That was very well written. I have to admit that because AT Protocol was Bluesky's I thought it was some corpo version of ActivityPub, but based on this post it makes a lot of sense. The data is in a 'repository' of my choice. I think I like that very much and it aligns with the kind of general principle I have where it's better to apply filtering etc. on the read side rather than on the write side so that I can publish all sorts of things that I want into my repo and others can then read etc. that stuff.
The arrows do seem to imply that commenting on my posts goes into my repo, but I'm sure that's just an imprecision trying to express an idea. The whole thing seems very cool and decentralized.
When I went to see what it takes to run a separate PDS on AT, though, I see that it's all nice and packaged up and has certain assumptions:
1. It takes care of SSL etc.
2. It will stand up HTTPS/WSS servers to handle a bunch of RPC
>The arrows do seem to imply that commenting on my posts goes into my repo, but I'm sure that's just an imprecision trying to express an idea. The whole thing seems very cool and decentralized.
The way I used arrows might’ve been a bit confusing because I use two types of them.
The solid ones pointing from @alice.com downwards indicate ownership. They’re the same thing as grouping by color. All blue stuff is Alice’s.
The dashed ones pointing between records are links. Those are equivalent of <a href>. Any record can link to any other record, no matter which repositories either is in.
When you comment on someone’s post, your comment goes into your repo, but it has a link to the parent post (which may be in any repo). That’s usually how you want to represent it in the data model so that anyone indexing both records can reconstruct the relationship.
In the example, Bob comments on Alice’s post. So Bob’s comment is in Bob’s repo and Alice’s post is in Alice’s repo.
To clarify your specific point, a person commenting on your post will create record in their repo. In fact one can never create records in somebody else’s repo. That’s the central premise.
This makes sense but doesn’t this imply that displaying comments under a post is a very expensive operation?
Also not totally clear to me (apologies if I missed it in the post) is where repositories live, I have a bsky account with my own domain, but I am not running anything to host a repo. Am I correct in assuming that bsky is hosting my repo, but I would have the option to self host or move it elsewhere and continue using bsky?
The default pds packaging takes care of SSL, but thats not a requirement, just something we try to make easy for users.
Also at:// URIs are of the form at://DID/..., and your human readable handle is bound to your DID through DNS TXT records _atproto.roshangeorge.dev, but applications all know to render that as just roshangeorge.dev. That DID points to a document that specifies where your server lives, so the HTTPS/WSS routes can live wherever you want them to.
Also likes/replies/etc on your posts go in their authors repos not yours, your intuition is correct there.
Wow, I always imagined Activitypub to be the better protocol and AT a cheap knock-off, but reading this article made me realize at is, actually, way better - primarily because multiple programs can access the same identity. This is really a great feature to have! This article was a real mind-opener for me.
Every one of these "How AT proto works" explainers focuses on data ownership—which is where ATProto shines—and glosses over data processing, where ATProto is decidedly weaker than ActivityPub.
ATProto is built on a global, public view of the world, where all events are visible to a trusted global "AppServer" that can make all of the decisions for you—how to create your feed, who can see who's posts, etc—all of those decisions have to be made by a trusted intermediary. ActivityPub is more like RSS or email—your local server only has to manage the feeds you subscribe to, and your inbox is directly built from all of the posts you have access to. People you subscribe to send you your posts, and you don't have to process them at all.
This is why Bluesky could never have "private likes" in the same way Twitter or ActivityPub does—every AppView needs to track the like counts of every post in the network manually. It's a huge hassle! I just don't see this architecture winning out in the long term, when compared to the AP feed-subscription architecture.
primarily because multiple programs can access the same identity
Actually, this was how AP was originally designed as well—it was just that the most popular early implementations took shortcuts to remove that functionality to fit them into their existing architecture. This is a direct consequence of the fact that the biggest AP implementations when it was initially adopted were descendants of older OStatus social networks, and not built to be "ActivityPub-native" from the ground up.
> This is why Bluesky could never have "private likes" in the same way Twitter or ActivityPub does
I didn't know "private likes" even existed, but if atproto includes public key encryption, I could publish a record containing a "like" that I have encrypted with the "liked" user's public key. Only that user would know what the record contained. Though, the fact that the encrypted message exists and had a cleartext "@name" is itself informative to adversaries. Concealing that level of info would require other measures.
> We should pick a platform that is federated, where you have ownership and autonomy over your identity and your audience. Social media should not be own-able by a single group or person. Social media is serious business. It ties directly to human rights and business outcomes. It shouldn't be in anyone else's control but yours.
I agree, but why not also apply the same logic to the other two communication platforms you are using (Discord and GitHub)?
Interesting discussion, and good points highlighted about Bluesky's did model that means you essentially don't own your identity either (in typical scenarios and when it will likely matter most). That takes a big chunk out of the "host your own data" narrative.
One point I disagree on that's also mentioned in the replies: I don't think a global state should be seen as necessary or even desirable. Sure, it helps people who optimize for clicks/likes/attention as a business model But that shouldn't be the only concern. Having some degree of uncertainty around the global state can help reinforce a healthy skepticism towards what you're seeing in general. The 'correct' global number of upvotes on a post, or the majority of what has been said about a subject might still be manipulated to the point of being essentially fake. Optimizing for virality is not desirable if you think of the platform as a public good. Think about what it has done for the centralized platforms, and the consequences it's had in the real world.
