Exported Data

Bluesky Dev

Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)

Previous group of messages

@gnu_ponut:matrix.org

In reply to this message

it's unrelated, federation is just a description of how propagation happens

@koyu:mozilla.org

Oh my fucking God

Greetings to /dev/ponies btw

@koyu:mozilla.org left the room

@geoah:nimona.io

What the hell was all that about?

Aaron Goldman: you have the patience of a saint.

mikestaub

Perhaps we should have a "read this material" before joining this room? I'm fine with criticism, as long as it is in good faith and the person understands the "why" and is just trying to understand the "how". Asking why we just don't use AP is not productive imo

Aaron Goldman

How would you modify the topic string ``` Discussion of technologies related to Bluesky decentralized social project. Room rules: https://tinyurl.com/bluesky-rules ``` To include a read me first? I would worry it might just discourage interaction.

Aaron Goldman

In reply to this message

I'm a professor at heart. When someone says "this is stupid" I know that they think it's important enough to want to understand why others care. If they were convinced it didn't matter they would not insult the idea/project they would just ignore it and focus on what they do value.

Steven Franssen

In reply to this message

this explains everything

mikestaub

In reply to this message

I would just add a "please read the following materials to get up to speed" section to the "stay on topic" point

Steven Franssen

In reply to this message

look at nostr

In reply to this message

it's servers owning data and ids too

(edited)

In reply to this message

ideology

@gnu_ponut:matrix.org

saying ideology doesn't really help if you mean their ideology is that they think the project is inferior to AP

Steven Franssen

why would me saying that mean that? they have ideas about the world and something like bluesky threatens that

@gnu_ponut:matrix.org

i don't think bluesky is making this project bc they got kicked off twitter for being a fascist...

Steven Franssen

no but there wont be a twitter to get kicked off

@gnu_ponut:matrix.org

I think you probably will get added to a list of some kind

Steven Franssen

i am sure i am already on lists

such is a world were fascists are enabled by people called antifascists

Aaron Goldman

I think we wandered off the tech.

Steven Franssen

a little

bluesky does have quite political implications

anything relating to enabling speech does

Aaron Goldman

There is power in an open protocol with moderation tools. If I want to have a different conversation then you. I can fork the code and run my own. This doesn't work well for community since the fork would be empty. If we can interoperate then I can fork and still see what my network posts. This would lead to a massive Spam problem coming from dedicated Spam servers. So we need tools to moderate what records get pulled back from the forked communities

@gnu_ponut:matrix.org left the room

Aaron Goldman

Your freedom of speech is about what comes out of your mouth not what goes into my ears.

The goal is not a network free of moderation but a network where each consumer has the tools they need to only consume content that brings them value

And that's not even the hard part. Different communities will have different legal jurisdictions that govern them.

Steven Franssen

look they left lol

thing is aaron authoritarians dont want some people to speak even if they have their own little corner to do so in

its not about no moderation at all

its about being free from the dictate of some minority or different group

really society is composed of many differences

Aaron Goldman

In reply to this message

If you set up a server for the purpose of distributing copyrighted material or CSEM that is a crime. It doesn't matter if you are on your own corner of the internet. Legal jurisdictions are a real thing that applies to any technology

Steven Franssen

i personally feel in the digital space those differences should be free to be expressed

ok bringing in copyright is another issue but related

freedom of speech implies freedom to be heard

Aaron Goldman

But the gray area is big. There is a lot of content that very few at Twitter would say should be illegal but they still don't want to host.

Steven Franssen

thing is you do have a right not to listen

but that should be your choice not someone elses

everything is gray there is no black and white

speech however in and of itself can not do harm

mikestaub

In reply to this message

if you can't control the feed algo you have no power to control your right to listen. The reason users can't control their own feed is because the data is siloed. The data is siloed because interop is a hard, unsolved problem - hence Bluesky

Steven Franssen

and in fact trying to limit speech, will cause violence

resolving problems in the idea space is far better than the physical

have you seen what banning someone in real life looks like?

deleting their 'account'

free societies are truly antithetical to what big tech has been doing

tolerance comes from understanding

and understanding comes from communication

Aaron Goldman

In reply to this message

Can you rephrase that as a attribute or list of attributes you think are important for a public social broadcast protocol?

Steven Franssen

absolute individualised user control

(edited)

i think ability to limit broadcast is good too, but the issue is increasing the scope of the solution makes it too difficult

and why nostr is good

In reply to this message

so in a distributed platform each person can decide to be part or not of that distribution

Steven Franssen

In reply to this message

obviously with copyright much or most of society is not in agreement with it, i like when mark nadal talked about the crazyness of limiting the distribution of things that are essentially free to distribute now, to me its obvious we need a better way to reward creators rather than restricting access to information, technically the more people that get use and benefit from something should then mean more reward for the creator

Aaron Goldman

Your insensitive mechanism could use more details

Steven Franssen

insensitive mechanism?Aaron Goldman

Aaron Goldman

If you want to allocate reward to the creator according to how many people use and benefit.

Steven Franssen

well that is a difficult problem

the government could assign a portion of tax to be distributed based on people assigning to works which they liked most, or maybe a system that measures use

or people donate, fund future works kick starter style

i had an idea of decided attribution, so for patents etc, what weight did a product rely on an idea and then how much benefit did that product create, so attributing a portion of benefit to the patent

it's rather hard compared to the freemarket where we all just assign values independently, i imagine something has to go close to that tho, so values can't be fixed

if you take a first principles view of copyright it can't be overly difficult to imagine alternatives, but whether they work is another thing

one of the objects of copyright would be to encourage more works and maybe a limitless supply of works would reduce that?

but then is more people being generally creative of benefit?

i like to think about how all ideas rest on previous ones and giving everyone more access to more ideas will leverage even more, think free education

then there is government, whose intervention in education seems to have stifled or corrupted it

look at open source which has within copyright come to a different solution

mikestaub

In reply to this message

Netflix has paved the way by creating a UX that is so good it outcompeted piracy. I imagine a platform that allows nano-payments via upvotes. That platform then allocates x% profits to an innovators fund to bring up the next creators which creates a compounding network effect. This is one of the rare use-cases for NFTs as artists can claim ownership of the original file.

Steven Franssen

the ad model like youtube already works on the basis of most used(viewed), a mix of likes and views gives a good indication of value

Levi changed their display name to i was

ltang7 joined the room

@planetoryd:matrix.org

The market certainly fails at dealing with problems in digital realm. While historically the alternative was centralized planned economy, apparently the modern solution is some democratic crypto economy.

(edited)

@planetoryd:matrix.org

The oligarchs of internet have monopoly on attention and data, through which they raise funds and pay contributors accordingly.

pfrazee banned @koyu:mozilla.org: Rudeness

pfrazee

I banned Leonie for rudeness

there are a lot of reasons people get into decentralized social media, and I have a few myself, but for me one of them is that I want less toxic social experiences. I think that can happen in a more distributed form of curation, moderation, and general decision-making, and I think it's important to distribute that kind of governance to act as a check against power, but ultimately I'm not hamstrung by a free speech principle -- I consider it one of many important pieces to balance

(edited)

point being: I'm not ideologically opposed to banning people from this room

let's have good conversations here exploring technical decisions, where we focus on learning personally and focus on leaving other people feeling happy and edified

pfrazee

regarding activitypub (AP), there are going to be a range of differences between AP and ADX. Some of them are going to be substantive and some are going to be relatively minor. When everything stabilizes, it might be the difference between smtp and http -- two totally different things -- or it might be the difference between mysql and postgresql -- lots of similarities and a few details that differentiate them

@alexfull:matrix.org joined the room

bengo

Message deleted

@alexfull:matrix.org left the room

エクヂケシス set a profile picture

boldspirits joined the room

syphia joined the room

airwaves changed their profile picture

@richard:huangyunsong.com left the room

zkcelo.xyz joined the room

M Etz joined the room

william joined the room

mikestaub

Not likely to cause much confusion, but just FYI: https://angel.co/today/stories/bluesky-raises-8-8m-in-seed-funding-70534

pfrazee

Yeah probably not a problem but appreciate the heads up

Steven Franssen

https://www.getbluesky.io

whats the deal with protecting your name in this area?

pfrazee

not a lawyer but my understanding is that it's a question of confusion in the marketplace

if they were, like, a decentralization tech or a social app, that'd be a problem

Steven Franssen

certainly but given bluesky might be not for profit, opensource etc

pfrazee

I'll bring it up with Jay and see if she thinks we need to do anything

mdangear joined the room

ro joe joined the room

tmw (he/they) removed their profile picture

mikestaub

AWS is trying to do what Bluesky is doing, just for security schemas: https://github.com/ocsf

Aaron Goldman

In reply to this message

Looks like much more than a schema definition system they seem to be trying to maintain a universal ontology
https://schema.ocsf.io/objects/http_request

@numero6:codelutin.com changed their profile picture

@michael.mauderer:matrix.org joined the room

mikestaub

Interesting read: https://messari.io/report/the-open-social-map

Steven Franssen

Message deleted

A Person

Nice, it talks about a lot of stuff I've been thinking that isn't often gotten into much online

A Person

The article I mean

@numero6:codelutin.com left the room

Sergio Fabian Rosales joined the room

Sergio Fabian Rosales

Hello

Good Night

I have a little question

I need to know if the coin CAW A Hunters Dream have any kind f relationship with BlueSky, Mastodon or any of your proyecta. Thank You

Aaron Goldman

Never heard of them

pfrazee

They do not

Sergio Fabian Rosales

In reply to this message

Some Dev may answer my question please.

