Exported Data

Bluesky Dev

Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)

Previous group of messages

Aaron Goldman

I assume no one is still seeing the outage

shreyan

yup everything is good now

Aaron Goldman

I get questions sometimes about the .car files.
If I respond with this python script is it more clear what a car file is?

12345678910111213141516171819202122232425262728293031# pip install multiformats
# pip install cbor2
import multiformats
import cbor2
import sys

# # usage
# > cat something.car | python3 car_view.py

# CAR file format
# | length | Header |
# | length | CID | block |
# ...
# | length | CID | block |

car_bytes =  sys.stdin.buffer.read() # read the car file from stdin
length, _, rest = multiformats.varint.decode_raw(car_bytes) # file starts with the header length varint
head = cbor2.loads(rest[:length])  # read the header CBOR object {'roots': [CID], 'version': 1}
rest = rest[length:]  # move up the pointer
print(head)

while rest:
    # | length | CID | block |
    length, _, rest = multiformats.varint.decode_raw(rest) # read the block length varint
    cid_and_block = rest[:length]
    cid = multiformats.CID.decode(cid_and_block[:36])  # CID first 36 bytes
    block = cid_and_block[36:] # block rest bytes
    obj = cbor2.loads(block) if cid.codec.name == "dag-cbor" else block
    rest = rest[length:]  # move up the pointer
    print(cid.encode(base="base16"), obj)

@marciapalmeiras2:matrix.org joined the room

@marciapalmeiras2:matrix.org left the room

xb5krnf297

In reply to this message

Some additional context would help

Aaron Goldman

endpoints like
https://bsky.social/xrpc/com.atproto.sync.getRepo?did=did:plc:toxy3kpelhv5gwubytayrsbw
return a application/vnd.ipld.car but that is a binary file so you can't view it in the browser.

In reply to this message

If you wan't to understand the repo you need to understand the format that we transport them in.

@laurin.1212118914:matrix.org joined the room

@laurin.1212118914:matrix.org left the room

Ricardo joined the room

nighthaven

Hello, again.

nighthaven changed their profile picture

gnunesm joined the room

nighthaven

Is this channel still up and running? Or have users moved to the APT Toucher channel on Discord?

🦋

Hi Not sure whether this is the right place to ask but how do you delete your published custom feed from bsky?

Aaron Goldman

I would say we are still running and a good place for questions about the protocol and data structures. APT Toucher on discord is better for questions specific to the PDS implementation and it's API

@literallyme:matrix.org left the room

@cyberbiopunk:matrix.org left the room

🦋

Does anyone have a link to that discord?

Aaron Goldman

https://atproto.com/community/groups

Also if you know of any local meetups let us know so we can add it to the community groups page

Or if you want to start one in your city 😈

@farribeiro:matrix.org left the room

@sterence:sleeby.cafe left the room

sinclair_abbya joined the room

@s1mple008:matrix.org joined the room

@s1mple008:matrix.org left the room

@softinio:matrix.org left the room

alexanderniki changed their profile picture

Marshal

Hi! I bring awesome news 🙃 Python SDK has been updated! Added update_params to keep the cursor of firehose up to date, export and import of session string to deal with rate limit v3, ability to pass base_uri to firehose client, and updated lexicon!

Release notes: https://github.com/MarshalX/atproto/releases/tag/v0.0.28
Example of session export and import: https://atproto.blue/en/latest/xrpc_clients/client.html#atproto.xrpc_client.client.client.Client.export_session_string
Example of how to use update_params: https://github.com/MarshalX/bluesky-feed-generator/commit/3aa6428f77769bf83e036d5e43f48a0e4a5a107a

And if you missed SDK recently got an incredible performance boost thanks to Rust 😅 https://github.com/MarshalX/atproto/releases/tag/v0.0.26

In reply to this message

Feel free to use https://github.com/MarshalX/python-libipld to decode CAR files with good performance ✌️

shreyan

In reply to this message

It's worth noting that the prev field still exists if you wish to create a chain of commits, but is completely optional now

Although it will be mostly unused and is primarily retained for backwards compatibility

Remember#me changed their display name to The0x7c26

@0x7c26:hashi.sbs changed their profile picture

@0x7c26:hashi.sbs left the room

@laurin.1212118914:matrix.org joined the room

@laurin.1212118914:matrix.org left the room

chrishable1119 joined the room

@neilalexander:matrix.org left the room

Karl Abbott changed their display name to Karl Abbott (Away)

Aaron Goldman

1234567891011  PDS                                did count   delta count    sum bytes     first                      last
| https://bsky.social              | 1,093,014 |   1,219,035 |  840,591,800 | 2022-11-17T00:35:16.391Z | 2023-09-19T05:22:38.013Z |
| https://uwu                      |    11,714 |      11,714 |   86,648,128 | 2023-05-30T06:32:05.019Z | 2023-06-30T18:52:10.965Z |
| https://stems.social             |     5,044 |       5,897 |    4,048,359 | 2023-04-16T09:28:40.041Z | 2023-07-05T17:31:28.795Z |
| https://boobee.blue              |     1,645 |       3,073 |    2,177,336 | 2023-03-12T15:11:56.675Z | 2023-09-19T04:55:53.900Z |
| localhost:4989                   |        95 |          95 |       47,786 | 2023-02-21T19:31:07.150Z | 2023-09-10T01:56:38.643Z |
| https://atproto.forza7.org       |        53 |          63 |       43,612 | 2023-04-13T14:10:14.176Z | 2023-09-11T11:09:06.646Z |
| https://bluesky.nokotaro.com     |        54 |          58 |       40,637 | 2023-05-27T01:42:52.573Z | 2023-08-23T13:24:34.095Z |
| http://localhost:2583            |        40 |          40 |       26,727 | 2023-04-13T23:57:47.589Z | 2023-05-22T14:26:37.835Z |
| https://bsky.syui.ai             |        24 |          27 |       18,208 | 2023-03-25T01:49:54.257Z | 2023-08-09T17:10:21.538Z |
| https://redocean.one             |        22 |          23 |       15,785 | 2023-06-14T04:59:26.525Z | 2023-08-31T03:39:17.387Z |

How the federation vs centralization is going.

shreyan

https://uwu seems set to become a major player in the decentralized social media space

jcon

still betting on

localhost:4989

Aaron Goldman

Localhost

is only popular with a techy crowd but I believe in it.

jmcasey

i could go for a couple brews down at

localhost

xormetric changed their profile picture

Karl Abbott (Away) changed their display name to Karl Abbott

merkurov joined the room

Karl Abbott changed their display name to Karl Abbott (Away Until 4-October-2023)

foxlet

Has federation been enabled yet?

shreyan

Nope

Aer0xander

Could you already run your own PDS already in production before federation is live, and federate it later?

Aaron Goldman

You can and https://stems.social dose.

Nad changed their display name to Nad // away

sailormikey joined the room

sailormikey

Hello, I'm new to the server so bare with me here. So I have a question. I have looked into this blog https://atproto.com/blog/create-post , and my question is, in the section "Image Embeds", do you know what's the HTTP REST URL and JSON body to upload image embeds? See, I am using Make (formally Integromat) to automaticlly post to Bluesky, I have been able to post a simple status page to Bluesky using Make.

shreyan

I think that's covered in that section, but it's com.atproto.repo.uploadBlob

sailormikey

In reply to this message

and if successful, would the output JSON look something like this?

