Bluesky Dev
Community discussion of the AT Protocol and Bluesky. (This room is not officially affiliated with the Bluesky team.)
Previous group of messages
  2. jmcasey
    Yeah, that seems like a solid option
  3. bnewbold
    this is what I assume are the major golang ipfs/ipld datastore implementations. there is an abstraction later called "datastores" which "blockstore" builds on top of: https://github.com/orgs/ipfs/repositories?q=go-ds&type=all&language=&sort=stargazers as a reference of what other folks might be using for IPLD stuff. it looks like the 'kubo' golang implementation ships with flatfs, badgerdb, and leveldb backends. the sql datastore implementation supports postgresql and sqlite
  4. (I was curious what the current lay of the land was in IPFS world)
  5. Orpheus changed their display name and profile picture
  6. -nicb- joined the room
  7. whyrusleeping
    i have opinions about blockstores
  8. https://github.com/whyrusleeping/gosky/blob/master/carstore/bs.go
  9. bnewbold
    I pushed a small release of adenosine, with easier to read repo commit metadata, download links, and an updated TID implementation
  10. @giver0453:matrix.org joined the room
  11. Mt Stupid joined the room
  12. 0chroma joined the room
  13. Daniel Holmgren
    I forget who in here coined the term "puppy problem" but it's officially made its way permanently into my vocabulary
  14. George Antoniadis

    Lol. Thank god for urban dictionary. xD

    When one is so excited about things that they become overwhelmed and are unable to do the very things they are excited about. Like when a puppy plays so much it exhausts itself to the brink of unconsciousness. This kind of overwhelm is often mistaken for anxiety, but it is in fact The Puppy Problem.

  15. whyrusleeping
    Not quite the definition dannys using lol
  16. George Antoniadis
    Owh? Whats the definition?
  17. Brad Brown

    I went digging in the history — something like

    when someone posts “does anyone like puppies?” then gets a bunch of replies and changes “like” to “kick”

  18. George Antoniadis
    Brad Brown: Rofl ok yeah that makes way more sense! Thank you! :D
  19. pfrazee
    Haha yes, that’s it. It’s about the risks of not maintaining content references for certain kinds of content
  20. Daniel Holmgren
    hahaha yes that's the right one
  22. [pioneer] 🇺🇦
    I'm trying to understand ATProto, can anyone tell where will the names of new users come from, just someone who wants a domain name, can take any domain name they like? are domain names in ATProto somehow associated with domain names on the normal internet? how will name conflicts be resolved in a distributed system?
  23. @devduck:matrix.org
    atproto is not a dns system
  24. George Antoniadis

    [pioneer] 🇺🇦: Users in ATP have two identifiers. An "identity" and a "handle" (

    docs on identifiers
    ).
    The "identity" is a DID and is globally unique but not human-friendly (ie not a username or real name).
    The "handle" is a human-friendly name that includes the PDS your data live on, and a username that is unique to that PDS.
    (You can think of handles like emails or mastodon usernames, user@pds).

    So yes. Domain names in ATProto are the normal domain names as you currently know and love them.

  25. [pioneer] 🇺🇦

    In reply to this message

    the handles, how it's ensured they're globally unique then?
  26. George Antoniadis
    [pioneer] 🇺🇦: they are hostnames, you just trust the DNS system they are unique.
  27. [pioneer] 🇺🇦

    In reply to this message

    so it's supposed we need to register real DNS records then? sounds simple and practical
  28. @planetoryd:matrix.org
    register fake records
  29. [pioneer] 🇺🇦
    and the identities, how to ensure they're unique? is there any global database of identities?
  30. George Antoniadis

    In reply to this message

    Correct. The admin/operator of a PDS will need to have a domain name, and when users register on that PDS they will get a hostname under the PDS's domain.
    ie If I register the username geoah on a PDS something-random.com then my handle will be at://geoah.something-random.com.
  31. [pioneer] 🇺🇦
    or a cryptographic algorithm is used to generate new identities that guarantees each time it will be a new unique one?
  32. @planetoryd:matrix.org

    In reply to this message

    it alone wont be human readable
  33. George Antoniadis

    In reply to this message

    For the identities ATProto is using the

    DID spec
    which can support "methods".
    According to the ATProto docs, they currently supported method is "web" and a placeholder they are working on.

    • Web is just a URL that points to a PDS, so same terms apply as the hostname one.
    • Placeholder is based on cryptographic key which makes it unique. You can read more on the
      did-plc docs
      .
  34. George Antoniadis

    In reply to this message

    Correct. This would be how the did-plc works pretty much.
    You can then link your unique did-plc identifier to your PDS handle.
    So at://geoah.something-random.com will point to my unique did:plc:cid-of-my-did-document.
  35. s/point/resolve
  36. Aaron Goldman

    In reply to this message

    The hash in the did:plc: is the first did document not necessary the current one. The keys in the original doc can be used to update the document
  37. George Antoniadis
    Aaron Goldman: btw is it ok for non-bsky people to try answer stuff like that or would you rather not have something people make inaccurate statements you then need to correct? :D
  38. Aaron Goldman
    Detail but key rotation is why it's not just a did:key
  39. George Antoniadis

    In reply to this message

    Yap makes sense. I assume this will be the starting point of the a merkle tree that you then need to sync from a PDS?
  40. Aaron Goldman
    I personally like it when people answer. If someone involved enough to want to answer in this chat has a misunderstanding that is good evidence the docs could be more clear 😁
  41. Daniel Holmgren
    yup all good to answer questions!
  42. one note on handles:
    We don't actually put any records in DNS for handles. We just use the authority model from DNS, but handle resolution is done through XRPC (HTTP). So if my handle is dan.bsky.social, it can be resolved by sending a GET req to the authority of the handle (bksy.social) and asked what dan points to
  43. kolby
    How long is the waitlist to try the beta? And where would a good place to start be for doing development?
    Can I start building apps around the AT Protocol?
  44. pfrazee
    waitlist is pretty lengthy. Hopefully we'll move through it fast
  45. things aren't quite stable enough for building apps. Some folks are doing things by looking at the code, but there are lots of breaking changes and we only give high level explanations on the
    atproto.com
     website
  46. I'd hang out here and watch for announcements
  47. kolby
    Awesome. Thank you for the quick reply.
  48. pfrazee
    you bet
  49. kolby
    Do you happen to know if there’s an average wait time for accessing the beta? Do you guys just onboard people in batches from the waitlist?
  50. pfrazee
    yes about batches, not enough info to give a wait time. We're basically still bugfixing and stabilizing
  51. mayankyadav joined the room
  52. px joined the room
  54. @wasp:wasp.dev left the room
  55. hernal joined the room
  56. mikuhl
    The blue sky app team seeing Jack tweet about PWAs: 👁️👄👁️
  57. rafael m. joined the room
  58. b0gg3r
    They do seem like the future
  59. Aaron Goldman
    I kinda hope the browser is not the last platform. I keep expecting a much simpler client where the complexity is pushed into libraries.
  60. stjacobs joined the room
  62. i3xCx
    I think that everyone should use mastodon because you only need one account to follow any fediverse site
  63. I just hope blue sky going be like that
  64. whyrusleeping
    You only need one account in bluesky, and the account is independent of your current server
  65. Mastodon locks you in and forces you to depend on the server you chose
  66. George Antoniadis
    i3xCx: are you talking about mastodon or activity pub?
    Cause even though I'm not a fan of it, activity pub is indeed bridging different network/protocols.
    Tumblr is adding activity pub, various blogging and micro-blogging services are also added/adding it, etc.
  67. i3xCx
    Ok good to know
  68. @ben:effektio.org joined the room
  69. @geoma:matrix.org

    In reply to this message

    You are always free to migrate instance... but I'd like to know what are the benefits of bluesky over the fediverse
  70. George Antoniadis

    In reply to this message

    How do you migrate without losing your connections?
  71. pfrazee
    you can keep your followers in AP but you cant keep your content
  72. the way AP does it, you serve redirects and also broadcast a "Move" message to all your followers. They update their follows to the new location
  73. the way Bluesky does it, you rehome your data without changing your DID. Kind of like how with DNS you can change the IP a domain name points to, but it's the same domain name. Your DID stays the same, but the hosting server that DID points to changes
  74. you cant keep your content when you move with AP because your ID changes, and so all the URLs change. You need URL stabilitiy
  75. @geoma:matrix.org
    Alll of bluesky is on MIT license?
  76. pfrazee
    yep
  77. all the protocol and server side is at least. We're still deciding about the client
    (edited)
  78. @geoma:matrix.org
    why did you choose MIT over GPL for example?
  79. Aaron Goldman
    Apache, MIT basically a toss up. GPL or other copy left licenses are a barrier to adoption. If the protocol is to be more than a single social network but a platform for many applications to leverage the same social graph it is important to be embeddable in systems whether they themselves are open or closed.
  80. mikestaub

    In reply to this message

    I would make the client GPL3 to enable startups to more easily monetize the protocol
  81. whyrusleeping
    Mike i dont think thats how gpl3 works
  82. Copyleft licenses tend to make it significantly harder to build monetized products on top of
  83. mikestaub

    In reply to this message

    not if they are open source. I am assuming the only apps users would pay for that leverage ATproto would also have to be open source. What would stop a competitor from copying the client and trying to take market share? Truth Social did just that recently.
  84. Aaron Goldman

    In reply to this message

    Why assume that? Unix and https were open but much of what was built on top is property.
    Google is all built on open source platforms but is highly proprietary and heavily monetized.
  85. fatihfulness joined the room
  86. ffaldhian changed their display name to fatihfulness
  88. @omasanori:matrix.org joined the room
  89. GitHub Julian Dumitrascu joined the room
  90. GitHub Julian Dumitrascu
    I'd communicate with any of you and other users of software based on the Matrix protocol.
    I'd like to communicate with a relationship manager of the BlueSky team, so that we build a dialogue around the benefits of this service.
    We can discuss e.g. this: When one finds out about BlueSky and joins e.g. the BlueSky space using Element, one can ask: Where do I start?
  91. mikestaub

    In reply to this message

    I am predicting a slow but massive sea-change in consumer behavior over the next 5 years in regards to trust and privacy - specifically for B2C products. People are slowly waking up to the value of their data and the ability for centralized black box apps to abuse it. Its a radical prediction, but I can imagine users default assuming closed-source products are malicious and demanding to pay for open source alternatives. The reaction of the crypto community to FTX is an early signal to this trend, as well as the recent growth of Mastodon. I can see a future world where the "not your keys not your coins" mantra evolves into "not your source not your data" or something similar. I could be wrong. Either way, we must solve the sustainability problem for open source monetization. Most of the issues that arose in web1 and web2 were do to the business models, not the tech.
  92. whyrusleeping
    eh, people have been thinking that that would happen for a while. it hasnt. 'open source' isnt the silver bullet you think it is, nobody actually reads it, and even the people who do read it arent going to catch everything. and even if people read the code thats open source and everything looks right, theres no guarantee that that particular code is whats running on your device. theres always always an element of trust in the developer thats required when running software (sure, you could build the software yourself and run it on your own custom linux system whose every dependency you read and verified, but what about the other 8 billion people who wont do that?).
  93. Its better to let developers keep a competitive advantage of their code being closed source and not immediately stealable, and just focus on ensuring that users always have the ability to choose exit and use a different app without losing their data. Preventing data lock-in helps significantly to keep players honest
  94. mikestaub

    In reply to this message

    Data portability is a necessary but not sufficient step to prevent vendor lock-in. Twitter lets you export all your data, why haven't all their competitors just created an import button? Because it would be too costly to try and keep up with their proprietary schemas and the integrations would break possibly daily ( especially with Elon's current pace ). Also it's not enough to be able to import your data into a new empty platform, as there is a coordination failure in the user migration. A two-way sync bridge would need to exist indefinitely and is costly to maintain. Open sourcing the apps would allow companies to setup https://pact.io contracts and compete only on the UX/UI layer. Users would never have to inspect the code themselves, as an ecosystem of auditors and bug bounties would emerge as has in the crypto sector.