My question is because you have a web with the name

Caw.ai

pfrazee

I dont know what you mean by "a web" but no there is no relationship

jgscherber joined the room

Steven Franssen

he means url, he is a crypto spammer scammer

Sergio Fabian Rosales

a thousand apologies, I explain better. There is a website

www.caw.ai

, which at the end says developed by

stuxnet.inc

, when I enter there, I see that it is related to Mastodon, that's why I came here, and everything is related to BlueSky. I am only a holder of a Cryptocurrency that matches the name of the website, and will also develop a decentralized payment system. That's just why i ask. Thanks a lot

pfrazee

Okay! Well we're not related to Caw or Stuxnet. Also Mastodon isn't directly related to Bluesky.

Steven Franssen

pfrazee: https://bitcoinmagazine.com/technical/keet-the-decentralized-communications-app

you know much about this?

https://keet.io

pfrazee

not really. I'm not involved in that ecosystem anymore

I mean, I can try to answer questions about the tech to the extent that I do know it, but I'm not directly involved now

Steven Franssen

pfrazee: i thought you might know someone np

the bitcoin guys are really pushing at this problem from all angles

som1

https://yggdrasil-network.github.io

In reply to this message

your freedom ends where my nose begins

are you guys just talking or any things has come to paper yet?

max6o joined the room

bariali07 changed their profile picture

@rimuru:gentoo.chat changed their profile picture

zillzonky joined the room

zillzonky

Message deleted

David Taylor changed their display name to zillzonky

zillzonky

Heyooo!

Mark Harding changed their profile picture

pablofzr joined the room

John changed their profile picture

amotan joined the room

My startup is building a non-blockchain-based decentralized social media. Is there anyone want to grab a coffee this weekend? Maybe Sunday afternoon in Palo Alto.

@planetoryd:matrix.org

In reply to this message

then you'd be interested in #freenet-locutus:matrix.org

Steven Franssen

J: any details?

Aaron Goldman

I'm in Redwood City. Palo Alto is not far.

Renji set a profile picture

Renji changed their profile picture

In reply to this message

That's amazing, are you available tomorrow? I will show you our prototype!

In reply to this message

Sure, we have these cool features for our non-blockchain-based decentralized social media:
Users do not need to register new accounts. They can communicate with existing friends easily.
We do not have servers to store users' data.
Users can easily access their data on their own new devices.
Nobody can access or censor users' data, not even us.
Nobody can shut down our service unless they shut down the whole internet.

@planetoryd:matrix.org

In reply to this message

This is not details

In reply to this message

Well, as a startup, this is all we can share online so far, survival is our priority, and we don't want to see the Facebook story repeat again. (By any means, Lol.) Hope you could understand. But we are happy to talk more if we can meet in person.

(edited)

And we will surely share more when we have more progress. Wish us good luck. :)

Steven Franssen

J: so um do you have a website?

In reply to this message

We do, and we have a pretty funny domain. Will let you know when we release our first version application.

(edited)

Thank you all for your attention, I saw a lot of emojis, I wish you will not feel offended. As a small early-stage startup without too many resources but with an ambition to change something, we have to be very careful with each step.

The Internet is great, but there is still something that can't be done online. That's why we wish this pandemic will end soon, Lol

Steven Franssen

J: this space is littered with failures, the really only successful projects are matrix and activitypub, and both have issues

@planetoryd:matrix.org

"non-blockchain-based decentralized social media" clearly indicates what can be done

a project isn't going to use a magical algorithm

In reply to this message

Yeah, that's true, technically BlueSky is also a kind of non-blockchain decentralized protocol. Lol

@planetoryd:matrix.org

In reply to this message

this is technically impossible, contradictory and exaggerated

Haha, time will tell. One of our team members who worked for WhatsApp also used to believe so. I'm going to a session now, TTYL

Steven Franssen

In reply to this message

why you say that? they all seem feasible to me

maybe more details would show your points

Aaron Goldman

Which part is contradictory? > <

@stevenfranssen:matrix.org

> >decentralized social media: 1) >Users do not need to register new accounts. Depends on what we meen by registration. They need an ID but not all IDs need a registry e.g. did:key: 2) >They can communicate with existing friends easily. Existing friends are on different networks. This can be mitigated with networks supporting the protocol or adversarial interoperability through bridges. Or very easy adoption of the new protocol. 3) >We do not have servers to store users' data. If the protocol is connected users to each other the protocol/app developers need not have servers with personal data. Someone will probably still need to run servers like STUN/TURN for firewall bypass and service discovery 4) >Users can easily access their data on their own new devices. If the user agent stores the data locally to serve it from the users device then yeah the data is on their own devices. 5) >Nobody can access or censor users' data, not even us. This one is a stretch no matter how the protocol is designed the user agent on the other side can call out to a content ranting algorithm and choose not to show the spam. SMTP is a very decentralized protocol but if Gmail spam filters think you're spam half of the email users are beyond your reach. 6) >Nobody can shut down our service unless they shut down the whole internet. Steganography is a game of cat and mouse. It's very easy to detect TOR most ISPs are just not interested in booking it. With the power of a great firewall and intelligence operatives attempting to infiltrate networks you can find and wall off suspected servers. Only a very tight network with extreme vetting of who you connect to aren't infiltrated. This is why mafia relies on family.

This is why I love this kind of discussion, people from different places, with different purposes, exchange different opinions, and push the boundary of technology together.

@planetoryd:matrix.org

In reply to this message

Users do not need to register new accounts.

Yes, we know publickeys. From a practical perspective, a network with no registration is vulnerable to sybil attacks and spam, which is contradictory with other points. Session doesn't need registration, and offers reasonable functionalities, because it has a blockchain service node system, which is robust on its own. Here I refer to registration as metadata. Locutus has a blind-signature registration system which is required for anything resource-intensive. For IPFS and torrent, their goal is an immutable store which is not the same as a social media.

We do not have servers to store users' data.

This is indicates the architecture of full P2P. It introduces a lot of problems. How can they communicate easily then. And it conflicts with 'access data on new devices easily'.

Nobody can access or censor users' data, not even us.

P2P networks are naturally public and accessible. Censorship still applies, unless active measures have been taken, eg. usage onion-routing.

Nobody can shut down our service unless they shut down the whole internet.

Then I assume it uses neural linguistic steganography. Look at China, Russia and Iran. Many networks can't even pass Chinese GFW. That is an extraordinary claim

(edited)

In reply to this message

This is exactly what makes me feel sad.

Matrix is a good example of what social media should look like, and how the information flow. People should have the right to communicate with each other with their own tools and channels. But now we live on different islands and were totally dominated by the landlord, we don't own our property which is data, and don't have the ship to go to other islands.

Matrix is a good solution, and so does Mastodon, but regular people don't want to use it at all, it never became popular.

And this is exactly something we want to change, not just because we could have a better solution, but also have the potential to go viral.

(edited)

For a new social media protocol, whether centralized or decentralized, blockchain-based or non-blockchain-based, going viral is always the most important thing, and always the hardest thing.

Hope to release our product soon.

In reply to this message

"Look at China, Russia, and Iran. Many networks can't even pass Chinese GFW. That is an extraordinary claim"

Actually, I always use these three countries as examples to explain what makes us special, cuz most people can only understand e2ee at most, but even Signal or WhatsApp can be easily blocked if the gov controls the ISP. It's a weakness of all centralized social media and a large amount of other decentralized social media.

@planetoryd:matrix.org

In reply to this message

It does have more resistance, but in reality many networks can't function when NAT exists.

Steven Franssen

J: you make some grand plans or claims, are you aware of holepunch and keet? literally everyone says they are going to be game changer or whatever, and they all fall far short, they have quirks, bugs or just dont work, the most promising thing i have seen recently is nostr but again it has huge question marks on it

Steven Franssen

the real hope from all these projects is they are open source and we have in code what works and what doesnt

Golda Velez

afaik most really technical folks in China can get past it with existing tech (vpns etc), at least my friend there has no problem if he wants. Its more a problem of reach, that most people don't know how and that anyone with wide reach inside the firewall has to communicate quite subtly if at all

@planetoryd:matrix.org

In reply to this message

that's not the point. if everyone were technical and politically literate, the regime wouldn't even exist.

