verificationMethod atproto, and service atproto_pds
    then you should be able to use your did:web.

    123456789101112131415161718"alsoKnownAs": [
        "at://username.example.com"
      ],
      "verificationMethod": [
        {
          "id": "#atproto",
          "type": "EcdsaSecp256k1VerificationKey2019",
          "controller": "$Your_did_web",
          "publicKeyMultibase": "$Your_Key"
        }
      ],
      "service": [
        {
          "id": "#atproto_pds",
          "type": "AtprotoPersonalDataServer",
          "serviceEndpoint": "https://bsky.social"
        }
      ]
    

    e.g.
    https://aarondgoldman.bsky.social/.well-known/atproto-did
    https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/

  100. I now need to go look at the code but I thought it currently will resolve only did:plc and did:web
  101. goykasi
    Can the well-known/atproto-did endpoint serve a full did document? instead of plc did?
  102. Aaron Goldman
    There is also the DNS record way of pointing username.example.com at your DID but is so you don't need to run a web server which you are clearly already doing as you want to use did web
  103. In reply to this message

    No username.example.com/.well-known/atproto-did is just way for the domain to assert that the name is bound to the repo. The long term identity of the repo is the DID not the handle. Think like twitter. You can change your handle and not lose all your followers. The UserID did not change. Follows are for users not handles. The .well-known/atproto-did is just a way to resolve a handle to a DID.
  104. DID -> DID Document is method specific and not related to handle to DID binding.
  105. yigitcan
    Aaron Goldman thank you very much for all the answers. I will check self-hosting as an option and the code a little bit. This was a very insightful discussion 👍
  106. Aaron Goldman
    I hope my jumping back and forth between the theory behind the protocal and reality of the curent implementation is not too confusing.
  107. Nghia Cao joined the room
  108. @chrishobcroft:matrix.org
    Twitter Spaces is audio-only. Bluesky Spaces can have video, here is the infrastructure: https://docs.livepeer.org/guides/developing/multiparticipant-stream.en-US
  109. The infra is fronted by a US Inc. with foundations as a decentralised video transcoding network. A self-hosted infra option is in the works.
    (edited)
  110. Deavial Drake
    interesting take on how skyspaces works. where did this info come from?
  111. Sabir Ibrahim
    I apologize if this is not the right forum for this kind of inquiry, but does anyone know if there's an entrepreneur-focused meetup or group for developers of decentralized platforms (like developers of AT Protocol apps, ActivityPub apps, etc)? Alternatively, is there one just for developers of AT Protocol apps? If no one here knows of one, might there be some interest in starting one?
  112. @jmkrds:matrix.org joined the room
  113. @jmkrds:matrix.org left the room
  114. Aaron Goldman
  115. @louipc:matrix.org left the room
  116. @shippage:mozilla.org left the room
  117. pizzaknight
    Hey all, we at
    bsky.nyc
    just sent a proposal to set up a StackExchange Q/A page for Bluesky + ATProto: https://area51.stackexchange.com/proposals/127870/at-protocol-and-bluesky?referrer=MzhiN2Q3YmJhOTNkODA2NWQ2Yzg0MjllZWIxODM1OTA0YzQ1ZWM5ZTU0NDkwZDZkYTMwYjRmYWVkYmIyMTQ2ZO1B_I0ysf7EwKJ7b49XB1qz2jXDxRv-Fe0EwDoCzZ210 Kindly check it out and follow it to help get it approved 🙏 I think the way to show support is by asking questions there and sharing the link for others to do the same and interact.
  118. Sabir Ibrahim

    In reply to this message

    These are interesting, but I was thinking more along the lines of an informal, regular meetup group (virtual or in person). Most people can't attend a retreat in the Redwoods.
  119. @chrishobcroft:matrix.org

    In reply to this message

    I'm not quite sure what you mean tbh. This isn't so much a "take on how skyspaces works" more an option for how "skyspaces" could work, based on a sustainably-operated infrastructure. The information came from Livepeer community via me. More about Livepeer here: https://livepeer.org/primer
  120. Deavial Drake

    In reply to this message

    ah thank you for the clarification. i understand what you are saying now
  121. 0xmu joined the room
  122. moeinghezelbash joined the room
  123. Nick S joined the room
  124. Siddhartha Golu set a profile picture
  125. siddharthagolu changed their display name to Siddhartha Golu
  126. jbrr joined the room
  127. ion palamarciuc set a profile picture
  128. @nedrikegne:matrix.org joined the room
  129. @nedrikegne:matrix.org removed their display name (nedrikegne)
  130. @nedrikegne:matrix.org left the room
  131. //ADB changed their profile picture
  132. gmwaniki joined the room
  133. nullpointer2023 joined the room
  134. fr33domlover changed their display name to pere/fr33
  135. pere/fr33 changed their display name to pere (fr33)
  136. @leohoo_sdu:matrix.org joined the room
  137. @leohoo_sdu:matrix.org
    What actions should I take to meet the requirements for the waitlist? I've been waiting for several days and would appreciate guidance on how to qualify.😂
  138. Yumeka

    In reply to this message

    I heard that there are people that registered at last year(october), but still not received one. So... you will just need to "wait"
    (edited)
  139. @leohoo_sdu:matrix.org
    So it's hard to understand the reason for getting the invitation code. Is there any concrete information regarding the transition of Bluesky from a private beta to a public one?
  140. Yumeka
    atproto itself is not finished.(as I aware of) for example, federation is impossible. which means only users from same server can communicate each other.
  141. @leohoo_sdu:matrix.org
    i got it, thank you 👏
  142. @oliveolive111:matrix.org left the room
  143. @lucusjules:matrix.org joined the room
  144. James joined the room
  145. @ddoan:matrix.org joined the room
  146. Joran Honig joined the room
  147. KlonAmy changed their profile picture
  148. KlonAmy changed their profile picture
  149. @levisio:matrix.org left the room
  150. @ajcxz0:matrix.org joined the room
  151. @swappyfx:matrix.org joined the room
  152. @swappyfx:matrix.org changed their profile picture
  153. Karl Abbott (Away Until 19-June-2023) changed their display name to Karl Abbott
  154. @lucusjules:matrix.org left the room
  155. sshayanh joined the room
  156. @sublimeclemency:matrix.org joined the room
  157. @sublimeclemency:matrix.org
    i am really looking forward to bluesky
  158. In May 2023, Bluesky was made open source under the MIT license
  159. really nice!
  160. i wonder if elon still supports bluesky...
  161. damon/
    No need to wonder. He never did support it.
  162. @anekoneko:matrix.org joined the room
  163. Aaron Goldman
    I don't think he likes that it's hard to steer the conversation in federated platforms. Not that the attempts to install a steering wheel on Twitter's conversation have worked particularly well. People seem to just leave when their timelines no longer reflect their interests.
  164. grin
    Anyone calculated how much real money does it cost to actually host a bluesky node (or whatever it is called nowadays)? I haven't checked recently but it required some "crypto" to be bought.
  165. Fred
    I've got a few extra invites. I'll be looking at engaged users in the conversation who contribute and just send to them privately
  166. Aaron Goldman

    In reply to this message

    Not sure I follow. How many users with how much data will drive the cost. Have you tried running the PDS on a single small node?
    https://github.com/bluesky-social/atproto/blob/main/Makefile#L26
  167. grin

    In reply to this message

    Thanks but no, I did not mean the resource costs. I have some vague memories that to host a full featured server (I don't remember the terminology, and I haven't read it again just yet) one needs to give money for some "crypto" which is compulsory for the server (for some kind of Proof-of-stake system I suppose). But correct me if I remember wrong.
  168. Aaron Goldman
    should be just the resource costs
  169. grin
    Okay, then something's changed. I'll check again, thanks.
  170. Aaron Goldman
  171. grin
    Aaron Goldman: I am hosting dozens of free services, like this matrix server I'm using ;-)
    (edited)
  172. Aaron Goldman
    10 USD/GB/Month
  173. grin
    But I'll re-check the architecture, my memory may be flaky (but unfortunately it's usually correct)
  174. Let me see how BGS hosting works...
  175. Aaron Goldman
    If the PDS uses a lot of your servers resources you should come back and complain here. Scale down is also important not just scale up
  176. grin

    In reply to this message

    well if you ever seen a matrix server you'd know it's probably cannot be a bother
  177. Aaron Goldman
    I never ran a matrix server what is your experience of normal resource costs there?
  178. grin

    In reply to this message

    I cannot translate it to cost, but a server with ~1000 people uses about 8-10 continuous threads of a server-grade cpu, about 5-8 GB RAM, and about 100 GB/year storage-wise
  179. Plus about the same for a db
  180. Chris Chabot joined the room
  181. jaz (iftas.org) joined the room
  182. jaz (iftas.org)

    In reply to this message

    https://fedidevs.org/ is AP and AT I bet
  183. Believe*
  184. Anselm Schumacher (@schumi:tchncs.de) joined the room
  185. Matthew

    In reply to this message

    matrix scales based on the membership size of the rooms you're participating in.
  186. so a single user server which proceeds to join every chatroom it can find can end up requiring huge resources (c.f.
    t2bot.io
    )
  187. or conversely a server with loads of users which only hosts DMs can be pretty efficient.
  188. I quite like the asymmetric bluesky approach where BGS does the heavy lifting and PDS is only as popular as you are
  189. on the matrix side, we're trying to address it by making everything go fast (e.g. via lazyloading) while keeping things symmetrical.
  190. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    Matthew: have you tried the bluesky federation sandbox yet?
  191. Matthew
    nope, too busy in matrixland. looks cute though
  192. we are making good progress on account portability in matrix though so you could point a did:plc at a matrix account and so use matrix for DMs for bluesky
  193. (especially in combination with plonking
    rnmatrix.com
    into the bluesky app)
  194. the best solution would be to run matrix as a atproto lexicon tho
  195. but i'm hoping that demonstrating identity interop is a good first step regardless.
  196. @swappyfx:matrix.org left the room
  197. Matthew
    (aaron: i've poked arcalinea about this proposal via a few different routes and haven't got a reply, so please feel free to yell at us to back off if this sounds like a bad idea)
  198. also, the guy leading the matrix account portability work (kegan) is going to be at dwebcamp in case folks from bluesky are there and want to sync/hack/geek in person
  199. (i was hoping to make it but am stuck in the UK for element funding fun.)
  200. Aaron Goldman
    I should probably read the matrix account portability docs but what do you need in a DID Document for that DID to be used as a matrix ID?
  201. Kegan joined the room
  202. Matthew
    nope, that's about 5 years old :)
  203. Kegan is your man for explaining how he's thinking about DID mapping though :)
  204. (afk)
  205. Kegan