  95. In reply to this message

    My hypothesis is based on the assumption that users will eventually shift their trust away from developers and into law enforcement, as they are the protectors of last resort. Other artists have already made this transition as they had no option to "close source" their songs, etc. They rely on copyright law to protect their investment. We may be forced into the same situation soon and should prepare for it.
  96. mikestaub
    Why are we having this conversation on matrix and not Discord? Why are there no popular closed-source matrix clients? We as a community have already biased towards open source. It is possible as innovators, we are just early on the adoption curve to a much larger trend. I am just worried we are not prepared as up until now most open source is based on donations which is not economically sustainable and thus will not be able to compete with incumbents.
  97. George Antoniadis
    There is a different between open source and open protocol.
  98. mikestaub

    In reply to this message

    If we build the SMTP of social without the corresponding business model innovation, we will likely end up with a similar triopoly as Outlook, Gmail, and iMail. This is undoubtably still better than our current situation, but I hope we can aim higher.
  99. George Antoniadis
    You need to build up to it. Imo Going full open source on day one will result in too many forks littering the stores with low effort additions that will end up unmaintained at best, or scammy at worst. — you need to offer people a solid app first they can trust, and the developers can get feedback to improve the protocol.
  100. px
    I feel like there's plenty of money to be made by services offering premium curation, better more customized content feeds, etc. This model works perfectly fine in a wide open ecosystem.
  101. @penaiple:midov.pl

    In reply to this message

    SAAS is nonfree

  102. In reply to this message

    "open source" is nowdays just used as another word to say "half proprietary"
  103. there are tons of examples for that
  104. all those GNU distros
  105. mikestaub

    In reply to this message

    I 100% agree. My only concern is that once the app is open source, what license should it be under that will protect the company? AGPL3 seems to have worked for Mastodon as Truth social capitulated unwillingly and was forced to open source. https://blog.joinmastodon.org/2021/10/trumps-new-social-media-platform-found-using-mastodon-code
  106. @penaiple:midov.pl
    that ship proprietary malware in their repos, around 70 megs of proprietary blobs in their kernels, and push the user to install proprietary software
  107. chromium which is intentionally messed up and made almost unreadable by a sane human being without 3 years free time since its a 4gb source tree or so
  108. same thing with android
  109. and just like chromium, they both discourage you to compile it because it requires a beefy computer (which is hard to build if you want one that respects your freedom, you need an expensive server board running libreboot, or RISC-V/POWER9)
  110. 64 gigs of ram, 2 weeks time, powerful CPU.
  111. and android in reality will never work without proprietary crap, every single device it runs on has some proprietary blob nonsense, firmwares, locked proprietary bootloaders, etc...
  112. and all of those android distrobutions or "roms" are nonfree as well, aside from replicant maybe... which also only runs on a hand full of ancient devices with no hardware acceleration, that still have proprietary firmware.

  113. In reply to this message

    GPL/AGPL is fine, if you want people to take your code and turn it into proprietary malware, go use a BSD license or just make it public domain
  114. but dont be mad when someone actually does that
  115. thanks to such licenses we have the intel management engine, macOS, iOS, and all the other crap
  116. whyrusleeping
    God i love proprietary malware
  117. Thats my favorite shit

  118. In reply to this message

    Have you read the AT proto spec or our blog posts? This is the problem we are aware of and working to solve
  119. mikestaub

    In reply to this message

    I am less concerned with infra and OS code that run the open protocols, as companies like https://lineageos.org and others can always step in and fill that niche. I am specifically concerned with B2C app code as that is the touch point for 99% of users.
  120. whyrusleeping

    In reply to this message

    Honestly, matrix sucks and i really hate it. I would rather be using slack or even irc
  121. mikestaub

    In reply to this message

    Yes and that is why I am so excited about what the team is building. It's the first attempt I've seen that has a real chance to reach mass adoption. All my recent comments stemmed from pfrazee mentioning he is unsure what license the client should use. I assume this only matters because Bluesky plans on eventually open-sourcing it like George Antoniadis suggested. The license choice is very important and requires careful consideration as it will likely set a precendent for other apps building on the protocol.
  122. whyrusleeping
    I see
  123. The “client” software licensing matters, the app not so much
  124. And the client should be licensed as permissively as possible
  125. @penaiple:midov.pl

    In reply to this message

    there is no "app"
  126. and yes it does matter

  127. In reply to this message

    for others to copypaste it into proprietary crap?
  128. whyrusleeping
    ima_d234642.jpeg

  129. In reply to this message

    Bruh
  130. @penaiple:midov.pl

    In reply to this message

    because discord is proprietary malware
  131. whyrusleeping

    In reply to this message

    Yes, for others to use however they see fit
  132. @penaiple:midov.pl
    there are no popular proprietary matrix clients because proprietary software is malware and just sucks
  133. whyrusleeping
    And all the matrix clients suck
  134. @penaiple:midov.pl

    In reply to this message

    try quickmedia
  135. George Antoniadis
    Hey fluffychat is fun :D
  136. @penaiple:midov.pl
    100% free software

  137. In reply to this message

    also sucks
  138. whyrusleeping
    “Fun”
  139. @penaiple:midov.pl
    quickmedia is the least-shit matrix client i know
  140. it currently eats kinda a lot of ram and cpu usage tho
  141. whyrusleeping
    “Least shit” is not “doesnt suck”
  142. @penaiple:midov.pl
    still nothing compared to any other client, 100 megs of ram, 4% CPU usage on a core 2 duo L9300

  143. In reply to this message

    its actually pretty good

  144. In reply to this message

    it currently uses X11 and openGL, xrender is in the works to reduce ram usage from 100 megs to around 1 or 2
  145. and CPU usage to 1% or less
  146. whyrusleeping
    Im not here to argue about which matrix clients suck less than others
  147. @penaiple:midov.pl

    In reply to this message

    try quickmedia, you wont regret it
  148. whyrusleeping
    Anyways, back the the topic of licensing.
  149. @penaiple:midov.pl
    its 100% keyboard controlled so sorry if you want to use a mouse or touchscreen for some reason

  150. In reply to this message

    you should just license everything as (A)GPL and call it a day
  151. that way everyone who doesnt have malicious intentions can do whatever he wants
  152. and everyone's freedom is ensured
  153. whyrusleeping
    No
  154. @penaiple:midov.pl

    In reply to this message

    why not?
  155. whyrusleeping
    GPL inhibits real usage
  156. @penaiple:midov.pl
    it does not
  157. whyrusleeping
    Its more of a political statement than a real license
  158. @penaiple:midov.pl
    only if you consider "real usage" to be some company stealing your code and using it to abuse users

  159. In reply to this message

    then why does GPL software power the entire internet?
  160. whyrusleeping
    Alright richard stallman, you lost already, pick a new hill to die on
  161. @penaiple:midov.pl
    im not stallman, and how did i lose?
  162. proprietary software is an unfunny joke nobody takes seriously
  163. just look at it, its made to be abandoned
  164. made just to exploit and herd users like cattle and enslave them, and to make as much money as possible by doing so, while making the users suffer as much as possible
  165. nobody should have the "freedom" to restrict someone elses freedom
  166. whyrusleeping
    Then dont use the software you dont want to use
  167. @penaiple:midov.pl
    are you seriously coding for some company that makes money by abusing people, and not even get paid to do it?
  168. whyrusleeping
    Yes i love it so much
  169. @penaiple:midov.pl
    the ""more free"" licenses lead to nonfree software
  170. whyrusleeping
    Its how i sleep at night
  171. @penaiple:midov.pl
    lol you might as well just give away money directly then
  172. send me some XMR if you want
    82aHmVr874ePZxM3ExtW8pakLm2soESkYZY2EH5wBVzZicWmrirGRGBFHRMhqakGxsZPSQdTWE4qU2Gvqw89JRvNCcF2Qcf
  173. whyrusleeping
    Using GPL isnt gonna save the world or even move the needle, lots of companies “abuse their users” with gpl software
  174. mikestaub

    In reply to this message

    This is the fundamental problem. How can we assure this while allowing devs to make a living writing code? The profit motive of corporations dictates that the executives must prioritize shareholder value, which can be increased by creating artificial scarcity through proprietary code. There is a reason arcalinea used the PBLLC structure and not standard Delaware C-corp. This was a step in the right direction, but didn't solve the issue completely as the company's runway is finite. https://tea.xyz/white-paper/ is the only serious attempt I am aware of at fixing this. But it's not clear why a developer would pay to use code if they don't have to.
  175. @penaiple:midov.pl

    In reply to this message

    "permissive" license leads to companies with a lot of money stealing your code without paying you a penny
  176. writing code isnt for having a reliable income
  177. whyrusleeping
    lol
  178. @penaiple:midov.pl

    In reply to this message

    sadly yes
  179. mikestaub

    In reply to this message

    I don't understand this comment, can you elaborate? Are you being ironic?
  180. @penaiple:midov.pl
    im not sure, but how did google even throw linux into android?
  181. is that some GPL2 thing?

  182. In reply to this message

    no
  183. today you may be writing C
  184. tomorrow your boss will kick you out and get new workers who know the latest and greatest new language because he doesnt want to wait a week for you to learn it
  185. @neilalexander:matrix.org

    In reply to this message

    If you write GPL code then you probably won't get paid for it because corporations will be afraid to touch it and FOSS people think everything should be "free" as in freedom and "free" as in cost. If you write permissive code then you probably won't get paid for it because corporations will probably use it without any requirement to pay you for it. ;-)
  186. whyrusleeping
    I guess the solution in pineapples world is just to destroy all the computers, retvrn! Live off the land
  187. @penaiple:midov.pl
    and usually you dont get paid well either, compared to many other (usually easier) jobs

  188. In reply to this message

    freedom != cost

  189. In reply to this message

    that would be ideal
  190. mikestaub

    In reply to this message

    This is off-topic. There will always be a demand for good software devs.
  191. @neilalexander:matrix.org

    In reply to this message

    I specifically called them out separately
  192. @penaiple:midov.pl

    In reply to this message

    if you write GPL code companies can use it if they dont use it to restrict someone elses freedom with it
  193. whyrusleeping
    Yeah okay now youve outed yourself as a troll, this discussion is just wasting peoples time
  194. @penaiple:midov.pl

    In reply to this message

    one day youre not considered "good enough" if you have bad luck
  195. happens to many, even if you think it wont happen to you

  196. In reply to this message

    and in reality, free software devs get donations for working freely however they want to work
  197. good software usually isnt driven by money and the desire for it
  198. whyrusleeping
    Apple products are some of the best software i have ever used. Def money driven
  199. @penaiple:midov.pl
    just like art, if youre an artist and only do it for money, the quality will be bad
  200. mikestaub

    In reply to this message

    Is this not exactly what we want? Again this is all in the context of the Bluesky app client license, which is a B2C product, not B2B. We want the code open so there is a rich ecosystem of compatible apps, but we also want to protect the income of the developers and promote healthy competition.
  201. @penaiple:midov.pl

    In reply to this message

    "best software" lol
  202. cant even play webms
  203. shitty hardware, shitty software
  204. George Antoniadis
    It’s open source, they accept prs :p
  205. @penaiple:midov.pl
    macbook no hdmi iToddler BTFO projector.jpg
  206. whyrusleeping
    Alright lets stay on topic, im sure you can find a lot of pictures of broken computers
  207. @penaiple:midov.pl

    In reply to this message

    you wont get any income from users by not giving them the code but distributing the binaries free of charge and without any malicious "features" like spyware, datamining, etc... that will bring in money by milking users
  208. mikestaub

    In reply to this message

    please stay on topic. Its fair to assume that Bluesky PBLLC is not an artist project and aims to be a sustainable business. https://blueskyweb.notion.site/Bluesky-Discussion-Rules-ec483b9a5d2c4a1cadadcd48ede653de
  209. @penaiple:midov.pl
    you will get income from donating users for releasing the code freely

  210. In reply to this message

    its on topic

  211. In reply to this message

    all crapple computers are broken by design
  212. whyrusleeping
    Its not, consider this a warning
  213. @penaiple:midov.pl
    so this is "decentralization" and "freedom"
  214. censorship of people who point out anti-freedom
  215. whyrusleeping
    Youre being a troll arguing in bad faith with reducto-ad-absurdism arguments
  216. This is not censorship, it’s moderation
  217. Youre free to spout your nonsense where people care to hear about it
  218. @penaiple:midov.pl

    In reply to this message

    if you consider freedom "bad faith" you seriously should reconsider what you are doing
  219. whyrusleeping
    Strike two
  220. @penaiple:midov.pl
    strike what?
  221. if you like nonfree software so much why don't you make the entire backends, frontends, protocols, specs etc... proprietary?
  222. you'll see where it gets you
  223. the GPL pushed software to where it is now, powering pretty much the entire internet
  224. mikestaub

    In reply to this message

    The reason your arguments are appearing in bad faith is that there is an implicit assumption that we are all pro-freedom as that why this project was founded. We are debating how we can achieve that freedom while still protecting the income of developers.
  225. @neilalexander:matrix.org