Aaron Goldman

In reply to this message

Your straying away from the channel topic.

#general-bsky:matrix.org

may be a better channel for motivations for building distributed systems.
This one is more focused on techniques for building distributed systems.

In reply to this message

I researched these"new solutions" again, but I have to say, we had a lot of other P2P protocols already, but all the other P2P can't fix one major issue: what will happen if the receiver is offline? If it's pure P2P, where to store the data? Yes, we don't have this kind of issue for voice or video calls, but we still massively rely on text and messages.

And for all "new solutions", the problem is not even about the technical side but marketing. How to convince people to use a better new solution? Pay ads on Facebook or other places? Can they make enough money back? That's not financially reasonable.

We're a very special P2P solution that could solve the above issue at the same time. Technical and financially reasonable.

@planetoryd:matrix.org

In reply to this message

what will happen if the receiver is offline

No, I am not an advocate for pure P2P. And new solutions tend to be less P2P-ish.

Locutus stores data in contracts served by the network, even for one user's inbox.

You are more or less attacking a strawman. What new solutions are you criticizing.

Message deleted

I'm not attacking pure P2P and using it as a strawman. On the contrary, I'm a big fan of pure P2P. Only pure P2P can solve the real problem. I'm uncomfortable letting someone I don't know own my data. Whatever cloud or "in contracts served by the network."

@planetoryd:matrix.org

In reply to this message

I'd consider it a feature, making all the data public and hence interoperable. You may stored encrypted data on the network, like matrix protocol.

I do want to share my data(text, picture, video), but only with the people that I want to share. No middle man, no server. Even they claim they will encrypt the data. But encryption is just a promise. They can decrypt or disable it. (Decrypt or disable is different. So far, WhatsApp can't decrypt e2ee, but they can disable it, and so does Signal) If our data have to go thru their server, we are losing control. And there is no 100 percent security on the internet. You still need to go thru the ISP. But all we can do is as good as possible.

(edited)

@planetoryd:matrix.org

In reply to this message

They can decrypt or disable it

Why ? We are writing our own clients and protocols. It can't be disabled.

You can't, or you won't? How about an update?

And still, how to marketing?

@planetoryd:matrix.org

In reply to this message

That's not in the scope of discussion. Users have to trust the devs

(edited)

No comment, lol

@penaiple:midov.pl joined the room

@penaiple:midov.pl

good morning sirs

Steven Franssen

In reply to this message

nostr is not p2p but p2p capable, you do own your data in the case of both nostr and holepunch keet, the offline use case is quite pointless tho for social as you cant really do anything without a network connection

you have a very difficult challenge trying to pull people away, facebooks network effect is its main asset and only something like a twitter with a reasonable size network could challenge it and why elon is likely buying it or not

i have watched small communities move off big tech and when they federate they can magnify the effect, that strategy is really the only thing working currently, signal also got traction which basically is family and friends running another app so a not too difficult effort

the main point i think is the thing actually works, the amount of little bugs signal had fir years is enough to throw any normal user

from what i have seen is these things get toooo complicated and dev effort gets wasted filling many useless features when fundamentally they dont work

there is some really cool ideas to build a better product, big tech has missed some rather obvious things but you cant go past what is already proven as so many things also fail for some rather wacky ideas

if you have a compelling product you can pull much of the fediverse over, thing is i have deep doubts you do have a compelling product, literally no one yet has been able to do it, matrix could easily do forums and chat in the same app but they have only implemented a disfunctional version of threads and so they miss those users

In reply to this message

you can design for p2p without doing it like nostr

jb joined the room

@planetoryd:midov.pl joined the room

odilitime joined the room

podnuh joined the room

In reply to this message

Yep, we are a different P2P network.

Steven Franssen

J: thats the point nostr is not p2p, yet is completely compatible to becoming p2p or having a mix of p2p with relays, you dont need to be full p2p to solve this and likely shouldnt or cant like how mobiles dont have the battery for it, but you can and likely should design your protocol to be able to do p2p

. joined the room

Kai Buskirk joined the room

Kai Buskirk

Cheers! From California!

Dan J Miller joined the room

Darnell Clayton joined the room

Darnell Clayton

The Twitter handle for Blue Sky links to

BlueSkyWeb.xyz

instead of

BlueSkyWeb.org

(former is down while latter is up). Can someone fix this ASAP‽

pfrazee

In reply to this message

Thanks for the heads up. Checking into it

It’s loading for me now. Not sure what’s up with that

Darnell Clayton

Okay, it’s loading for me now. That is weird. Maybe it was just a fluke‽

pfrazee

guess so? Not sure what that was

@planetoryd:midov.pl left the room

ensocoatl changed their profile picture

@rimuru:gentoo.chat changed their profile picture

vitaliks joined the room

litoz joined the room

tmw (he/they) set a profile picture

tmw (he/they) changed their profile picture

Kai Buskirk

Happy Weekend Cat People!

Anyone enjoying the Air Force fleet shot in SF?

Kai Buskirk

Had an airshow lst weekend at the peer

mib1289 joined the room

mib1289

In reply to this message

I’m confused. All e2ee is done through the client side. If I write a client and install it on my iPhone whereby I encrypt data and send it to you along with a key via some type of key exchange mechanism, no intermediary can read it. That’s the point…..

Or have I misunderstood you altogether?

In reply to this message

People always have the myth of the e2ee. (I can understand it, they spend a lot of money to do this campaign.)Just look at WhatsApp's report feature. They will disable e2ee if they want and put the user or group on a so-called "watchlist". Also, an investigation will be carried out on the person’s activities on the platform and they might eventually be banned from using WhatsApp. They can do whatever they want if they want to.

mib1289

In reply to this message

Ok then, but that’s just a dysfunction built in to the client that hasn’t been yanked out due to the closed source nature of WhatsApp. In the case of Signal, why couldn’t we just comment it out?

Steven Franssen

mib1289: you can comment it out, but that requires someone to do it, and history says vulnerabilities go unnoticed for a long time

In reply to this message

No, this is not a bug or dysfunction, this is a feature.

you should worry more about what will happen to Signal next, just like what happened to WhatsApp.

If it's fundamentally impossible, someday, someone will do it in some way.

There are two key components, one is the way to encrypt your data, and the other one, and even more important one is, where is your data, if your data still need to go thru their server, there is no 100% safety. That's why Bluesky and us want to build our non-blockchain-based decentralized social media protocol, but we chose a different path.

mib1289

In reply to this message

That depends on who you ask. Meta says it’s a feature, I say it’s dysfunctional 😉.
Once again, if it’s engineered in, I can’t see why you can’t comment it out?
Sure, eventually encryption algorithms will become vunerable due to advances in computational capability/mathematics. That’s why you don’t put indefinitely sensitive things on block chains……that’s a ‘what’s an acceptable threat model’ question though. Assuming you have control of the client side as above, e2ee will protect your data subject to the security of the encryption algorithm. It’s not at the whim of some company operating servers…..

(edited)

In reply to this message

Because you are not the owner of the platform. And Mark Zuckerberg or someone else is.

But you are right, It’s not at the whim of some company operating servers, so, the solution should be "serverless".

not just e2ee.

I'm going to enjoy sushi now. TTYL.

mib1289

In reply to this message

In the case of closed source like WhatsApp, sure - absolutely - I’m not Zuckerberg, I can’t fix it. In the case of open source like signal etc, I still can’t see why we can’t engineer it out…..

I’m very supportive of it being serverless 😊. I just read one of your earlier posts as ‘someone else operates the servers so e2ee is useless’. I may have just misunderstood you.

Steven Franssen

In reply to this message

i like how fdroid calls them 'anti-features'

pfrazee: is there somewhere for updates on what bluesky is working on currently?

pfrazee

In reply to this message

we're gonna be talkin a bit more about it in the near future. The adx repo is still the best thing to track to see what's going on

Steven Franssen

thanks

@wyb_:matrix.org joined the room

@wyb_:matrix.org left the room

In reply to this message

I didn't say e2ee is useless, what I want to express is that e2ee is not safe enough, and people should not expect they are 100% safe just because they are using e2ee. (And there is not 100% safety at all. ) This is not the end of the game.

(edited)

steve456 joined the room

Aaron Goldman

Risk is always in the context of some threat model.

Kai Buskirk

Cool stuff no reality without threat

@mehdiat:matrix.org joined the room

@max-pain:matrix.org joined the room

syphia set a profile picture

@max-pain:matrix.org left the room

@rimuru:gentoo.chat changed their profile picture

2color joined the room

2color

Hey there! Super excited about the work you're doing with IPLD!