12345678{
    "$type": "blob",
    "ref": {
        "$link": "bafkreibabalobzn6cd366ukcsjycp4yymjymgfxcv6xczmlgpemzkz3cfa"
    },
    "mimeType": "image/png",
    "size": 760898
}

(edited)

shreyan

Yep

If you don't embed the image within a post though, after a little bit the server will clean it up and delete images which aren't attached to posts

sailormikey

Message deleted

sailormikey

oh ok, I almost forgot, can this URL accept the content type multipart/form-data?

@wahidislamlinad:matrix.org changed their profile picture

Midou changed their display name to Midou (Old)

@wahidislamlinad:matrix.org removed their profile picture

@wahidislamlinad:matrix.org removed their display name (linad)

@wahidislamlinad:matrix.org left the room

@srid:matrix.org left the room

@morpheus:matrix.gridp7.de left the room

@lily:lilysthings.org joined the room

@lily:lilysthings.org

I'm running a PDS on the dev sandbox right now and it's running with sqlite and I was wondering if there's a way to migrate it to postgres without losing data

Derrick Hammer joined the room

Derrick Hammer

Hello, I am digging into the AT protocol and im interested to understand how the personal repo data is expected to be stored. I am researching how this data could be computed client side and uploaded to the sia storage network which im using blake3 to identify data. I can see AT is designed around the server being trusted to an extent, so im trying to understand how some of the protocol can be translated to be fully client side. I see references to CAR/IPLD data which makes me concerned that recomputing things might be too much effort in browser with lots of data? Thanks!

(edited)

red ⚡️ joined the room

Nad // away changed their display name to Nad

ruza changed their profile picture

Kaisa changed their profile picture

Ricardo

In reply to this message

this code works, Linus2punkt0/bluesky-crossposter - GitHub https://github.com/Linus2punkt0/bluesky-crossposter

today I dropped this on the Chrome store

It's not perfect, still have to iron some things but it's a working Bluesky client for Chrome like browsers.

it can use (or not) the URL of any given tab you open the extension from and use OpenGraph data to publish along with user input text

https://chrome.google.com/webstore/detail/ograph-bluesky-poster/kiddamcckmefboigpmhdemfccdbfmago/

Aaron Goldman

Cool 😎

@cesvlc:matrix.org joined the room

@cesvlc:matrix.org left the room

Midou (Old) changed their display name to Midou (Moved to envs.net, same username. Please invite me to another room if it seems necessary, and if i do happen to be admin somewhere ping me. 1 week left before deactivating my account.)

@frabrunelle:matrix.org left the room

Midou (Moved to envs.net, same username. Please invite me to another room if it seems necessary, and if i do happen to be admin somewhere ping me. 1 week left before deactivating my account.) changed their display name to Midou (Moved to envs.net, same username. Please invite me to another room if it seems necessary, and if i do happen to be admin somewhere ping me.)

sailormikey

Ok, I tried using the upload to bluesky, and sent a POST request to Bluesky post, that worked, but apparently the media came out blank.

Any idea what I did wrong? is it a chunked upload rather than a simple upload?

Ågent

MetaDesk.cc

shreyan

In reply to this message

Strange! Can you share the contents of the request?

rettetdemdativ set a profile picture

kait joined the room

kait changed their profile picture

tomo changed their display name to kait

@tommy_pacs:matrix.org joined the room

jamesog joined the room

@lily:lilysthings.org changed their profile picture

Naafiyan Ahmed joined the room

Naafiyan Ahmed

Hey all, I was wondering if anyone had experience with the pds server caching mechanisms as well as scaling for users on a global scale? I'm interested in exploring the possibility of cross-posts being marked with a TTL after which the pds serverA's cache entry would be invalidated and thus have to refetch from pds serverB. I could also be understanding the architecture completely wrong

(edited)

@tommy_pacs:matrix.org

Message deleted by Matthew

@tommy_pacs:matrix.org left the room

Keagan Luttrell joined the room

tom (@tom@mstdn.axtch.net) joined the room

ball stretcher joined the room

ball stretcher changed their profile picture

Max (@ikymax:matrix.org) joined the room

@temp4096:matrix.org joined the room

mulligan_ott joined the room

@temp4096:matrix.org left the room

Igor Goryachev joined the room

Богдан Зажигин changed their display name to богдан зажигин

богдан зажигин changed their profile picture

stillerbenjamin joined the room

stillerbenjamin left the room

stillerbenjamin joined the room

stillerbenjamin left the room

stillerbenjamin joined the room

stillerbenjamin set a profile picture

stillerbenjamin

Does anyone have an invitation code left? Please drop me a line. [...]

Ricardo

stillerbenjamin i have

@maxlange:matrix.org left the room

@dennethan:matrix.org left the room

damon/

Do any of you guys know how Atproto will handle de-federating?

@lily:lilysthings.org

afaik there is no defederation in it

ball stretcher

yeah not sure its currently possible

Aaron Goldman

Best to split the question. Who is allowed to download the repos? Who's repos are you willing to download? The first mostly protects from a PDS getting a giant bandwidth bill and the second storing questionable content.

Karl Abbott (Away Until 4-October-2023) changed their display name to Karl Abbott

damon/

Regarding the first question, it is done in an allow-list manner?

Aaron Goldman

When a repo on a PDS follows a repo the PDS can look up the PDS of the newly followed repo. You could imagine just adding all those PDSs to your PDSs sync list but it's probably wise to just add them to a list for the PDS operator to look at and approve.

Eidolon

In practice, how expensive is it to subscribe to the full firehose via com.atproto.sync.subscribeRepos? i.e. for feed generators

shreyan

not very. if you're running a feed generator that's the most lightweight way to do it.

@laurin.1212118914:matrix.org joined the room

@laurin.1212118914:matrix.org left the room

Karl Abbott changed their display name to Karl Abbott (Away until 9 October 2023)

Eidolon

I guess it depends on the billing of whatever hosting you're using for your feed generator, if ingress traffic costs you... but it does seem like that would become increasingly inaccessible to consume from right?

shreyan

I think they're aiming to make it easier to get a lighter stream by filtering for specific things you want, but no promises

@jadedctrl:tedomum.net left the room

magicofazi

How is At Protocol different than Matrix? Isn’t matrix theoretically capable of broadcast based social?

svin in the matrix (Old) changed their display name to svin matrixman

svin matrixman changed their profile picture

Fatih joined the room

Fatih set a profile picture

fatihsvr changed their display name to Fatih

Fatih

Hi All,
Does anyone of you know how long it takes to respond to

the developer form

mentioned on GitHub? Thanks.