    In reply to this message

    I would suggest it's more important to not conflate the public code and API with the possibly proprietary products that Bluesky might also want to put out there/sell/compete with. It is possible for ATProto to be permissive and for Bluesky to do something proprietary simultaneously :-)
  226. @penaiple:midov.pl
    GNU+Linux, most of the programs web servers run, most programs people use

  227. In reply to this message

    tell people to donate, list crypto addresses on your websites for people to donate to
  228. you do know that you can sell free software too
  229. mikestaub

    In reply to this message

    I hope they do! That is the point, I am trying to brainstorm on how that could work in a competitive environment with closed-source apps.
  230. @penaiple:midov.pl
    most people will understand that developers dont want to waste time making something for others without getting anything out of it (e.g. having a program they need themselves or getting some money out of it)

  231. In reply to this message

    easiest solution, dont.
  232. even touching proprietary software will get you demonized and hated by people who value freedom
  233. why do you think do people hate android?
  234. mikestaub

    In reply to this message

    This is a viable strategy that should be explored, as many B2B companies use it like https://trufflesecurity.com/trufflehog/
  235. @neilalexander:matrix.org

    In reply to this message

    I guess a functional example of this is Matrix vs Element. The Matrix Foundation is a non-profit that owns the public IP and makes it all available permissively. Meanwhile Element produce some proprietary offerings for businesses and hosting etc which they sell which funds the thing
  236. @penaiple:midov.pl
    sure you can sell hosting, services and all that
  237. you can let people pay for you to manage things and make their lives easy, saving them time
  238. because time = money
  239. @neilalexander:matrix.org
    At the same time, Element is donating work to the Matrix Foundation constantly for public release, but there are people paid to do so because having some commercial income allows you to hire people
  240. @penaiple:midov.pl

    In reply to this message

    i would donate to matrix or element if they switched from JS and python to C and/or C++
  241. especially for the backend(s)
  242. mikestaub

    In reply to this message

    And they are using Apache2. Perhaps the Bluesky client should as well? https://github.com/vector-im/element-web/blob/develop/LICENSE
  243. @penaiple:midov.pl

    In reply to this message

    this is how you won't get any income, but rather code for free, for some companies who make a load of money from your work.
  244. mikestaub

    In reply to this message

    I think it is fair to say that any donation-based business model cannot displace web2 incumbents.
  245. px
    I publish under apache2 because I heard once that it makes it harder for employers to slap restrictive patents on my work. Not a lawyer, but that seemed like a good idea at the time.
  246. whyrusleeping
    We put a lot of thought into that at PL: https://protocol.ai/blog/announcing-the-permissive-license-stack/
  247. @planetoryd:matrix.org
    Crypto projects are mostly opensource, and they do profit.
    (edited)
  248. whyrusleeping
    They kinda profit, but its more of an endowment than profit
  249. Once the endowment dries up they have to find a way to make themselves sustainable
  250. @penaiple:midov.pl
    you cant make one thing and expect it to be an infinite money source
  251. whyrusleeping
    Mostly true
  252. @penaiple:midov.pl
    even a money tree will wither some day
  253. whyrusleeping
    Maintenance is an extremely valuable thing
  254. @penaiple:midov.pl
    crypto projects dont really have to be maintained after youre done making it
  255. its basically "abandonware" but keeps working
  256. @planetoryd:matrix.org
    Getting money from the market. Internet is unlike traditional industries. It is not physical goods.
  257. whyrusleeping

    In reply to this message

    Spoken like someone with no idea how these networks work
  258. @penaiple:midov.pl
    sure you need to update things sometimes and fix some bugs
  259. but 90% of the work is done before that
  260. whyrusleeping
    lol
  261. mikestaub

    In reply to this message

    MongoDB had to move off AGPL3 because AWS and others were offering hosting as a service and taking their revenue. Which is very similar to what Truth social did to mastodon. https://www.mongodb.com/licensing/server-side-public-license/faq
    (edited)
  262. @penaiple:midov.pl
    element really should learn 1 or 2 lessons from quickmedia if you ask me
  263. whyrusleeping
    The thing I love about slack is that the gpl trolls wont use it, and then you dont have to be subjected to their nonsense
  264. @penaiple:midov.pl

    In reply to this message

    go back to your little proprietary iToddler echo chamber then

  265. In reply to this message

    tell me again that apple doesnt hate you, exploits you, and wants you to suffer
  266. mikestaub

    In reply to this message

    Please stay on topic. Apple is a corporation with a fiduciary duty to maximize profit, they don't "have" or "love" anyone.
  267. @penaiple:midov.pl

    In reply to this message

    they obviously hate their users
  268. otherwise they would make good hardware to get more people to buy it
  269. whyrusleeping
    Alright, come back when you can stay on topic
  270. @penaiple:midov.pl
    but they rather brainwash people into buying absolute trash because its expensive, and if something is expensive that means its good
  271. whyrusleeping removed @penaiple:midov.pl: off topic too much
  272. mikestaub
    I suggest we create a separate room specifically to hash out licensing / business model issues. This discussion is not as productive as I would have hoped. This is a super important open question that should be addressed asap. In my opinion before the iOS app is out of beta. Aaron Goldman pfrazee arcalinea and team - thoughts?
    (edited)
  273. @penaiple:midov.pl joined the room
  274. @toneji:nibbana.jp left the room
  275. whyrusleeping
    Im happy to have the conversation here, just apparently needs to be properly moderated
  276. @penaiple:midov.pl

    In reply to this message

    im on topic, do you hate yourself and like being enslaved or why do you use crapple hardware and hate the GPL?
  277. whyrusleeping banned @penaiple:midov.pl: youre done
  278. @neilalexander:matrix.org
    Message deleted
  279. Message deleted
  280. mikestaub

    In reply to this message

    Ok. This might also require some sort of synchronous meeting that can be recorded. It's a large enough topic and tangential to the underlying tech.
  281. whyrusleeping
    I think licensing is pretty separate from business models, and the licensing conversation can happen abstractly from the specifics of any one companies business model
  282. Obviously licensing affects business models pretty heavily, but i think it makes more sense to imagine the ecosystem of companies that might exist, rather than focusing in on a particular scheme
  283. pfrazee
    I'm actually writing up a big memo on this topic right now. Let me toss out some thoughts...
  284. I've been playing with this phrase, "Third party is first party." It's this idea about how a network can be decentralized but still highly integrated
  285. the history of 3P (third party) integration has been programs you install (desktop), plugins you install (desktop), links you can click (web), and app stores (mobile)
  286. and I suppose services you can call out to (cloud)
  287. px
    Android took over the ecosystem by releasing everything in the open that anyone could fork, reskin, and sell it. They also innovated quick enough that most people stayed close to upstream, but that's a good way to do things. Build platforms that let people build their own business models on top of them to incentivize creative growth.
  288. pfrazee
    what we want to achieve with this ecosystem is a way for integration to be a big part of the experience. Having open APIs that enable a variety of apps is good and certainly a part of it, but I personally suspect that's akin to having multiple browsers: it's healthy for the ecosystem but the magic doesnt come from jumping between multiple browsers
  289. and this is partly a reality of the end-user platforms. In a perfect world, you could install lots of apps and seamlessly move between them like on the Web, but there are huge technical blockers
  290. px
    Is the idea with blue sky that you have a network of participants running dumb relays or something that route messages to their intended recipients? Or that connect the clients with each other or something?
  291. pfrazee
    on the Web, you have the problem of data privacy and security. This is visible in the Mastodon world (no shade, theyre just a victim of it). When I visit somebody's profile, if they're hosted by a different service than mine, then the UI can't tell me if I'm following that person. And the reason for that is that my social-graph info needs to be protected and can't be revealed to any random site I go to. The thin-client model of the Web where each site is essentially its own program makes it extremely hard to integrate
  292. on Mobile, you have the problem with consistent intents and clean UX. Cross-app flows tend to be really clunky and jarring, and you use them pretty selectively (eg "Share on Twitter")
  293. plus you need to go through the install flow for each app that you might need
  294. so how do we create an open ecosystem that takes advantage of 3P integration? My theory here is that we do it through the vocabulary of the data
  295. Let me give some concrete examples, to give everyone a break from abstract ideas:
  296. custom algorithms run by anybody that you can "install" or "follow" or whatever and they just show up in your TL
  297. custom search engines that can be set to your default, or given as one of many options you switch between when you run a search
  298. bots that reveal as users (an already common usecase) that you can command by comments or DMs
  299. forums that have custom social interactions (like slashdot's +3 interesting, for instance) but which show up in the network, same as any forum, as a place you can visit
  300. essentially this all happens by creating a network with a high level data language -- which is why we created Lexicon
  301. rather than serving UIs in the form of HTML/CSS/JS, you serve data and APIs in the language of lexicon & json & http
  302. this makes an ATP client like a new kind of browser that speaks a semantic language
  303. and it enables these 3P systems to integrate directly into the app, as if it's all being made by one company as they traditionally are
  304. this should mean you get the kind of seamless "just click a link" integration that the Web has, but you lose the complication of data privacy that makes this difficult for the Web to accomplish (as I described above)
  305. the challenge to this idea is discovering just how much we can express this way. When youre building something, you often want to make custom UIs for it. Will a semantic data browser be too handicapped to create new experiences? That's what we need to answer before we can claim this idea with confidence
  306. but I'm quite sure it can handle a lot of good usecases, like the 4 I listed above, so I think there's something to it
  307. and by doing it this way, we create a huge opportunity for the clients to apply user opinion on how it all gets rendered, much like the old pre-Web2.0 philosophy of separating content from styles
  308. ~ fin ~

  309. In reply to this message

    that's more of a Nostr or Secure Scuttlebutt model. We do a model of "Personal Data Servers" that represent the user in the network. Unopinionated relays are cool but it's really useful if your server can do processing, caching, and indexing to speed up the experience. Therefore we focused on "Account Portability" as a countermeasure, which means you can conveniently change your PDS if it's being a dick
  310. mikestaub

    In reply to this message

    Can you elaborate on this? The app will render custom UI that is not based on HTML/CSS? Building a rendering engine is extremely complex
  311. pfrazee

    In reply to this message

    Oh hah no basically the protocol doesn't express an opinion about the rendering engine. You can use whatever you want. The difference is that the network itself is exchanging semantic data rather than UI code
  312. @digirayc:matrix.org left the room
  313. px
    Can I send someone a message telling them to decode with a silly rendering engine that executes shell commands in the context of their client?
    (edited)
  314. pfrazee

    In reply to this message

    if you can then somebody screwed up
  315. mikestaub

    In reply to this message

    Then what do you mean by this? "Will a semantic data browser be too handicapped to create new experiences?" If as a dev I can write any React code I want, and also create my own Lexicon that inherits from the base ones I should have no limitations, correct?
  316. pfrazee

    In reply to this message

    Yeah that's true, but there's always gravity to a given Lexicon because it depends on shared support. For instance, let's say you want to add the ability to attach fact-checking annotations to a post. You could implement that with a new lexicon, but unless that lexicon is widely supported, it wont be seen by a lot of users
    (edited)
  317. so implementing this system well is going to be a balance of designing Lexicons to be expressive but not too complex
  318. or, alternatively, lobbying other clients to adopt your new lexicon
  319. here's a good example:
  320. imagine you create a new web browser and you want to add an HTML tag for rich text editors, <richtext>
  321. well all the other browsers aren't going to understand that, so <richtext> is only meaningful to users of your browser
  322. mikestaub

    In reply to this message

    This is fine as long as the user can install custom UI plugins akin to chrome extensions. As long as all apps share the core schemas ( users, accounts, notifications, etc ) they should be free to author their own along with a list of recommended UI extensions that understand the app-specific lexicon. The analogy here is that Bluesky PBLLC is like the nodejs TSC, ATproto is the nodejs spec, and users are devs that want to build on nodejs, and the Bluesky client is VSCode. When they clone a repo, the actual code is always the same but they can interact with it anyway they want via extensions. A repo author can even recommend them via one-click install. https://tattoocoder.com/recommending-vscode-extensions-within-your-open-source-projects/
  323. pfrazee
    right, we've talked about that a bit in the past. UI plugins may be an option but they're extremely challenging
  324. apple is actively hostile to them on iOS
  325. mikestaub
    In this world all Bluesky clients are just a collection of extensions that share the root lexicon.