    In reply to this message

    In theory just the matrix user ID (expressed as a URI for compliance with the DID document format) and a home server URL as the service
  206. Which effectively gives you a machine readable version of people saying "I'm
    @foo:bar
    on Matrix"
  207. Joanna
    Hi guys,
    I’m on a mission to free the people,
    Can we join forces to make it happen faster ?
  208. Matthew: can I count on you?
    (edited)
  209. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    Brilliant, the next step would probably be how to verify it on the Matrix end
  210. Kegan
    given
    plc.directory
    is a free-for-all, it would make sense for any kind of verification to go direct to it - though this hurts the decentralization goals given
    plc.directory
    is so centralized currently, and making a bunch of decentralised services all use that as a choke point is unfortunate
  211. Aaron Goldman
    alsoKnownAs is a json_array. Should be able to just add a matrix URI in there and have a symmetric at:// uri in your matrix profile. This should give mutual auth.
  212. keep in mind you don't want to look at https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/ you want to use https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/log/audit and replay the delta log yourself so the directory can't lie.
  213. Kegan
    yep, I'm aware
  214. the problem is matrix profiles aren't fully extensible, so there's no place for your at:// URI to live
  215. and really it should be a DID not at:// surely?
  216. for the folks who prefer did:web
  217. Aaron Goldman
    There are already client that are using the directory to build the doc. This was for humans and validating your replay code for direct use. 😞
  218. did:web, did:key, did:plc, did:somthing_from_the_future If it was me I would just say it needs to be a AKA list that are URIs but yeah mostly DIDs
  219. I am hoping that most social networks or anything with profile really will add an alsoKnownAs list of URIs and that if it is mutual then it is a valid AKA.
  220. web2, web3, keys whatever
  221. bluecentipede joined the room
  222. @caiostob:matrix.org left the room
  223. Sora Morimoto joined the room
  224. kcchu
    Hi. I am looking into using the event stream API (https://atproto.com/specs/event-stream) to synchronize profile data in my app (
    bsky.directory
    ). It seems that the official @atproto/api client doesn't support this (yet). Are there any third-party NodeJS client library for using the event stream?
    (edited)
  225. syui
    I get the following error in sandbox. What could be the cause? Error: Profile not found Error: Error: Params must have the property "actor Error: Profile not found
  226. @alexl:kde.org left the room
  227. Adnan joined the room
  228. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    Don't know about nodejs but I know of Python and Ruby libraries
  229. Jake Gold joined the room
  230. Emil Jansson joined the room
  231. Emil Jansson left the room
  232. Emil Jansson joined the room
  233. glenschl joined the room
  234. Karl Abbott changed their display name to Karl Abbott (OOO at Conference - back on 29-June)
  235. @glassofwater369:the-apothecary.club joined the room
  236. vegemike joined the room
  237. Eren changed their profile picture
  238. xell joined the room
  239. Eren changed their profile picture
  240. anirudhisonline joined the room
  241. aurilly joined the room
  242. aurilly set a profile picture
  243. @gu26mer:tum.de joined the room
  244. @gu26mer:tum.de left the room
  245. kickmule joined the room
  246. jhantkw changed their profile picture
  247. goykasi
    Nice job getting the federation sandbox released! But Im having some issues with the users that I have created on two separate PDS servers. I am not able to interact with the sandbox since my PDS always returns "Failed to load profile" (on the web site) and "Actor not found" (on the api side) Im able to do some basic things: signup, signin, swap users, change my handle, set languages but thats about it. Any suggestions for debugging this? https://plc.bsky-sandbox.dev/did:plc:6giklpeoa4de73ilizosaj36 https://plc.bsky-sandbox.dev/did:plc:wfvnbec6pkuk2pps2m4dwraf
  248. Max (@max:maxstuff.net) changed their profile picture
  249. subbu changed their display name to Subramani
  250. Subramani changed their display name to SJ
  251. paul joined the room
  252. bottom ⛓ chained 🇺🇦 🏳️‍🌈 🏳️‍⚧️ joined the room
  253. Антон Минаев joined the room
  254. Robert Long joined the room
  255. maze changed their display name to Kito
  256. Kito changed their profile picture
  257. @sanktmax:matrix.org
    Message deleted
  258. Sabir Ibrahim

    In reply to this message

    DM me, I gotcha
  259. curiouskoa
    Sabir Ibrahim: hi Sabir — if you’ve got a 2nd invite code - I would SOOOO appre
  260. @sanktmax:matrix.org
    Message deleted
  261. @porus99:matrix.org left the room
  262. @sanktmax:matrix.org
    Message deleted
  263. ThatLinuxUser joined the room
  264. @darknesstobright:matrix.org joined the room
  265. @sublimeclemency:matrix.org
    i noticed bluesky becuse of the wikipedia page said it turned open source recently
  266. but bluesky has been in development even before elon took over twitter, so i'm not sure why twitter's intentions were in making bluesky
  267. curiouskoa set a profile picture
  268. Sabir Ibrahim

    In reply to this message

    The concept of federation and social media platforms built on open protocols started to gain mainstream publicity in 2017 when Mastodon experienced a surge in popularity. I think they hit another surge in 2019, which is what got Twitter's attention. The Bluesky project was started by Twitter in 2019 to capitalize on that trend.
  269. @sublimeclemency:matrix.org

    In reply to this message

    okay nice
  270. @anekoneko:matrix.org removed their display name (neko neko)
  271. @anekoneko:matrix.org left the room
  272. ThatLinuxUser
    Ello
  273. How long does the wait list usually take? Just out of curiousity
  274. Brad Brown
    from what i’ve seen so far, you’re much more likely to get an invite from someone than you are to get your email from the waitlist anytime soon, but ymmv
  275. I 2nd this Github request. Would be really cool to see Bluesky app on F-Droid.
  276. ThatLinuxUser
    I agree
  277. Aaron Goldman

    In reply to this message

    I can tell stories but not usually in quite as public a forum.
    Short version Jack was looking for ways to protect his legacy and the public conversation from the whims of the stock market
  278. @sublimeclemency:matrix.org

    In reply to this message

    oh
  279. Thib changed their profile picture
  280. Aaron Goldman
    The idea of the two most important forums for political speech in the US, Twitter and Facebook, being shareholder corporations dedicated to shareholder returns is a little scary 😱
  281. Granted you can easily argue with the premise
  282. Thib changed their profile picture
  283. alphadec
    how do I get a invitecode. ?
    (edited)
  284. Whizanth

    In reply to this message

    I have a couple invite codes. Let me know if you still need one.
  285. Freezlex
    Do you have any left? 🤷 😅
  286. kcchu
    Hi. Just published Node.js library for using AT Protocol's event streams and firehose endpoint. https://www.npmjs.com/package/atproto-event-streams
  287. It also include a CLI for displaying the Bsky firehose
  288. Let me know if you have any comments/feedbacks
  289. Karl Abbott (OOO at Conference - back on 29-June) changed their display name to Karl Abbott
  290. igurin.06530 joined the room
  291. O
    go Bluesky team, go! ❤️
  292. @glassofwater369:the-apothecary.club changed their profile picture
  293. Aditya Aggarwal joined the room
  294. Whizanth

    In reply to this message

    Yes.
  295. I DMed you one.
  296. Freezlex
    👑🫶
  297. glenschl set a profile picture
  298. @obsmatr:matrix.org left the room
  299. bingusdetector joined the room
  300. @itspranitsingh:matrix.org joined the room
  301. milliondreams joined the room
  302. milliondreams
    Hi all, what's the best place to start looking at to run your own at:// server? Can my own at:// server federate with bluesky's at:// servers? 
  303. Sabir Ibrahim changed their profile picture
  304. @itspranitsingh:matrix.org left the room
  305. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    https://github.com/bluesky-social/pds

    You can federate with most other servers, but not the main bluesky one

    Keep in mind it's currently just a sandbox to test federation, and the PLC will be wiped from time to time

  306. milliondreams

    In reply to this message

    Thank you 🙏
  307. @itspranitsingh:matrix.org joined the room
  308. @itspranitsingh:matrix.org left the room
  309. st_nemo joined the room
  310. riunia joined the room
  311. Dust joined the room
  312. Zülfikar D. changed their display name to Dust
  313. Dust
    Twitter is dying
  314. Why aren't you making the app public?
  315. Sabir Ibrahim

    In reply to this message

    Who are you addressing?
  316. Dust
    Well
  317. Bluesky staff I guess
  318. Aaron Goldman
    Scale is hard. The limiting factor is where the current amount of infrastructure would fall over. The plan is for a thousand PDSs to serve the 10 to 100 million users not to scale Bluesky PBLLC's servers to those numbers
  319. Sabir Ibrahim

    In reply to this message

    In reply to
    Dust
    Bluesky staff I guess

    In reply to


    Bluesky staff I guess

    I can't speak for Bluesky, but there are many, many valid reasons why a startup might be better served by sticking to a strategy of gradual and deliberate growth. Technical reasons, business reasons, strategic reasons, financial reasons, legal reasons, etc.