Aaron Goldman

There is no real "normal" time. They let in a few thousand, performance of the API tanks, they fix the scale issue, then let in a few thousand more. 🤷‍♂️

Eidolon

In reply to this message

In theory yes. ATProto allows migration of user data between PDSes, which is fundamentally different from Matrix's current storage model for rooms and users. The API layer between PDS, BGS and Appview servers is a much more constrained subset of HTTP called XRPC that could theoretically communicate over any transport, whereas Matrix embraces HTTP.

magicofazi

In reply to this message

Couldn’t you store user data and rooms and replicate the rooms. Basically use rooms as a PDS

Eidolon

yes

magicofazi

I like the XRPC element of Bluesky though

lankalanka123 joined the room

shuntingyard joined the room

Karl Abbott (Away until 9 October 2023) changed their display name to Karl Abbott

@kabbott:element.io changed their profile picture

emre joined the room

@cauanzorzenon:matrix.org left the room

jimpick joined the room

Chris Lace

wth is Graysky, is that a beef with BlueSky ?

sirodoht

In reply to this message

It’s just another client for Bluesky I think

Chris Lace

In reply to this message

Oh ok, because it has an invite request

(edited)

shreyan

???

Fatih

In reply to this message

After 5 days, I received my invitation code. I think that's a pretty reasonable amount of time.

https://bsky.app/profile/fatihsever.com

(edited)

Fatih

I liked too, but I disappointed after I realized that it's just a standard http client not like

gRPC

or other RPC frameworks based on http/2. If I'm wrong please correct me.

(edited)

kate_nym changed their display name to kate_nym (OOO till Oct 25)

@itechgeek:matrix.org left the room

Alex (@alsivx:mozilla.org) changed their profile picture

Aaron Goldman

yet

Pablo Dorado changed their display name to Pablo Dorado | OOO til. 16th Oct

@laurin.1212118914:matrix.org joined the room

@laurin.1212118914:matrix.org left the room

@philhug:matrix.org joined the room

Nekron joined the room

Pablo Dorado | OOO til. 16th Oct changed their display name to Pablo Dorado

tolo set a profile picture

tolo changed their profile picture

@plausibledenial:matrix.org left the room

alperenalb changed their profile picture

@sdfman:matrix.org joined the room

@sdfman:matrix.org left the room

Nil Kraunis removed their profile picture

@timbray:matrix.org left the room

@karl_klammer:matrix.org joined the room

@karl_klammer:matrix.org left the room

Ondřej Holan joined the room

@oliver.falvai:oliverfalvai.xyz left the room

Nick changed their profile picture

@ewan:gilchrist.scot left the room

Quentin Dommerc joined the room

damon/

Can anyone verify this?

shreyan

where is this from? sounds completely false

Aaron Goldman

In reply to this message

If you want to understand the timeline algorithm I would probably start with https://github.com/bluesky-social/atproto/blob/main/packages/bsky/src/api/app/bsky/feed/getTimeline.ts

shreyan

yep, it's all pretty straightforward, non-proprietary and definitely does not use location or other such information

Aaron Goldman

As for proprietary timeline ranking algorithms. The design goal is very much to support such things. AtProto will not and cannot come up with the "right" timeline ranking algorithm. User need the fixability to choose a ranking algorithm and change that choice at any time. The open source ranking algorithms that anyone can run themselves and the proprietary timeline ranking algorithms that must be run on the algorithm owner's servers are competing in the same market for timeline ranking. But unlike Google vs Bing where you have to pick index and algorithm together the hope with AtProto is that the BGS indexers can do the expensive indexing and many timeline ranking algorithms can share the cost by paying a BGS for access to the indexes rather than having to maintain their own. If we can share the cost of the index then hopefully, we get far more innovation and competition in ranking algorithms. Open ranking, proprietary ranking may the best algorithms servive. https://blueskyweb.xyz/blog/5-5-2023-federation-architecture

@damon: Dose that not quite answer help at all?

damon/

In reply to this message

A Mastodon user that states they are a Data Scientist and knows how this stuff works

In reply to this message

It does, thank you, you are always helpful

workbear joined the room

Aer0xander

How could I actually edit the alsoKnownAs list (Typescript API/XRPC)? Plus is it an actual list and not a string, so it won't start breaking other code when I make it a list?

shreyan

you would need direct access to your recovery key for that

Aer0xander

In reply to this message

This isn't possible yet from what I've seen? I suppose I could just give users control over their own keys (as in my app they'll likely have a crypto wallet/private-public keypair anyway)

shreyan

yeah

eventually the plan is for everyone to have their own, and if you provide one on account creation then you can own it, but by default, you do not

(at least, that's how it is right now)

Aer0xander

Ok thanks, I'll look into it!

shreyan

just be prepared for potential breakage! :)

@lexx:nitro.chat left the room

Aaron Goldman

In reply to this message

You can look at the "alsoKnownAs" list for your DID.
https://plc.directory/did:plc:2zlzmv2xujgpohsvay3xhpbr/log/audit

looks like you don't have a key you control in your "rotationKeys" list. You would need to set on with your PDS first. then you will be able to edit your DID Document with the directory.

Aaron Goldman

I will say the fact that 1,817,104 did:plcs have

12"rotationKeys": ["did:key:zQ3shhCGUqDKjStzuDxPkTxN6ujddP4RkEKJJouJGRRkaLGbg",
  "did:key:zQ3shpKnbdPx3g3CmPf5cRVTPe1HtSwVn5ish3wSnDPQCbLJK"],

1,817,104 DIDs with the same secret keys feels weird to me.

"Why have a nonce?" I said "The secret keys will all be unique" I said Note to self: include a nonce somebody will make 1,817,104 DID with the same keys 🤦

@leohoo_sdu:matrix.org left the room

kate_nym (OOO till Oct 25) changed their display name to kate_nym

kate_nym set a profile picture

Thomas Reggi changed their display name to thomas (they/them)

Administrator changed the server ACLs for this room.

Skyler Hawthorne changed their profile picture

@marciosantos2391:matrix.org joined the room

@marciosantos2391:matrix.org left the room

joelotter joined the room

joelotter

Hi all, curious about ATproto URIs and resolving them. My understanding is that e.g. at://joelotter.com/app.bsky.feed.post/3kciw4eeuzc2x (handle instead of DID) is a valid URI. However, doing a getPostThread against bluesky gives a not-found - is it on me to resolve that handle to a did myself?

Aaron Goldman

In reply to this message

Looks like the current implementation looks at the local PDS database so it would only find the thread if it is synced to the PDS.

https://github.com/bluesky-social/atproto/blob/bb039d8e4ce5b7f70c4f3e86d1327e210ef24dc3/packages/pds/src/api/app/bsky/feed/getPostThread.ts#L125

To decide if a PDS should pull the post from joelotter.com's PDS would be a matter for the local PDSs allow/deny list of PDSs it is willing to resolve content from.

joelotter

Hmm, I'm exclusively working with the main Bluesky instance here

Aaron Goldman

Dose the did:plc version of the api call work?

joelotter

It does!

Aaron Goldman

hmm that may be a bug

joelotter

It sounds like I ought to handle this properly anyway for the future case with multiple PDSs, what's the recommended approach for that? Should I be actually hitting DNS to find the DID for that handle or is there a way to do it through ATproto?