  326. In reply to this message

    The UI extensions would not surface at the iOS ( platform ) level, as the app developers would bundle them into a native binary via electron or something similar.
  327. Users should not even need to know the app they are using is built on ATproto. This was the mistake crypto made by leaking their abstractions ( wallets, transactions, etc ).
  328. pfrazee
    well but I'm saying, if you try to put an app in the App Store that runs 3P plugins, apple will reject it
  329. here's probably how I'd test this idea out:
  330. I'd build a web client that works as a PWA. Same codebase on desktop and mobile, never touches the app store
  331. I'd build a plugin system based on web workers and/or WASM, much like Figma did
  332. then I'd see how good the UX and DX can get
  333. would be a great project for an alternative client to try
  334. I'm personally not confident enough in it to suggest to the PBLLC team we invest in it, but I agree that it could have some merit and deserves an attempt
  335. mikestaub
    They should just download an app and be delightfully surprised that all their data is already there when they "signed in with Bluesky" via an OAuth2 flow. This will create a powerful network effect as each app becomes more valuable anytime any app onboards a new user to the protocol, just like SMTP did.
  336. pfrazee

    In reply to this message

    that's legit and will cover some good usecases, like clients that are focused on a particular usecase within the network
  337. like a tiktoky paradigm versus a tweety paradigm
  338. mikestaub

    In reply to this message

    I think Figma already proved this. They dominated their market specifically because the UX was great and users could just share links to live collaborative projects. It's very unlikey any social app will be 50% as complex as Figma.
  339. pfrazee
    I'm saying I think it's worth a shot, so I agree somewhat. There are reasons outside the plugin model that mobile-web/PWAs are challenging for social
  340. mikestaub

    In reply to this message

    This is exactly what wechat did and had enormous success with over 1b users. https://developers.weixin.qq.com/miniprogram/en/dev/api/
  341. whyrusleeping
    Wechat is a closed in-app ecosystem isnt it?
  342. pfrazee
    the miniprograms are essentially tiny web apps, as I understand it
  343. mikestaub

    In reply to this message

    exactly my point. Imagine how much bigger it could have been if it were open! Probably the whole world would use it.
  344. whyrusleeping
    Does apple let wechat install the subprograms? Thats cool precedent if so
  345. mikestaub

    In reply to this message

    exactly, but unlike today where a dev would have to build everything from scratch. A wechat dev get to immediately focus on the value add.
  346. pfrazee

    In reply to this message

    apple does selective carve outs on policy so we can't lean on that
  347. whyrusleeping
    Ah lame

  348. In reply to this message

    Agree with that goal, make it as easy as possible for developers to add value to the ecosystem
  349. pfrazee
    mikestaub: I agree with a lot of your points, I'm just saying there's a risk profile that has to get sussed out on how we execute it best
  350. my initial focus is on making a strong core lexicon and finding out how far that gets us
  351. once we've tapped out the opportunity space there -- which is large! -- then I imagine we'll start digging into how full programs can get executed
  352. whyrusleeping
    Ive been wanting to build a forum software on top of the protocol just to test that usecase out
  353. The protocol is quite fun to play with even now
  354. pfrazee
    yeah, having a one-stop-shop of social paradigms would be quite fun
  355. mikestaub

    In reply to this message

    Even if apple doesn't allow a wechat like superapp that loads all the subapps at runtime, users can still manually install 5 Atproto apps separately to get 80% of the benefit of the core lexicon. If they want that last 20% convenience / discovery they just open a PWA in safari that merges them all.
  356. pfrazee
    that may indeed be how it goes
  357. mikestaub

    In reply to this message

    Of course its important to have fun and enjoy creating new tech and I don't want to put too much pressure on this team, but the stakes are pretty high and its important we get this right. The current social paradigms are actively harming users and society as we speak, and I'm not aware of any other group that is as far along in creating an alternative future as this one.
  358. pfrazee
    couldn't agree more. All of this is execution details for making a healthier, safer, and more useful social internet
  359. mikestaub

    In reply to this message

    This is the correct strategy imo. I've been lurking on github watching the progress and am super impressed with the teams unwavering focus on what really matters at this stage, and the lack of rabbit holing on interesting technical problems.
  360. pfrazee
    hah yeah, the way I see it, I've got 10 years of experience on how to blow it. That's a major example of how I've blown it in the past
  361. mikestaub

    In reply to this message

    Then you are the perfect man for the job. Funny how life works like that eh?
  362. pfrazee
    hah yep
  363. mikestaub
    Oh and btw wechat doesn't use webviews, they actually built their own WebGL rendering engine! https://developers.weixin.qq.com/miniprogram/en/dev/api/canvas/CanvasContext.clearRect.html
  364. pfrazee
    oh wow
  365. mikestaub
    which is why you had me scared in your initial description haha
  366. pfrazee
    hah right. Yeah forget everything, we're using latex for UIs
  367. it may seem like a bad idea but I know some 60 year old hackers who are really happy about it
  368. Aaron Goldman

    In reply to this message

    That's silly use TCL/TK
    https://www.tcl.tk/
  369. tessitore joined the room
  371. @devduck:matrix.org left the room
  372. Dean
    erlend_sh: Appreciate your response to the downvote issue on Github (https://github.com/bluesky-social/atproto/issues/347#issuecomment-1318290063)
  373. Inviting everyone interested in the effective difference between "likes" and "upvotes/downvotes" and how it might influence the direction of the protocol to look at the quotes that erlend_sh posted in this Github issue^
  374. pfrazee
    Fwiw the team hasn’t commented because we have other priorities but we’re paying attention to this feedback and evaluating this—so agree, please share
  375. px

    In reply to this message

    I was working on a thing a while back where instead of doing up and down, I broke it out as "awesome", "hilarious", "enlightening", "solidarity", "scammy", and "hateful"
  376. I'll work on writing up something for the GitHub issue when I have a moment, currently making sure a toddler gets fed 😅
  377. @numero6:codelutin.com

    my 2 cents about the licence debate:

    • dual-licencing (and more) is a thing. AGPL can be used for the RMS-style crowd but another licence more "business-friendly"
    • one could release under different licences accross time. Releasing under AGPL first, keeping a more recent version proprietary. Waiting each time next version (or x years) to release under AGPL. The risk is network fragmentation because people using only the AGPL version will be ahead of time (and protocol version)
    • the app can be under different licence (proprietary) than the protocol library (more OSI-compliant). Thus, maximizing chances of protocol adoption but keeping some business moat in the app (risk is concurrent app implementation with feature parity, including AGPL community ones but there always be a delay)
    • maybe the licence is not the key from the business perspective but the business model should be assured by other constraints. I'm thinking about Signal: the code is FLOSS but, in order to use the official servers, you have to agree to ToS that impose you to use the official client, not any fork.

    Hard choice 😓

  378. pfrazee
    Appreciate the thoughts, some interesting ideas there
  379. @numero6:codelutin.com
    like the bluesky app being proprietary, only being able to access an "allowlist" of services from companies who paid bluesky to be in the allowlist (maybe free for non-profit services?). People wanting to access not-allowed list will have to use an fdroid packaged AGPL version (high UX friction). So It's still possible to run a FLOSS client and server but gaining exposure via official app is harder.
  380. also, Signal brand is enforced: you can fork Signal infra (both client and server), but you won't call it "LibreSignal" or anything.
  381. (Mozilla does that via MPL licence IIRC, thus the "iceweasel" forks in Debian)
  382. @numero6:codelutin.com
    also, even the FSF recognize the issue of (A)GPL limiting adoption and recommanded usage of more permissive non-copyleft licence for spreading open protocols and format. I didn't found back the webpage but that was the case for Ogg Vorbis: making it ultra-permissive licence to beat the patented mp3 format
  383. pfrazee
    Yeah I appreciate you exploring an idea like that which helps solve the economics. It’s interesting. We have to pick our friction points where we try to capture value. If we choose the wrong ones, we risk choking the opportunities in the network
  384. Just like you say with the mp3s
  385. Dean

    In reply to this message

    This is kind of how Facebook does it, which is definitely possible but begs the question if such a feature is within the scope of the protocol as it would change how all atproto client apps are used/perceived compared to just "likes"
  386. px

    In reply to this message

    In reply to
     Dean
    This is kind of how Facebook does it, which is definitely possible but begs the question if such a feature is within the scope of the protocol as it would change how all atproto client apps are used/perceived compared to just "likes"
    Yeah, also Slashdot, and in a sense Discord and Slack etc have similar labeling. The problem with straight up and down is that for 90%+ of the users it becomes a "this re-enforces my existing beliefs" vs "this challenges my existing beliefs" mechanic, which contributes to polarization and tribalism.
    Splitting out the labeling is nice because it enables custom scoring where if I'm in the mood to see funny, maybe claims of "funny" give a +2 or +3 bump to the score. Or maybe I'm looking to be inspired this morning, so I switch over to a scoring system where "enlightening" is boosted.
    I also really like the idea of having these signed claims that show on this time, this users thought that this blob of content was funny. All that data can be used with neighborhood algorithms to figure out what user activity indicates things you'd be interested in, and things you'd want to de-boost as well.
    (edited)
  387. pfrazee
    The “+2 funny” of slash dot was pretty cool
  388. px
    I like the idea of scoring done on the client side too, so the scores wouldn't be directly baked in to the protocol, but would have sane defaults in the clients.
  389. whyrusleeping
    I like the idea of weighing different peoples votes differently
  390. Subjective scoring based on the viewers social graph
  391. px
    I've also thought about the idea of just opening up labeling to all existing emoji to make it ultra flexible into the future :-) that could be cool, instead of only having a handful of labels.
  392. pfrazee
    I did that with ctzn. Allowed full strings even. It was cool. Very visually noisy though
  393. George Antoniadis

    In reply to this message

    (Six degrees of elon musk.)

    But seriously social graphs / web of trust for social media is amazing in concept but insanely hard to do. The ux alone has probably never been done right.

  394. whyrusleeping
    Yeah, i think our initial twitter-like experience needs to be clean and simple, but would love other experimentations
  395. px

    In reply to this message

    Could be mitigated with sane defaults on the clients, only showing top relevant labels etc.
  396. pfrazee

    In reply to this message

    Yeah it’s not impossible. It’s tough but not intractable
  397. George Antoniadis

    That’s before having to separate “i trust x” from “x is who they say they are” from “i wanna hear what x says”.

    Could an indexer add additional metadata/labels to posts that could be shown to users of any client?

    ie Can an indexer provide to their users that a user/post is “trustworthy”? (For whatever the definition of trustworthy is for that indexer?)

  398. pfrazee

    In reply to this message

    Certainly possible yeah
  399. That’s interesting for sure
  400. ML labels
  401. px
    All labels are ML labels :-)
  402. George Antoniadis

    Indexers can even have “trusted” users who would contribute using bespoke clients or just by linking stuff.

    An indexer of a university could even have verified experts who vouch for posts. Etc.

  403. px
    The idea with what I laid out, if I follow someone/something who I believe labels content well, then it will be easier for me to curate the content on my end.
  404. George Antoniadis
    ^ domain experts based on the tags of the post.
  405. George Antoniadis

    Something I’m considering for a side project is to allow users to create trust lists for content, and you could subscribe to said lists. Your company could have one, your school could have one, your borough/city/country, etc.

    Your client would basically use those as overlays to annotate the content you see.