I'm a developer advocate for IPFS @ PL

som1

In reply to this message

wtf is developer advocate

how much u earn doing this ?

pfrazee

it's a pretty common job for companies that produce FOSS libraries, modules, etc

(edited)

they offer technical support, gather feedback, build examples, give talks, etc

som1

everyone on twitter is developer advocate nowadays

did u get a college degree to be a developer advocate lol, or they hired you ;)

Aaron Goldman

Most developer advocates have a CS or EE degree but some have Marketing. Think of a similar skill set to a sales engineer.

Kamran Ali joined the room

@penaiple:midov.pl

In reply to this message

*free software

@wings:perthchat.org

Message deleted

@penaiple:midov.pl

I'd just like to interject for one moment. The term “FOSS,” meaning “Free and Open Source Software,” was coined as a way to be neutral between free software and open source, but it doesn't really do that. If neutrality is your goal, “FLOSS” is better. But if you want to show you stand for freedom, don't use a neutral term.

I'd just like to interject for one moment. Please avoid using the term "open" or "open source" as a substitute for "free software". Those terms refer to a different position based on different values. Free software is a political movement; open source is a development model. When referring to the open source position, using its name is appropriate; but please do not use it to label us or our work--that leads people to think we share those views.

@wings:perthchat.org

Message deleted

Aaron Goldman

Ah, OSI https://opensource.org/ debate. Nostalgia

@wings:perthchat.org

I'd argue both the initial correction and my rebuttal are off topic and we should get back to bluesky discussion

@penaiple:midov.pl

In reply to this message

"open sores" is merely a codeword for "up to 99% proprietary"

take linux for example

the vanilla linux kernel binary on arch is around 178MiB in size

the linux-libre binary on parabola (arch but fully free software) is 105MiB in size

what that means is that linux, a 105MiB kernel, is pumped up +73MiB just with proprietary malware

then lets take another example

"open sores" NOVIDEO gpu drivers

https://github.com/NVIDIA/open-gpu-kernel-modules/issues/286

ah yes, PROPRIETARY BINARY BLOBS

this is "open sores"

and this is what makes free software different

because open sores is just a word to bait people into thinking that they get something better than proprietary malware

in reality, its the exact same thing

@wings:perthchat.org

off topic.

(edited)

Next please.

sotcsa2 joined the room

@mehdiat:matrix.org left the room

praelian joined the room

renji3 changed their display name to Renji

750K set a profile picture

George Antoniadis joined the room

George Antoniadis changed their profile picture

@geoah:nimona.io left the room

750K changed their profile picture

Hugh changed their display name to 750K

pfrazee

hey all, bit of news today

https://twitter.com/bluesky/status/1582437529969917953?s=20&t=IVEo-1oJKdgKnpxGwWRR5w

we've renamed ADX to "AT Protocol" (Authenticated Transport Protocol)

website is up with some documentation https://atproto.com

we're also working on a client for the protocol. Going to do a private beta period with it because things still need to get cleaned up, waitlist signup at https://bsky.app

@kabbott:element.io joined the room

@orpheuslummis:one.ems.host joined the room

diwangs joined the room

Th3o joined the room

toniengelhardt joined the room

npd

is it Authenticated Transfer or Authenticated Transport?

none of the protocol docs that I've looked at so far seem to involve authenticated transfer or transport, so it's a pretty confusing name

were you just looking for a name that would fit with an acronym for "@"?

pfrazee

it's a reference to the data repositories, which are all authenticated by signatures

we couldve gotten more specific, like Authenticated Data Transfer Protocol, but then yeah we'd lose the fun acronym

npd

but there's also no transfer or transport functionality defined yet. I mean, hey, just use a fun backronym, that's fine with me

Anton Kent - Anytype

In reply to this message

Awesome! Thank you very much guys!!! I really love what you are doing

pfrazee

In reply to this message

it's not fully specced yet, that's true, but it's almost there. It'll be some XRPC methods. Most of the important behavior there is the data structure itself

npd

does XRPC stand for something?

pfrazee

X = Cross-system

npd

so like it involves calling a procedure on some remote server, with parameters and so on?

I'm sorry, I didn't want to just jump in on the channel and provide negative feedback. the naming and descriptions are confusing to me as I try to understand how this differs from prior work, and I hope that's helpful. but if you are looking for particular kinds of feedback, let us know and I can try to contribute

Mark Foster SSI: @mfoster.io

Is there a way that early contributors can get accounts for beta testing? https://atproto.com/

mosiejczuk joined the room

@asierm:matrix.org joined the room

ynniv joined the room

asierm changed their display name to Asier

pfrazee

In reply to this message

So sorry! Our waitlist software decided to eat dirt in the middle of our conversation. Fixed now. To answer: yes basically, it boils down to an HTTPS request for exchanging the data repository structures

In reply to this message

No worries at all, appreciate the interest

@lynn:the-apothecary.club

1 "$fallback": "This post includes a poll which your app can't render.",

brh

@lynn:the-apothecary.club left the room

Aaron Goldman

Fallbacks to a common feature set is key to the evolution. I won't be afraid to use a new message type if I know my followers that don't understand it won't get undefined behavior.

furtfurt joined the room

@cel:pussy.accountants joined the room

arcalinea changed the power level of hellobluesky from Default to Moderator.

@edendestroyer:matrix.org joined the room

meri joined the room

taurean joined the room

pranavchendur joined the room

mikuhl joined the room

mikuhl

What kind of rollout will the private beta look like? Will certain groups of people be let in at a time?

Steven Franssen

Message deleted

Steven Franssen

In reply to this message

cool name

trademark @ and outdo meta

urp joined the room

isaiah (@isaiah:electronic.garden) joined the room

Lofty

This is wonderful news! How difficult will it be for existing platforms to integrate the AT Protocol? Is this something developers should be encouraged to do right now or is it too early?

networkException joined the room

Steven Franssen

interesting protocol, not sure on it especially the repos

Darnell Clayton

Perhaps I am confused, but what is the main difference between the at protocol & ActivityPub‽ Are they just different technologies trying to do the same thing or is there a major difference between the two‽ Could they theoretically talk to each other (in the future that is)‽

Steven Franssen

i kind of like how some stuff might just fade off the network with nostr

Darnell Clayton: i am not up enough maybe on AP but AT seems more distributed

i need to read more on AP again

i would prefer removing any central reliances

watching nostr dev it's hard to work without them

maybe locutus or holepunch will be what is needed

networkException

In reply to this message

I believe AT is focused on having history and decentralised identity as first class citizens while ActivityPub is more about transmitting events, not persisting them and users are bound to an instance with manual migration on an application rather than protocol layer

Darnell Clayton

Are there any working examples of AT Protocol being used‽ ActivityPub is being used by millions of people already, ranging from individuals, businesses & even governments.

I know AT Protocol is still in beta, but there should be examples of its use somewhere.

Steven Franssen

what impressed me about https://atproto.com/ is things seem to be moving and i can see influences from the community like Aaron Goldman 's conversations with

@iancjclarke:matrix.org

Darnell Clayton

In reply to this message

I think I understand what you are saying. ActivityPub users can communicate with each other on different instances, but migrating between different types of instances is very difficult.

I am on Mastodon which allows me to communicate with anyone on Mastodon, Pixelfed, WriteFreely, Peertube, FunkWhale, etcetera.

However if I wanted to move my Mastodon account to Pixelfed it would be very difficult. I can easily move from one Mastodon account to another Mastodon account, but not from Mastodon account to a Peertube account.

Is that what you were conveying‽

Steven Franssen

giving more sovereignty to user data and identity

AP is a federated protocol, servers owning things seems central

networkException

Message deleted

networkException

In reply to this message

yep, that would be solved on a protocol layer

@numero6:codelutin.com joined the room

Darnell Clayton

In reply to this message

Okay, I understand the main difference now. Thanks for clarifying!

networkException

In reply to this message

(just to be clear this is me skimming over their docs, I'm more familiar with matrix)

notheruser joined the room

x joined the room

@huedaya:matrix.org joined the room

Mark Foster SSI: @mfoster.io

Here is a module that provides support for working with JSON-LD and JSON Schema together.
https://github.com/transmute-industries/verifiable-data/blob/main/packages/jsonld-schema/README.md

We need to work on bridging the gap to prevent the walled garden Babel Effect

@federico:elokapina.fi joined the room

@federico:elokapina.fi

I was trying to read https://blueskyweb.org/blog/10-18-2022-the-at-protocol but the URL was too distracting: https://xkcd.com/1179/

pfrazee

In reply to this message

Still a bit early tbh, but really excited by the enthusiasm

Kai Buskirk

Sick!

thomas (they/them) joined the room

whyrusleeping

One of the big goals with ATP is that the users are the final authority over their own data, a post from a person is only valid if its in their repo and signed by them. Even though you might use a server for feed generation or search, a post cannot be changed or deleted without the users action

And moving your data between services is designed to be easily supported at the protocol layer

0usen joined the room

whyrusleeping

we also allow delegated authority to servers, so the UX can be very seamless without requiring users to have to deal with key management on the day to day basis, but still retain authority over their data (and the ability to migrate away to another server easily)

@ztb:matrix.org joined the room

@federico:elokapina.fi left the room

rvlobato joined the room

Xiaoyu joined the room

void joined the room

voidz0r changed their display name to void

void set a profile picture

void

Hi, I have a question regarding how the HTTP status codes are handled on the S2S side, more specifically the motivation behind the remapping of the 404 response code, which is widely known as not found, as "XRPC not supported". Doesn't this creates some confusion with the standard HTTP implementation when, for example, an XRPC endpoint and a simple HTTP based endpoint coexist in the same environment?