For context I'm trying to convert from a web URL to an ATP URI in a consistent way :)

Aaron Goldman

If you get a handle you should look up the PDS that is in the DID Document. If the PDS is on the denylist the give an error that you can't resolve because $PDS is in denylist. Otherwise you should resolve

shreyan

In reply to this message

you can use https://api.bsky.app/xrpc/com.atproto.identity.resolveHandle?handle=

(edited)

you can also use the dns method, and if it doesn't find it, https://domain/.well-known/atproto-did

@parfait:filly.chat left the room

joelotter

thanks all!

@leon:vmst.io left the room

@sterkte:matrix.org removed their display name (sterkte)

@sterkte:matrix.org left the room

@courv:matrix.org joined the room

@courv:matrix.org left the room

@kaorit:matrix.org left the room

Elementeer

Is Bluesky and Nostr using similiar tech or completely separate?

joelotter

Totally unrelated AFAIK

Aaron Goldman

In reply to this message

Depends how far you zoom in.

Both are identifying blocks by their Sha256 and controllers by Ed25519 signatures.
So both are Authenticated Data protocols.

Nostr events stand on their own. One object one signature.

AtProto is organized as repos. Each comment adds/removes objects from the repo that is a (path, value) store like a git repo.

Nostr allows multiple relay servers to store and forward the events. This means that you have eventually consistently depending on whether that relay has that event.

Bluesky has the PDS(personal data server) that has the full repo and is the authoritative source of "latest" so a strict consistent update is possible even across objects in the repo.

Nostr is more about simple and do what you want. This gives them robustness.
AtProto is more about correct atomic updates. This requires a source of truth to be highly available.

Elementeer

In reply to this message

Thanks for the detailed answer Aaron!

Aaron Goldman

In reply to this message

I try

cities joined the room

Andrew Flynn changed their display name to stevie komputer

stevie komputer changed their profile picture

erlend_sh

Would you kindly expand a bit on what it means to be ‘more about correct atomic update’? Are we talking atomic-clock kind of correctness, or is this more about the atomicity (self-contained, composable etc.) of each update?

Aaron Goldman

In reply to this message

I find this site explains it well but does assume a lot of background knowledge. https://jepsen.io/consistency

Aaron Goldman

By atomic update I mean transition from one completely set of records to a new consistent set of records. There are no torn writes. In a file system it is possible to update one document without updating another. Document A references Document B page 10 but you see a 5 page long older version. An atomic update like git could update both documents without any time when one was newer. They update together or not at all as a single atom of state. If you check for international consistency before each commit then you get atomic and consistent. If you save to durable media before each commit you get durability. If you allow independent writing without having to re-read the state inbetween you get isolated updates. Together we call this an ACID database. Atomicity, Consistency, Isolation, and Durability

AtProto is at base a way to make ACID things Nostr is at base a way to make Available things. But it is a bit of a subtle detail since Bluesky doesn't use ACID properties and could have been built on Nostr.

@fudan10u:matrix.org left the room

joelotter

Is it still fair to say that Nostr is a decentralised protocol while ATproto is a federated one? Or is that implementation specific/no longer the case/never was the case

@lily:lilysthings.org

I don't even consider ATproto federated because of how federation seems to rely on a central relay.

joelotter

I would definitely call Mastodon/ActivityPub federated and there's no central relay there as far as I know?

@lily:lilysthings.org

Activitypub has no central relay

joelotter

So you wouldn't call Mastodon federated?

@lily:lilysthings.org

I'd call activitypub federated

I wouldn't call atproto

Federation should work with no central server. if the relay goes down then atproto federation doesn't work.

joelotter

ahhh gotcha, i misunderstood your first message

whyrusleeping

You can use many different relays, a “single central relay” is somewhat misleading

There will tend towards being a small number of relays, its a lot of data and bandwidth to process

But you can run a smaller slice of the network if you like, or even operate without relays, and go directly pds to pds ssb style

joelotter

sounds a little like mastodon's relays, though to be honest i've never actually seen those used in practice

@lily:lilysthings.org

I've used relays

They're more for just dumping content onto tiny like single person instances until the people on it follow enough people for federation alone can get enough content

joelotter

yeah I looked into them when I set my instance up, as it's essentially a single-person instance, but couldn't find much in the way of documentation

@lily:lilysthings.org

I just added a few random ones when I initially set mine up

Once I followed enough people I turned them off

Aaron Goldman

In reply to this message

With AtProto it may be worth breaking down the protocol into pieces to talk about it.

1. Finding the PDS that is the current host of a at://DID/path URL. This is analogous to a DNS request. Pull the DID out of the URL and resolve it. If it is a did:plc then talk to the PLC directory. If it is a did:web do a http request to resolve the document. Most of the time this DID to PDS mapping will be chached.

2. Finding the current head of the repo. Only the PDS can give you this 32 bytes. It is the fact that the PDS can give you an authoritative latest for the head that gives you the ACID possibilities. If you don't care about those ACID properties you could ask anyone with a copy of the repo to give you the latest they happen to have.

3. Get the repo from anyone who has a copy and validate that it hashes the head commit. The repo can be stored and served long after the controller and their PDS is gone.
The PDS also serves as a repo durability of last resort. If no one else has the content you can always go back to the PDS. For unpopular content the PDS can handle the few requests and for popular content it will be in caches around the Internet.

1 is not really federated as you need either the PLC directory or the DNS,CA system for did:web
2 is not federated as you are pulling the single 32 bytes of the Head from a specific PDS.
3 is perfectly decentralizable as the content delivery heavy lifting is just hash address content. As long as you are willing to accept bounded stillness you can get content from anyone and validate it with hashes and signatures.

joelotter

thanks for the detailed response!

Aaron Goldman

AtProto gets key and PDS rotation at the cost of a centralized Identity server.

plc.directory

for did:plc and the web server for did: web. Nostr gets not having a centralized Identity server at the cost of immutable keys. Can't be stale if it can't ever change. AtProto get Atomic updates at the cost of a PDS(centralized but rotatable without PDS cooperation). Nostr avoids a centralized "owning" relay and enables use of many relays by giving up on a authoritative latest. You find the notes you find and don't find what you don't find there is no larger repo structure. There is only the subset of the event before you.

Aaron Goldman

It could be fun to redirect
https://plc.directory/did/plc/toxy3kpelhv5gwubytayrsbw/did.json
to
https://plc.directory/did:plc:toxy3kpelhv5gwubytayrsbw/
that way
did:web:plc.directory:did:plc:toxy3kpelhv5gwubytayrsbw
and all did:plcs would be valid did:web's by just prepending did:web:plc.directory: to the start.

(edited)

granted you would not get the security of did:plc you would just be trusting

plc.directory

but that is what did web means.

Anselm Schumacher (@schumi:tchncs.de) changed their profile picture

expectus.fyi joined the room

Nikolay changed their display name to Nikolay Kolev

Vince Harkiewicz joined the room

Bruno P set a profile picture

Fatih

Hey all, How to pronounce AT Protocol? Like the @ sign or by spelling it out? Examples: Like @: https://youtu.be/wJBCpzM1VfM?si=0TNMU11LZfNfDxt4&t=567 Spell out: https://www.youtube.com/live/9tZrxSyRPH0?si=djoa_hZapkHCt_we&t=295 Which is the correct pronunciation? Or are both correct?