    Indexers could also play the sane role maybe. Allow clients to subscribe to multiple indexers and decide which labels to show. ie “

    ft.com
    says this post contains fake news”, “city of london says this profile is verified”, etc

  406. (I don’t even read the ft, not sure why I used them as a trustworthy source)
  407. px
    Yeah, I think the important part there is keeping all that logic client-side too, and the network just needs to be worried about shoving around blobs of content, and signed labels, etc. Let other people experiment with timeline curation algorithms. Offer up some sane default, but there's no reason to lock anyone into someone else's idea of a curated timeline.
  408. pfrazee
    Just to set expectations, you can try some client side stuff but it’s quite hard to digest all that data in the client
  409. The protocol shouldn’t stop you but it’s technically a bit challenging so beat that in mind!
  410. Bear*
  411. px
    If you only ingest labels from people close to you in your trust graph, it's not as much as a firehose to deal with on the client. It seems to me like it could be kept pretty reasonable.
  412. pfrazee
    Yeah
  413. Dean

    In reply to this message

    The issue I have with this when it comes to ratings, is the idea that multiple clients display ratings differently for the same posts
  414. So a post you make on client A with just Likes will still get replies from users on Client B powered by the downvotes it may have received on there
    (edited)
  415. And the tone of those replies might be influenced by the way the ratings work on there
  416. Allowing all emojis as reactions, and letting clients decide how to handle them, does not solve the issue of negative reinforcement caused by a downvote system (i.e. thumbs down emoji)
    (edited)
  417. px
    That's a feature :-D I 100% think that different users should see different scores, according to their own personal preferences and trust graphs.
  418. Dean
    I don't, considering the author and not the viewer
  419. People will think twice about making a post on a decentralized Twitter when they know that it will also be published to a decentralized Reddit client and receive that type of engagement as well
  420. Dean
    A middle ground might be to let the client app decide what emoji-ratings to allow on a user's post
  421. px
    yes, it should always be up to the client
  422. Dean
    So each post has an attribute like allowedReactions: [ "👍", "👎 "]
  423. And then clients can choose to index posts by their allowedReactions
  424. px
    Clients should start simple, but allow for fancy customization by tweaking scoring criteria of the various labels. I think that would be super intuitive even for less technical users as well.
  425. Dean
    So a decentralized Twitter would only index posts that have either ["👍"] or [""] as their only allowedReactions attribute
  426. px
    I don't think the content itself should be able to restrict how it's labeled by others.
  427. Dean
    A decentralized Facebook could allow everything, and a decentralized Reddit would do only posts that have ["👍", "👎"

  428. In reply to this message

    I disagree with that because there's a reason people choose to post one type of content on Twitter and another on Reddit
    (edited)
  429. The knowledge that your post will invite different rating behavior across clients will cause FUD to post
  430. "I only wanted to post about my last job to my followers and get some likes on Jobtter. Why did my last post get #1 Most Downvotes on a website called DecentralizedAntiWorkBoard? Now I'm being memed and getting hate from some community that I wanted nothing to do with in the first place."
    (edited)
  431. px
    Stuff's still going to get cross posted anyway, might as well all be on the same social graph.
  432. MightySpaceman (OLD -> m_spaceman:matrix.org)
    image.png
  433. Dean

    whyrusleeping

    Note that likes/upboats/downvotes/etc arent “in the protocol”. They are a particular type of interaction defined by a particular lexicon. The downvotes you see in the repo are defined in the app.bsky lexicon, which is a twitter-like system built on the AT protocol. One lexicon including downvotes doesnt mean everything using atproto has downvotes.

    This is news to me. I thought atproto clients would share the same standard for accounts/posts.

    (edited)
  434. If likes/votes aren't a part of atproto at all, then clients would need to change the back-end logic and build their own modules on top of atproto to allow the type of engagement that they want, and then if other clients don't have the same implementation then engagement like Likes won't be shared between those clients, effectively isolating/centralizing post engagement in the protocol.
  435. Furthermore, if bsky is part of atproto's spec with its own subjective voting system, and it shouldn't be considered a part of the protocol itself and clients are expected to integrate their own style of post engagement logic, doesn't that give an unfair competitive advantage to bluesky, where every bluesky post is indexed/processed by every client that integrates atproto, but custom work needs to be done by every single client that want to properly handle posts from other clients with custom lexicons?
    (edited)
  436. Considering there are ways to standardize engagement, like how px and I were debating here, I don't see a reason why that should be a "dyi" part of the protocol, breaking the protocol apart into groups of which client integrated which engagement spec
    (edited)
  437. Canaro Lucas joined the room
  438. tessitore
    Social media which further exacerbates polarization while offering increased privacy while doing so, may feel counterintuitive if the end goal is to address social inclusiveness. Being inclusive of those expecting social experiences to be diverse & personalized would mean avoiding binary love/not loved, up/down. Has there been discussion of Bluesky having varying UX options, which offer diversity of intention to allow for both a simplified end user experience, yet the allowance for intentional outcomes from Bluesky? When I first got excited about this project I imagined people would finally get to flip between purpose of interactions. For example: UX 1: Entertainment (Twitter Like) UX 2: Wellness (Reddit Like) UX 3: People’s Assembly (Humanities purposeful intentions meets 21 century citizens assemblies) (Facebook Like) UX 4: v2.0 Personalizable selection of pieces from all the templated UX options Town squares are often repurposed by refacing them so it would seem logical to include such in the digitization of the overall experience. With nearly everything the same otherwise, one application could therefore offer the choice of facebook/reddit &/or types of interactivity. While addressing the need to solve the anxiety caused by social media with direct links to solutions to ones anxiety within a seamless experience. Posts could be across UX choices with a simple 3 icon labeling that people in all experiences could opt to cross label for themselves if the post creator had not originally labeled it as intentionally crossing. If all of this were an option the UX could include the following: UX option 1 Twitter like (Entertainment): 💬 ♻️ ❤️ ( directly linked to Downvoting & ❤️ Upvoting in the Reddit like UX 2) UX option 3 Facebook like: Includes the ❤️ , and includes limited amounts or unlimited amounts of additional emojis which may be connected to further functionality. Such as mentioned earlier, people choosing to amplify posts with certain emojis to tweak the overall vibe. Knowing the first 2 options go across all 3 UXs would encourage ❤️ be used frequently in addition to whatever other options are further added by those who desire a deeper sense of connection. Or particular emoji responses being part of participation in polls, or as triggers. Then other platforms would be able to make use of the end results while experiencing a minimized amount of restriction of options their own social experiences may offer. While Bluesky doesn’t limit itself to any one particular type of user by instead bringing them together around a single campfire. Further in the journeys future, people could perhaps one day be able to customize what pieces of UX 1, 2 or 3 they want to be their personal UX 4, while the backend is already ready to make sure the end result is as cross platform/culture friendly as could have been. This would also allow for 3D integration to be simpler since a full spectrum of UX is supported by default.
  440. @amirabbas_ir:matrix.org left the room
  441. Karl Abbott (Away Until 28-November-2022) changed their display name to Karl Abbott
  442. @maxi:kayla.horse removed their display name (Maxi)
  444. @maxi:kayla.horse left the room
  445. whyrusleeping
    made a simple little hacker news bot, about as basic as it gets, but still pretty fun: https://github.com/whyrusleeping/bskybots/blob/master/hn.go
  446. George Antoniadis
    Has the interface (in terms of lexicon/xrpc methods) been already defined? I'm wondering if the various app.bsky.feed.* records and queries will be reused or if it's something completely different to those.
  447. pfrazee
    can you rephrase the question a bit? Not sure what youre asking
  448. George Antoniadis

    pfrazee: sorry, I might have misunderstood some things as well, so the question might be just invalid.

    The protocol overview over at

    atproto.com
    says the following:

    As with Web search engines, users are free to select their indexers. Each feed, discovery section, or search interface is integrated into the PDS while being served from a third party service.

    From which I've assumed that the user will be able to select one (or more) indexer services that will allow them to discover posts.
    I also assumed that the indexers are not full blown PDSes, but rather provider some sort of feed to the clients/PDSes.

    How far off the mark am I so far?

  449. pfrazee
    right so far -- they either provide repos of data (similar to users) or API endpoints for accessing their indexes
  450. George Antoniadis
    lovely, so my question is basically, have these ^ "API endpoints" you mentioned been defined already? :D
  451. pfrazee
    oh nah, if it's not in the current lexicon on the website, we haven't specced it yet
  452. wont be too long but not yet
  453. George Antoniadis
    thanks, that's what I was looking for. :D I'm playing around with how I'd like an indexer to work, and was just wondering if I could already start working on implementing the xrpc interfaces needed by pds/clients.
  454. pfrazee
    well the one you could play with is search, I figure
  455. we do have search methods in the app.bsky.actor namespace
  456. George Antoniadis
    I'll check that out, thanks! I'm not super interested in search at this point but should be a good start at seeing how to implement a xrpc method. :D
  457. One more question that probably doesn't have an answer. Are there an well known publicly available PDS servers we can talk to? Once with some test data maybe? :D
  458. pfrazee
    haha ohhhh unfortunately "publicly available" is the problem
  459. Aaron Goldman
    I wander how far you would get just sucking all the records from all the repos you subscribe to into Sqlite https://www.sqlite.org/json1.html

  460. In reply to this message

    What you don't want to test against the bata server and break everything for everyone?
  461. George Antoniadis

    In reply to this message

    I think that's just called "good QA" :P
  462. whyrusleeping
    Theres a staging server with a lot of data on it lol
  463. Its all fake data I’ve generated, but its there
  464. pfrazee
    whyrusleeping: not sure we want to open that to anybody outside the org, lol
  465. George Antoniadis
    pfrazee erm. 😂 whyrusleeping a force push might be required if it's the one ending in .dev
  466. Aaron Goldman

    In reply to this message

    I would think more like checking in a SQLite of a server with some test data or a script that populated one from scratch
  467. pfrazee
    the dev-env package has that
  468. whyrusleeping

    In reply to this message

    Its okay, it still requires auth and getting an auth tokens takes an invite code
  469. Dean
    Dev-env has pre population of activity?
  470. pfrazee
    yup
  471. real handy
  472. clone repo, yarn, then go to dev-env package and run yarn start and away it goes, prepopulated and all in-memory
  473. anon_fawkes joined the room
  474. mranders0n joined the room
  476. Børlaag changed their profile picture
  477. bri4n joined the room
  478. breed changed their display name to bri4n
  479. anon_fawkes
    Anyone developing anything related to News on the atprotocol?
  480. Matt Corallo joined the room
  482. bri4n
    What is your architecture and thoughts on regulation compliance? for example - handling the situation where users that exist in europe are not allowed to view hate speech while in USA it is allowed?
  483. Aaron Goldman

    In reply to this message

    It's less pinned down than some of the other parts of the architecture but at a high level.

    Separate the tasks of safety labelers and acting on the labels. Let's say you want your clients to filter out content illegal in the EU and put pornography behind a click through prompt. You would subscribe to one data labeler that did illegal in EU labels and one that did porn labels. Then program your PDS to discard any records labeled not for EU and your client to put records labeled porn behind a click through.

    This empowers the user to choose the labelers they want to trust. Unlike the big tech platforms where the platform decides what to show, what to tag with context, what to put behind a click through, and want to hide entirely the user picks labelers and actions.

    Labelers can compete to provide the most useful labels and clients can compete to provide the most useful actions. For example you could have a labeler for "sports news" I didn't action for "don't show during working hours" this is not something the trust and safety teams at large platforms would spend the time to do but might be content filtering that helps a user get their work done.

    There is space in context moderation for much more nuanced and personalized curation than we do now.

    If you have good filtering of content that is illegal or offensive to you then you are more free to try out many different timeline ranking algorithms to find ones that bring you joy and value.

  484. bri4n
    Thanks. Am I right this is very much on the client level - user level - to decide. And not up to geo-location, or any centralized system.
  485. George Antoniadis

    whyrusleeping: Mind if I quickly bug you about something gosky specific? :D
    I'm grabbing the car from getRepo, and trying to process the various objects that are in there.

    1. What's the best way to traverse the car's dag? Tried using go-car/v2/blockstore but going through all the cids in the car is a bit of a slog as they seem to include the car's structure as well.
    2. Even better, is there an IPLD lib I could use to traverse this? As even once I found the blocks I'm interested in, I need to be able to find their $type to unmarshal them into the right struct. -- Or is there a better way of doing that by any chance?

    If these questions are not making much sense please feel free to just ignore them, I'll give it another shot after reading a bit more about cars. 😂 -- Either way, thank you very much in advance! :D

    Edit: Found it, should have pulled more often from main :D
    https://github.com/whyrusleeping/gosky/blob/master/repo/repo.go#L69-L77

    (edited)
  487. [pioneer] 🇺🇦
    got a couple of questions

    1. The application connects to my personal data repository, authenticates and reads my feed from there. However, my friend's feed is on another data repository, how can the app know where to find that data? Will it end up the app manipulating data from multiple repositories?
    2. What happens if my friend decides to migrate to another data repository (for example, if the current one is going to shut down)?
    3. People discovery, how can I find people to read/follow if they're on different repositories?
  488. George Antoniadis

    [pioneer] 🇺🇦: I'm still trying to understand this as well, but my best guess/understanding so far is the following:

    1. Assuming you're on the one.social PDS and your friend's is on two.social using the handle friend.two.social.
      When you tell your PDS to follow your friend, the PDS will call the com.atproto.handle method on two.social with your friend's handle, will get their DID and the CID of their repo and can then call com.atproto.sync.{get,update}Repo to get their posts etc.
      When your client then calls your PDS to show posts etc, your friend's posts should be included with the rest.

    2. Your friend's DID mentioned above is going to look something like did:plc:vzmlifz3gharxxx, this should be what will allow you to keep following them when they move to a different PDS as it's not tied to a specific PDS or handle. Assumption: It makes sense that when your friend moves, they'll need to add a "moved to a different pds" record to their repo, so people know what happened.