This is not meant as a criticism at all, I like Bevy. Are you familiar with the Mr. Beast PowerPoint that said:
> Your goal here is to make the best YOUTUBE videos possible. That’s the number one goal of this production company. It’s not to make the best produced videos. Not to make the funniest videos. Not to make the best looking videos. Not the highest quality videos.. It’s to make the best YOUTUBE videos possible.
When I glance at the Bevy discussion link you shared, my reaction is:
> Your goal here is to make the best GITHUB OPEN SOURCE game engine possible. It's not to make the most performant game engine. Not to make the game engine that powers the best games. Not to make the best looking graphics in a game engine. Not the highest quality game engine or game editing experience. It's to make the best GITHUB OPEN SOURCE game engine.
> primarily because multiple programs can access the same identity
Why do you think that's different in ActivityPub? As far as I know there's nothing preventing (for example) Mastodon and Pixelfed using the same identity.
I don't have a horse in which decentralized protocol wins, but while ATProtocol sounds great on paper I'm still inching closer to liking ActivityPub more. I'm pretty active on Lemmy[1] which is quite active and fun to browse
1. 99.99% (literally) of AT users are on Bluesky, which is helmed by a for-profit corporation. The argument is that they don't control the protocol but considering it is THE dominating instance of that protocol, what's stopping them from strong-arming the protocol and changing how it works to benefit them? Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account? This isn't some hypothetical scenario, this already happened before. A lot of social medias started off with fairly open features and APIs and slowly choked them out for profit.
2. Users don't really care about protocol, they care about momentum and userbase. Piefed/Lemmy/Mbin are all popular-ish Reddit alternatives using AP. It was already a struggle to reach a point where posts could get over a hundred comments a day, how are you going to convince people to move to another platform again? I'm worried this will just end in splintering an already niche community and cause people to just give up and go back to using popular platforms.
Being able to move accounts is a very neat feature but it's not a reason enough to move. You can already export your settings and make an account on another instance in 20 seconds then import your settings again, which would bring back your subscriptions and blocks and all you set up from account 1. To me it's not a huge deal.
> considering it is THE dominating instance of that protocol,
Instances don't work like they do on mastodon. There's not really a "dominating instance" in the same way. Heck, even within Bluesky's infra, there are multiple PDSes. Basically, stuff is layered in a different way (which the article shows the details of) and so talking about the structure of things ends up working differently.
> what's stopping them from strong-arming the protocol and changing how it works to benefit them?
This is absolutely a real concern. I believe they have shown themselves to be good stewards, and they also recognize this concern. As the ecosystem grows, this will be fixed.
> Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account?
This is built into the protocol! You can back up your CAR file and move it to another host without the approval of your current host.
> You can already export your settings and make an account on another instance
This doesn't work on masto to the same degree as atproto. You lose a lot of stuff when you move on masto, but it's 100% transparent on atproto.
I don't think being able to migrate your account addresses the rugpull concern. The rugpull scenario is that one day, in five years or so, bsky.app drops all AT Protocol support and transforms into a Twitter-like centralized social media website. The problem isn't that the account will stop "existing" but that Bluesky users will stop seeing it. The average non-techie Bluesky user who doesn't know about the AT Protocol won't even notice the change, except that, from their perspective, a tiny percentage of nerdy users have stopped posting. For you, "migrating" your account away is effectively just deleting it from the now-centralized Bluesky and willfully decreasing your audience by 100-fold or more.
The problem is a social not a technical one. It doesn't matter how good AT Protocol is at account migration. The vast majority of AT Protocol users think of themselves as Bluesky users and don't even know what the AT Protocol is. If the official Bluesky clients move away from the AT Protocol, the majority of users are moving with Bluesky.
For all the UX concerns people have with Mastodon/ActivityPub, at least they make it obvious that different users are hosted on different instances, and no one instance has more to gain than it does to lose by defederating.
>I believe they have shown themselves to be good stewards
How have they shown theyselves to good stewards? Its barely been popular and no where near the point where they can start enshitifying it. All the PBC talk is empty and they still maintain complete control.
What irks me is that in the end of the day if you go to Bluesky it's all American politics and if you go to literally any mastodon instance it's all American politics.
Maybe it's because I don't like monster of the week political drama, but I still don't see a reason to use them instead of Tumblr, Pinterest, or even TikTok.
This is very true, and it's a large part of why I never use microblogging at all, it's impossible to just find posts that fit what you want to see.
That's why I mostly use Lemmy/Piefed because everything is neatly organized into communities that you can subscribe to. I mostly browse tech & gaming communities and my feed is very chill.
> if you go to literally any mastodon instance it's all American politics.
It really depends on who you follow. Almost all the talk I see is tagged with #uspol so I could easily filter it out, but even without it, it's not the dominating topic.
I feel like I get ${local_country} politics* because I follow people from ${local_country} and most the other people I follow who do post about US politics tend to spoiler their posts with USPOL, so I can just scroll past if I'm not feeling it.
* Usually spoilered with "${local_country_code}POL"
I know that Mastodon is not the same as ActivityPub, but I don't know how can it be treated seriously if it allows disappearing replies. Whatever we write will disappear after some time. Sometimes. Because sometimes not. Maybe it's an implementation problem, I don't know, but it was one of my two reasons for my exit from Mastodon.
It's literally a feature - individual users can set post auto-deletion on their instance. Because a government could suddenly start firing people from their jobs for some shitpost they made a decade ago.