Fatih changed their profile picture

hug joined the room

@philhug:matrix.org left the room

@asierm:matrix.org left the room

michael changed their display name to MICHAEL

MICHAEL changed their display name to Michael

Michael changed their profile picture

Aaron Goldman

We usually say AtProto "at proto" /at prōdə/ saying the @ as a word and then abbreviating protocol as proto. I don't know if that help. Typing how to say something is tricky.

gerg0 joined the room

Aaron Goldman

In reply to this message

It's very weird (humbling) to watch a video of someone explaining something from your documentation.

Fatih

Thank you Aaron. I get it, it's very clear. 🙏

urp

Message deleted

urp

Hello, I wonder why it is required to be logged in to be able to fetch a profile information. Using the

@atproto/api

, with agent.getProfile({ actor: "example.bsky.social" }); it logs Uncaught (in promise) Error: Authentication Required. Is this something from the bsky.social server? Or is this generally a choice from the atproto?

@blueb:matrix.org left the room

stevie komputer

urp

Hi! Not sure how to import from "

@atproto/identity

1import { DidResolver, HandleResolver } from "@atproto/identity";

seems to throw (tested on node & bun, using vite)

12345678910111213141516171819202122232425[→ delayed_stream.js:15:5]
Uncaught TypeError: util2.inherits is not a function
    stream 1.0.0/node_modules/delayed-stream/lib/delayed_stream.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:2487
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    stream 1.0.8/node_modules/combined-stream/lib/combined_stream.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:2566
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    data 4.0.0/node_modules/form-data/lib/form_data.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:11549
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/defaults/env/FormData.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:11860
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/defaults/index.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:11954
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/core/transformData.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:11978
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/core/dispatchRequest.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:12000
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/core/Axios.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:12179
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/lib/axios.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:12396
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    axios 0.27.2/node_modules/axios/index.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:12429
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:198
    node_modules atproto/identity/dist/index.js@http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:21242
    __require http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:3
    <anonymous> http://localhost:5173/node_modules/.vite/deps/@atproto_identity.js?v=bafe161c:28360

Not sure if that is me doing a wrong import, or if a known issue, or if I should post here or open an issue on github?
Cheers in advance!

(edited)

sefidel changed their profile picture

expectus.fyi

Has anyone played with PDS / federation using Cloudflare workers and D1?

sefidel changed their profile picture

@thomcat:thomcat.rocks joined the room

@thomcat:thomcat.rocks

Any of you fine folks spin up the PDS using Nginx instead of Caddy? I have everything working, but I'm running into

LinkedIn Julian Dumitrascu changed their display name to GitHub Julian Dumitrascu

@thomcat:thomcat.rocks

Well I followed

this

and now I have a profile, but now I have the "handle.invalid" problem

@lily:lilysthings.org left the room

@man2dev:matrix.org left the room

@davidprieto:matrix.org left the room

ni5arga changed their profile picture

dietrich changed their profile picture

Karl Abbott changed their display name to Karl Abbott (Away until 13-November-2023)

shreyan

federation is happening! loads of us are no longer on

bsky.social

@thomcat:thomcat.rocks

In reply to this message

federation is no longer just on the sandbox?

Steven Franssen

federation is an obsolete idea

@thomcat:thomcat.rocks

he unironically said in a federated chat room

Steven Franssen

yep

while there is now p2p rooms that can match matrix

just because there is better technology doesnt mean it has the people using it yet

network effects

why musk bought twitter

keet.io

if you want to test p2p #keet:matrix.org

@thomcat:thomcat.rocks

Why are you spamming a different product in here

Steven Franssen

you will be able to develop bluesky on it

joelotter

exciting to see federation happening :)

we're working on supporting it over at

brid.gy

should prob have mentioned here actually, for those interested, we've added bluesky support to bridgy (tool for using your website as your canonical social media feed)

have really enjoyed working with ATproto :)

(hope that doesn't count as spamming!)

@ajcxz0:matrix.org left the room

shreyan

Nice!

In reply to this message

It exists in prod, although it's still (temporarily) only for approved PDSes, and they are very close to switching it on for anyone

Another nice thing is that federated users now have independent signing keys

retr0id

independent repo signing keys at least, not yet independent did:plc rotation keys

unless they byo'd

shreyan

if someone byo'd it would probably not be possible for them to automatically migrate

retr0id

not necessarily!

you could set up your rotationKeys array so that the first two keys are your own, followed by bsky's usual rotation keys

so bsky can issue updates, but you could always veto their ops

shreyan

oh cool!

retr0id

although, you only have a 72h window to veto them in

would be cool if there was a 3rd party did:plc monitoring tool/service

so you could get alerts when your did document is updated

Aaron Goldman

In reply to this message

This would not be hard to build

Igor Jagec changed their profile picture

Kjartan

I'm not fully excited about the 72h window though - even if you get notified via a 3rd party service, I kinda don't want to be forced into reacting on such short notice (or risking to lose my account/identity). Let's say I'm on holiday (probably somewhere without internet connection) or in hospital and not able to react. I fully understand why it was done this way, but I can't think of any other situation (online or offline) in which I would have to react so quickly for something potentially so important

(edited)

Kjartan

Or in a more likely scenario, 72h might be just a weekend followed by a single bank holiday

(edited)

@omasanori:matrix.org left the room

Aaron Goldman

In reply to this message

It was a trade-off between transferability and transferability.

If people would manage their own keys we'll then you would not need window key rotation would just be first come first serve. We added the window for two cases. Firstly if your key is stolen and they rotate to their keys you want to be able to recover. Second is if you trust your PDS to update your DID Document for you and they try to take your repo. In either case you don't want the rotation to be final you want to be able to override it.

So why not allow priority key override forever and never have a key rotation be final? This would prevent transferability of the repo. Many, probably most, users will let PDS generate the repo for them only after having a repo for awhile will it be valuable enough to be worth managing their own keys. At that point they should be able to take control of their repo in a way that the PDS that created it can't revert months or years later. When you take control of your repo it should be yours and the transfer should be final.

Kjartan

I haven't thought about it thoroughly, but one improvement might be, if a key wouldn't be able to add or remove keys to its left/with a higher priority.
If my pds wants to invalidate my private keys, I need to notice it (solvable by 3rd party service) and react quickly. But if my private keys are safe according to their trust level, there probably wouldn't be too much harm even if I miss the opportunity to revert the changes directly

And a pds would still be able to do whatever it needs to do 🤔

I guess I wouldn't even care anymore about the 72h opportunity at all

Aaron Goldman

The only problem with that is if I had a recovery key I lost. The sanareo in my head. 1. I set up a repo on a PDS. 2. I ignore the strongly worded message begging me to put the recovery code in a safe place. 3. Years later I decide I care a lot about my repo and want to take key management seriously. 4. The PDS uses it's key to rotate out all the old not well secured keys for the new generated ones in TPMs you control and a key escrow service you trust. 5. The recovery key you ignored years ago hangs over your head since you can't remove it. All you can do is say I probably lost it forever so it's probably fine.