    (edited)
  320. dostoynikov joined the room
  321. 79de joined the room
  322. Fatih Bildirici joined the room
  323. Kioraga joined the room
  324. Fatih Bildirici
    Hi folks, I'm Fatih, I'm a software developer at a defence company and I'm also working on an academic study on ReFi. I also wrote probably one of the first Bluesky introductions in Turkish long before the launch: https://medium.com/@fatihbildirici.dev/madalyonun-jack-dorsey-y%C3%BCz%C3%BC-merkeziyetsiz-sosyal-a%C4%9F-protokol%C3%BC-bluesky-f781b2ad1e3e After writing my thesis, I plan to be more interested in the developer side, and now I need an invitation code to try it as a user? Who can help?
  325. Naomi (@0xhaunt:purplehaze.noho.st) joined the room
  326. Nao changed their display name to Naomi
  327. Naomi (@0xhaunt:purplehaze.noho.st) set a profile picture
  328. Whizanth

    In reply to this message

    I'll give you my last invite.
  329. Skyler Hawthorne

    In reply to this message

    Oh nice, I've been waiting for this kind of install guide to try out self hosting. Thanks!
  330. Paul Nathan joined the room
  331. alexanderniki joined the room
  332. @caffeineee:matrix.org left the room
  333. Jazil Zaim joined the room
  334. Jazil Zaim
    Hey guys, I am a software dev. Super excited to join and discuss what Blue Sky can have for the industry as a whole. I would love to contribute code as well at some point if possible
  335. Jazil Zaim
    curious to know, how would people vote on the protocol features such as upvotes and etc.? do we just discuss here or is a lot of that in beta?
  336. and Ik it is too early, but how far is Blue Sky away from being decentralized cuz Jack did say earlier that Blue Sky is still quite centralized to some extent? Does the AT protocol need to be fully out of beta and developed for that to happen?
  337. Eidolon joined the room
  338. jcon joined the room
  339. lyuya joined the room
  340. kcchu

    In reply to this message

    Bluesky have released the federation sandbox https://atproto.com/blog/federation-developer-sandbox. The remaining centralized part is the PLC DID, which they didn’t talk about their plan yet.
    (edited)
  341. @parfait:filly.chat joined the room
  342. kcchu
    IMO, the biggest obstacle to federation isn’t technical. It is current beta users’ reluctance to live on new federation network because of its impact to trust and safety
    (edited)
  343. cainsystem joined the room
  344. ozwald1 joined the room
  345. Doctor Bluefall joined the room
  346. james h jackson jr
  347. @rkt:matrix.org joined the room
  348. @0xnima:matrix.org joined the room
  349. @0xnima:matrix.org
    hey folks. any invite code please?
  350. cainsystem
    Can I have an invitation code?
  351. Chris Lace

    In reply to this message

    Send one
  352. cainsystem
    Chris Lace: Thank you!
  353. Chris Lace

    In reply to this message

    No I need an invite
  354. sekihan joined the room
  355. sekihan set a profile picture
  356. manaken0522
    Can the personal data server connect to other servers (eg
    bsky.app
    )?
  357. riunia

    In reply to this message

    It can federate to others in the developer sandbox, but not on production network.
  358. @rkt:matrix.org
    Anyone have an invitation code available? I want to develop, but I'm having trouble getting an invitation code from the official site after waiting 3 months.
  359. manaken0522

    In reply to this message

    thanks
  360. pmatteo1998 joined the room
  361. spinderheaddy joined the room
  362. zestylemonade

    quick question about https://atproto.com/guides/identity#did-methods

    A variety of existing methods have been published so we must establish criteria for inclusion in this proposal

    Strong consistency [...] High availability

    how exactly is consistency and availability in a decentralized system at the same time going to be implemented

    (edited)
  363. @rkt:matrix.org
    Anyone have an invitation code available? I want to develop, but I'm having trouble getting an invitation code from the official site after waiting 3 months.
  364. @chrishobcroft:matrix.org
    This is nice. Question: does an approach exist to assist non-technical people with self-hosting a Bluesky PDS?
  365. kcchu

    In reply to this message

    Not right now, but someone can certainly provide a service for non-technical user to spin up a PDS as simple as hosting a WordPress site
  366. @nuhvi:matrix.org left the room
  367. @chrishobcroft:matrix.org
    Message deleted
  368. @chrishobcroft:matrix.org

    In reply to this message

    Right, it's why I'm asking. We have a project to tackle this very thing: DeBoot is a bare-metal bootloader which boots into a content-hash-addressed image, loaded from dStorage. Can use it to spin up a node from e.g. a "community-curated" image. Updating is done by rebooting.
    (edited)
  369. @drimus:matrix.org joined the room
  370. Skyler Hawthorne

    I'm trying to find what all the configuration options are for a PDS. The

    lists a few options, but not all.

    I did manage to find

    in the atproto code base, but these seem to have totally different names for the same options, and not just with a prefix.

    Is this the right place to look? I can't seem to find any code that translates the values from the guide into the values in this config class.

  371. Skyler Hawthorne

    Ahh I found it. The pds guide mentions a different branch.

    https://github.com/bluesky-social/atproto/blob/simplify-pds/packages/pds/src/config/env.ts

    It looks like the config has changed pretty dramatically. I wonder why this stuff hasn't been merged

  372. Aaron Goldman

    In reply to this message

    I'm not sure if this is a quick question but I will give it a shot.

    "Strong consistency" refers to the consistency vs availability trade off. The protocol chose consistency for DID PLC.

    "High availability" refers to the uptime. Typically measured in 9s of availability ratio. uptime/total time.

    For PLC

    we can design a "consistent" system with a good "availability" ratio. Just not 100% availability since you can't update your did:plc offline.

    For did:web it's your domain name. Your DNS. Your web server. It's whatever consistency and availability you set up with your domain certificate.

    did:plc is the do it AtProto way
    option.
    did:web is the have it your way option.

  373. @miedinger:matrix.org joined the room
  374. @miedinger:matrix.org set a profile picture
  375. @miedinger:matrix.org changed their profile picture
  376. @miedinger:matrix.org changed their profile picture
  377. Michael Soloviov joined the room
  378. @whateverxyz:matrix.org joined the room
  379. @whateverxyz:matrix.org left the room
  380. Bainstor joined the room
  381. Nil Kraunis joined the room
  382. feenstra joined the room
  383. rudzul joined the room
  384. tsiyonmatrix joined the room
  385. @BenNevis:matrix.org left the room
  386. Chris Lace
    Are the invite codes still working? 🤔
  387. damon/
    Not at the moment
  388. Chris Lace
    Is SIMPLE X like the inbox 📥 too (BlueSky)?
  389. In reply to this message

    Thank You!
  390. Aaron Goldman
    Just curious is it just me or is the fact that high availability is a property of consistent systems not available systems confusing language?
  391. We talk about how many 9s Google docs has because we need to connect to it. We don't talk about how many 9s Microsoft Notepad has. It's a local application that doesn't need a global consistent state to be highly available. It just is available wherever it's installed.
  392. kcchu

    In reply to this message

    When discussing consistency and availability property of a system, it really usually in the context of distributed system and CAP theorem. That is the system the system functions there exist network partition failure
  393. This definition is indeed different that the availability in HA.
  394. kcchu
    For example, a SQL database cluster provide consistency but not availability under CAP theorem. But such cluster obviously provides high availability
  395. @bbthorson:matrix.org joined the room
  396. Aaron Goldman
  397. kcchu
    And, being a little bit nitpicking, it is weird to include high availability as a criteria for selecting a DID method. High availability describes the operation performance of a system that factor in implementation, maintenance and hardware reliability, etc. You can’t measure the availability in this sense by looking at the specification
  398. tomich joined the room
  399. Aaron Goldman
    That was to distinguish it from a P2P gossip solution. We could have had the signed DID Document deltas just considered a set. When any two PDSs synced they would perform set reconciliation so each had all the deltas of the others. In this model how long does it take for a delta to propagate to all PDSs? Log the number of PDSs but no guarantee on any time frame.
    plc.directory
    can accept a delta and it is available for any PDS to read in tens to hundreds of milliseconds. As long as we maintain high availability.
  400. In the gossip model I could send the update to my PDS but it could wait an arbitrary amount of time before syncing it around.
  401. kcchu
    Isn’t this case about strong consistency vs eventual consistency? If you need strong consistency you already exclude gossip.
  402. kcchu
    But indeed I am not sure strong consistency really a must when DID document updates are infrequent. PDS can sends DID document updates along side data repo updates to ensure casual consistency
    (edited)
  403. Not sure how true the allegations around AT Proto are with this thread. I am assuming that Hive is being used only for content moderation right?
  404. darabs joined the room
  405. @notlikedion:internal-fida.ems.host joined the room
  406. Alex (@alsivx:mozilla.org) joined the room
  407. @sages:envs.net joined the room
  408. Soohan Park (Heartade)

    In reply to this message

    I've been wondering if there's any progress about DMs being made on bsky and alice
    @aliceisjustplaying:matrix.org
    told me about something happening on the Matrix side, are there any updates on this?
  409. Skyler Hawthorne

    Hi everyone, I just managed to set up a PDS on my server, and I seem to have successfully made an account through the Android app, but when I try to load my profile, I get "Failed to load profile", and I see this in the logs:

    12345678910111213141516171819202122232425Jul 03 11:53:31 dead10ck.dev bsky-pds[63781]: {"level":30,"time":1688
    385211667,"pid":63781,"hostname":"dead10ck.dev","name":"pds","req":{"
    id":924,"method":"GET","url":"/xrpc/app.bsky.feed.getAuthorFeed?actor
    =did%3Aplc%3Aiss4k5djxrakxv6bvmkv2ic5&limit=30","query":{"actor":"did
    :plc:iss4k5djxrakxv6bvmkv2ic5","limit":"30"},"params":{},"headers":{"
    host":"bsky.dead10ck.dev","connection":"close","authorization":"Beare
    r did:plc:iss4k5djxrakxv6bvmkv2ic5","accept-encoding":"gzip","user-ag
    ent":"okhttp/4.9.2","if-none-match":"W/\"b-SSk8i5UPzi6JB6Bv3a+V47dp7V
    Q\""}},"res":{"statusCode":304,"headers":{"x-powered-by":"Express","a
    ccess-control-allow-origin":"*","etag":"W/\"b-SSk8i5UPzi6JB6Bv3a+V47d
    p7VQ\""}},"responseTime":40,"msg":"request completed"}
    Jul 03 11:53:34 dead10ck.dev bsky-pds[63781]: {"level":50,"time":1688
    385214043,"pid":63781,"hostname":"dead10ck.dev","name":"xrpc-server",
    "err":{"type":"InvalidRequestError","message":"Error: Params must hav
    e the property \"actor\"","stack":"Error: Error: Params must have the
     property \"actor\"\n    at <anonymous> (/opt/bsky/pds/node_modules/@
    atproto/xrpc-server/src/server.ts:195:17)\n    at newFn2 (/opt/bsky/p
    ds/node_modules/node_modules/express-async-errors/index.js:16:20)\n
      at Layer2.handle2 (/opt/bsky/pds/node_modules/node_modules/express/
    lib/router/layer.js:95:5)\n    at next (/opt/bsky/pds/node_modules/no
    de_modules/express/lib/router/route.js:144:13)\n    at <anonymous> (/
    opt/bsky/pds/node_modules/@atproto/xrpc-server/src/server.ts:377:7)\n
        at process.processTicksAndRejections (node:internal/process/task_
    queues:95:5)","errorMessage":"Error: Params must have the property \"
    actor\""},"msg":"error in xrpc method app.bsky.graph.getLists"}
    