(edited)

minneapolis joined the room

bnewbold joined the room

arcalinea

In reply to this message

We'll be doing an incremental rollout prioritizing user feedback and load testing.

@joejenett:matrix.org joined the room

bnewbold

Cool to see an iteration on this protocol, and look forward to digging in to the docs more and playing with the client when it is available!

A couple unstructured notes from skimming so far: https://atproto.com/specs/atp#repo-encodings - "Are we missing value types? Binary?" i'd say yeah, a binary blob type is important, though should mention whether they can/should be large (1 MByte+) or not

I'll admit that i've poked at the DID specifications a few times, and it sounds exciting, but i'm also often left wondering "where is the beef", as in, is there actually a complete working system yet, or is everybody waiting for a new implementation/innovation. hopefully this project (AT/bluesky) could draw attention, or end up being a good implementation others can copy from!

The last paragraph of this section: https://atproto.com/specs/did-plc#account-recovery I think should clarify that it is the 'recoveryKey' that is used to rotate the 'signingKey'

bnewbold

Looks like a bunch of IPFS spec stuff is getting pulled in. not reinventing stuff is nice! I'm curious about what the repository storage looks like. abstractly, looks like I should read about Merkle Search Trees (https://hal.inria.fr/hal-02303490/document), and for on-disk persistent stuff should read about the CAR format (https://ipld.io/specs/transport/car/carv1/)

AppBskyMediaEmbedMediaEmbedBlob has a bit of that InternalFrameInternalFrameTitlePaneInternalFrameTitlePaneMaximizeButtonWindowNotFocusedState energy (https://stackoverflow.com/a/28356432/4682349) 😅

I'm curious how media gets stored, eg things like full-size photos in a post. does it all end up in the respository? eg, either enclosed in CBOR as a binary type, or as a free-floating blob referenced by CID? or externally (IPFS, web, whatever)?

(edited)

I would push for there being a stable, pseudo-official, complete, on-disk export format pretty early. eg, CAR above or sqlite database or whatever. this makes development and testing easy, and helps an ecosystem of tools and implementations grow faster. eg, i'm much more comfortable using beta/alpha/experimental software if I know I can do a dump export and expect to re-import in a couple years with real/prod software

bnewbold

overall, at a first glance seems easier to implement and get started with than the previous iteration, or 'dat://' / hypertrie before that (which i'm most familiar with). I think CBOR instead of binary is a great decision. i'm not really sure about CBOR + XRPC over something like gRPC, in strong terms, but i'm receptive and probably the decision I would lean towards

having looked at ActivityPub in the past, and having self-hosted a lot of my own stuff, I can say i'm more optimistic about developing for and operating systems built on something like AT protocol than something like ActivityPub

arcalinea

In reply to this message

Yep, you'll be able to export/import a CAR file from the start -- I think that's already implemented. As for media, we're still working through those questions. Working in public has meant publishing stuff that's a work in progress.

bnewbold

It is a bit of a tricky problem, which is why I am curious what you come up with! The history of this being challenging for git (git-lfs, git-annex, several other approaches) comes to mind. but I think you will probably come up something reasonable. the core ideas/thesis of this protocol (as I see it), is the speech/reach distinction (and the related small-world/big-world distinction); and practical federation ergonomics (hosting transfer, protocol flexibility, self-host ability, etc)

In reply to this message

(so the details of how media files, as distinct from "content", are accessed, and migrated, in a hopefully privacy-protecting way, are not the core idea/thesis)

Aaron Goldman

git-lfs was necessary do to the fact that they treat the file as the blob. There was no way to partition a large file as a Merkel tree. The diff protocol was also very text centric. If the syncing protocol acts more like rsync you don't necessarily have the problems that push to external large blob storage. That said it is still convenient to be able to perform a checkout that ignores any record larger than 10 MB and only pull them on demand. Particularly for a "light" syncing on a mobile connection

mikuhl

Store file as an index into pi. 🤓 🤔

Nikolay Kolev joined the room

Aaron Goldman

Hard to find the appropriate index, slow to extract, and no reason to believe that the index is any smaller than data you are encoding.

Steven Franssen

gun is working on a distributed index

whyrusleeping

Most of the gun things arent what they say they are

@wings:perthchat.org

Including their docs? :)

whyrusleeping

lol, do their docs still change color?

@wings:perthchat.org

I think so...

Steven Franssen

nostr is finally having its day of spam

i warned them

too busy sats this lightning that bitcoin bitcoin

whyrusleeping

Spam is extremely hard to deal with, and you have to plan for it from day one

Just saying “lol stake money 2 poast” isnt gonna solve it for you

Steven Franssen

In reply to this message

lol one of their plans is actually pay money to post🙄

maybe it can be made to work

wouldnt be my first choice tho

@wings:perthchat.org

One problem with pay to post

Is that it's extremely uneven in terms of economics for people around the world

10c for example might seem like nothing for us, but for someone in a low income country it might be a significant portion of daily or even weekly income

@planetoryd:matrix.org

In reply to this message

ofc, you just need proof of personhood for anything egalitarian

also using money makes it economically resistant to attacks. (cost of attacks is usually larger than the profit

@numero6:codelutin.com

https://github.com/bluesky-social/adx/blob/main/architecture.md is now 404 and IIRC there was a ADX/ATP vs ActivityPub section that explain the small world problem and why AP was not suitable. Is there somewhere that documentation is available now?

@planetoryd:matrix.org

whats the state of art of calculating trust graphs

George Antoniadis

In reply to this message

If you find anything interesting on the subject please do link it.

@planetoryd:matrix.org

In reply to this message

i was discussing it here #freenet-locutus:matrix.org

George Antoniadis

In reply to this message

Thank you I’ll check the thread out :)

jringo joined the room

jringo

Good morning = ) Looking forward to learning more about the project, particularly the decentralized algo and moderation infrastructure.

@elsif:matrix.org joined the room

Nicole Melanie Freerks joined the room

@giver0453:matrix.org joined the room

pfrazee

In reply to this message

That's just laziness from my code generator. A few hours of work at most could get that to something sane (eg EmbedBlob)

In reply to this message

We're working on a blobs system

In reply to this message

thanks! Glad to see you here!

mtdg joined the room

mtdg

pfrazee: great job on this. Will you guys be hosting the docs on gh, so we can have discussions and open issues and PRs for the docs on

atproto.com/docs

? ty

pfrazee

In reply to this message

cheers! Yeah let me check with the team, 1 sec

definitely need the specs in a repo

mtdg

Thanks! Tangentially, what software did you use for the graphics in the docs?.. the diagrams look great

pfrazee

thanks! I used Pixelmator Pro which is essentially a variant of photoshop

mtdg

did you use an in-house static site generator for the docs, or is this template public somewhere? I really like the aesthetic on top of the content haha

pfrazee

I used nextjs and https://tailwindui.com/

honestly the two of them combined is the fastest and most convenient site stack I've ever used

and I've used hugo, jekyll, eleventy, and docusaurus

mikuhl

The way the blue sky Twitter account is tweeting makes me think, at least the app, is further in development than it is. 😳 Sounds soon.

pfrazee

it's coming along

mikuhl

I expected to wait many months 🤣

I expected to forget and then suddenly it releases and I go "oh yeah that!"

pfrazee

haha well I dont want to set expectations wrong, it could end up being like that. We'll see how crummy our code is

mikuhl

App made with Flutter I hope? 😊

arcalinea

React Native. If you know any good RN mobile engineers, send them our way! https://blueskyweb.org/join/software-engineer-mobile

Message deleted by arcalinea

mcurrington joined the room

Steven Franssen

Message deleted

Steven Franssen

my biggest uncertainty with @ is the repos, is there more details on them?

Aaron Goldman

What would you like to know about them?

nir.eth joined the room

nir.eth

arcalinea

In reply to this message

I deleted it because there was no context on that link, want to keep folks safe. @. what were you posting?