I would like to be able to revoke all old keys and get to a clean state.

The other idea we discussed was only having 72 hours as a time to contest not necessarily a time to get them recovery. After a rotation let any key register a contention and then a higher key needs to unlock whenever it gets to it. Let your monitoring service have the right to lock it. The find your recovery code when you get home

Igor Jagec

Hi there, I wanna create my own custom feed and I come across this below as a starting point. How difficult it is to build and deploy a custom feed, and what programming languages I should be fluent in? Cheers! 👍🏻 https://github.com/bluesky-social/feed-generator#readme

Igor Jagec changed their display name to TwinPeakTechie

TwinPeakTechie changed their display name to Igor Jagec

madiator2011

Question does Bluesky supports gif either linked or direct uploads?

Karl Abbott (Away until 13-November-2023) changed their display name to Karl Abbott

Anselm Schumacher (@schumi:tchncs.de) changed their profile picture

chinchillas

In reply to this message

Nope

Captain Stacks joined the room

@toyohaji:matrix.org left the room

leitmedium joined the room

lamrongol

Sorry for the abrupt question, I have used com.atproto.sync.subscribeRepos API to get all posts of Bluesky but now it gets few posts. It may be caused by that Bluesky is separated to many PDSs, how can I get all posts? Must I connect to all PDSs not only 'wss://

bsky.social/xrpc/com.atproto.sync.subscribeRepos

'? Or is there a new API?

shreyan

You need to use the Relay (BGS) to get posts from all the different PDSes

wss://

bsky.network/xrpc/com.atproto.sync.subscribeRepos

lamrongol

In reply to this message

Thank you very much! I've confirmed it works!

matrixuser12931 joined the room

Captain Stacks

What are the main differences between AT and AP?

joelotter

In reply to this message

there's a summary here https://atproto.com/guides/faq#why-not-use-activitypub

juansucks joined the room

kait changed their display name to name jeff

name jeff changed their display name to ball stretcher

Karl Abbott changed their display name to Karl Abbott (Away until 27-November-2023)

joelotter

So timestamps on the Bluesky API are user-defined, meaning posts can be effectively backdated - really quite nice for the tools we're working on. Was wondering what the dev team's thought process behind this decision was :)

(e.g. here's something I posted in 1923 https://bsky.app/profile/joelotter.com/post/3kefvompqeu2y)

Captain Stacks

In reply to this message

I think that goes along with the nature of a decentralized system, nostr events are the same way

joelotter

mm, repos are user-owned, that kind of thing?

Captain Stacks

in the case with nostr, there is no authority to verify the legitimacy of a timestamp, so they are user-defined

joelotter

yeah, i guess i just would have assumed that by default a PDS would be that authority, like how it works on mastodon. but i guess if something can be gotten around so easily it makes sense to make it user-submitted for everyone, rather than a sort of "secret hack" style thing

Captain Stacks

I am trying to learn more about AT architecture, is PDS an AT server?

joelotter

yeah, Personal Data Server: https://atproto.com/guides/overview

but there are other types of server

Captain Stacks

is that similar to ActivityPub?

joelotter

ehhh. sort of, in that it is a federated architecture, but the network topology looks quite different imo

Captain Stacks

I need to look into it more

joelotter

the docs are really good!

Captain Stacks

is it easy to be a Bluesky developer?

joelotter

You mean using the API etc? Or contributing?

Captain Stacks

I guess using the API to create third party apps

joelotter

I'm finding it easy enough :) The big missing piece right now (imo) is some kind of OAuth-like auth flow, but the app passwords work well

Captain Stacks

nice, what are you developing?

joelotter

I've been adding Bluesky support to https://github.com/snarfed/bridgy/

Captain Stacks

oh nice, Alex Gleason spoke highly of Bridgy Fed 🫡

Steven Franssen

Captain Stacks: https://poast.tv/w/jUknj6g3BbkESsidKbDRzr

@thomcat:thomcat.rocks left the room

machinecode joined the room

Mafkees joined the room

golden_lib changed their profile picture

Ivor Stodolsky

hey, can anyone get me 2+ invites? friends are so pissed off with X! we need to move now, otherwise it'll just be Threads. there's big opportunity in the EU, where Threads is still not working.

Aaron Goldman

In reply to this message

The thought process was that in a distributed system there isn't really a time when events happen there is only the time when events are witnessed. If I link to your post, say a like or comment, then your post happened before my comment. If your PDS is tracking when it first sees commit from foreign ropos it can use the Merkel DAG to find some event it witnessed at at a time to bookend the event.

To "know" the time of a commit C find to witnessed events A, and B where A < C < B.
'A < B' here meaning that there is a path in the Merkel DAG from B to A.

It is up to the controller of a repo if they want the timestamps to be trustworthy. Most repo controllers wouldn't care much but for example a repo of a Certificate Authority with cert grants and revocation lists would make promises around the truthfulness of their timestamps.

Promises that would be subject to outside audit.

Aaron Goldman

I personally don't think it is the protocol's place to tell you how to treat time this is very dependent on the use case for the repo how much effort true time is worth.

Steven Franssen

you can infer time and trust

i had an idea with nostr to witness other events inside new events and so help guard against fake events

Aaron Goldman

What specifically are the witnesses asserting?

Just an events existence as of some time?

@chrishobcroft:matrix.org left the room

Dalite Fur 🦊 changed their profile picture

Steven Franssen

In reply to this message

yes, so some number of proximal events at the time of creation of the new event, like part of a thread structure or timeline would be mentioned in the new event

with most events doing this it would form like a block chain

any forged event would not have any or many mentions

Steven Franssen

and if there where mentions those mentioning events would at some point be disconnected and not mentioned

Aaron Goldman: has bluesky looked at using

holepunch.to

to become p2p?

looks like some sort of repo model is likely needed to get p2p social to scale

keet.io

seems to have cracked the p2p scaling problem

things seem to be moving fast in the distributed scene now

Steven Franssen

i still like the nostr data structure

i think forming repos around topics and people will work well

there is elegance to single signed notes, i wish most communication especially media was like that and in such prevent rewriting history as so much media does now

Aaron Goldman

I don't remember talking about keet. 🤔

Steven Franssen

i dont think you did

i did mention it here earlier

worth having a look as it seems it works atleast as well as matrix but p2p #keet:matrix.org

or should i say 🍐2🍐

the pear room has the devs in it and the desktop app is most updated

Pear room link pear://keet/yrb38u4y5hw3dpeazx54hspo59q1pz1py1u74om7yxtt19aa5r5mtofwp46ohw4u1w63o6is6sax6j3swgdi66dmti8p8nfuyypfwewbud3gradf

i am sure pfrazee: knows mafintosh

whyrusleeping

Thats an understatement lol

Steven Franssen

its interesting their ideas seem to still run parallel and bluesky should be able to go p2p with

holepunch.to

quite easily

the p2p pear runtime is scheduled for open source release in 3 months

shreyan

if somebody does want to implement a p2p bluesky, i suspect it wouldn't be toooo hard - bluesky's federation model already reminds me a lot of p2p sync

Proudmuslim | مسلم فخور joined the room

Captain Stacks

Bluesky dev talk reminds me a lot of nostr dev talk

Aaron Goldman

In reply to this message

To some extent the p2p would just be one more PDS. With a bridge literally, without a bridge PDS/Client would need to embed the keet client.