  410. Also, I'm not sure if this error is related at all, but I'm not seeing anything in the pds developer guide about well known delegation. I have my machine's host name set to dead10ck.dev, but the bsky server name is bsky.dead10ck.dev and the nginx listens for requests there. But I don't see any options or docs for if I need well known delegation to make this work
  411. Tim Miller joined the room
  412. Tim Miller
    Hey folks, I'm hacking on an AT Protocol binding for .NET, and I got to dealing with records. I saw that for records (Creating posts, likes, reposts, etc) you have to set the "createdAt" timestamp when sending it. I'm interested in the thought process behind that.
  413. For the hell of it, I created a new post at 0001-01-01 and it worked. The post showed up as the first post on my profile. The timestamp on the site uses the indexedAt date so it showed I just created it.
  414. That feels like something the server recieving the request should set (since it set the indexedAt time at creation, that would be the createdAt time too I would think, and that would populate to other instances as they saw it) but I feel like I'm missing context and there is a reason behind it.
  415. @parfait:filly.chat left the room
  416. Soohan Park (Heartade)
    I believe it takes migration into account. For example there's an app that imports your entire Twitter archive into bluesky, by
    @ian5v:matrix.org
  417. Tim Miller
    But that's a weird choice though, IMO.
  418. Matthew
    on the Matrix side we're still playing with this; just shipped initial support for pseudo-IDs in Dendrite (the golang Matrix server)
  419. Tim Miller
    That means anyone can say any new post was made at any time.
  420. Matthew
    and kegan met up with bnewbold at dwebcamp to discuss in person
  421. so am hopeful that by demonstrating how it could work, and that it could be layered over atproto as a lexicon in future, we can avoid a dystopia where bsky ends up reinventing the DM bits of Matrix
  422. Tim Miller
    I guess it doesn't matter in the end (If I'm hosting my own instance, I can set dates to whatever I want and whenever someone else federates into that instance, that's the only truth you know)
  423. da changed their display name to denis
  424. Adi Cohen joined the room
  425. Soohan Park (Heartade)
    Thanks for sharing!! This looks really promising 🔥
  426. @netman:kotous.cz joined the room
  427. Dust
    Wonder if you are going to add hastags and messaging.
  428. Soohan Park (Heartade)
    Dust: we were just talking about DMs here
  429. Hashtags are on the roadmap, and I mentioned you on another thread about DMs!
  430. Btw Aaron Goldman: may I ask you what's your bsky handle?
  431. AFAIK this seem to be a misunderstanding caused by some ToS legal jargons
  432. @elijahemerald:matrix.org joined the room
  433. Karl Abbott changed their display name to Karl Abbott (OOO, back on 5-July-2023)
  434. @elijahemerald:matrix.org left the room
  435. Aaron Goldman

    In reply to this message

    aarondgoldman.bsky.social, did:plc:toxy3kpelhv5gwubytayrsbw
  436. Aaron Goldman

    In reply to this message

    Technically not, you could split the task of asserting time from the task of distributing deltas.
    Imagen we had a set of servers that were time witness servers. When I make my DID I pick a time witness to be the authority for my DID.
    When I need to do an update it is in a pending state until the time server witnesses it.
    I send the hash to the time server it sends back {hash, timestamp, witness_public_key, witness_signature} now I gossip the delta and the time witness. The time witnessing gives us a total order so we can have consistency but the time witnessed delta is being gossiped around
  437. Aaron Goldman
    The time witnesses could have very little state. As low as the secret and a counter. The ever-growing state it stored by the PDSs that care about those did:plcs no one needs to store the dids they don't care about but we can still have total order.
  438. we did not go this way becuse we could not guaranty high availability of the latest state of any particular did
  439. plc.directory
    is both the source of time and the delta distribution server.
  440. @sterence:sleeby.cafe
    i wanted to try publishing a feed on the sandbox environment and it mentions you can using the sandbox bgs (
    bgs.bsky-sandbox.dev
    ) though when trying to publish the feed it just says the server isn't ready to accept published custom feeds yet. did something get changed with this somewhere along the way or have i set it up wrong?
  441. cheezenaan joined the room
  442. Alex Eftimie joined the room
  443. retr0id
    you publish the feed via a record in your own PDS
  444. Brian King joined the room
  445. Aer0xander joined the room
  446. kcchu

    In reply to this message

    In this design, how a client know that a DID document version is not staled without checking with the time witness for the latest timestamp of the DID?
    (edited)
  447. Aer0xander
    Hey all! I'll need to do a bit more research on the protocol myself, but just wondering if anyone already looked into linking a crypto wallet to an AT account. I'd probably want to use zkSync account abstraction, so if somehow an AT account could control the smart contract wallet that would be awesome (or if you could just log in with a crypto wallet alone)
    (edited)
  448. Soohan Park (Heartade)
    Thanks!! The user search in the app isn't working great rn
  449. lyuya
    If anyone has an extra invitation key, I would like to receive it.
  450. @axayacal:matrix.axayacal.space joined the room
  451. Kyle joined the room
  452. cogspace joined the room
  453. cheezenaan
    If anyone has an extra invitation key, I would like to receive it.
  454. @axayacal:matrix.axayacal.space left the room
  455. Aaron Goldman

    In reply to this message

    You never know if it is stale.
  456. kcchu

    In reply to this message

    That’s the point. If slated data can be returned, it couldn’t meet strong consistency requirement, isn’t it?
    (edited)
  457. Aaron Goldman
    I recommend https://jepsen.io/consistency to try to get to consistent definitions. That said. If you have an asynchronous system the value can be updated at any time. If I do a read there is no guarantee that the value was not updated as the packet with the head is on its way back to me. So, the value can always be stale. What we can have been bounded staleness. If I asked the consensus group for latest as of sometime then it will remain the latest as of that time. There is some fuzzy ness as you get close to now but there is also a time in the past that has reached finality. https://docs.google.com/presentation/d/1qDizupgoYDUgk2dEuxx7KWLBN0E7u1EKVZFetqBUcjk/edit#slide=id.g125f79a75c4_0_241 We need one of: Compare and Swap (CaS) Stop and wait (Locks) In order transaction processing (Queues) to get consistency. By witch I mean a value that it the last value as of some time will always be the last value as of that time. It is the applications decision as to what bounded staleness is acceptable for the use case. E.G. A browser like thing may have a default 300 second bound for a name lookup but when the user does a hard refresh uses a 1 second bound. The only way to do better than bounded staleness is an atomic broadcast that requires unanimity but I personally find that finality and bounded staleness is sufficient. Unanimity just has such poor liveness it's hard to work with. Did I understand the question?
  458. commie★Ⓐ☭ joined the room
  459. commie★Ⓐ☭
    is there a server implementation yet? i searched github and found a client.
  460. @sadecebakicam:matrix.org joined the room
  461. @sadecebakicam:matrix.org removed their display name (Hamideddin Moğulkoç)
  462. @sadecebakicam:matrix.org left the room
  463. chymerajade joined the room
  464. Niku Palamarciuk joined the room
  465. @morpheus:matrix.gridp7.de joined the room
  466. Jeff joined the room
  467. jeff changed their display name to Jeff
  468. Jeff set a profile picture
  469. Jeff
    Message deleted
  470. commie★Ⓐ☭
  471. alireza joined the room
  472. alireza
    anyone have invite code ?
  473. i need to join blusky
  474. damon/
    need?
  475. alireza
    want
  476. damon/
    This isn’t a chat for codes. Just development
  477. @jinkiesscoob_:matrix.org left the room
  478. alireza
    so how to receive code ?
  479. damon/
    Sign up on the website
  480. alireza
    ok signed up
  481. damon/
    Good luck and have a good day
  482. alireza
    thanks
  483. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    It doesn't matter that much, because client can use the indexedAt property instead
  484. kcchu

    In reply to this message

    This definition of strong consistency based on ordering still requires knowing of staleness. In the design you described, a process (e.g. client) can read a newer version of DID document from one node and then read the older version from another node, violating the global order. The process can’t know whether the second read is newer unless it stores the timestamp which add unbounded storage requirements to all reading process.
  485. ゆき joined the room
  486. sneak joined the room
  487. kcchu
    Indeed, it doesn’t mean gossip-based DID method design doesn’t work. I only say this doesn’t meet strong consistency requirement stated in Atproto design doc. However, what I don’t understand is that why strong consistency is desirable for DID document storage. The gossip-based method like you described seems perfectly fine as a replacement of the currently centralized PLC method
    (edited)
  488. mamume joined the room
  489. Eren changed their profile picture
  490. alireza1992 changed their display name to alireza
  491. Júlio Scholz joined the room
  492. pere (fr33) changed their display name to pere (away until Sunday)
  493. @drimus:matrix.org left the room
  494. Karl Abbott (OOO, back on 5-July-2023) changed their display name to Karl Abbott
  495. @dezeter:matrix.org joined the room
  496. @liink:matrix.org joined the room
  497. @rimuru:gentoo.chat changed their profile picture
  498. @liink:matrix.org
    Message deleted
  499. @liink:matrix.org set a profile picture
  500. @liink:matrix.org changed their profile picture
  501. Ågent joined the room
  502. Ågent
    Hallå Galaxy 🌌
  503. @dezeter:matrix.org left the room
  504. @liink:matrix.org
    Message deleted
  505. Aaron Goldman

    In reply to this message

    So, my logic for consistency in the DID has a few steps and may well be reversed now that I am no longer on the team but here it is.

    1. Adoption is key to success of AtProto
    2. Key management is a speedbump. Use just want to sign up and not think about keys.
    3. By letting the server control the keys we get minimal friction and account recovery works.
    4. Some users will come to value their Identities and want to take controll of their repos after their initial creation.
    5. This requires the ability to permanently transfer an identity from one party to a different party
    6. If there is not an update mechanism with finality the PDS that created an Identity could withhold a update and publish it late to take back an Identity controlled by a user
    (edited)
  506. If the PDS needs to be able to mint the DIDs for users that have no idea that a DID is even a thing they could care about. We want users to be able to take gradual responsibility
  507. Aaron Goldman

    At first you just have a website that you use like https://bsky.social/ then at some point you decided you want to control your ID so you can move to any PDS and https://bsky.social/ can't steal your ID. (note: we have already seen the first bug where a pds was tricked in to giving away someones DID) When you want even more control you mode to client side repo signing where the PDS host your repo but can't publish without the cooperation of one of your user agents.