But you have the fact that this is the Internet, and somebody will have archived your post no matter what you or your host instance does. So you can rest assured that whatever you wrote on Mastodon is out there somewhere...
I think it’s ultimately up to your instance whether it keeps your posts indefinitely or not. I think most do, but others might delete posts after a period of time, in which case they should mention this to their users (on their ‘About’ page, for example). Personally, I can’t say I’ve encountered this problem, but then again I’ve mostly used Pleroma (which is a different program implementing the ActivityPub protocol, like Mastodon).
The author is talking about owning a domain and how having that domain gives you ownership over your data... But I can't but think that, at least in the US, domain names are rented from private Internet service providers. There is no ownership involved. One way or another, we are still paying a company.
The assumption of the article is that ISPs are stable and net neutral enough that one would not worry about the ISP going under or seeking some personal vendetta against you and booting your domain. A separate entity may no longer be hosting our data, but a private entity is the gatekeeper of whether anyone is able to see your data.
All that to say, if we want true ownership of domains, ISPs need to be a nationalized, democratized service.
While I agree with the sentiment, I think it confuses ISPs with registrars. There are still many ISPs that do that service as well, it's less common than it used to be.
It is quite common for national TLDs (like .de, .jp or .cn) to be managed by not-for-profit entities, under contract with their respective governments... which might also not be great wrt censorship.
There is also the general issue of equal access, where shorter, more memorable domains get more expensive and hodling domain names is only disincentivized for people without enough funds. I would very much like to see an alternative system to domain names, probably something more in the web of trust space.
>The author is talking about owning a domain and how having that domain gives you ownership over your data
I've actually tried to separate the two in the article although it might be subtle (because I didn't want to make it confusing).
Owning a domain means you own your handle. Not data. In atproto, a domain is just a handle — you can swap it out without breaking links. (This relies on a centralized auditable repository which is currently being moved out of Bluesky as a separate independent entity. If you don't want to rely on that, yes, you'd have to tie your identity to the domain.)
Owning "data" is not related to owning the domain per se. It has to do with the fact that you can point your identity at a different physical server over time without breaking links. So your hosting doesn't have any real leverage over you. That's what I mean by meaningful ownership.
I've sort of conflated domains and persistent identity in the article to simplify the picture a bit. Your identity is not tied to a domain, but a domain serves as a bidirectionally verified user-friendly alias for it. If you lose control over the domain, you can tie a different one to the same identity later. This doesn't break links between records or functionality.
The most safe way to accomplish what you want is using postal pigeons, made stealthy with black spray paint.
All jokes aside, an educated guess on what to trust (or not) is necessary. Otherwise you wind up on a slippery slope that goes in circles and always results in 'we need more laws'.
Long way to say that I think 'owning' a domain name and publishing on there is way better than the silos we're accustomed to nowadays. The open web never stopped working as intended, the genie is out of the bottle for 30+ years yet, make use of it if you want.
Easy. Trust cryptography. I generate a private key and sign everything as me. This takes out all the BS. Of course you cant age verify and anonymous accounts and spam become easy. But that is your trade-off. Nostr allows relays to filter out shit they dont like. So you can have your 4chan but also your more moderated sites too.
Governments can and do censor domains. A theoretically censorship-proof system is impossible; even communication over bluetooth or radio can be shut down by signal jamming and physical persecution.
Also, you technically "own" your data on any social network. If you put a public key in your bio and archive every post, you can move to another network. Then use friends and close followers to broadcast your new location; those who care will probably find you without much effort, but if not, Open Social doesn't solve this problem either.
However, I still think Open Social is an improvement. Most social networks are really bad these days: manipulated engagement-driven algorithms, locked-down data accessible via poor UI, toxic community, and inconsistently-applied unspoken rules. These issues all have workarounds, and can still happen on Open Social (BlueSky's community is toxic, I don't know if its algorithm is gamed or its global moderation is reasonable). But it certainly makes them harder to form and easier to avoid:
- If everyone's data is available raw via API, it's easier to create your own algorithm and frontend (or realistically, use someone else's which is better designed and more suited to you personally than what a generic social media company would make)
- With all data available, it's more likely people will develop better algorithms to filter out toxicity and discover interesting posts. At minimum, it's more acceptable and easier to create whitelisted groups, where one person maintains an "algorithm" that simply selects posts they (and others who are granted invites) have determined are not trolls.
- If data access and ban lists are separate, the same network can have multiple ban-lists, so being banned isn't "all or nothing". You can choose a ban-list with rules you agree with and continue to see posts that most others would prefer banned. If no ban list is dominant, there's a good chance the rules that the ban-lists share are reasonable; you can worry less about being banned inconsistently or for a widely-considered unfair reason (e.g. upsetting a specific moderator), because in those cases you'll only be banned from one list.
- If having a public key and archive of your data is the default, and your followers' frontends automatically recognize the key and find your new domain/hub (e.g. if someone links it to the old hub), it's easier to move. If BlueSky shuts down tomorrow, some clients can just be updated to point to another domain with all the data and continue working as if nothing changed. Whereas if Reddit shuts down, in theory one can develop a clone from scratch and populate it with the archived data, but users would have to re-register and it would be a huge mess (+ legal issues).
There are clearnet websites for flat earthers, anti-vaxxers, cults, hacker groups, classified document leakers, nazi groups and terrorist organisations. Finding a registrar that lets you say what you want is a solved problem.