(edited)

ball stretcher changed their profile picture

Erasmus | Pendulum changed their display name to Erasmus

Steven Franssen

In reply to this message

you wouldnt embed the keet app but the p2p 'pear' runtime it uses, yes clients or servers would need it or need a bridge but at the point most of the software is p2p enabled and thats working better than federation why would you use federation? or even have many dedicated servers?

if p2p can work it seems to solve a lot of problems

holepunch seems to want to perfect p2p tech while others build on top of it, as also veilid and freenet and others are doing

keet is the demonstration/concept app for them

i think ideally bluesky or matrix which i think seem very compatible would work on social ideas building on it

Aaron Goldman

In reply to this message

As to "what is the point of dedicated servers". This tends to come down to the Consistency, Availability tradeoff. If I am building an application where the data can be modeled as a CRDT then grate P2P. If I am building something that requires atomic Compare and Swap, Mutual Exclusion locks, or globally ordered queues then I must have a consensus group. By choosing consistency over availability by availability is now limited by the uptime and reachability of a quorum of the consensus group. The best way to get highly available quorums is with dedicated servers.

Xe Iaso changed their profile picture

Steven Franssen

Aaron Goldman: you can still provide dedicated servers in a p2p platform, its that you dont need to and they will have much less work, p2p availability greatly exceeds any dedicated servers, torrents have proven this with their history of shutdown attempts, i am not sure what sort of consensus we need in a social situation where we have individuals signing events?

Elio Qoshi changed their profile picture

Aaron Goldman

Sure you can split the PDS into an Atom service and a Blob service. The Atom service doing the CaS (Compare and Swap) for the repo tips (commit at the repo head). The blob service is just transferring blobs identified by hash. That's all immutable and thus a great match for available systems with P2P.

If you have a server the item service can be made highly available. If you don't want to have a server a dedicated set of clients can form the consensus group from which a quorum must be reachable for updates

@kitdiesel:matrix.org left the room

Melvin Carvalho joined the room

@null_radix:matrix.org left the room

Captain Stacks

I really need to learn the AT architecture

any good YouTube videos on it?

pere changed their profile picture

golden_lib changed their profile picture

redblock joined the room

@intrnl_:matrix.org removed their display name (intrnl_)

@intrnl_:matrix.org left the room

Aaron Goldman

In reply to this message

Why do you need to learn the AT architecture?
https://atproto.com/guides/data-repos
It is more detailed than any video I know of.
That said.

Joe Beda has a talk I liked
https://youtu.be/9tZrxSyRPH0

Aaron Goldman

I like to short version it as Authenticated data Transfer Protocol, aka atproto by comparing it to http. http is an authenticated connections protocol. The data is transferred in an authenticated way but once it is downloaded the data loses authenticity. By contrast with an atproto repo when you download the data and then reshare it the data is every bit as authenticated as it you got it directly from the PDS. This means that the repo can live outside the PDS. It can be cached with or without the cooperation of the repo controller. Repos can out live the controller, the PDS, even the Bluesky PBC. If facebook, twitter, blogger, youtube, ... shutdown tomorrow the content would be gone. If they were in Authenticated Data repositories then anyone that had a copy of some of the content could keep that content around. If http is like calling an expert on the phone and asking questions AtProto is like an expert publishing a book.

Authenticated Data is the combination of the authenticity of HTTPS with TLS and the CA system, with the manageability of files, and the atomicity of database transactions. It is a data storage and transfer system for atomic authenticated transactions that can be cached across space and time without loosening ether atomicity or authenticity.

granted if you ask not about AtProto but just about Bluesky that would be different answer that is a activity pub like protocal build on AtProto that is only realy interested in AtProto for its ability to shed load by letting other PDSs, and BGS cache repos, and move a repo to a different PDS.

Should I take the time to make a video about Authenticated Data vs Authenticated Channels?
I give this talk sometimes but have never recorded it for my YouTube. Not sure if there is much demand for this talk?

shreyan

Sure, it would probably be pretty helpful for some

Karl Abbott (Away until 27-November-2023) changed their display name to Karl Abbott

stereosteve joined the room

kolami joined the room

stereosteve

Any advice on defining a new Lexicon (e.g. com.example.clap) and add it to a dev server?

joelotter

is appview down atm?

joelotter

ah i think it's just the web app

Roberto joined the room

Roberto Oliveros changed their display name to Roberto

@kabbott:element.io removed their profile picture

@kabbott:element.io left the room

nerd changed their profile picture

@kumarpalsinh25:matrix.org joined the room

Flummery joined the room

Sybil joined the room

@packsman:matrix.org joined the room

Administrator banned @packsman:matrix.org: spam

kk liang

am I still alive ??

I already forget what is the purpose of this community

Steven Franssen

In reply to this message

he mentions the server has 'your' private key?

is there a short doc on who and where is signing what?

Aaron Goldman

In reply to this message

https://youtu.be/Y6ljFaKRTrI

Aaron Goldman

In reply to this message

This is a good place to discuss the protocol limits vs the PDS made by Bluesky PBC.

The protocol has the repo controller sign the repo commits.
The controller needs not run a server and the PDS need not ever touch a controller's keys. Unlike TLS where the server must have authority over the content it serves the PDS servers authenticated data without the need for any cryptographic material.

That said the current implementation stores "your" keys on the PDS and the PDS signs the repo. The users don't update their repos they request that the PDS update the repo for them in the PDS politely acquiesces. If you wanted to not be at the mercy of your PDS you would have to store key material.

Steven Franssen

does the user sign anything?

i take it no with the 'current implementation'

(edited)

is every commit a single event?

Aaron Goldman

The current PDS has a rest API with a password auth to ask the PDS to update the repo

A repo can update as many records as it wants in a single commit. For a dramatic example deleting all records in the repo could be a single commit.

Aaron Goldman

This was one of the debates I had with Jay when I was still working for her. I thought we should have a demo PDS that never had any key material and a demo client that did all the signing client side. I wanted this to show how disempowered the PDS could be. Having no repo keys and no concept of the contents of the repo. This would be a PDS that knew as little about your application as GIT or the file system does. It would only accept comments and host them. Jay was concerned that users don't trust themselves to manage their own key material. You can lose your phone, you probably won't lose your PDS. Better to have a web2 style rest API for Bluesky specific actions like a post or comment rather than a file system like actions like insert/delete record at path. So we moved the application specific updates and the keys to the server. This turned the demo PDS from a generic AtProto PDS to an application specific Bluesky PDS and defaults to the PDS as the controller of the repo until the user asks for control and the PDS politely acquiesces.