    There are a number of levels of trust in your PDS
    rotationKeys: PDS only | PDS and User Agent | User Agent only
    atproto verificationMethods: PDS only | PDS and User Agent | User Agent only

  508. The PDS taking back an Identifier that had been transferred to the users control is a version of the dubble spend problem and so needs a consistent update to allow for gradual responsibility for the user and gradual disempowerment for the PDS.
  509. This is one reason it will be nice to have the User Agent supplier, the PDS operator, and the Directory operator as three difrent entities. If you get the User Agent from the PDS you are trusting the PDS. We use the Directory to allow migrating Identifiers to new PDSs without the permission of the old PDS
  510. I want users to be able to just click "sign in with Google" and when they realize it is a terrible idea because they now need Googles permission to speak as themselves they will switch to using keys they control to control their repo.
  511. @chrishobcroft:matrix.org changed their profile picture
  512. AJax joined the room
  513. @liink:matrix.org
    Message deleted
  514. Aer0xander
    need a bot that removes those messages asking for invite code lol
    (edited)
  515. @liink:matrix.org
    Message deleted
  516. ejmg joined the room
  517. Kyle
    Message deleted
  518. Paul Nathan
    Query: is the software on the GitHub account sufficient to build a "blue sky" deployment? I'm still wrapping my head around it all. :)
  519. hadim joined the room
  520. Drewry Pope
    Not yet, eventually.
  521. Paul Nathan
    How can a random backend eng / SRE help out, given I work a regular job? :)
  522. Aaron Goldman
    Run a PDS, complain about operational annoyance
  523. TC Foxtaur joined the room
  524. @lukuniklo:matrix.org left the room
  525. @greyxor:matrix.org left the room
  526. @yun2dot0:matrix.org joined the room
  527. retr0id
    or better, write a PDS :P
  528. @yun2dot0:matrix.org left the room
  529. ivnt joined the room
  530. @iamusualguy:var1able.network joined the room
  531. @iamusualguy:var1able.network set a profile picture
  532. Kyle
    Message deleted
  533. sdr_ath0 joined the room
  534. thepoladov13 joined the room
  535. thepoladov13
    Hi, I'm sorry, can anyone give me an invite code for blesky?
  536. @planetoryd:matrix.org

    In reply to this message

    i don't have an invite code for bleusky
  537. @uvfgmrx:matrix.org joined the room
  538. @uvfgmrx:matrix.org left the room
  539. thepoladov13

    In reply to this message

    Ok, thank you again.
  540. @planetoryd:matrix.org
    no, do not
  541. ejmg
    forgive the cross-post, but i created a feed for people who are building on/around at-proto and bsky in hopes of facilitating a stronger dev community on the application itself (and beyond the dev team of bsky itself lol). I tried to keep it simple with a single hashtag, #atdev (case insensitive). https://bsky.app/profile/ejmg.bsky.social/post/3jzuju3h5722i
  542. Nezteb
    If I don't have a Bluesky invite, is there still a way I can easily build applications that interact with Bluesky? i.e. can I still get an API token somehow?
  543. @samme:schizo.cafe

    In reply to this message

    https://github.com/bluesky-social/pds you can create (or join) a server in the federation sandbox
  544. Nezteb

    In reply to this message

    Ahh great thank you!
  545. @ddoan:matrix.org left the room
  546. Aer0xander
    Is there a plan on how to make videos work?
  547. Alexander Klus changed their display name to Aer0xander
  548. Aer0xander set a profile picture
  549. Aer0xander
    I once built a solution for my own decentralized app where the user just encodes the video locally with ffmpeg.wasm + HLS, but it's not optimal as you need a powerful device
  550. ejmg
    that is pretty cute as a solution though lol
  551. Sabir Ibrahim
  552. Apologies for the slightly off-topic post, but did anyone catch the note about ActivityPub and federation in Meta's announcement of Threads? How does this affect the future of AT Protocol? Can Meta (or anyone else, for that matter) support federation on both ActivityPub and AT Protocol? Or are we headed for another VHS-Betamax war (I know I just dated myself with that reference, lol)?
  553. ejmg
    can't say what an official reply looks like but members of the bsky devs/team has repeatedly stated that they're doing their own thing and they're going to keep doing their own thing and that, if anything, they wish good luck to the Threads team etc
  554. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    Ultimately I think that depends on which protocol gains more traction. Right now, ActivityPub is much more mature, and so it's a much more obvious choice for Meta to support. Eventually I could imagine them supporting AT Protocol in Threads as well.
  555. ejmg

    In reply to this message

    given the current state of the ecosystem and the purported goals of Bluesky PBLLC, this seems like the correct approach to take afaic
  556. yeah at-proto is its own thing and breaking its own ground so that's another angle that makes framing the situation as 1:1 competitors not the best way to, well, frame the situation imo.
  557. Kyle
    I deleted my account and was wondering if I emailed support that I could get it back or have to get another invite code to join?
  558. @holmosapien:holmosapien.com joined the room
  559. timo keller joined the room
  560. @palmlive:matrix.org joined the room
  561. Skyler Hawthorne

    In reply to this message

    Also, I do not consider it a Bad Thing for multiple federation protocols to exist. Having two protocols isn't exactly a
    xkcd 927
    situation. Having 2 or 3 protocols can have benefits, as the projects can learn from one another, and motivate feature adoption. Saturation is obviously bad, but a little competition can be a good thing.
  562. Aaron Goldman
    If I was trying to avoid making a new standard I would have just used nostr to advertise git hashes rather than make AtProto 😎
  563. Aer0xander
    Ok so if we want to link crypto wallets to a DID (particularly Account Abstraction/smart wallets if we assume that's the future of wallets), we need "chainproofs" https://github.com/ChainAgnostic/CAIPs/pull/218. I guess it's best to wait until they finalize it and then look at integrating it into AT
  564. Kinda need it rn if I want to port my app over..
  565. Aaron Goldman
    Add your account as an AKA URI in the list
  566. Aer0xander

    In reply to this message

    But how would you provide proof that you own the wallet/smart contract? Maybe creating a zk proof of smart contract ownership that can be verified locally by other users is the best way? (even then it won't be tied to the DID, so I think that's why we need the chainproof)
    (edited)
  567. Aaron Goldman
    Can't you put the did:plc in the ChainProofFact? ChainProofFact links the wallet to the did:plc AKA links the did to the wallet. Mutual auth. Did I misunderstand your use case?
  568. red joined the room
  569. red
  570. Lucas joined the room
  571. svin matrixman joined the room
  572. @xelofan_:matrix.org joined the room
  573. xelofan_ changed their display name to Xelofan
  574. @xelofan_:matrix.org left the room
  575. Mohammad joined the room
  576. Mohammad
    Does anyone know when we can get Blusky accounts?
  577. @holmosapien:holmosapien.com

    I stood up a PDS yesterday, generated an invite code, and created an account, but it seems to be in some half-working state. I can log in via the web sandbox app, but I can't do anything meaningful because everything results in a Profile not found XRPCError.

    Rough sequence of actions from the logs:

    12342023-07-07 00:55:33.479 /xrpc/com.atproto.server.createInviteCode
    2023-07-07 00:55:54.681 GET  /xrpc/com.atproto.server.describeServer from https://app.bsky-sandbox.dev/
    2023-07-07 00:57:13.516 POST /xrpc/com.atproto.server.createAccount from https://app.bsky-sandbox.dev
    2023-07-07 00:57:13.952 "Profile not found" in app.bsky.actor.getProfile
    

    Given that it can take some time for the on-the-fly certificates to become available, I waited a while and created a couple posts. However, even now after letting it simmer overnight, anything like attempting to post or follow results in Actor not found errors in the logs.

    Would anyone have any suggestions for how to go about troubleshooting this?

    (edited)
  578. Jacob joined the room
  579. OmriOn joined the room
  580. ejmg
    running a sandboxed pds is what i should be doing if i'm trying to stand up my own client or test bots/scripts that run against the bsky api, right?
  581. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    Hmm. That sounds like the BlueSky AppView isn't aware of your PDS. Did you use the bluesky-social/pds repo or bluesky-social/atproto?
  582. @holmosapien:holmosapien.com

    In reply to this message

    I used the bluesky-social/pds repository. Instance seems healthy (according to the healthcheck), and caddy and pds aren't throwing any errors other than the "Profile not found" and "Actor not found" messages when I try to do anything.

    12$ curl https://pds.holmosapien.com/xrpc/_health
    {"version":"0.2.0-beta.5"}
    
  583. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    huh, that's really odd. I tried using the resolveHandle endpoint on your PDS with my federated handle, and it worked... so that means your PDS is federating in some capacity.
  584. @holmosapien:holmosapien.com
    That is interesting. If I query my server I can resolve my own handle, but if I query your server I can't resolve mine.
  585. 🦋 joined the room
  586. moved to @shreyan:beeper.com@shreyanjain:matrix.org
    what's your handle?
  587. @holmosapien:holmosapien.com
  588. Not to be confused with the other daniel with a similar last name. I get all sorts of mentions on bsky from people who apparently type @dholm and pick the first autocomplete result that pops up.
  589. Almost all of them people trying to get invite codes.
  590. moved to @shreyan:beeper.com@shreyanjain:matrix.org

    In reply to this message

    huhhhh you're right that's so weird
  591. mikestaub

    In reply to this message

    possibly, but its not clear how to link to DIDs and create group threads
  592. Skyler Hawthorne

    In reply to this message

    I have the same exact problem. Been trying to dive through the source code to see if maybe there's some undocumented config setting that's missing, but to no avail
  593. I am guessing it has something to do with the hostname setting. My server's actual FQDN is dead10ck.dev, and that's what I tried making my handle under, but I host other services on it, so I tried to set it up with the hostname set to bsky.dead10ck.dev so that I could set up my nginx to serve bsky requests through that host name. I checked my DID document in the sandbox PLC and it does show a service endpoint on the subdomain. But I wonder if this use case just isn't handled in the source code yet, where the service endpoint is on a subdomain of the actual FQDN
  594. @holmosapien:holmosapien.com

    In reply to this message

    That should be supported, since I see other people in the network with their servers hosted on subdomains. Now, you did mention nginx. Configuring the reverse proxy isn't part of the official documentation -- it assumes the PDS will be handling the traffic directly -- so I built a config similar to what I use for the other services that I host on this server; it handles pds.holmosapien.com (which is my $HOSTNAME) and *.pds.holmosapien.com and proxies to the Docker container using HTTP 1/1.

    Since we're both having this problem and we're both using nginx, as well as the guy in

    , maybe this weekend I'll try moving some things around so that nginx is out of the path to see if that changes anything. At least then we'll have the fewest moving parts for troubleshooting.