Currently most people publish stuff on big platforms so governments, activists and billionaires will go after these platforms to influence or control what's being talked about. I worry that if we never had big platforms, or we moved past them, all of the focus would be on going after registrars and hosts instead. It's not a bulletproof system unfortunately
Now here is a controversial question... Can we have a free of cost top level domain? What are the actual costs associated with registering a domain? If let's encrypt can provide secure certificates free of cost, why can't a different no profit provide domains free of cost as well? It doesn't have to be pretty. It could be a UUID v7 stacked on top of another UUID v7 for all I care but it would be globally unique and available free of cost.
And once you go to the site, your browser will remember it anyway so you don't need to type the monstrosity.
A free of cost TLD is probably not practical. There are some special things that go along with being a TLD and being in the public suffix list: https://github.com/publicsuffix/list
If you drop the TLD part though, you can do whatever you want with any domain you want, up to and including handing out free subdomains to anyone who asks. As usual, though, if you try to do this, the dark internet will make you regret it as one day, quite suddenly, you'd find you were hosting the DNS of some massive scam email or other, or any of who-can-even-enumerate ways of making you sorry you put this service up because of their abuse of it. Just like anyone can make a URL redirector, and many people even use it as a sort of "learn this language project" but if you actually put it up online you will rapidly regret it.
It's a bummer and I'm not celebrating this fact, but, yeah, it's not something you want to do.
> It doesn't have to be pretty. It could be a UUID v7 stacked on top of another UUID v7 for all I care but it would be globally unique and available free of cost.
> It could be a UUID v7 stacked on top of another UUID v7 for all I care but it would be globally unique and available free of cost.
You're essentially talking about IPv6 addresses.
Interestingly, most residential ISPs these days already issue your home network an IPv6 /64 or better! But they (sadly) just firewall off use of most ports that residential users have no purpose for — on my own network, even if I configure my router to allocate each machine on the network a public-routable IPv6 address, the only port the network (not the router!) is willing to allow non-established incoming flows to is 22/tcp.
But even if they worked, they'd still be ephemeral. At best, even if your ISP keeps the allocation the same, you'd lose it if/when you switch ISPs. (Similar problem to ISP email addresses.)
The real key here, would be if someone was freely giving out tiny slices of IPv6 https://en.wikipedia.org/wiki/Provider-independent_address_s... to individuals; and there were hosting providers / residential ISPs willing to add BGP routes in their ASN for these tiny prefixes. Then you could have a stable and portable and free IPv6 address for life. (It's certainly possible in theory, just not built yet — similar to how LetsEncrypt was "certainly possible in theory, just not built yet" until it was built.)
---
That being said, if you really want this to be DNS (not sure why; if it's not a short memorable name [and thus inherently competed over by typosquatters], then DNS is the wrong tool for the job), then you could do what systems like ngrok do, but directly serving those dynamic records as domains under its own gTLD, rather than serving them as subdomains under a domain. Maybe with each domain getting its own DNS zone and everything. That'd certainly be neat.
Note that way back when, the .me ccTLD sort of did this — they gave away .me "domains" for "free"; but with all web traffic on those "free" domains being intermediated by their L7 reverse-proxy servers, where they'd inject ads into any delivered HTML pages.
.tk was widely known for taking back domains once they got popular and turning them into ad spam. That's how they made money "giving" the domains away for free: lead generation, basically.
There was a .FREE initiative but that got all weird after a while, the deadlines were not respected and then nothing happened... https://icannwiki.org/.free
Another thing, the thing that you mention is really similar to how tor onion links work... Except they offer encryption and prevents MITM/any other ways while still having your ip hidden.
Another idea which I use sometimes is to use something like cloudflare tunnels or ssh forwarding with things like serveo.net or any ssh based remote forwarding in general like pinggy or even ngrok.
If you are using this in some internal thing, I can also suggest something like piping server which I really like and I want to build something like a web browser tor-onion links esque but on top of piping server, its really really cool
running a domain costs money. there's no way around that - it requires server resources to respond to dns queries, and that requires servers and electricity.
so to offer it for free means somebody has to subsidize it. letsencrypt can operate because big companies with lots of money want their ads to be delivered without being intercepted by an ISP. what's the motivation for anybody to subsidize free domains?
> running a domain costs money. there's no way around that - it requires server resources to respond to dns queries, and that requires servers and electricity.
I guarantee you I can store and make available over DNS the less than 1 KiB of data for less than a penny a year.
Instead of free, charge a flat $1, put it in long term US treasuries at 5% / TIPS at 2.5% and you’ve covered your hosting costs forever. The principle will never need to be touched.
I might not be fully understanding the idea, but the difference here is that a let's encrypt certificate can be generated on the fly. domains are considered branding, and getting a 5 letter domain nowadays is impossible. The cost here is that you're renting a domain that others might want aswell, people don't really want your LE cert
X lets people own a 5 letter username for free. Renting names is not even industry standard for platforms. It seems like it's only DNS that charges for names.
I'm a little saddened to see that each app has it's own collection type, even if they are able to use each others collections. That means that apps will only interoperate to the extent that they are explicitly designed to.
One of the beautiful (but perhaps not that practically relevant) things about ActivityPub is that a Mastodon user can subscribe to a Pixelfed user without anything special being done. It's like if Twitter, Instagram, Reddit, YouTube, and Substack all automatically interoperated.