Captain Stacks

In reply to this message

I think it would have been nice if you had won that debate, but I'm hoping this decision doesn't impact the long term direction of the protocol. I want to be able to run a generic AtProto PDS server that hosts content from users that manage their own key material

Captain Stacks

Idea would be to make it more appealing to Nostr users

Aaron Goldman

I still think (hope) the plan is to go more generic AtProto PDS over time. It would be weird if that came from a community contribution rather than the corporation

shreyan

yeah, at this point i think the social parts have already been ripped out of the PDS and moved to the aggregation services (AppView)

Aaron Goldman

I get the desire to build a viable social network first and distribute the protocol second once Twitter pulled out of the project

But still a bummer 😔

Captain Stacks

In reply to this message

I think more community contribution is necessary for AtProto because the protocol should meet the needs of stakeholders besides just the corporation. The plan for it to eventually have a consortium makes sense to me

Steven Franssen

In reply to this message

i cant find any appeal yet

Nasudonguri changed their display name and profile picture

shreyan

In reply to this message

even nostr is moving in the server-held keys direction now:
https://bsky.app/profile/rabble.nz/post/3kfhmutv6wz2u

@kumarpalsinh25:matrix.org left the room

Captain Stacks

sad

Steven Franssen

In reply to this message

if you believe that i have a 14th booster for you to take

shreyan

Steven Franssen

the irony too you cant even open that link without a bluesky account

3 replies

Steven Franssen

it shows the stark difference between people that value freedom and those that do not

self sovereign permissionless

wsam wsam top joined the room

retr0id

In reply to this message

yeah, it sucks when links don't work properly

Roberto

Hi all. What would be the correct way to update a profile in my PDS server? Previously, handles were appearing as "Invalid Handle" but this problem was due my DNS settings, more

here

. New accounts show handle correctly but old accounts still showing "Invalid Handle". If I do a getProfile request to my PDS for an old account, I get:

{
"did": "did:plc:my-did-here",
"handle": "handle.invalid",
"displayName": "Roberto",
"followsCount": 0,
"followersCount": 0,
"postsCount": 3,
"indexedAt": "2023-12-02T11:23:22.915Z",
"viewer": {
"muted": false,
"blockedBy": false
},
"labels": []
}

I assume my server has this in its DB. But how do I update it? If possible. Thanks.

Golda Velez

well - i post stuff on bluesky i probably wouldn't post on the permissionless web and def would not post on twitter, because i like the ecosystem with the blocks and mutes. if the link was permissionless to open we couldn't have blocks. i think, freedom to choose to limit association is freedom too. not to start a war here or anything.

oh yay and element does threads now cool!!

Aaron Goldman

Carful not too over promise on the privacy properties. https://blue.amazingca.dev/user/rabble.nz/post/3kfhmutv6wz2u

shreyan

In reply to this message

nice! looks like Beeper doesn't, yet

joelotter

In reply to this message

Wouldn’t hold your breath after today’s announcement

37h4n joined the room

Steven Franssen

In reply to this message

fake screen shots are lame link works https://snort.social/e/note1crl44xk24yc2ym5xlyyfjdeumxueyguzxetseg8r0prqzmqts47sghnmgp

retr0id

continues to not work on my machine

Steven Franssen

use another app

https://nostr.band/note1crl44xk24yc2ym5xlyyfjdeumxueyguzxetseg8r0prqzmqts47sghnmgp

you are using one app which only has a few relays as default

retr0id

https://retr0.id/stuff/bskythreads/#thread:https://bsky.app/profile/rabble.nz/post/3kfhmutv6wz2u

Steven Franssen

you can reach bluesky via nostr and mastodon now

retr0id

there's more than one bsky app too :P

Steven Franssen

bluesky is not federated

the main server

you have been able to use a third party to sign in nostr for a while

mainly signing extensions

point is to protect your key from other software

it however has always been nostrs focus its your key not someone elses

has any one done a comparison of nostr to bluesky?

seems the fundemental of nostr is it hash and signs each event and you own the keys

Aaron Goldman

Not your keys not your repo. I don't think who holds the keys is a fundamental distinction between the protocols but an implementation detail of the example PDS. I think the more fundamental distinction is the difference between having repositories vs single events. Moving the signing keys to the client is a major change in the balance of power but a minor change in the code base. AtProto was designed from day one to allow client side signing with the PDS serving as an acceptor for swapping the old head commit with the new one.

Aaron Goldman

The example PDS is in JS in the hope that the repo update logic can run in the browser or server with the same library.

shreyan

In reply to this message

you can totally own your keys with atproto too

even in its current form people have brought their own recovery keys

alperenalb left the room

Tue, Sep 12, 2023

Wed, Sep 13, 2023

Thu, Sep 14, 2023

Sat, Sep 16, 2023

Sun, Sep 17, 2023

Mon, Sep 18, 2023

Tue, Sep 19, 2023

Wed, Sep 20, 2023

Thu, Sep 21, 2023

Fri, Sep 22, 2023

Sat, Sep 23, 2023

Sun, Sep 24, 2023

Mon, Sep 25, 2023

Tue, Sep 26, 2023

Wed, Sep 27, 2023

Thu, Sep 28, 2023

Fri, Sep 29, 2023

Sat, Sep 30, 2023

Sun, Oct 1, 2023

Mon, Oct 2, 2023

Tue, Oct 3, 2023

Wed, Oct 4, 2023

Thu, Oct 5, 2023

Fri, Oct 6, 2023

Sat, Oct 7, 2023

Sun, Oct 8, 2023

Mon, Oct 9, 2023

Wed, Oct 11, 2023

Thu, Oct 12, 2023

Fri, Oct 13, 2023

Sat, Oct 14, 2023

Sun, Oct 15, 2023

Mon, Oct 16, 2023

Thu, Oct 19, 2023

Fri, Oct 20, 2023

Sat, Oct 21, 2023

Sun, Oct 22, 2023

Mon, Oct 23, 2023

Tue, Oct 24, 2023

Wed, Oct 25, 2023

Thu, Oct 26, 2023

Fri, Oct 27, 2023

Sat, Oct 28, 2023

Sun, Oct 29, 2023

Mon, Oct 30, 2023

Wed, Nov 1, 2023

Thu, Nov 2, 2023

Fri, Nov 3, 2023

Sat, Nov 4, 2023

Sun, Nov 5, 2023

Mon, Nov 6, 2023

Tue, Nov 7, 2023

Wed, Nov 8, 2023

Thu, Nov 9, 2023

Fri, Nov 10, 2023

Sat, Nov 11, 2023

Sun, Nov 12, 2023

Mon, Nov 13, 2023

Tue, Nov 14, 2023

Wed, Nov 15, 2023

Thu, Nov 16, 2023

Fri, Nov 17, 2023

Sat, Nov 18, 2023

Sun, Nov 19, 2023

Mon, Nov 20, 2023

Tue, Nov 21, 2023

Wed, Nov 22, 2023

Thu, Nov 23, 2023

Sat, Nov 25, 2023

Sun, Nov 26, 2023

Mon, Nov 27, 2023

Tue, Nov 28, 2023

Wed, Nov 29, 2023

Fri, Dec 1, 2023

Sat, Dec 2, 2023

Sun, Dec 3, 2023

Mon, Dec 4, 2023

Tue, Dec 5, 2023

Thu, Dec 7, 2023