  595. retr0id

    In reply to this message

    fwiw I'm serving my PDS under a sub-subdomain just fine
  596. (behind nginx too, with other services on the apex and other subdomains)
  597. although that reminds me, with nginx, do you have the correct config set to let websockets work?
  598. because the firehose won't work without them
  599. @holmosapien:holmosapien.com

    In reply to this message

    Yeah, these are the important parts for websockets:

    1234        proxy_http_version 1.1;
    
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
    
  600. @holmosapien:holmosapien.com
    Reading that ticket, I noticed the documentation says to set PDS_BSKY_APP_VIEW_ENDPOINT, but the actual environment variable used in the code (I just grepped to verify) is PDS_BSKY_APP_VIEW_URL. That might be relevant.
  601. Kyle
    Any idea when support will email back? It's been a while. Looking for some account support, if not here then does someone mind to point me in the right direction?
  602. Skyler Hawthorne

    In reply to this message

    Oh that's a good catch! Alas, it did not fix the problem. My profile still doesn't load, and logs show the same error
  603. @holmosapien:holmosapien.com
    Okay, I figured out my problem. I had a fundamental misunderstanding of how wildcard certificates work. I thought I could generate a certificate for holmosapien.com and *.holmosapien.com to use in nginx, and that would handle holmosapien.com, pds.holmosapien.com, and *.pds.holmosapien.com. In reality, wildcard certificates only traverse one level of depth; holmosapien.com and pds.holmosapien.com 👍️, dan.pds.holmosapien.com 👎️. I generated a new certificate for pds.holmosapien.com and *.pds.holmosapien.com, changed PDS_BSKY_APP_VIEW_ENDPOINT to PDS_BSKY_APP_VIEW_URL, and my profile pretty much immediately became available.
  604. Skyler Hawthorne
    Also I was missing the web socket headers, but that didn't fix it either
  605. @holmosapien:holmosapien.com
    So you'll want to use curl to hit https://<username>.<subdomain> and see if you get an SSL error. If you do, that's going to be your problem.
  606. Skyler Hawthorne

    In reply to this message

    ... interesting. I also have a wildcard only under the first level, but does it need *.<hostname> if you don't have any handles under that subdomain?
  607. @holmosapien:holmosapien.com

    In reply to this message

    I would guess that in your case you'd need a certificate for bsky.dead10ck.dev and *.bsky.dead10ck.dev .
  608. Skyler Hawthorne
    Thanks, I'll try this out later tonight
  609. Bruno P joined the room
  610. brpaz changed their display name to Bruno P
  611. Dust
    Hello. In Android app, what's hot feed doesn't load more than 3 posts.
  612. Also can't see post dates, because some usernames are too long.
    (edited)
  613. Here is a screenshoot.
  614. Posting dates of the first two posts are not visible.
  615. Aer0xander

    In reply to this message

    I think we're on the same page, I thought by add your account you meant just pasting your own address in the AKA list. So you're saying in the chainproof method, you would also include the DID as a parameter/requirement so that there's proof that you own both the DID and the wallet?
  616. ejmg

    In reply to this message

    i believe the "long user handles -> breaks UI stylings" bug is known and is known/being worked on. Not sure what's going on with the only 3 posts being loaded bug, would need more info.
  617. if you just made the account, i could also see it just being a client syncing issue thing. Also, sometimes the server just farts for a few moments from too much activity and fails to load posts.
  618. Aaron Goldman

    In reply to this message

    A binding should be symmetric or considered invalid. If my Twitter points to a DID it could be me or I could be lying. Same for the reverse. If they both claim to be alternative identifiers for each other then they are.
  619. Aer0xander
    Ok think I understand, new to DIDs so still trying to wrap my head around it, want to do it right the first time so it can become a standard for AT 😃
  620. Skyler Hawthorne

    In reply to this message

    Do you happen to have your nginx in a sharable state? Even with a wildcard cert, I still can't load my profile
  621. retr0id

    I'm not using a wildcard cert fwiw, but my main config looks like this

    1234567891011	location / {
    		proxy_pass http://localhost:31337/;
    		proxy_http_version 1.1;
            proxy_set_header Connection "upgrade";
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_read_timeout 1d;
            access_log off;
    	}
    
    
  622. ignore the janky indentation lol
  623. Skyler Hawthorne

    In reply to this message

    What about your server block?
  624. retr0id
    it's all just letsencrypt boilerplate
  625. but for the sake of completeness

    1234567891011121314151617181920212223242526272829303132333435server {
    	server_name pds.dev.retr0.id;
    
    	location / {
    		proxy_pass http://localhost:31337/;
    		proxy_http_version 1.1;
            proxy_set_header Connection "upgrade";
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_read_timeout 1d;
            access_log off;
    	}
    
        listen [::]:443 ssl; # managed by Certbot
        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/pds.dev.retr0.id/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/pds.dev.retr0.id/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    
    }
    server {
        if ($host = pds.dev.retr0.id) {
            return 301 https://$host$request_uri;
        } # managed by Certbot
    
    
    	server_name pds.dev.retr0.id;
    	listen 80;
    	listen [::]:80;
        return 404; # managed by Certbot
    
    
    }
    
  626. Skyler Hawthorne

    In reply to this message

    Thanks, just wanted to confirm there wasn't some basic config setting I was missing or set wrong. Is your machine's actual host name a parent domain of that? And is your handle on a parent domain, or a subdomain?
  627. retr0id
    idk what my server's canonical rdns is
  628. there's a whole bunch of domains pointing at it
  629. ejmg
    standing up a pds was surprisingly easy
  630. retr0id

    In reply to this message

    handle is david.dev.retr0.id, which doesn't have a DNS record itself, but a TXT record at _atproto.david.dev.retr0.id does exist
    (edited)
  631. (note that I'm using my own PDS software, I'm not sure how handle resolution works in the official PDS builds)
  632. Skyler Hawthorne

    In reply to this message

    ........ ok, so when I'm saying I have a problem with the reference pds, and you say "it works for me", one will naturally assume you also running the reference pds. Saying your own PDS works means absolutely nothing in the context of a problem with a different PDS
  633. retr0id
    it's the same protocol 🤷
  634. Skyler Hawthorne
    I didn't say "I'm having a problem with ATproto". I said the reference PDS throws an error. I'm reporting a problem with a specific implementation
  635. retr0id
    And I know the precise meaning and origin of those error messages
  636. but yes, perhaps we weren't on the same page here
  637. Skyler Hawthorne

    In reply to this message

    Do tell?
  638. retr0id
    ok first of all, which error messages exactly
  639. and what's your PDS's domain, and what's your handle
  640. @holmosapien:holmosapien.com

    My nginx is similar to retr0id's, but here's how I have it configured to handle both port 80 (which is necessary for the auto-SSL generation) and 443:

    1234567891011121314151617181920212223242526272829303132333435363738server {
        listen 80;
        listen [::]:80;
    
        server_name ~^(.+\.)?pds.holmosapien.com$;
    
        location / {
            proxy_pass http://localhost:16780;
    
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    }
    
    server {
        listen [::]:443 ssl;
        listen 443 ssl;
    
        server_name ~^(.+\.)?pds.holmosapien.com$;
    
        location / {
            proxy_pass https://localhost:16743;
    
            proxy_http_version 1.1;
    
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
    
            proxy_ssl_server_name on;
            proxy_ssl_name $host;
        }
    
        <certbot stuff goes here>
    }
    
  641. retr0id

    In reply to this message

    using my mystical powers of psychic debugging, the issue is that your account, @dead10ck-sandbox.dead10ck.dev, has not posted anything yet, so the AppView is unaware of its existence
  642. Skyler Hawthorne

    In reply to this message

    You need to post something for your profile page to be able to load?
  643. retr0id
    yeah
  644. at least one commit
  645. Skyler Hawthorne
    Interesting. Thanks, I'll give that a try
  646. Skyler Hawthorne

    In reply to this message

    Amazing. That actually worked. Thanks for your help. Seems like a pretty glaring UX issue
  647. Skyler Hawthorne
    Has anyone been able to set up an account with did:web? It doesn't seem like this is supported yet in the app account creation workflow, so I'm assuming the only choice is calling the xrpc endpoint directly, after you've already set up your DID document in your DNS resolver? The docs don't mention at all how to set one up, and the W3C docs are pretty labyrinthine
  648. retr0id
    I've managed it on
    bsky.social
  649. but it required a custom client to make the signup request
  650. there's nothing in the UI for it
  651. Skyler Hawthorne
    Yeah I figured as much
  652. You can probably do it with curl right?
  653. bohurricane joined the room
  654. Alex (@hawley:matrix.org) joined the room
  655. photogsteeler joined the room
  656. Dust
    Anything new?
  657. Gary Robinson joined the room
  658. Gary Robinson
    I apologize for asking such a newbie question as the one I'm going to ask. But I AM an utter newbie, interested in the potential of Bluesky. It occurs to me that the federate nature of Bluesky will mean that all data will be free of charge to access. This is very different from Twitter, where the Enterprise API costs $42K per month(!). Is that true? Or will the reality be more like: atproto is a federated protocol, but there will be a huge Bluesky node run by the Bluesky entity, and to get the kind of access that the Twitter Enterprise API allows for, developers will have to pay Bluesky some as-yet-unknown amount?
    (edited)
  659. Aaron Goldman

    In reply to this message

    First no need to apologize "newbies" are welcome and more importantly anyone trying to learn or share information about the protocol. A good question can move a community just as much as a good code contribution.

    As for whether federation implies free API use it is a little complicated so I will split the question.
    A repo is a Hash Tree with a signed root. This implies that if you have the data you can validate the signature and trust the repo as if you got it directly from the user or their PDS. So you could get the repo from anyone who has it driving down the cost of retrieving the repo to the lowest bidder.

    On the flip side a PDS has no obligation to talk to you. They could put a charge for serving the content.

    So you might end up in a situation where a PDS charged $10 per GiB for API but there is a BGS that is changing $10 per TiB. Your PDS would try to get the data from the cheap BGS before bothering the PDS. This kind of structure could allow PDSs that don't have much bandwidth to push traffic to catches that can handle it better.

    On the flip side you would not expect popular content to be expensive because resellers would buy the expensive content and sell it for much less. Only rare content that only the original PDS cares to store would likely be expensive.

    My expectation is that API costs for most major PDSs and BGSs would be about the AWS egress costs and small PDSs will be free but when overloaded will redirect to a BGS that indexed them.

    Does that make sense?