In reply to this message

There's what's in the spec and what's in the codebase. They're called repos because it resembles storing user content in a git repository.

brchen joined the room

@wclayferguson:matrix.org joined the room

nir.eth

anybody thinking through feed generation, reputation, or content moderation mechanisms? interested in getting involved

nir_ changed their display name to nir.eth

nir.eth set a profile picture

nir.eth changed their profile picture

Aaron Goldman

Yup

whyrusleeping

Lots of space to explore on both of those fronts, I really want to do a bunch of experiments on interfaces for each, try to get a feel for whats needed for more user and community-centric tooling

Robert Heessels joined the room

@penaiple:midov.pl changed their profile picture

Steven Franssen

In reply to this message

i deleted my reply too

In reply to this message

it has become a pressing issue on nostr with their current spam

In reply to this message

is that the only info?

Jason Dominique joined the room

tobinsouth joined the room

panoptikon joined the room

jkrsp

The packages in the "atproto"

github repository

don't seem to be on npm - does anyone know if they are private or just not yet published?

pfrazee

just not yet published

@elsif:matrix.org

In reply to this message

I too am curious about this. This thread may contain some ideas related to that topic: https://twitter.com/bluesky/status/1511811083954102273 I looked in git, and as of https://github.com/bluesky-social/atproto/blob/6283330c3cc85afead94450ea9d920290f8541b6/architecture.md it hadn't yet been moved to docs/, then to a doc site

Golda Velez

hey is there a place for threaded specific questions? I haven't had a chance to scroll up thru all the chat here, i have some really basic questions -

are the @names existing dns names or new names using XRPC? If they are new names, who are the registrars and how do they timeout?

(I"m sure that is probably answered already! but we need like indexed threads/forum :-) )

pfrazee

so the way we're currently planning to handle the names is, you contact the server with xrpc to ask them for the did

Golda Velez

(hey paul! and if you are on for a few minutes we're having a meet at 12 in 1 min - so we might funnel questions from the group chat while sharing screen here :-) )

pfrazee

so I'd send "resolveName()" to "https://example.com" to find out what @

example.com

's DID is

Golda Velez

ah ok! so generally dependent on existing DNS

pfrazee

In reply to this message

I'll be hanging here

In reply to this message

right yeah

Golda Velez

so we have some more pretty basic questions - comparing AT protocol to REST, and also comparing it to ActivityStreams, like what is fundamentally different - hm pfrazee any chance you want to join us in the room for a min? its actually just a couple of us

https://jitsi.modular.im/dsocialcommons if not no worries, we'll try to phrase useful questions

pfrazee

sure why not, I can spare a few min

Golda Velez

btw what hashtag or address should i use for the at protocol on twitter?

Golda Velez

arcalinea: any pref? wasn't sure what handle to use to refer to it

whyrusleeping

Atproto or ATP probably

ATP, powers your cells and your social

Golda Velez

ha that works, not sure if #ATP will get mixed with biologist tweets but can try

#Atproto probably will make a nice thread

devin ivy joined the room

djspacebunny joined the room

djspacebunny

hello!

logonaut joined the room

logonaut changed their profile picture

@wclayferguson:matrix.org

I think #atpro has a nice ring to it. Pronounced "A T Pro"

but maybe it's strange to shorten protocol to pro. :(

lk251

I’ve built a twitter client that I’d like to also be a bluesky client. Is there an API that I could look at? Is it too early for this ? Thank you

Kai Buskirk

@proto

pfrazee:

@planetoryd:matrix.org

Current p2p protocols can only decentralize routing, mutable or immutable state, authentication.

The real challenge is to decentralize recommender systems, indexers

A Person

Forgive me if this is a basic question, but have performant, decentralized indexers been proven impossible, or is the some actual hope of a solution?

Aaron Goldman

In reply to this message

Indexing is sorting so a map reduce operation can build an index. In fact Google uses distributed systems running map reduce to build the index.
The question is how do we alter the process from crash fault tolerant systems we use today to a Byzantine fault tolerant system if mutually distrusting indexers.

This could be done with redundancy. Coldest N servers in the DHT all store the index chunk client queries K of N indexers and if they don't match declare the minority report to be an error.

This is pretty inefficient so it's worth continuing research into the use of ZKP to make a provable sort.
I would talk to Dan Boneh https://crypto.stanford.edu/~dabo/ if you want to collaborate on building an efficient proof based decentralized index.

tfm joined the room

@digirayc:matrix.org joined the room

dr-x joined the room

slavenabd joined the room

@devduck:matrix.org joined the room

sam joined the room

@kity:kity.wtf joined the room

@philip_morgan:matrix.org joined the room

@kity:kity.wtf

so i just discovered the at protocol via a mention in matrix live and i'm not super sure where to give feedback about it, i figured i'd join here and talk about my thoughts reading the documentation.

first of all, things i liked:

i think it's good to have focus on decentralized identity. a big pain point in current federated social software is being reliant on the server you signed up on, which gives server admins much more power than regular users. matrix's approach with rooms being the core data structure does help, since server admins don't directly control the rooms (they're replicated and synchronized via auth rules in the room itself)
this uses replicated data structures as well, but the basic data structure seems to be fully user controlled content stores, which i think is appropriate for social media where you're mostly authoring your own outgoing messages and there's not much overlap with other peoples' messages. on matrix i think it's more important that everyone see the same view of the room vs a user having sole agency over their content

things i don't like:

schemas. i think this is a bad way of doing extensibility and will suffer greatly from xmpp-itis, where different software implements different extensions and interoperability is a guessing game. the big thing matrix does here is it uses the same protocol stuff for everything. there's no thirdroom specific things the server needs to know about. it's just events in a room; the server knows how to deal with events in a room! activitypub sort of has this generic thing going with activity types and all, it would be possible to create a fully generic activitypub server and use activitypub c2s for that. the big issue with that ofc is it lacks server side aggregation, so it wouldn't be suitable for anything at scale. i think the best approach here is to have the core protocol include everything you need for any client, in a generic and flexible way (matrix has a generic concept of event relations which can be used for aggregations), and the client itself is the only thing that really deals with extensibility and unknown message types.

average user joined the room

Dave Macdonald joined the room

@planetoryd:matrix.org

Self-verifying immutable state
- IPFS (or less ideally torrent)
Self-verifying mutable state store
- Freenet/Locutus (or less ideally Matrix)
Self-verifying authentication
- Publickey crypto / MAC
Self-verifying consistency
- Blockchain (a mutable state store too)
Self-verifying computation
- ZKP

Aaron Goldman

Why is it the block chain that people give credit for consistency? In Bitcoin it's the proof of work that provides consistency. The fact that the object that we reach consistency on is the hash at the head of a Merkel linked list is irrelevant to the consensus algorithm.

Why freenet over IPNS for your Authenticated Data mutable state?

Aaron Goldman

The identity updates are a Merkel liked list going back to the origin document for the did:plc but the consensus is from the consortium doing the ordering.

Any number of consensus mechanisms could be used including a simple ACID database.

Drewry Pope joined the room

Aaron Goldman

Don't get me wrong I get that the ship has sailed and Blockchain now also means public consistent legger.

@wclayferguson:matrix.org

The way I would say it is that any MerkleTree is guaranteed consistent regardless. The reason proof-of-work works to be sure lots of "guesses" were made by some computer is because the "work done" is essentially to guess what tweak to some data being hashed caused the hash itself to happen to end up with a specific number of leading zero bits (or something like that...nonce). So the MerkleTree would've been consistent regardless, but the concensus of all other computers will only allow the miner who found the input mod that accidentally caused the hash itself to have some leading zeroes.

(edited)

Not disagreeing with you Aaron, just chiming in for fun. :)

@planetoryd:matrix.org

In reply to this message

Yes, I mean consensus algorithm by blockchain. Many consensus algorithms require linked lists tho eg. proof of work voting. Merkle tree itself is just IPFS' DAG, which provides no consistency over a public shared mutating state.

(edited)

In reply to this message

It is not even authenticated. In Locutus the mutable state is defined and constrained solely by its WASM function, which can be a hash function or whatever. It maxes out my abstraction and has no redundant behavior

(edited)

@kity:kity.wtf left the room

bnewbold

is there a way to receive push notifications to client devices over XRPC? eg, instead of constantly polling 'app.bsky.getNotifications'

@digirayc:matrix.org changed their profile picture

@devduck:matrix.org

if it involves server then it is federated, not p2p which involves client only

The AT proto

so i suggest you adding SSB like feature, so user can sync the tweets of their following even from localnetwork, if they are connected to their peer have common followings.

could work like mesh network

bnewbold

in AT proto, Lexicons can specify new XRPC methods. are these always client-server XRPC methods, or can they also specify new server-server (federation) methods? aka, are the 'sync' methods in the

atproto.com

Lexicon the only server-server XRPC methods?