    3. No clue :D too early I guess?

    (edited)
  489. Aaron Goldman

    In reply to this message

    I like this answer. I would add that once you follow since that follow is remembered by the DID if the account you are following changes their handle from

    friend.two.social
    to friend.personaldomain.example it will not break the following.

    If your friend moves PDSs then they can update their DID Document to point to the new PDS so the old PDS does not need to give them permission to move to the next one.

  490. [pioneer] 🇺🇦

    In reply to this message

    interesting, so let's imagine one day `
    two.social
    ` is down, I assume way before it happens the friend should have updated the DID and completed the migration to another PDS, correct?
  491. the rest sounds quite similar to ActivityPub, which seems to be a pretty well working approach
  492. pfrazee
    there's a "recovery key" mechanism which is like a paperkey that allows you to migrate even if your original server is down, but you need to both create your recovery key ahead of time and keep a backup of your repo
  493. (we intend to make that easy of course)
  494. or, you know, as easy as we can
  495. Aaron Goldman

    In reply to this message

    No it is important that you be able to migrate away from your PDS after they disappear without warning.
    What you need is a key that you hold and a client that is maintaining a in sync repository.
    Then you can just issue the new DID Document on your client and upload your copy of the repo to the new PDS.

    Loading the recovery key into your client so you can rotate the account key away from your old PDS may involve scanning a QR code or typing in a long recovery phrase.

  496. HIRO joined the room
  497. [pioneer] 🇺🇦

    In reply to this message

    okay, so my client must keep a copy of the whole profile feed then
    hmmm when my PDS disappears without warning, I of course can upload my data to another PDS, but how the followers will know the new PDS given there is no old PDS online that can tell them "look elsewhere"?
  498. pfrazee
    that's what the DID system does
  499. [pioneer] 🇺🇦
    aah so maybe I'm mixing DID servers with PDS servers, they're separate independent entities, correct?
  500. pfrazee
    correct
  501. [pioneer] 🇺🇦
    so then DID servers are required to stay and not disappear that easily, right?
  502. sylphrenetic
    why not build data redundancy into the system, instead of forcing users to provide their own backups?
  503. George Antoniadis
    Owh right, that's what the "DID Placeholder server" the dev-env is spinning up. I was wondering wtf that is.
  504. [pioneer] 🇺🇦
    well, obviously like DNS servers
  505. George Antoniadis
    Is there any documentation on the DID server XRPC interface? I kinda guess the DID is yet another car repo?
  506. pfrazee
    uhhh the only stuff specced for did placeholder is on the https://atproto.com website

  507. In reply to this message

    open to thoughts on that, but the hard part is the economic relationship. It costs money to maintain a backup
  508. if somebody like the Internet Archive starts maintaining backups for everyone, there you go
  509. [pioneer] 🇺🇦

    In reply to this message

    IMO the toughest thing is that users are used to maintenance-free approach provided by big social networks, now a part of responsibility should be on the user's shoulders otherwise they could lost their data
  510. sylphrenetic
    I just mean making it easy to have backup PDSs that you define. so I have my main one that everyone k ows about, and I can define however many other PDSs natively that all my data will get duplicated to
  511. Aaron Goldman

    In reply to this message

    What matters is that someone has a checkout of the repo. This could be your client or you could have a "backup" PDS that is following your repo. Linus used to joke that he never needed a backup of his work since lots of people pulled from his linux repo. If you have any user on any PDS that is subscribed to sync your complete repo that backup is as good as any other. All you need is that someone has a copy they are willing to give back to you. Doing the backups yourself or paying someone to is just the most straightforward way to get a full subscriber.
  512. pfrazee

    In reply to this message

    sure that's doable

  513. In reply to this message

    it's a question of the PDS you're engaging with. If it's a commercial PDS then this isn't on you. If it's one run by a rando, you need to make backup arrangements
  514. sylphrenetic
    I've got a feeling we're gonna see commercial PDSs pop up REAL quick once this stuff gets going
  515. pfrazee
    well, yeah -- we're going to run one
  516. [pioneer] 🇺🇦

    In reply to this message

    depending on data nature, a typical user can or can not have enough space on their personal devices to have the full backup, so if it's a youtube-like feed with multiple videos, maybe the only option would be to rely on PDSes both for the content author and the readers (as they also will likely not store the full video backup on their devices)

  517. In reply to this message

    anyway it's not maintenance-free, so a typical user should be somehow convinced to pay for the service, which IMO requires a certain culture of maintaining your own data and understanding why it matters to take care of it yourself
  518. Aaron Goldman

    In reply to this message

    If Gmail/Drive went away tomorrow I would lose data. This limits me to using services with very high trust in their durability. This in turn limits me to using services with lots of capital. That is a recipe for oligopoly. By making the migration cheap for the users the failure of a PDS is not so bad and users can take chances on small PDS doing interesting things.

    This is where the economics move away from the natural monopoly of any service that is data storage intensive.

  519. Aaron Goldman
    It is not cheap to download my data from Twitter, Facebook, YouTube daily. I do have all my GitHub repos on my HardDrive. git fetch it is cheap from github when there are not updates and only the size of the diff when there are updates. Moving this kind of data to Repos means that keeping a full checkout on your clients is much cheaper the the state of the art Data Takeout. I could back up my git repos every 300 seconds with no noticeable bandwidth consumption for my home.
  520. [pioneer] 🇺🇦

    In reply to this message

    if that's a Facebook/Twitter data, yes, if it's a YouTube-like profile and I'm an influencer with lots of videos, I very likely simply won't have enough space on my regular devices for the full checkout, so maybe I'll end up having dedicated backup clients having large storage volumes
  521. @giver0453:matrix.org joined the room
  522. @giver0453:matrix.org joined the room
  523. @giver0453:matrix.org left the room
  524. Aaron Goldman

    In reply to this message

    PXL_20220115_012129301.MP.jpg
  525. I am biased by my position of privilege but I am not that worried about that.
  526. 5 TB is ~5,000 hours of video you have to be a pretty big youtube channel for that repo to be hard to keep a local copy
  527. S3 at 100 USD/Month for 5TB is scarier
  528. George Antoniadis
    Just being pedantic here but 5TB of uncompressed 4k video is significantly less than 5k hours :D
  529. Aaron Goldman
    why uncompressed?
  530. George Antoniadis
    Uncompressed I meant something like H264/5/HEVC, not raw video. iPhone's 4k @ 30 fps using H264 is about 350Mb per minute, which would be 250 hours for 5TB Adding better compression etc will help but unless you do 720p 5k is too much. Please ignore me it's been a long day, I agree with your point and didn't mean to derail it. :D
  531. Aaron Goldman
    The 4K/60FPS video bitrate is approximately 100Mbps. One minute of video consumes 750MB of memory. Ok 110 hours there are creators that have that much data but I wander how common that is. 🤔
  532. George Antoniadis
    Most bigger youtube channels keep the raw footage anyway, which ends up requiring insane amounts of data. LTT, Slomo guys, MKBHD, and others have done videos where they talk about their storage needs. There are a couple of them who have over 1PB of storage just for old stuff which is insane. I think quite a few of them also do 8k for future-proofing their channels. Smaller creators probably don't even keep the raw shoots, and most likely don't even do 4k. Apple has 2Tb for 6GBP/m, pretty sure Dropbox/Google will have the same, which will be more than enough for them.
  533. Aaron Goldman
    There is also the question of using error correcting codes so you can store your data on less reliable storage providers without increasing the risk of loosing data.
  534. @BenNevis:matrix.org joined the room
  536. networkException changed their profile picture
  537. core joined the room
  538. core
    Hi this looks promising. Is BlueSky essentially a protocol or also an innovative UI for social media?
  539. Aaron Goldman

    In reply to this message

    AtProto !=

    Bsky.app
    != Bluesky PBLLC

    AtProto: A URI scheme and transport protocol for self authenticated data. (Probably should be moved to a standard body at some point)

    Bsky.app
    : An example distributed social network built on top of AtProto with both Lexicons and a UI.

    Bluesky PBLLC: A public benefit limited liability corporation funded to do research, build an example distributed social network, and support the Bluesky community.

    Does that help?

  540. sylphrenetic
    is ATproto really a transport protocol if it depends on http?
  541. wouldn't it be more like above the application layer, like a "social" protocol or something
  542. George Antoniadis
    I guess it’s more than just a social protocol as it’s pretty extensible, other devs should be able to define their own lexicons and rpc methods to build things other than social apps. Check out the atproto site and I think you’ll get where they’re going with this.
  543. sylphrenetic
    gotcha. so something other than a social protocol but I still don't see it as a transport protocol.
  544. Ibrahim Tarek joined the room
  546. mkpal202117 joined the room
  547. Duo (@duo:xduo.me) joined the room
  548. Dean

    In reply to this message

    I'm curious as to how ATProto achieves decentralized social networking if each application is expected to have their own lexicon and thus risk making content unsupported-by-default across different clients.
  549. It currently sounds to me like it would make more sense for developers to focus on building a "bluesky-supported client" rather than an "atp client" if it means to support freedom of account ownership and portability.
  550. Dean
    If we compare ATP to email, ATP can be thought of as the framework for building communication protocols, rather than being an email protocol itself. Different services can communicate with each other using ATP, just as different email clients can communicate with each other using the email protocol. However, imagine Gmail is the first and dominant email provider, and many other email clients have to then adapt to be compatible with it since they built their own "email standard". Bluesky built on ATP would be the dominant communication protocol, limiting the ability of other ATP-based communication protocols to communicate with it unless they are logically similar to Bluesky. This could create barriers to communication and reduce interoperability in the ATP ecosystem.
    (edited)
  551. George Antoniadis

    In reply to this message

    I wonder if once the bsky app is stable and all the major problems have been kinda solved if app.bsky.* could be promoted to com.atproto.microblog.* or something to make them more future proof
  552. Dean

    In reply to this message

    If Bluesky is deployed using new (non-"Twitter standard") social actions, such as a variation of upvotes and downvotes, other social networks built on ATProto will be forced to deal with 2 mediocre choices: either be a full integration of Bluesky's own social networking logic to support content portability, or build their own ATProto lexicon and lose the ability to interoperate with other clients. Neither are ideal imo.
    (edited)
  553. Dean

    In reply to this message

    Your suggestion would be good, but if "off the accepted standard" microblogging stuff is already engraved within bsky's lexcion over time, and it became something other than microblogging, I don't see it happening.
    (edited)
  554. George Antoniadis

    In reply to this message

    There a very very very thin line between enabling application developers to extend an interoperable protocol and creating applications that can't talk to each other. Pretty sure this has been discussed before here but not sure path the team has decided to take. -- it would make sense though to first start with something that works and can evolve in the future rather than making something extensible that no one uses or wants to implement.
  555. Dean
    imo accounts/following/posting etc are all solid and following what all developers would expect from a Twitter-esque social networking protocol, and what needs to be worked out carefully is how posts can be interacted with (specifically a way to count reactions e.g. likes/emojis/up-or-downvotes that different clients can agree with)
  556. [pioneer] 🇺🇦

    In reply to this message

    I'm only telling that it's not a worry-free approach as if being a YouTube user anymore, you have to take care of your backups and likely pay for a proper PDS that can manage terabytes of videos and millions of visitors
  557. mikestaub

    In reply to this message

    Better yet grant multiple entities access to your PDS via mirroring and diffuse the risk entirely.
  558. mikestaub
    arcalinea: here is an interesting "fair-code" business model that companies like https://github.com/n8n-io/n8n are using. Could be a viable option to monetize the app and PDS service.
  559. Hilary Baumann joined the room
  560. Hilary Baumann set a profile picture
  562. @henriquemcc:matrix.org joined the room
  563. pfrazee
    my talk from dweb camp about schemas is finally online https://archive.org/details/27-09-45_schema_negotiation.qt
  564. fairly relevant to the conversations we've been having. It's a bit old but not tooooo out of date
  565. featuring facial hair I really shouldve bothered to shave
  566. @sterence:sleeby.cafe
    i have a question about private activities on at protocol, do they exist and what happens to them long term? it says data repos will only store public activities but im not sure if that means private activities will be temporary messages or if they'll just only get stored client side
  567. pfrazee
    we're still working on that, but the answer we currently are favoring is that private activities will be messages sent directly between users' servers
  568. b0gg3r
    In a similar MST repo? Or would the scale of such private comms be small enough that you could round robin? I guess group chats would be the kind of application which would produce a lot of network traffic
  569. pfrazee
    My current leaning is that it’s transferred off repo entirely, but perhaps stored on receipt in a per-user private repo
  570. b0gg3r
    Is that to preserve a "privilege border" (for lack of the correct term) where the repo in it's entirety is publicly viewable and accessible/indexable?
  571. It strikes me that a lexicon could be created to manage the encryption, but not if private data shouldn't be in a repo
  573. MightySpaceman (OLD -> m_spaceman:matrix.org) changed their profile picture
  574. tmw (he/they) changed their profile picture
  576. lepras joined the room
  577. lepras (@lepras89:matrix.org) joined the room
  578. dgn joined the room
  579. dgn
    Hello, I am also a software developer and I want to support you. Although I wanted to talk to you on Twitter, I couldn't reach you. No answer was given. I'm ready to do things for Bluesky and decentralized social media. (I can deal with security and vulnerabilities.)
  580. @erichf:matrix.org joined the room
  581. @erichf:matrix.org left the room
  583. @andrew:trivial.business joined the room
  584. arcalinea
    Hey dgn , our Twitter gets a lot of spam messages and it's hard to stay on top of them. If you send your resume, cover letter, and role you might be a good fit for over to
    hello@blueskyweb.xyz
    , we're keeping applications on file for roles we're not yet hiring for.
  585. snarfed
    hi all! I'm looking at Lexicon/XRPC and trying to understand validation for parameters vs input/output
  586. it looks like all three basically use JSON Schema to validate, but input/output use complete JSON Schema schema objects, while parameters have individual JSON Schema property objects instead of full schemas
  587. and those parameter property objects are a subset of full JSON Schema, ie only some types and keywords are supported
  588. is that all roughly right?
  590. joelghill joined the room
  591. joelghill
    Message deleted
  592. joelghill

    Hey ya'll, I'm really interested in this project and I've been pouring over the documentation. It's mostly clicking but I'm still hung up on the specifications regarding the Data Repositories.