AP intercompatibility is fun, but it starts to fall apart once you leave the safety of the "Note" (statuses) and "Question" (polls) types (which is what Mastodon, Pixelfed, Misskey, Pleroma, etc. all use as their primary elements). Everything outside of it becomes either loosely converted to a note (Mastodon does this for a lot of things, see https://docs.joinmastodon.org/spec/activitypub/#payloads) or is discarded by the instance. The only types that I know of which have been able to have native support from multiple AP implementations are micro-blogging and Lemmy's community system, with everything else essentially being a monoculture (or just extremely one-sided towards a specific implementation) due to a lack of interest from other implementations in providing full, standardized support. This isn't an inherent protocol limitation, but I do think that the community could do better in organizing standards outside of the core documents.
ATproto's system is a bit more well defined (you HAVE to abide by the lexicon/schema of the data collection to be accepted by implementations, reference implementation and some third-party ones have schema validators to do so) and allows for easier intercompatibility, but I do think that it could be a bit looser than it is right now (selective support for additional fields) to provide proper "sidecar" values in a record (they'll be in the user's PDS but it won't validate and could be rejected by indexers). Bridgy Fed does this to include the originating URL from APub and the original text, which third-party clients could certainly take advantage of if they detect that the post comes from a Bridgy account. (https://fed.brid.gy/docs#bluesky-fields)
Yeah, atproto pushes this down to be a community/governance issue. Nobody is preventing apps from working out a common standard and supporting it. However, nobody is forcing them to do that either. So it will play out with natural dynamics. What atproto ensures is that there's a convention for strongly-typed foward-evolving schemas and how they get validated (and reverse domains specify the authority). But ultimately cooperation is up to the community.
I'm starting to feel many of "next big Twitter to fill its power vacuum" projects are tackling the problem slightly wrong - they all perfect the Twitter feature set, then hit the wall with user growth and content deprivation chicken and egg problem. People gather where there are others and that's still around the rotting whale.
That OpenAI timeline thing that just launched is more better approach, it solves content problem by just gathering data in background and feeding it to the user anyway. That particular implementation might not work but it sounds correct.
IMO, not much of value of Twitter for most users is in ability to post tweets, it's in data bandwidth. 99.9% of users don't post anything interesting, those might as well be local text file or oit of band shared filler content. The value is in content sourcing, so something like multi-social RSS reader with optional P2P should be the way to go. Just IMdimO, though...
While I use microblogging to frame the initial narrative, as explained in the article, this isn’t limited to Twitter-like products. Tangled is “GitHub on atproto”, Leaflet is “Medium on atproto”, and so on.
The problem with client-side P2P is you can’t do large-scale aggregation with consistency. Large-scale aggregation with consistency is what normal people expect from social apps.
Re: the OpenAI thing you mentioned, that's actually a perfect example of something atproto excels at. Since the data already exists in the network, you can crawl/index it and run your own tooling that does something proactive on cron jobs etc. See https://github.com/graze-social/iftta for some initial work in that area.
"Unique" is definitely not necessary. Look at the dominant social media platforms of the last two decades. MySpace -> Facebook -> Twitter -> Instagram -> Snapchat -> TikTok. Each of them was a minor evolution over the last, with the core feature set remaining basically the same. Lots of user-generated content, algorithmic recommendations, likes, comments, DMs, ads. There has really not been a revolution in the social media space since it was invented.
...and this is why Nostr is different! You can build basically anything on it. A blog, a Twitter like application, a streaming service, messaging apps, the sky is the limit!
Nostr is not different from atproto in that sense because atproto also supports arbitrary applications (the article uses Leaflet and Tangled as examples). There's a good comparison of atproto vs Nostr: https://shreyanjain.net/2024/07/05/nostr-and-atproto.html
I really like the approach of nostr, but when I tried to use it, each client I tried would start me off following ecoin pump and dump influencers. It was really off putting.
I would’ve preferred starting off in an empty room, an experience more like using signal.
It captures something that I think a lot of us in tech have been feeling but haven't quite articulated: that the social web feels increasingly rented, and the rent keeps going up
Readit News
The arrows do seem to imply that commenting on my posts goes into my repo, but I'm sure that's just an imprecision trying to express an idea. The whole thing seems very cool and decentralized.
When I went to see what it takes to run a separate PDS on AT, though, I see that it's all nice and packaged up and has certain assumptions:
1. It takes care of SSL etc.
2. It will stand up HTTPS/WSS servers to handle a bunch of RPC
So in practice, you don't get https://roshangeorge.dev and at://roshangeorge.dev because for the latter you kind of need https://roshangeorge.dev/xrpc and wss://roshangeorge.dev
Therefore, you probably end up with https://roshangeorge.dev and at://at.roshangeorge.dev and then you can run https://at.roshangeorge.dev and wss://at.roshangeorge.dev
All minor stuff and doesn't take away from the main point, but it was a thing.
The way I used arrows might’ve been a bit confusing because I use two types of them.
The solid ones pointing from @alice.com downwards indicate ownership. They’re the same thing as grouping by color. All blue stuff is Alice’s.
The dashed ones pointing between records are links. Those are equivalent of <a href>. Any record can link to any other record, no matter which repositories either is in.
When you comment on someone’s post, your comment goes into your repo, but it has a link to the parent post (which may be in any repo). That’s usually how you want to represent it in the data model so that anyone indexing both records can reconstruct the relationship.
In the example, Bob comments on Alice’s post. So Bob’s comment is in Bob’s repo and Alice’s post is in Alice’s repo.