I think the answer to this determines whether a simple PDS implementation can provide basic support for all applications (Lexicons) by just syncing repos. eg, an archival PDS

Digital Oil joined the room

Digital Oil

hello all

@devduck:matrix.org

Hi, also

check this out simplest decentralised microblogging protocol i found

https://yarn.social/

https://github.com/buckket/twtxt

In reply to this message

also XML is shit, please use other format like JSON, etc

@planetoryd:matrix.org

In reply to this message

JSON is shit. Use protobuf. readability ? no one cares

(edited)

@devduck:matrix.org

https://wiki.alopex.li/BetterThanJson

@devduck:matrix.org

Message deleted

@devduck:matrix.org

1234567891011121314Good Enough:

JSON?
Protobuf
Cap’n Proto
Flatbuffers
CBOR
msgpack
Avoid:

YAML
XML
Thrift?
BSON

@planetoryd:matrix.org

In reply to this message

fediverse is pure cope. locutus is theoretically optimal

(edited)

muh, activitypub, muh blogging protocol

@devduck:matrix.org

yarn.social

is merely frontend to aggregate tweets from your following,
i am mainly talking about TwTxt , look how simpler it is

https://yarn.social/about.html

@planetoryd:matrix.org

In reply to this message

simple and non-sensical. registry, search, query. what, just plain old centralized stuff. I don't even see publickey crypto

(edited)

@devduck:matrix.org

why you need pubkey in everything?

i can say this is decent decentralised protocol i can find, ofc it is not best but things can be build upon it.

anything which requires server is not true p2p

@planetoryd:matrix.org

In reply to this message

false. with performat routing, the impact of servers joining and leaving is mimized

in fediverse your accounts get destroyed when the server is shutdown

as stupid as matrix protocol

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

Message deleted

@devduck:matrix.org

something which is closer to p2p social platform is Secure Scuttlebutt

@planetoryd:matrix.org

In reply to this message

not ideal enough

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

locutus is far more superior

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

In reply to this message

doesn't change the fact that locutus is objectively better

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

https://github.com/freenet/locutus

@devduck:matrix.org

Locutus is a decentralized key-value database.

@planetoryd:matrix.org

In reply to this message

ofc, this is the basis of everything else. Most applications you can name can be built on it

@devduck:matrix.org

is ATproto using it?

@planetoryd:matrix.org

don't know. don't care. there are zillions of non-sensical fediverse protocol

(edited)

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

In reply to this message

fediverse relies on centralized DNS, CA and IP.

In reply to this message

IM and email are just mutable states. Why don't you need it

@devduck:matrix.org

yes, thats why i dislike fediverse and anything closer to p2p social platform i could find is twtxt and secure scuttlebutt

In reply to this message

you can just connect to me directly and we can talk, why you need decentralised key-value database for that ?
check https://tox.chat

about decentralised email, email is fundamentally broken. but still you could just send e-mail to my mailbox and i can check it. again not sure why you need locutus for that..

@planetoryd:matrix.org

In reply to this message

The key-value part is for persistent state store.

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

No, peers also store some chat history.

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

In reply to this message

leave it on the user to choose how they want to do it.

Not how it works. If you leave it out users would choose something unideal, competing solutions, incompatible protocols. This is a fundamental requirement of modern IM.

(edited)

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

muh, leave it out, and do nothing, others will do it. the mentality

(edited)

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

In reply to this message

'own issues', better than its alternatives. servers ? no, locutus is a network of servers. anyone can join and serve a contract

In reply to this message

no one is preventing users from backing up their state store

(edited)

@devduck:matrix.org

Message deleted

@planetoryd:matrix.org

In reply to this message

it is not a blockchain

@devduck:matrix.org

I thought you are working on AT proto

@planetoryd:matrix.org

In reply to this message

common misunderstanding. right, the description is misleading. it is a DHT. the core concept is Contract, a mutating state with a WASM function defining what is allowed and what is not.

networking, or more precisely routing, is a necessary part of any p2p network.

@devduck:matrix.org

oh okay, nice. Then locutus is just an element which could be integrated in your protocol

for state backup/ storage.

@planetoryd:matrix.org

sorry i'm not developing AT proto. I don't even know what it is

@devduck:matrix.org

you are in Bluesky matrix ?

@planetoryd:matrix.org

In reply to this message

doesn't matter. just discussing p2p topics in general

@devduck:matrix.org

In reply to this message

As i was saying, this is the simplest protocol i can find. hopefully instead of making ATproto like fediverse (federation of servers)
they could build something p2p

@planetoryd:matrix.org

In reply to this message

iirc kinda dead project. why not just use libp2p (or matrix pinecone)

(edited)

@devduck:matrix.org

who said it is dead ? Lmho it has active user base :)

https://qtox.github.io/

maybe go to #tox or #qtox on irc

libera.chat

crystalgravy joined the room

Aaron Goldman

twtxt reminds me of RSS

@planetoryd:matrix.org

In reply to this message

another failure

@hmvii:matrix.org joined the room

@hmvii:matrix.org left the room

sylphrenetic joined the room

anonkun joined the room

pfrazee

In reply to this message

At the moment it’s just client-server calls. We might add other types for continuous sync. Not too hard to do

@planetoryd:matrix.org: there are plenty of places to discuss technologies broadly. This channel is for ATP

Please keep on the topic of ATP

@devduck:matrix.org

can you use protobuf or json instead of XRPC ?

pfrazee

xrpc supports json or cbor

if you havent looked at xrpc, you should. It's a very simple wrapper around http

whyrusleeping

I feel like giving it a name is causing more confusion than just saying its a basic http rpc

pfrazee

yeah we've been discussing that, it might be

@philip_morgan:matrix.org left the room

G🌎 joined the room

abdulla77 joined the room

zero-julius joined the room

@greyxor:matrix.org joined the room

George Antoniadis

ATPRPC I guess is the easy way out :D

@wings:perthchat.org

Pronounced AYHCH TEE PEE RPC for good measure

So that it sounds more like HTTP

space invader joined the room

@devduck:matrix.org

happy diwali everyone

https://twitter.com/10DowningStreet/status/1584504382707507200#m

magicofazi joined the room

c-n-b joined the room

ephem joined the room

0p3nsorcerer joined the room

0p3nsorcerer

hello and greetings

George Antoniadis

Message deleted

@10allday:matrix.org joined the room

@10allday:matrix.org

Does Authenticated Transfer Protocol allow for trading virtual items across networks?

@10allday:matrix.org

Can @alice.com and @bob.com send and receive items to their respective data repositories?

Aaron Goldman

Depends what you mean by send. alice and bob can each add records to their own repositories. There is no global state only repositories. If you have a protocol that needed to do a two phase commit that could be implemented in userspace. e.g. alice publishes a record that is a proposal to transfer an asset to bob if it happens before bobs repo reaches time T.

if bob accepts before T then it goes through else it reverts to alice control

trading virtual items is not part of the protocol it just falls out of the atomic update of repos

@10allday:matrix.org

In reply to this message

How long does bob have before the item goes back to alice?

Aaron Goldman

That would depend on the user space transaction you are trying to write

I doubt that Bluesky PBLLC is going to make a record type like this.

More likely it'll be a third party extension to an existing post type

landenc joined the room

@dplim87:matrix.org joined the room

@dplim87:matrix.org left the room

@nurpu:matrix.org joined the room

albeit joined the room

@devduck:matrix.org

In reply to this message

does the protocol allow a client, not server to host their own repo

as long as they are online.

whyrusleeping

You technically can, yes. But it would be difficult at first to engage with others because they would have to fetch updates from you constantly, or you would have to notify other servers when you post

And that mode isn’t well supported in the beta deployment we are working on now

@fr33domlover:matrix.org joined the room

@fr33domlover:matrix.org

Hello People! I recently saw bluesky's website and wanting to express some concerns It seems a single profit-oriented company is creating the AT protocol, and the wording on the website has terms like "algorithms", "market" and "healthy competition". And there's a private beta, very unusual for an open web protocol. But common for startups and private tech. So... I'm worried. I'm worried this bluesky stuff will lure people into something that isn't aligned with their needs (much like centralized platforms like facebook and twitter do), getting in the way of projects like the Fediverse and Spritely, which are very clear about creating an open internet for-the-people by-the-people. So, my instincts of human trust are telling me to be careful when evaluating the work being done here. I wonder if some of you can sympathize! The Fediverse, Matrix, Spritely, all seem much more reliable and promising to me, and if you're looking for the next stage of decentralized human-needs-oriented internet, those are the projects I'd look at. And if I had the money that bluesky has, I'd put it into those projects. Thank you for reading ^_^

whyrusleeping

Building something that scales to whats needed and getting the accompanying adoption is not an easy task, and money is a very real lubricant in making real things actually happen, as a result we must put some amount of thought into that.
The protocol is entirely open source, the private beta is for an app built on top of that but feel free to run the code yourself and engage with the network on your own terms

The team has quite a lot of experience building open source protocols, we aren’t just some random silicon valley startup grifters. The fediverse has many problems which led us to decide that developing a new protocol was the correct thing to do, spending money on mastodon and co would just be wasting that money with nothing to show for it.