    The developer guides specify that the Personal Data Repositories will be a specific data structure; a Merkle Search Tree with each node being an IPLD object.

    1. I'm wondering what this means for someone trying to implement a server based on the protocol. Do you envision this data structure being the actual back-end storage of user data, or is it a required output when requested? In other words, would developers store data in a traditional database and then compile everything into a PDR file upon request? I'm just trying to wrap my head around the potential implementation details.

    2. Are there reference implementations of Merkle Search Trees our in the wild? Didn't find much on them, they seem like a new idea?

    3. The PDR looks like the description of a blockchain or some other distributed ledger. Not a critique or question, just an observation :)

    Exciting stuff folks, can't wait to see more from the team soon!

  593. andrew@trivial.business changed their display name to andr3w
  594. Aaron Goldman

    In reply to this message

    1) The repo is technically an exchange format. Like a git repo most git clients store the history in the merkle trees. Since the MST is a deterministic data structure if you store the key value pairs you could generate the tree on demand. No promises you can do that efficiency though. My expectations are that most implementations will store the repo as a conical representation and then build an index over it to make search faster.

    You have to store the records. The intermediate nodes are approximately one for 32 records. Likely less than 4% storage blowup to enable tree diff syncing.

    3) This depends on what you mean by Blockchain. It is a chain of blocks with hashes to link them together so yeah like git it is a block DAG but the consensus mechanism is to let the PDS put updates in order so it is not in the Bitcoin sense of a Distributed consensus algorithm.

  595. @henriquemcc:matrix.org left the room
  596. joelghill

    Aaron Goldman: Thanks for the response! This clarifies it for me a bit but I think I need to do a bit more research. Sounds like looking to how Git repositories are implemented might shed some light on how PDRs could be implemented?

    You have to store the records. The intermediate nodes are approximately one for 32 records. Likely less than 4% storage blowup to enable tree diff syncing.

    I know some of those words!

  597. Aaron Goldman

    In reply to this message

    If you are interested in private shared data in public repositories it is also worth reading about WNFS

    https://guide.fission.codes/developers/webnative/file-system-wnfs

  598. In reply to this message

    Yeah ... I have a bad habit of using obscure language when common words would do. Please call me out so I can improve my explanations.
  599. What MerkelDAG (Directed Acyclic Graph) is not a common term?
  600. joelghill

    Aaron Goldman:

    Yeah ... I have a bad habit of using obscure language when common words would do. Please call me out so I can improve my explanations.

    Oh, no snark was intended on my end! I appreciate you taking the time to explain. I'm just new to these data structures

    (edited)
  601. joelghill
    ☝️exactly, haha
  602. I won't spam the chat with more questions (for now) but I am interested in learning more on my own time. Is there some baseline reference material I should read up on? I just learned what a Merkle tree is ... my baseline knowledge is close to zero on this topic.
  603. Sam joined the room
  604. sylphrenetic
    this was a pretty good intro I watched to IPFS and how they build DAGs if you're interested: https://youtu.be/Z5zNPwMDYGg
  605. @julian:one.ems.host left the room
  606. joelghill
    Thanks sylphrenetic and Aaron Goldman ! I'm going down the rabbit hole and learning as much as I can 👍️
  607. @rimuru:gentoo.chat changed their profile picture
  608. Ankur Shah joined the room
  610. @govbotdotnet:matrix.org joined the room
  612. Lumen (She/Her) joined the room
  613. mikestaub
    This project parses the Twitter archive and uses the API to maintain a self-hosted site for all the tweet data. Might be useful in the future to help Twitter migrate to the ATproto. https://github.com/tweetback/tweetback
  614. @wyb-pip:matrix.org joined the room
  615. @wyb-pip:matrix.org left the room
  616. MightySpaceman (OLD -> m_spaceman:matrix.org)
    &pip lol
  617. snarfed
    hi again! I have another q on Lexicon/XRPC. it seems like XRPC parameters and input/output properties should be able to be records. eg, if you have a lexicon with type record and id
    com.example.my
    -record, I'm guessing a param or input/output property could be type
    com.example.my
    -record, or something similar?
  618. snarfed
    ...but I couldn't find anything on that in https://atproto.com/guides/lexicon or https://atproto.com/specs/lexicon . are input/output props always primitives? and records are only accessed by URL, collections, and in data repos? not directly encoded in XRPC inputs or outputs?
  619. snarfed
    (feel free to let me know if I should be asking these kinds of q's somewhere else!)
  621. @dream:envs.net joined the room
  622. Felipe joined the room
  623. felipemaciel changed their display name to Felipe
  624. @miker2049:groupchattt.page joined the room
  625. @maymounkov:matrix.org joined the room
  626. Jan Lenke joined the room
  627. snarfed
    ah, may have found the answer. looking at the lexicons in the repo, it looks like this is done with type "ref" and a ref field pointing to the nsid, eg https://github.com/bluesky-social/atproto/blob/main/lexicons/app/bsky/graph/follow.json#L13 , which points to
    app.bsky.actor
    .ref , which is defined in https://github.com/bluesky-social/atproto/blob/main/lexicons/app/bsky/actor/ref.json
  628. ref isn't documented on https://atproto.com/docs yet though, and these lexicons also use a defs field, which is in schemas in the Lexicon guide and spec but not really documented either. I'm guessing these parts aren't quite baked yet, so I can back away slowly for now 😁
  629. amoranio joined the room
  631. snarfed
    hi again, all! I've released the first version of a Python implementation of Lexicon and XRPC, https://github.com/snarfed/lexrpc. it supports old- and new-style Lexicon and has an XRPC client, server, and Flask integration. I've tested that it interoperates with the Lexicon and XRPC implementations in https://github.com/bluesky-social/atproto. feedback is welcome!
  632. Markus joined the room
  633. magicofazi
    Hi, can someone give me a basic understanding of how at protocol solves the portable accounts problem of federated systems
  634. Aaron Goldman

    In reply to this message

    I tend to explain in overly complicated ways but I can give it a shot.

    If you want an account that can be moved from one server to another you need some kind of ID that you can prove you control. If you do this by making a public key your ID then you can prove you know the private key as proof you control the ID. For example did:key or did:pkh are derived from public keys and can be moved by the user that knows the key.

    Bluesky's did:plc takes a middle ground. Where the original key can sign a statement adding a new key or removing an old key. This is technically less portable as someone needs to store the did:plc 's operation log. It is a tradeoff between maximum portability and maximum usefulness.

  635. If you want a looog version of this answer I gave a talk on this class of IDs and there tradeoffs https://youtu.be/Z04RGWgHzvU

  636. In reply to this message

    Does that help or just make it more confusing?
  637. Glasgow joined the room
  638. mikestaub

    In reply to this message

    By letting users own their DID private key, which can prove ownership of all their data, it's like they have their own domain name. If you want to switch hosting providers for your website, it's straightforward. ATproto will be similar, hopefully even easier.
  640. ifeeltiredboss joined the room
  641. ifeeltiredboss left the room
  642. lucidDaemon joined the room
  643. Andrea Mazzilli joined the room
  644. Pablo Andrés Dorado Suárez joined the room
  645. Pablo Dorado joined the room
  646. Aaron Goldman
    I use this as a interview question how did I just notice https://jsonpatch.com/ ?
  647. Atrius joined the room
  648. zopbop joined the room
  649. dlccyes joined the room
  650. @jigojisho:matrix.org left the room
  652. dgn
    Hi, when will the beta version be released? Is there a set time? We want to help you quickly identify and resolve bugs using the app with beta. arcalinea pfrazee
  653. dgn
    With the use of beta, errors can be detected very quickly and imbalances can be resolved during use. While you are in the development phase, we can detect it at that time. I sent you an e-mail for a software developer application, but there was no response. I want to help you. I support this project. If you can create a special invite code for me for the beta, I can start checking and testing right away. Mr. Jay Graber and his team...
  654. sylphrenetic
    btw is Ms. Jay Graber...
  655. and I'm just as eager to develop for and test out the bluesky app as anyone, but as long as you're signed up for the beta on their site I'm sure you'll get an invite once it's ready for beta. if the team isn't asking for dev/test help they likely don't need it at the moment, they just need time to get it right.
  656. brown_branch joined the room
  657. tyrannosaurus_rox joined the room
  658. @jordanreger:matrix.org joined the room
  660. lawoffives joined the room
  661. Mahdi joined the room
  662. mikestaub
    I hope the Bluesky team takes some well-deserved time off in the coming weeks to relax, recover, and prepare for what will surely be one of the most exciting years in the history of tech. 2023 is set up to be an inflection point. The progress has been incredible and the team is focused on all the right things to succeed. It will be an ultra-marathon to reach mass adoption, so please take care of your personal and mental health. There is a long road ahead, but we can achieve anything if we work together as a community. As soon as the project is ready for contributions from the open source community, I predict the floodgates will open and everyone will be shocked at how quickly the ATproto ecosystem grows.
  663. Dean
    Just wrote a 15-post thread on Bluesky and ATP with personal findings and insights: https://twitter.com/Deanpress/status/1603815019086594067
  664. @stephane_huonder:matrix.org left the room
  665. pfrazee

    In reply to this message

    Thank you Mike! and thank you to everybody here for being so supportive and incredibly patient with us while we work! We're all super excited and our morale & motivation is through the roof to get this ready for yall
  666. pfrazee

    In reply to this message

    I hear a lot of your points in the thread. The votes issue is not settled yet, just backburner while we work on things. The decision to call the lexicon "bsky" was actually intended to avoid over-colonizing the namespace -- trying not to elevate our opinions simply by naming -- but that may have been the wrong call and actually have the reverse effect of a brand name gaining too much "core meaning"
  667. lexicons in general serve two purposes, one is to provide very explicit and well-documented behaviors and avoid the frequency of "just do what X codebase does." The other is to ensure userland data models can work, and while it provides the structure for it, it's going to be a big task in the coming years to fully realize it
  668. the challenge with lexicon-flexibility is balancing performance and correctness against the flexibility. Aka, "how much does the PDS need to have hard-coded to be performant and correct?" For this initial build we decided to let flexibility wait, since performance and correctness are very difficult in a decentralized network, so the PDS has a number of hard-coded bsky lexicon behaviors
  669. our plan is to get that to a working spot and then set projects in motion which un-hardcode that lexicon, and therefore gradually work toward more flexible solutions that will drop-in-replace the hardcoded solutions
  670. doing flexibility well requires really understanding the characteristics and requirements of the system, so while I'm eager/anxious to introduce lexicon flexibility, I'm hopeful/confident this approach will help us get there without a bunch of thrashing. It just means some of the most exciting ideas won't be fully realized with v1
  671. some recent development updates, btw --
  672. the Lexicon DSL was rewritten recently. It still mirrors JSON-Schema in many ways, but has been updated to better fit ATP's semantics and to work extremely well with strongly typed languages like Go, especially for client & server code generation. The update also evolved the "schema negotiation" in a very positive direction. I like to describe lexicon as a "universal .d.ts format for ATP", and I'm feeling good about how it'll help us work with a wide variety of languages and evolve the system in a decentralized way
  673. "blobs," ATP's word for unstructured data (aka files), also just landed, thus the app is able to do things like profile avatars and images embedded in posts. That was a big milestone and we're really pleased with it. The blobs are integrated into Lexicon as well, and are attached to records almost like a field type. We included the ability to set constraints on the blobs (like max size, max dimensions, acceptable mimetypes, etc) which is really valuable for ensuring consistency and performance across the network. You don't want folks setting 5mb profile pictures (on accident or otherwise) and choking the network, and that's what the lexicon-driven blobs let us avoid!
  674. for the remainder of the year, we're doing code cleanup and various small but important tasks (ie yesterday we just landed the password reset flow). After the new year we're going to set our sights on that beta laaaunch 🚀🚀🚀
  675. mikestaub