To clarify your specific point, a person commenting on your post will create record in their repo. In fact one can never create records in somebody else’s repo. That’s the central premise.
Hope that makes sense.
Also not totally clear to me (apologies if I missed it in the post) is where repositories live, I have a bsky account with my own domain, but I am not running anything to host a repo. Am I correct in assuming that bsky is hosting my repo, but I would have the option to self host or move it elsewhere and continue using bsky?
Also at:// URIs are of the form at://DID/..., and your human readable handle is bound to your DID through DNS TXT records _atproto.roshangeorge.dev, but applications all know to render that as just roshangeorge.dev. That DID points to a document that specifies where your server lives, so the HTTPS/WSS routes can live wherever you want them to.
Also likes/replies/etc on your posts go in their authors repos not yours, your intuition is correct there.
Deleted Comment
This is why Bluesky could never have "private likes" in the same way Twitter or ActivityPub does—every AppView needs to track the like counts of every post in the network manually. It's a huge hassle! I just don't see this architecture winning out in the long term, when compared to the AP feed-subscription architecture.
Actually, this was how AP was originally designed as well—it was just that the most popular early implementations took shortcuts to remove that functionality to fit them into their existing architecture. This is a direct consequence of the fact that the biggest AP implementations when it was initially adopted were descendants of older OStatus social networks, and not built to be "ActivityPub-native" from the ground up.I didn't know "private likes" even existed, but if atproto includes public key encryption, I could publish a record containing a "like" that I have encrypted with the "liked" user's public key. Only that user would know what the record contained. Though, the fact that the encrypted message exists and had a cleartext "@name" is itself informative to adversaries. Concealing that level of info would require other measures.
We are currently working on something based on https://fedify.dev
Would you consider that can provide more complete AP functionality?
Deleted Comment
I agree, but why not also apply the same logic to the other two communication platforms you are using (Discord and GitHub)?
One point I disagree on that's also mentioned in the replies: I don't think a global state should be seen as necessary or even desirable. Sure, it helps people who optimize for clicks/likes/attention as a business model But that shouldn't be the only concern. Having some degree of uncertainty around the global state can help reinforce a healthy skepticism towards what you're seeing in general. The 'correct' global number of upvotes on a post, or the majority of what has been said about a subject might still be manipulated to the point of being essentially fake. Optimizing for virality is not desirable if you think of the platform as a public good. Think about what it has done for the centralized platforms, and the consequences it's had in the real world.
> Your goal here is to make the best YOUTUBE videos possible. That’s the number one goal of this production company. It’s not to make the best produced videos. Not to make the funniest videos. Not to make the best looking videos. Not the highest quality videos.. It’s to make the best YOUTUBE videos possible.
When I glance at the Bevy discussion link you shared, my reaction is:
> Your goal here is to make the best GITHUB OPEN SOURCE game engine possible. It's not to make the most performant game engine. Not to make the game engine that powers the best games. Not to make the best looking graphics in a game engine. Not the highest quality game engine or game editing experience. It's to make the best GITHUB OPEN SOURCE game engine.
https://atproto.com/articles/atproto-for-distsys-engineers
In theory additional dids could come into existence too, those are just the two that blueksy supports at the moment.
Why do you think that's different in ActivityPub? As far as I know there's nothing preventing (for example) Mastodon and Pixelfed using the same identity.
Dead Comment
1. 99.99% (literally) of AT users are on Bluesky, which is helmed by a for-profit corporation. The argument is that they don't control the protocol but considering it is THE dominating instance of that protocol, what's stopping them from strong-arming the protocol and changing how it works to benefit them? Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account? This isn't some hypothetical scenario, this already happened before. A lot of social medias started off with fairly open features and APIs and slowly choked them out for profit.
2. Users don't really care about protocol, they care about momentum and userbase. Piefed/Lemmy/Mbin are all popular-ish Reddit alternatives using AP. It was already a struggle to reach a point where posts could get over a hundred comments a day, how are you going to convince people to move to another platform again? I'm worried this will just end in splintering an already niche community and cause people to just give up and go back to using popular platforms.
Being able to move accounts is a very neat feature but it's not a reason enough to move. You can already export your settings and make an account on another instance in 20 seconds then import your settings again, which would bring back your subscriptions and blocks and all you set up from account 1. To me it's not a huge deal.
See also: https://arewedecentralizedyet.online/
[1]: A fediverse Reddit alternative, e.g https://lemmy.world/ and https://programming.dev/ . See also Piefed which I think is better nowadays https://piefed.social/
Instances don't work like they do on mastodon. There's not really a "dominating instance" in the same way. Heck, even within Bluesky's infra, there are multiple PDSes. Basically, stuff is layered in a different way (which the article shows the details of) and so talking about the structure of things ends up working differently.
> what's stopping them from strong-arming the protocol and changing how it works to benefit them?
This is absolutely a real concern. I believe they have shown themselves to be good stewards, and they also recognize this concern. As the ecosystem grows, this will be fixed.
> Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account?
This is built into the protocol! You can back up your CAR file and move it to another host without the approval of your current host.
> You can already export your settings and make an account on another instance
This doesn't work on masto to the same degree as atproto. You lose a lot of stuff when you move on masto, but it's 100% transparent on atproto.
The problem is a social not a technical one. It doesn't matter how good AT Protocol is at account migration. The vast majority of AT Protocol users think of themselves as Bluesky users and don't even know what the AT Protocol is. If the official Bluesky clients move away from the AT Protocol, the majority of users are moving with Bluesky.