  660. @miker2049:groupchattt.page left the room
  661. Gary Robinson
    Message deleted
  662. Gary Robinson

    In reply to this message

    It makes sense in principle, and is helpful, but it doesn't fully resolve my question. The reason I am still unsure is that I expect that the vast majority of atproto users won't have their own personal data servers, and will instead be relying on a PDS supplied by the Bluesky corporation. And while that PDS will be federated with independent PDSs, to get the equivalent to the developer experience of accessing the Enterprise-level Twitter API, one will have to get the data from that particular PDS.
    You say: “On the flip side a PDS has no obligation to talk to you. They could put a charge for serving the content.”

    So, it seems like the Bluesky corporation could choose to charge $42K per month for access to user “tweets” beyond a certain number per month.

 Am I wrong?

    (edited)
  663. @holmosapien:holmosapien.com
    Bluesky corporation could charge that much, but that would effectively neuter federation and cause the data to get concentrated in the few large silos that can afford to pay those types of rates. If the goal is to support widespread federation, on the other hand, then the pricing would naturally balance to what the market can bear.
  664. valka
    The "enterprise level" data would be coming from a BGS, not the PDS, because the bgs serves as a collection layer for all federated PDSes
  665. Gary Robinson

    In reply to this message

    Yes... which is exactly what I'm afraid of. Google once had the motto "Don't be evil." But over time, they realized that growing their business meant doing things that would have been called "evil" in the early days of the internet (speaking specifically of the tracking mechanisms they depend on). And they removed that motto.

    So my inclination is to assume that Bluesky corporation would naturally tend to follow that same long-term path. It's not what I WANT to believe, but the history of big, financially successful corporations points in that direction. This would imply that while, today, it's of benefit to Bluesky to tout the federated nature of the atproto, in the long run, IF it is successful and gets many millions of users, it won't depend on the goodwill it achieves by touting that any more. It could start charging extravagantly for the data and its users wouldn't be going anywhere, and in fact its user base could still grow at about the same rate.

    And once that CAN happen, Bluesky shareholders could demand that it DOES...

    Sorry if all this seems cynical, but I've been involved in, and have watched, the tech business since the early 80's, and this is what I see...

    (edited)
  666. valka
    That's the exact idea/philosophy behind the protocol design of bluesky: protect the community from the whims of the company
  667. As in, anyone could run a BGS, and in that way there would be open market competition
  668. Anyone could fork the code, and in that sense could "hard fork" the community away from the main instance if it were to become evil
  669. Gary Robinson

    In reply to this message

    But couldn't such a BGS be forced to pay for access to Bluesky's huge data server?
    (edited)
  670. valka
    No, you can already start indexing everything from the beginning of bluesky history if you so choose, and the BGS code will be open source
  671. Gary Robinson

    In reply to this message

    I can now, but what's to stop Bluesky from eventually charging $42K/mo for that data? (That is, the data on the massive Bluesky server where the vast majority of users will be?)
    (edited)
  672. valka
    if the API wasn't open then federation wouldn't work
  673. so it would become unfederated
  674. of course I imagine some large PDSes could potentially band together and whitelist each other (and their own BGS) for access and deny all other connection, but that's about at the limit of my knowledge of the protocol
    (edited)
  675. Gary Robinson

    That's true, but what I'm imagining is one of the following scenarios.

    1. It would become unfederated, but Bluesky's shareholders could demand that at some point because they would make more money if Bluesky started charging for the data on its huge server. That would be the equivalent of Google's depending on tracking people and therefore dropping its "don't be evil" motto.

    2. There could be a middle ground where BGSs could get a certain amount of data for free, but pay the same amount as on twitter for the whole firehouse. So, they would still be federated, but there would be different BGSs perhaps serving different interests, each having a limited amount of the data.

  676. In reply to this message

    What I'm imagining is that only ONE PDS would be needed for the Bluesky corporation to make a ton of money. That's its own PDS, which would have the vast majority of Bluesky users on it.
  677. valka
    I think they'd have to become evil pretty fast for that to happen, based on the progression of the federation code, and they'd be shooting themselves in the foot
  678. the company is not a normal for profit so in that sense cannot be immediately sullied by investors' wishes in that sense
  679. Gary Robinson

    In reply to this message

    But what I don't understand is how, financially, they'd be shooting themselves in the foot. The Bluesky shareholders wouldn't care about the status of the code. They'd care about the money they could make.
  680. valka
    Of course there must be trust in the team at this point because it's not a fully entrenched/federated/community driven ecosystem *yet*
  681. I do agree there will almost definitely be limited data BGSes for different use cases or applications/lexicons, but I don't think that's a bad thing. The BGS funding model is still a bit TBD
  682. What shareholders?
  683. There are investors for sure (see recent announcement), but the team is composed of people who really care about the philosophy of the decentralised web now, and as soon as all of that code is out in the open it would be a race to the bottom
  684. Gary Robinson
    BTW, for amusement's sake, I'll mention that I have a special interest in this tracking stuff and its relationship to "don't be evil". Google owns my patent that is the first description anyone seems to know of, teaching how to make a tracking cookie, and which coins that phrase. But my patent has a ton of stuff in it about giving the user control over their data, which was not used. For more on that see https://www.garyrobinson.net/2021/07/did-i-invent-browser-cookies-for-advertising.html
    (edited)
  685. In reply to this message

    Don't you think they aim at eventually going public?
  686. valka
    I can't really speculate on that since I'm not a business person, but as far as I know there's very little history of open source decentralised protocols going public
  687. since it's not a monolithic platform per se, it's a protocol built to do a certain thing, with all sorts of different clients and data providers and models
  688. Gary Robinson

    In reply to this message

    The protocol wouldn't go public. That's open source, as you say. The danger I see is that Bluesky will own a massive server containing the vast majority of user data. Anyone will be able to make their own PDS, but the other PDSs won't have those millions of users on them. It's the user data, not the protocol, that will have value to Bluesky shareholders who will be financially motivated to demand that Bluesky charges as much for it as Twitter does.
    (edited)
  689. valka
    you can see this in other decentralised spaces which rely on RPC or indexing services: all the data is public, but if you need to access it in an super enterprisey/efficient/reliable way then you can pay third parties who are ingesting and delivering that data if you need, but if you're not a business or have development skills you can get the exact same data via self hosting or figuring it out on your own
  690. In reply to this message

    It's kind of useless when someone could index all of it and provide it for free and there's no barrier to those users jumping ship to another PDS since account transference is built in
  691. The outcome of BGSes charging PDSes to ingest their data in order to deliver it to users would be perhaps interesting, as then a "main" BGS could hold the federation hostage, but I also see people being able to come together and pitch in to run their own BGSes in that circumstance, and some sort of fallback or hierarchical data retrieval being built-in not to rely on a single BGS which controls all data flow, but again that's at the limit of my knowledge
  692. Gary Robinson

    In reply to this message

    Yes, that's how decentralized spaces work. What I'm suggesting is that Bluesky shareholders could demand that it stop being decentralized (or fully decentralized). If the vast majority of users are using Bluesky's servers instead of independent PDSs, Bluesky could choose to lock it up in order to make more money, and then it wouldn't be decentralized (or fully so) anymore but Bluesky shareholders would be richer.

    " there's no barrier to those users jumping ship to another PDS since account transference is built in"

    Yes, but the normal user would have zero reason to do that in a world where the vast majority of user repos are on Bluesky's data server.

    What I'm asking is, is there anything to stop Bluesky from violating what, TODAY, are its core principles, but won't necessarily be its core principles when it goes public?

    OK, you wrote more while I was writing the above. I think the outcome of our discussion is just that if Bluesky "holds the federation hostage" as you put it, people will band together to fight it. I don't trust, at all, that that they would be powerful enough to have much effect. But maybe there's nothing more to talk about unless someone chimes in who knows more than either of us.

    (edited)
  693. Aaron Goldman
    If the Bluesky PBC PDS has most of the users on it that probably means we failed.
  694. The only way to keep federation healthy is if the network needs no one PDS as much as that PDS needs the network
  695. No protocol can help you then their insensitive would be to kill the community and just be the network themselves. See XMPP/Jabber chat
  696. mayankbatra

    In reply to this message

    As someone who worked with xmpp / jabber I concur. Just curious how did mastodon overcome this or will it fall in the same trap? Also is there a service that can help push 1 click server setups for these? That essentially should help right?
  697. Gary Robinson
    OK, but what's to stop that kind of failure? How is Bluesky going to prevent that from happening? A problem Mastodon has faced is that new users don't know which server to join. So, now, when you get the iPhone app, it gives you two choices on the main screen: "
    Mastodon.social
    " or "another server". If you click through to one of those other servers, there's no compelling reason to use one of those instead of
    mastodon.social
    . I strongly suspect that most users of the iPhone app are joining
    mastodon.social
    , but I am having trouble finding recent comparative stats. So, I have to suspect that Bluesky will do the same thing: Have a big Bluesky server that people join who don't know or care about the world of other servers. And that would lead to most of the users being on it. Moreover what I've been asking is that even if that dynamic weren't the case, why wouldn't investors force it to happen so that they can leverage the power of a dominant server to make more money? However, I may have found one answer while writing the current post. Several daus ago, Bluesky published a post that begins: "Bluesky is a public benefit corporation with the mission to “to develop and drive large-scale adoption of technologies for open and decentralized public conversation.” Given their status as a public benefit corporation, it seems like they could be able to resist shareholder pressure to "not be evil" in a way Google couldn't. I need to process this! https://blueskyweb.xyz/blog/7-05-2023-business-plan#
  698. Aaron Goldman

    In reply to this message

    I guess this was a very good question based on the conversation you triggered 😁
  699. In reply to this message

    With XMPP your identity was still tied to a domain name. It was the service providers that had the leverage to enter or leave XMPP.

    With AtProto look at migrate to a new PDS at any time. If you were on a PDS even

    and they decided they don't like federating. Just migrate your repo to a PDS that does.