George Antoniadis

In reply to this message

I think that “the team has quite a lot of experience building open source protocols” is a huge understatement and can’t be emphasised enough. - the people behind bluesky is the reason why I’m personally interested in this whole endeavour.

@numero6:codelutin.com

In reply to this message

@fr33domlover:matrix.org ↑ there was a doc about why AP has been considered not OK. Be sure it's a well-thought decision. The whole team spent months to study existing protocols and Jay herself was involved in such concepts long before she was in charge of making the study. She was the best people for the job and she built the dream-team (look at the CVs, the bluesky team is the best people you could find on earth for the job). I'm pretty wary too about VC-funded stuff but I want to trust the team.

(edited)

whyrusleeping

Most of the architecture docs got moved a pretty website thing: https://atproto.com/guides/overview

I’ll see if we cant add a page specifically for “why not just use activitypub”

@numero6:codelutin.com

In reply to this message

the existing one was pretty good actually, IDK if it can be recovered

@indieterminacy:matrix.org joined the room

whyrusleeping

If it was in the git repo before then it’s certainly recoverable

@fr33domlover:matrix.org

In reply to this message

I'm glad to hear! The website doesn't have list of these people, so I didn't have faces to recognize and be able to trust :P

* @fr33domlover:matrix.org will read the protocol docs at some point

George Antoniadis

In reply to this message

https://github.com/bluesky-social/atproto/tree/fd18da2cb53bdd12f4b2b674713863149492049b/docs looks like the last last snapshot of the

architecture.md

and relevant docs.

lk251

In reply to this message

Not sure if I’m misunderstanding but can I at the moment add bluesky to the twitter client I’m building? Is there an API and a set of “tweets” and users which I can try to get my app to work with ?

lk251

Forgive me- perhaps my question should be if there are any indexing services currently running which I could get my app to talk to.

Florian Jacob joined the room

@florian:dsn.tm.kit.edu left the room

whyrusleeping

@fr33domlover:matrix.org: previous announcement of the team: https://blueskyweb.xyz/blog/2-31-2022-initial-bluesky-team
Weve since hired another developer (and are still hiring if you know anyone!)

In reply to this message

Not yet, we dont have a production deployment at this point, its in progress though

Harlan Wood

Hi team, congrats on the latest release/milestone!

Curious where/how you are deploying dev/test instances. Any deployment scripts? Dockerfiles? What hosting services are you using?

Omg lives up to the handle 😜

whyrusleeping

Still working that out, those primarily responsible are asleep, but probably will end up deploying some things on aws at first

In reply to this message

Sup

Harlan Wood

Cool so

localhost

so far

whyrusleeping

Yeah, exactly

Weve been discussing having a separate process to manage the blockstore, which allows some really fun scaling directions

(And realistically if we pull that off, it benefits ipfs deployments as well)

Harlan Wood

Hmm sounds interesting. I wonder if Cloudflare could come into play for AP like they did for IPFS gateway. Both designed to be internet scale utilities, just AP in the social sphere.

arcalinea

Sidenote -- let's use ATP for the acronym :)

Harlan Wood

Dang Whys habits are spreading 😂

@indieterminacy:matrix.org left the room

arcalinea

ATP collides with bio nomenclature but not tech. Good enough. Yeah I liked Why's "powers your cells and your socials" too

Harlan Wood

In reply to this message

*sleep related

arcalinea

Oh I'm in Europe. Giving a talk and doing some recruiting at this IPFS camp thing. If you guys know good mobile engineers or front-end/UX devs, send them our way! Also if you'd like to work on the project but your skills aren't a perfect fit at this time, shoot me a line anyways, we may have more openings soon.

(edited)

mikestaub

In reply to this message

Same. I've been following the decentralized social movement since 2015 and can confidently say that this team has the best chance of actually building something that can be adopted at scale. I think they are striking a reasonable balance when it comes to the "livestream everything as open-source" and "ship obfuscated binaries" sliding scale.

Tako UnikLabs joined the room

pfrazee

In reply to this message

For

localhost

testing the dev-env package is really useful. Sets up a

localhost

test server with mock data

Jeremy Lewi joined the room

jhonsu777 joined the room

brh28 joined the room

pfrazee

https://atproto.com/guides/faq new FAQ just dropped

includes an answer to "Why not use ActivityPub" https://atproto.com/guides/faq#why-not-use-activitypub

@miller_james:matrix.org joined the room

brh28

In reply to this message

I ran npm install in dev-env and got a yarn build failure. Should I install yarn or would it be risky to mix package managers?

pfrazee

uhhh I dunno, we do use yarn though

try running npm install in the root of the repo

brh28

Got the same yarn build issue. Installed yarn, reran and it looks like it got past that step at least

brh28

pfrazee: Build was successful. Trying to run (npm run start from dev-env) and getting Error: Could not locate the bindings file. Seems to be looking for a file .../better_sqlite3.node. You familiar?

pfrazee

yeah..... we have that problem at random and it's a real pain to solve

Aaron Goldman

Some day CI/CD will be needed to test that the server always builds from clean.

brh28

Thanks for the help. I'll play around and create an issue on Git if I can't get it

pfrazee

appreciate it

@miller_james:matrix.org

Message deleted by pfrazee

pfrazee banned @miller_james:matrix.org: Spammer

arcalinea

Spammers no spamming

Tarise Singletary joined the room

Tarise Singletary

👋

lk251

In reply to this message

Thanks for the response. I will take the time then to learn as much as possible about how the protocol works.

Daniel Holmgren

In reply to this message

we use yarn workspaces & I'm not sure how npm handles it in comparison. If it hoists pacakges differently from yarn, it might cause some issues with external dependencies. I'd try to re-clone the repo so you don't have any old node_modules cruft hanging around, run yarn from root and then yarn start from dev-env & see how that works

In reply to this message

we actually do have CI now thanks to Harlan Wood 🙇

pfrazee

two useful items in my .bash_profile for resetting a repo: alias rm_node_modules="find . -name "node_modules" -type d -prune -exec rm -rf alias ls_node_modules="find . -name "node_modules" -type d -prune"

huh those quotes are off. But it works

definitely understand those commands before running them. I dont want to be responsible for nuking anybody's hard-drives

ls_node_modules is the safer command. You can use that to list all the node_modules directories and then you can manually remove them

Aaron Goldman

What yahoo finance thinks is happening https://finance.yahoo.com/amphtml/news/jack-dorsey-bluesky-social-app-twitter-050005805.html

pfrazee

saw that...

Importantly, it says user data will be free from governmental influence

We.... dont really say that

@wclayferguson:matrix.org

I also heard that Leo Leporte mentioned BlueSky in the latest Twit episode but haven't listened yet.

pfrazee

In reply to this message

nice

Aaron Goldman

Really should go on floss weekly

But not when Simon's hosting 😶

Harlan Wood

In reply to this message

Thanks! Have cli running, but can’t figure out how to do much with it. Is there an example session somewhere, or could you share one?

pfrazee

In reply to this message

Heh not really. There's the mobile app but that's staying private till we're out of the private beta

Aaron Goldman

A curl example is probably a good idea

bnewbold

I assumed that XRPC would be used for server-server sync of repositories, but can plain old IPFS (bitswap or graphsync or whatever network protocol) be used for that instead?

Next group of messages

Tue, Sep 13, 2022

Wed, Sep 14, 2022

Fri, Sep 16, 2022

Sat, Sep 17, 2022

Sun, Sep 18, 2022

Mon, Sep 19, 2022

Tue, Sep 20, 2022

Wed, Sep 21, 2022

Thu, Sep 22, 2022

Fri, Sep 23, 2022

Sat, Sep 24, 2022

Sun, Sep 25, 2022

Mon, Sep 26, 2022

Tue, Sep 27, 2022

Wed, Sep 28, 2022

Thu, Sep 29, 2022

Fri, Sep 30, 2022

Sat, Oct 1, 2022

Sun, Oct 2, 2022

Mon, Oct 3, 2022

Tue, Oct 4, 2022

Wed, Oct 5, 2022

Thu, Oct 6, 2022

Fri, Oct 7, 2022

Sat, Oct 8, 2022

Sun, Oct 9, 2022

Mon, Oct 10, 2022

Tue, Oct 11, 2022

Thu, Oct 13, 2022

Fri, Oct 14, 2022

Sat, Oct 15, 2022

Sun, Oct 16, 2022

Mon, Oct 17, 2022

Tue, Oct 18, 2022

Wed, Oct 19, 2022

Thu, Oct 20, 2022

Fri, Oct 21, 2022

Sat, Oct 22, 2022

Sun, Oct 23, 2022

Mon, Oct 24, 2022

Tue, Oct 25, 2022