    In reply to this message

    This is the main challenge in my opinion, that if solved, will move the industry forward. I recommend tackling it head-on in the new year with another client lexicon - perhaps a reddit or tiktok clone? Ideally, this 2nd client would be a reference lexicon and maintained by the community.
  676. pfrazee

    In reply to this message

    Yeah once we hit that point, I think we can have a community discussion about what folks want to do and what options make sense. I'm +1 to getting some community lexicons going, but the real endgoal is to make the network/protocol able to be unopinionated about it -- and that's another community discussion we can enter
  677. @maymounkov:matrix.org left the room
  678. @reyg0r:matrix.org joined the room
  679. legion joined the room
  680. legion

    In reply to this message

    it uses downvotes? that's a non starter lol
  681. every website is now reddit!
  682. was looking forward to a version of mastodon that doesn't suck but i guess that's never happening. Thanks nerds. we will all be stuck in a technofascist hellscape
    (edited)
  683. whyrusleeping
    I love it when people out themselves as not reading more than a couple sentences of documentation
  684. @amar:matrix.org joined the room
  685. whyrusleeping
    We are currently not using downvotes, despite them being in the current iteration of the protocol. Even so, downvotes being bad is entirely about how they are used by the protocol to modify people’s experience of the app
  686. For example, hacker news has downvotes, and people generally agree that the way that they are implemented there is very productive to the health of the community
  687. arcalinea
    Let's stay constructive with our criticisms here. And please criticize technologies and approaches, not people personally. We're all trying our best to build a better social web and there are bound to be disagreements along the way.
  688. mkpal202117
    Aman
  690. TimmO joined the room
  691. TimmO
    Simple question : what is the difference between the ATprotocol and activitypub ?
  692. Dean

    In reply to this message

    Wonderful! Thank you for the update. Looking forward to play around with the updated codebase again.
  693. Dean

    In reply to this message

    I mean the update from likes to downvotes was initially not mentioned anywhere at all. I actually made the PR to update the documentation with the changes in the lexicon (because the docs were outdated) - which never got merged (https://github.com/bluesky-social/atproto-website/pull/6). The only details about this update was a git changelog. And when I posted about it on Github to initiate a discussion (https://github.com/bluesky-social/atproto/issues/347) it was mentioned by a team member that other apps that don't want downvotes may be expected to make their own lexicon instead of integrate the bsky lexicon, which raises a new question about how interoperable ATP social apps are supposed to be. So I don't know why you'd imply discussing this is "outing yourself as uninformed".

    idk why you as a core developer would be negative or get personal of the fact that people care enough about this protocol's success that they spend their own time and effort to keep the conversation going about improving it.

    (edited)
  694. Dean

    In reply to this message

    The twitter thread only mentions it's currently in the codebase and I only refer to it to say I see that implementation as undesirable compared to Likes. Like pfrazee mentions it's only in the codebase for prototyping/experimentation purposes and it's not a final decision. I just think it's worth talking about. No need to conclude that this is what it's gonna be or be offensive to the team. I just want to inform people who didn't dive into the codebase and technical documentation about what the protocol currently looks like.
    (edited)
  695. Dean

    In reply to this message

    While one app could implement it like Hackernews, or simply not utilize downvotes at all within their algo, that doesn't stop other apps from implementing the lexicon differently and displaying posts like Reddit threads with upvotes/downvotes, which can invite controversial replies/trolls, which overall demotivates users from posting. A lot more upfront pressure comes from making a tweet if you know it'll also be posted on other platforms that include downvotes/sort by controversial etc, hence I mentioned on Github that this might have more impact than one might initially think.
    (edited)
  696. Dean

    In reply to this message

    btw, the lexicon on the documentation is still outdated and shows likes instead of votes, please merge the PR so developers know how to implement it!
  697. Dean

    In reply to this message

    Yeah I think the naming as it stands would cause confusion and could centralize things around bluesky the app, rather than inviting a distributed protocol around bluesky the lexicon. Some naming separation is probably the best route, otherwise even beginning developers might think they're just building on top of something akin to Twitter's API rather than integrating a lexicon to a distributed network.
  698. Dean

    In reply to this message

    This is great news! I'm reading the git changes now. So avatars and media are uploaded as blobs to a PDS and are retrievable with a URL that includes the file cid? Will there be some IPFS style decentralization for this as well? I can imagine a PDS sharing blobs with other PDSs or indexers so that media can be hosted in an IPFS cluster for more decentralization/availability.
    (edited)
  699. TimmO
    oh yeah... interresting. I will follow and participate to Buesky beta app but I prefer a protocol made by the 3WC
  700. Dean

    In reply to this message

    ATP currently uses W3C's DID spec and might expand upon it in the future: https://atproto.com/specs/did-plc#did-placeholder-didplc
  701. mkpal202117
    Me too
  702. Matthew
    hi blueskiers - congrats on all the progress with ATP; it's looking great :)
  703. am jealous of your decentralised accounts :D
  704. i've been staring balefully at this thread: https://twitter.com/jack/status/1602800290876588032
  705. wondering why jack is writing a treatise on the benefits of open protocols, and then sending $1M/y to Signal... when something like $1M/y would be utterly transformational for something like Matrix (where we get around $72K/y of donations, ignoring the ~$5M/y that Element puts in to try to keep the project funded - and this funding is at risk thanks to the vast majority of folks who build on Element's work doing so without contributing anything back).
  706. i was wondering why we're not on the radar (depsite pinging via various routes), and wondered whether he might see Matrix as competitive to bluesky (which, in my mind, it isn't - they're complementary technologies. just like matrix & activitypub are complementary too)
  707. or whether there's some other reason we're getting ghosted, and if anyone might know why, given the links between bluesky & jack :)
    (edited)
  708. (alternatively, anyone know how we can get on his radar before our funding crisis deepens further? :)
  709. (hm, i also wonder whether we're discounted due to not having a US 501(c)(3))
  710. sylphrenetic

    In reply to this message

    I'm really interested in how all of these protocols could interoperate
  711. Matthew
    interop via bridging should be easy - i'm really surprised nobody's written a good matrix<->AP bridge yet. i guess there's no matrix<->ATP bridge yet 'cos there's not enough stuff to bridge to yet on the ATP side?
  712. Aaron Goldman
    If Jack wanted to donate but needed a US legal entity to exist first he would ask for one. E.g. Bluesky PBLLC (Public Benefit LLC)
  713. whyrusleeping
    I dont think jack would be worried about “competition”, he clearly is happy to fund multiple potentially overlapping efforts, like the nostr thing in that thread
  714. Matthew nods
  715. whyrusleeping
    The signal thing is weird
  716. Matthew ponders what we've done to not be on the radar then. he even namedropped us in the https://www.getrevue.co/profile/jackjack/issues/a-native-internet-protocol-for-social-media-1503112 post.
  717. whyrusleeping
    Maybe hes just not aware theres a funding gap?
  718. Matthew feels a bit like he's in a bad dream tbh; we had to lay off 15% of Element on Tuesday due to lack of $ thanks to folks building on Matrix/Element not supporting the core project (or Element)
  719. and meanwhile https://twitter.com/wongmjane/status/1604127242657103872 just popped up out of the blue (with no $ going to us)
    (edited)
  720. anyway, such are my problems. i highly recommend never running an open source software company :D
  721. if anyone is in touch with jack, please can they fire some distress flares at him from us?
  722. (and sorry for the offtopic convo here.)
  723. Dean

    In reply to this message

    Doesn't Reddit have an investment/grants arm? They might be worth reaching out to as well.
  724. Matthew
    (Matrix uses the Signal protocol too, tho)

  725. In reply to this message

    yup, have pinged them.
  726. Sam left the room
  727. mikestaub

    In reply to this message

    Jack is open to competition at the protocol layer but I've seen no evidence he is open to it in the application layer. He perhaps views Matrix and its clients as a possible future competitor to Twitter. The whole point of funding Bluesky I assume was to protect Twitter from being obsoleted by decentralized products in the future by getting ahead of the curve and solving the innovator's dilemma.
  728. Aaron Goldman

    In reply to this message

    I think the point of funding Bluesky PBLLC was that Jack worried that after stepping down as CEO he wouldn't have a control over who would buy Twitter. There was some risk of a post Jack owner that might harm the role Twitter had in the public conversation.
  729. Matthew
    heaven forbid.
  730. @huedaya:matrix.org left the room
  731. Aaron Goldman

    In reply to this message

    Just got to get the Bata out before that happens and there's a mass exodus to mastodon 😛
  732. Matthew
    lol. reminds me of all the drama with WhatsApp forcing through the “we monetise your metadata now” privacy policy change. suffice it to say that Matrix was not ready to meet the exodus. Signal did ok though.
  733. good news is that you can just bridge to activitypub tho
  734. (whereas all those signal users are stuck in their new silo, in our case.)
  735. Dean

    In reply to this message

    How close do you think ATP and the bsky lexicon are to production-readiness for the beta?
  736. whyrusleeping
    Getting pretty close now
  737. pfrazee
    Yeah the todo list is getting pretty short
  738. Dean
    🔥
  739. Lulu joined the room
  740. decentralized-hse joined the room
  742. @amar:matrix.org
    Did it though? I mean did Signal do OK? In my opinion didn't. Those migrations to Signal simply didn't "stick". Signal was open, yes, but was't ready for that migration and later "over the years" it seems - probably it didn't care or wasn't willing either. At that time I was able to a lot of people to Signal in a place like India where WhatsApp essentially was (still is) like public essential infrastructure but people were squarely disappointed by Signal. On few people's phone Signal is the "other private messaging app" except in some first world countries and there too among specific circles.
  743. Is it visible somewhere? Some task board kinda thing or it's just internal as of now? Also is there some kind of alpha/beta thing available one could give a try?
  744. Matthew
    yeah, i’m not saying that signal went from 50M users to 2B users or something
  745. but using (say) twitter followers as a barometer of public interest, they hit an entirely new pace
  746. Matthew
    app annie’s stats for them for the last year are interestingly flat tho
  747. Aaron Goldman
    Is https://github.com/bluesky-social/atproto/issues what you are looking for?
  748. Christopher Rothert joined the room
  749. mikestaub
    This is huge. The Bluesky Twitter account needs to be very careful about what it tweets in the coming months, especially as the beta rolls out. https://twitter.com/TwitterSupport/status/1604531261791522817
  750. @numero6:codelutin.com

    In reply to this message

    not too late to create an official, certified, bluesky mastodon account (but already too late to promote it on twitter...). Not sure waiting more will improve the situation.
  751. I don't know how bluesky has dodged that bullet while mastoton and nostr are targets (both of those years-long project doesn't have the funding bluesky has)
  752. Brad Brown
    i presume mostly because both Masto and Nostr are “live” sevices where you can post a link to your account today, while BSky is still being built and not available yet. Given the connections to Twitter of old, I’ll be interested to see if it joins the list when the beta opens, though.
  753. @numero6:codelutin.com
    I may be too machiavellian but I think BS is already on the list. They just wait for the best time to shoot. Just on the launch.
  754. Brad Brown
    it’s a coin toss in my mind whether Elon realizes it even exists or not yet, but if he does I’d agree with you that it’s on the list and they’re just waiting to pounce.
  755. @numero6:codelutin.com
    If they fear Mastodon, bluesky will terrify them
  756. mikestaub

    In reply to this message

    Exactly, imo Bluesky is the only real threat to Twitter at the moment.
Next group of messages