For all the UX concerns people have with Mastodon/ActivityPub, at least they make it obvious that different users are hosted on different instances, and no one instance has more to gain than it does to lose by defederating.
How have they shown theyselves to good stewards? Its barely been popular and no where near the point where they can start enshitifying it. All the PBC talk is empty and they still maintain complete control.
Maybe it's because I don't like monster of the week political drama, but I still don't see a reason to use them instead of Tumblr, Pinterest, or even TikTok.
That's why I mostly use Lemmy/Piefed because everything is neatly organized into communities that you can subscribe to. I mostly browse tech & gaming communities and my feed is very chill.
It really depends on who you follow. Almost all the talk I see is tagged with #uspol so I could easily filter it out, but even without it, it's not the dominating topic.
* Usually spoilered with "${local_country_code}POL"
But you have the fact that this is the Internet, and somebody will have archived your post no matter what you or your host instance does. So you can rest assured that whatever you wrote on Mastodon is out there somewhere...
Deleted Comment
The assumption of the article is that ISPs are stable and net neutral enough that one would not worry about the ISP going under or seeking some personal vendetta against you and booting your domain. A separate entity may no longer be hosting our data, but a private entity is the gatekeeper of whether anyone is able to see your data.
All that to say, if we want true ownership of domains, ISPs need to be a nationalized, democratized service.
It is quite common for national TLDs (like .de, .jp or .cn) to be managed by not-for-profit entities, under contract with their respective governments... which might also not be great wrt censorship.
There is also the general issue of equal access, where shorter, more memorable domains get more expensive and hodling domain names is only disincentivized for people without enough funds. I would very much like to see an alternative system to domain names, probably something more in the web of trust space.
I've actually tried to separate the two in the article although it might be subtle (because I didn't want to make it confusing).
Owning a domain means you own your handle. Not data. In atproto, a domain is just a handle — you can swap it out without breaking links. (This relies on a centralized auditable repository which is currently being moved out of Bluesky as a separate independent entity. If you don't want to rely on that, yes, you'd have to tie your identity to the domain.)
Owning "data" is not related to owning the domain per se. It has to do with the fact that you can point your identity at a different physical server over time without breaking links. So your hosting doesn't have any real leverage over you. That's what I mean by meaningful ownership.
I've sort of conflated domains and persistent identity in the article to simplify the picture a bit. Your identity is not tied to a domain, but a domain serves as a bidirectionally verified user-friendly alias for it. If you lose control over the domain, you can tie a different one to the same identity later. This doesn't break links between records or functionality.
https://opennic.org/
It's getting harder to change DNS settings on Windows, even systemd makes it a PITA to update DNS entries.
There’s a bunch of alternative DNS roots out there, that are similarly hierarchical, but really interesting: https://en.wikipedia.org/wiki/Alternative_DNS_root#Implement...
All jokes aside, an educated guess on what to trust (or not) is necessary. Otherwise you wind up on a slippery slope that goes in circles and always results in 'we need more laws'.
Long way to say that I think 'owning' a domain name and publishing on there is way better than the silos we're accustomed to nowadays. The open web never stopped working as intended, the genie is out of the bottle for 30+ years yet, make use of it if you want.
Also, you technically "own" your data on any social network. If you put a public key in your bio and archive every post, you can move to another network. Then use friends and close followers to broadcast your new location; those who care will probably find you without much effort, but if not, Open Social doesn't solve this problem either.
However, I still think Open Social is an improvement. Most social networks are really bad these days: manipulated engagement-driven algorithms, locked-down data accessible via poor UI, toxic community, and inconsistently-applied unspoken rules. These issues all have workarounds, and can still happen on Open Social (BlueSky's community is toxic, I don't know if its algorithm is gamed or its global moderation is reasonable). But it certainly makes them harder to form and easier to avoid:
- If everyone's data is available raw via API, it's easier to create your own algorithm and frontend (or realistically, use someone else's which is better designed and more suited to you personally than what a generic social media company would make)
- With all data available, it's more likely people will develop better algorithms to filter out toxicity and discover interesting posts. At minimum, it's more acceptable and easier to create whitelisted groups, where one person maintains an "algorithm" that simply selects posts they (and others who are granted invites) have determined are not trolls.
- If data access and ban lists are separate, the same network can have multiple ban-lists, so being banned isn't "all or nothing". You can choose a ban-list with rules you agree with and continue to see posts that most others would prefer banned. If no ban list is dominant, there's a good chance the rules that the ban-lists share are reasonable; you can worry less about being banned inconsistently or for a widely-considered unfair reason (e.g. upsetting a specific moderator), because in those cases you'll only be banned from one list.
- If having a public key and archive of your data is the default, and your followers' frontends automatically recognize the key and find your new domain/hub (e.g. if someone links it to the old hub), it's easier to move. If BlueSky shuts down tomorrow, some clients can just be updated to point to another domain with all the data and continue working as if nothing changed. Whereas if Reddit shuts down, in theory one can develop a clone from scratch and populate it with the archived data, but users would have to re-register and it would be a huge mess (+ legal issues).
And once you go to the site, your browser will remember it anyway so you don't need to type the monstrosity.
Or is it a really bad idea™?