    Getting up Google chat, AIM, or MSN messenger because they stop supporting XMPP would mean rebuilding your social network.
    A mass exodus from

    If they decided to stop supporting AtProto with just mean migrating your repository to new PDS

  700. Users need to hold the rotation keys to their did:plc in order to have leverage over their PDS to behave well.
  701. It's a problem that right now we allow you to create an account without a recovery phrase
  702. Even though most people would probably lose that recovery phrase I need to generate a new one when they start taking the repo seriously.
  703. The default should be that both the PDS and the user have a rotation key. Once the user is serious about their account then they can change things so that only they have a rotation key and not the PDS.
  704. Authenticated data is just very different economics than authenticated connections. Authenticated connections You push power from the users to the servers. With authenticated data you push power from the servers to the users
  705. It separates the ability to be the controller of your repository from the ability to maintain a high availability web service
  706. The choice of whether or not to use XMPP went to the people who could run a high availability web service
  707. Gary Robinson
    It seems that one thing that would help Bluesky achieve its decentralization aims would be transparency about how many users have their repos on each server. I assume that as long as a server is fully available to BGSs, that will be trivial to determine. And it would be stupid for a server not not be available to BGSs unless it was so dominant that it could ignore the rest of the world and people wouldn't leave it. I can imagine a site dedicated to monitoring the decentralization of Bluesky and reporting on factors that may threaten it. Bluesky is definitely a public benefit if it can maintain that. Please let me know if I'm right: that's it's trivially easy to know the count of users on any non-isolated atproto server.
  708. valka
    It might be interesting if the "main" client could, in a sense, load balance sign ups, to avoid the centralised federation issue (matrix has this problem as well). Some sort of round robin based on a calculation of reliability of the PDSes which are open to public signups and connected to the federation (could also have a human element, not just some measure of uptime/latency)
  709. The default server problem is due entirely to new user UX, which is understandably extremely important, and there's only a few ways around it unless I'm not thinking outside of the box enough
  710. valka
    really this comes down to clever "workarounds" to retain a good new user flow and at the same time tie into a bit of game theory/incentive system which would reward people for running reliable PDSes available for public sign up, which is also a problem in the matrix and mastodon systems. i know a lot of people are understandably cautious around talking about things like this but if we rely on the goodness of people's hearts it may only go so far (the matrix server my account is on turned off public signups a long time ago now).
  711. retr0id

    In reply to this message

    this is already both doable, and done. the website you want is https://atscan.net/
  712. The main feature that'll prevent PDS centralisation, is that it'll be trivial to migrate between instances, with no negative side-effects
  713. Personally I'm not too worried about PDS centralisation, but I am worried about centralisation of BGS and AppViews (given the resources it'll take to run them, in the future)
    (edited)
  714. Gary Robinson

    this is already both doable, and done. the website you want is https://atscan.net/

    That's great, thanks!

  715. Skyler Hawthorne

    I'm curious about this command that the pds sandbox guide has to generate your repo signing key:

    openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32

    I don't know if my search fu is just failing me, but I can't find anything about the DER format. What are those first 8 bytes it's skipping, and why is it only reading the next 32? I'm assuming those 32 bytes are the private key, and it's discarding the public key?

    But I also noticed that the public key ends up in the DID document in the PLC after you create an account. If the above is true, then how is the pds getting the public key? Is it deriving it from the private key?

    I tried to independently verify the public key by parsing it with openssl, but it can't parse it.

    1234❯ : aws ssm get-parameter --with-decryption --name /bsky/repo_signing_key | from json | get Parameter.Value | xxd -r -p | openssl ec --inform DER
    read EC key
    Could not read private key from <stdin>
    unable to load Key
    
  716. @frabrunelle:matrix.org joined the room
  717. Phuck Eiu joined the room
  718. retr0id

    In reply to this message

    how is the pds getting the public key? Is it deriving it from the private key?

    yes

  719. DER is a binary serialization of asn.1, and the tail/head dance is an incredibly janky way of pulling out the raw value of the privkey, minus the asn1 container and metadata (edit: and also minus the pubkey)
    (edited)
  720. as an example, you can parse the DER like so:

    12345678$ openssl ecparam --name secp256k1 --genkey --noout --outform DER | openssl asn1parse --inform DER
        0:d=0  hl=2 l= 116 cons: SEQUENCE          
        2:d=1  hl=2 l=   1 prim: INTEGER           :01
        5:d=1  hl=2 l=  32 prim: OCTET STRING      [HEX DUMP]:902EC3ED40076142F87898103369E16FA38E337CB2742E38C60C3B1DB7ACF743
       39:d=1  hl=2 l=   7 cons: cont [ 0 ]        
       41:d=2  hl=2 l=   5 prim: OBJECT            :secp256k1
       48:d=1  hl=2 l=  68 cons: cont [ 1 ]        
       50:d=2  hl=2 l=  66 prim: BIT STRING   
    
  721. Aaron Goldman
    ^hope that is just an example and not your secret key
  722. The fact that you generate fresh and don't read the file system is a good sign
  723. retr0id

    In reply to this message

    indeed lol
  724. scatterflower joined the room
  725. scatterflower
    hello y'all
  726. @viktormaruna:matrix.org joined the room
  727. @intrnl_:matrix.org joined the room
  728. @davidprieto:arada.club joined the room
  729. @davidprieto:arada.club

    So, guys. I've been reading a bit about the infrastructure and I've got a couple questions.

    It seems your data is stored on your PDS, which you may manage yourself. But then that data gets sent to a BGS and processed.

    What is sent, exactly? If I write a message and attach a picture, does the BGS store the whole message? Or does it simply know that I sent a message, and that's it?

  730. @davidprieto:arada.club
    Also, could the BGS censor contents from a PDS by rejecting its data? Or does the model not work like that?
  731. Same goes for the PLC. Could it censor contents from a PDS, e.g. refusing to give its users DIDs?
  732. kcchu

    In reply to this message

    All data in current AT Protocol is public. So, the BGS could mirror the entire data repo or only store the necessary data for its functions. There isn’t a hard requirement on what BGS stores or does not store.
  733. @davidprieto:arada.club

    In reply to this message

    Oh, I see 🤔
  734. So, what about the censorship thing? From what I got, that looks like a great deal of centralization. How much power does the admin of the BGS and PLC have?
  735. kcchu

    In reply to this message

    BGS are free to do whatever moderation it sees fit. It is expected that there will be competing BGS services and operating a new BGS shouldn’t be cost prohibitive, so users could choose a BGS that has a policy matching their needs.
  736. @davidprieto:arada.club

    In reply to this message

    OK... but would that lead to fragmentation? I.e. would I, as a user, have to choose between a BGS that doesn't censor certain contents, and a bigger BGS that serves more content?
  737. kcchu

    In reply to this message

    In practices, most users will stick with the defaults. So, users choose the app, and the app provides the defaults. I imagine that there will be apps that are mainstream and has stricter moderation, and apps that are like “anything-goes”.

    I am not affiliated with Bluesky team, so I am speaking to my understanding of the protocol

  738. @davidprieto:arada.club

    In reply to this message

    Yeah, thanks, you're being helpful. I'm just trying to understand 
  739. I don't know, it seems to me that the people managing the PLC and the BGS hold all the power as to what people are or aren't allowed to see.

    I don't see how that's different from a classical centralized model like Twitter's, except for hosting costs.

    I hope I'm gravely misreading the situation, though

  740. kcchu

    PLC is currently centralized and it is intended to be replaced with a different design that is decentralized. So, yes, there are risks that censorship happen at this layer before it is replaced.

    For BGS, why would you consider it centralized when anyone can run a BGS without needing permission?

  741. @davidprieto:arada.club

    In reply to this message

    I'm imagining a situation where there's a big BGS and, even though anyone can set up competing BGSs, no one wants to use them because they have no critical mass and all the content is on the big one
  742. But I'm not sure that's how it would work. And honestly, I hope it isn't 
  743. Could you point me to some sort of documentation where it says that PLCs are centralized now, but intended to be decentralized at some point?
  744. kcchu
    I think we need to define what decentralization mean to a social network. I think the most important criteria of a decentralized system is the separation of powers facilitating user choice. If eventually most users choose one particular service provider because it provides a very good service at very low cost, it shouldn’t be a problem as long as it couldn’t prevent users from switching to a competing provider (e.g. it is easy to switch and user won’t lose content or follower)
    (edited)
  745. @davidprieto:arada.club

    In reply to this message

    I agree... mostly. But if most users choose one particular service provider because all the content is there, and can't switch to another provider without losing access to all that content, that would be a problem 
  746. In reply to this message

    Thanks, I hadn't read that yet. I'll make sure to read it before making further, possibly unfounded criticisms 😅
  747. kcchu

    In reply to this message

    The content is in PDS and public, so anyone running a BGS could get all the data as it want. There shouldn’t be a case where one BGS getting all content.
    (edited)
  748. @davidprieto:arada.club
    Hm, I see. Then the situation seems to be better than I thought 
  749. In reply to this message

    And a PDS can't keep a BGS from accessing its contents?
  750. kcchu
    Their relationship is like web server and crawler. Most web servers doesn’t block web crawlers. But the web server owners are technically able to block specific crawler (by IP, User Agent, etc)
  751. @davidprieto:arada.club
    I see
  752. I gotta process all this, thanks a lot for walking me through it
  753. Oh, just one more thing. Does the documentation explain what type of data the BGS needs to collect from the PDS, in order to function?
  754. kcchu
    There isn’t a specific requirement on BGS yet
  755. @davidprieto:arada.club
    That makes sense, since federation is only being tested
  756. Orpheus changed their display name to O
  757. Skyler Hawthorne

    In reply to this message

    Huzzah, I finally got it!

    123456❯ : open did.json | get verificationMethod.0.publicKeyMultibase | mul
    tibase decode | into binary | bytes add 0x[a0 07 06 05 2b 81 04 00 0a
     a1 44 03 42 00] | bytes add (cat repo_signing.private.key | xxd -r -
    p | into binary) | bytes add 0x[30 74 02 01 01 04 20] | openssl pkey
    --inform der --pubout --pubcheck --noout
    Key is valid
    

    Thanks to your example, I was able to find the bytes that always repeat in a new key, which are the container metadata

  758. pere (away until Sunday) changed their display name to pere
  759. Skyler Hawthorne
    How is it going to work when the main Bluesky instance turns on federation? Are all the posts you make on your PDS that was just hooked up to the sandbox up until that point going to be suddenly live on the production network? Or will it only be posts from that point forward?
  760. scatterflower

    In reply to this message

    the bigger concern imo is that the computational resources required to run a BGS with any appreciable view of the network will become so high that only a massive corporation has the resources to run one that indexes network-wide
  761. kcchu

    In reply to this message

    Certainly it wouldn’t be like someone running in a home server. But even at Twitter’s current scale of 500M tweets per day, it is a scale that is attainable by an average funded start up company. The question is how would these BGS monetize. Would there be enough monetization to subsidy enough independent BGS, or only one BGS that achieve economic of scale
    (edited)