If you drop the TLD part though, you can do whatever you want with any domain you want, up to and including handing out free subdomains to anyone who asks. As usual, though, if you try to do this, the dark internet will make you regret it as one day, quite suddenly, you'd find you were hosting the DNS of some massive scam email or other, or any of who-can-even-enumerate ways of making you sorry you put this service up because of their abuse of it. Just like anyone can make a URL redirector, and many people even use it as a sort of "learn this language project" but if you actually put it up online you will rapidly regret it.
It's a bummer and I'm not celebrating this fact, but, yeah, it's not something you want to do.
DNS is not a sybil resistance mechanism
This is basically where did:plc comes in, for atproto. https://web.plc.directory/ provides free ID numbers. For example, mine is https://plc.directory/did:plc:3danwc67lo7obz2fmdg6jxcr .
Your domain then uses a txt record to indicate that you want it to be associated with that particular did:plc.
You're essentially talking about IPv6 addresses.
Interestingly, most residential ISPs these days already issue your home network an IPv6 /64 or better! But they (sadly) just firewall off use of most ports that residential users have no purpose for — on my own network, even if I configure my router to allocate each machine on the network a public-routable IPv6 address, the only port the network (not the router!) is willing to allow non-established incoming flows to is 22/tcp.
But even if they worked, they'd still be ephemeral. At best, even if your ISP keeps the allocation the same, you'd lose it if/when you switch ISPs. (Similar problem to ISP email addresses.)
The real key here, would be if someone was freely giving out tiny slices of IPv6 https://en.wikipedia.org/wiki/Provider-independent_address_s... to individuals; and there were hosting providers / residential ISPs willing to add BGP routes in their ASN for these tiny prefixes. Then you could have a stable and portable and free IPv6 address for life. (It's certainly possible in theory, just not built yet — similar to how LetsEncrypt was "certainly possible in theory, just not built yet" until it was built.)
---
That being said, if you really want this to be DNS (not sure why; if it's not a short memorable name [and thus inherently competed over by typosquatters], then DNS is the wrong tool for the job), then you could do what systems like ngrok do, but directly serving those dynamic records as domains under its own gTLD, rather than serving them as subdomains under a domain. Maybe with each domain getting its own DNS zone and everything. That'd certainly be neat.
Note that way back when, the .me ccTLD sort of did this — they gave away .me "domains" for "free"; but with all web traffic on those "free" domains being intermediated by their L7 reverse-proxy servers, where they'd inject ads into any delivered HTML pages.
Facebook sued the operator (Dutch company called Freenom) for facilitating phishing and now we can't have that anymore.
https://github.com/topics/free-domains
Another thing, the thing that you mention is really similar to how tor onion links work... Except they offer encryption and prevents MITM/any other ways while still having your ip hidden.
Another idea which I use sometimes is to use something like cloudflare tunnels or ssh forwarding with things like serveo.net or any ssh based remote forwarding in general like pinggy or even ngrok.
If you are using this in some internal thing, I can also suggest something like piping server which I really like and I want to build something like a web browser tor-onion links esque but on top of piping server, its really really cool
https://github.com/nwtgck/piping-server
so to offer it for free means somebody has to subsidize it. letsencrypt can operate because big companies with lots of money want their ads to be delivered without being intercepted by an ISP. what's the motivation for anybody to subsidize free domains?
I guarantee you I can store and make available over DNS the less than 1 KiB of data for less than a penny a year.
Instead of free, charge a flat $1, put it in long term US treasuries at 5% / TIPS at 2.5% and you’ve covered your hosting costs forever. The principle will never need to be touched.
Deleted Comment
One of the beautiful (but perhaps not that practically relevant) things about ActivityPub is that a Mastodon user can subscribe to a Pixelfed user without anything special being done. It's like if Twitter, Instagram, Reddit, YouTube, and Substack all automatically interoperated.
ATproto's system is a bit more well defined (you HAVE to abide by the lexicon/schema of the data collection to be accepted by implementations, reference implementation and some third-party ones have schema validators to do so) and allows for easier intercompatibility, but I do think that it could be a bit looser than it is right now (selective support for additional fields) to provide proper "sidecar" values in a record (they'll be in the user's PDS but it won't validate and could be rejected by indexers). Bridgy Fed does this to include the originating URL from APub and the original text, which third-party clients could certainly take advantage of if they detect that the post comes from a Bridgy account. (https://fed.brid.gy/docs#bluesky-fields)
That OpenAI timeline thing that just launched is more better approach, it solves content problem by just gathering data in background and feeding it to the user anyway. That particular implementation might not work but it sounds correct.
IMO, not much of value of Twitter for most users is in ability to post tweets, it's in data bandwidth. 99.9% of users don't post anything interesting, those might as well be local text file or oit of band shared filler content. The value is in content sourcing, so something like multi-social RSS reader with optional P2P should be the way to go. Just IMdimO, though...
The problem with client-side P2P is you can’t do large-scale aggregation with consistency. Large-scale aggregation with consistency is what normal people expect from social apps.
Re: the OpenAI thing you mentioned, that's actually a perfect example of something atproto excels at. Since the data already exists in the network, you can crawl/index it and run your own tooling that does something proactive on cron jobs etc. See https://github.com/graze-social/iftta for some initial work in that area.
https://bsky.app/profile/recordcollector.edavis.dev
They come up by doing something unique that can't be done on older platforms.
Here's a selection of things built on the protocol: https://nostrapps.com
I would’ve preferred starting off in an empty room, an experience more like using signal.