[iptq]

It seems to me that a lot of the problems discussed in this thread (it's using a new protocol that doesn't work with existing tools, it uses crypto, handles auth in the protocol, server can goes down) are just frustrations that don't have to do with the core innovation that Bluesky promises to deliver, and are instead confusing the AT protocol to be another ActivityPub-related protocol, rather than something completely different. In fact, it misses that having pull-based indexes is part of the idea of separating data publication vs. data curation. Yes, invite codes are kind of a weird thing to shove so deep into the protocol but sometimes these kinds of things are necessary to bootstrap a social network, and become relatively unimportant in the long term.

But on the other hand, the AT protocol is not all what it seems either. It's fundamentally not possible to do what they promise unless there is some kind of synchronization point where your most up-to-date identity can be searched. The documentation goes on extensively about the format of DIDs and the fact that there _is_ a resolution scheme, but it fails to mention that this resolution is being done by Bluesky themselves, and is not planned to expand into something that others can control. As a decentralized protocol, you would expect this to be something DNS-based, or if you really wanted something more peer-to-peer, DHT lookup, or at the worst case, a distributed blockchain. Seeing as this is a fundamental protocol-level change, the fact that they're rolling with the current approach makes me believe they will not be changing this in the near future. Bluesky is just converting one problem into another.

[pfraze]

The DID method has to satisfy a lot of requirements. I did a ton of research on DHT and blockchain approaches and none of them give the right performance, reliability, and cost outcomes while also supporting key rotation. DNS isn't far off but it's a little obtuse to cram it into, so we're starting with did:web and did:plc. We'll add others if they have the right characteristics.

The only options that seem reasonable for PLC is for it either to be operated by some trusted multi-stakeholder institution like ICANN or to be a closed-group blockchain. I'm open to either approach but they require the creation of a consortium, which requires buyin from a set of stakeholders that don't exist yet. So until that happens, we run it, and that's why we called it Placeholder. We'll backronym it into something else once we get there (the C most likely being Consortium).

[bb010g]

What are your thoughts on KERI? Some of Phillip's slide decks are weird to go through, but I really like its security & usability goals (key rotation needs to be realistic!) and the fact that it's going through the IETF RFC process. (Also, it avoids cryptocurrency-related blockchain baggage. It's disappointing how much blockchains have infested decentralized identity efforts.)

<https://github.com/WebOfTrust/keri>

[seattleeng]

Since you're familiar with this, what was wrong with how Farcaster approached name registration? Signing up or rotating your key is (relatively) cheap on Ethereum mainnet, and client apps could front the cost of signing users up. The user registry doesn't need to be maintained by a closed group in the long run (could start out that way, with Bluesky maintaining the contracts but eventually removing upgradeability when out of beta).

[pfraze]

I’m concerned about the transaction cost variability that we’ve seen with ethereum.

[gregw2]

Consider Avax?

[epicsponge]

> are just frustrations that don't have to do with the core innovation that Bluesky promises to deliver, and are instead confusing the AT protocol to be another ActivityPub-related protocol, rather than something completely different.

AtProto is designed to be a federated protocol. The issue I have is that it is not interoperable with the major standard used on the federated internet right now: ActivityPub. You can built protocols on top of each other. Instead of doing that, Bluesky built a confusing alternative that is difficult to implement and difficult to work with.

> In fact, it misses that having pull-based indexes is part of the idea of separating data publication vs. data curation.

Mastodon does this already. There is literally an 'explore' part of the app that is completely separate from the feed and does not rely on ActivityPub.

You cannot 'publish' content without having some sort of a federation protocol to go overtop of it, to network things together and send your content to the people who follow you. There is nothing about ActivityPub that makes a single global view impossible or hard to implement.

[barnabee]

As far as I can tell ActivityPub is (at least part of) the problem. If it’s not, then Mastodon is simply not trying to be a “Twitter replacement” or a useful global social network at all.

The only worse idea than Bluesky using ActivityPub would be to build something new making all the same design decisions.

Deciding “ActivityPub is the standard” (seriously?!) and demanding we give up already is the opposite of what we need.

I don’t know if AT is the best long term solution, but — and I’ve tried it multiple times — ActivityPub/Mastodon sure as hell isn’t. There’s no value in being interoperable with it that I can see, beyond the potential short term boost to vanity metrics on user numbers.

I absolutely want my identity to use public key cryptography, and I absolutely want to store all my emails, tweets (or whatever), and DMs locally first. I don’t like how accounts and servers work in Mastodon and the federation and global discovery approach sucks too.

The best thing we can do now is keep an open mind and try as many approaches as possible, because if something better than ActivityPub doesn’t come along society is stuck with centralised social media forever.

[vidarh]

Fediverse posts are signed with public key crypto (e.g. I'm looking at signatures for my post literally in the window next to my browser right now). It could use a multi-sig model so you'd be able to unilaterally prove claims about your posts, but that's not an ActivityPub limitation or issue. If you want to store it locally first, the only thing stopping you currently is that current servers are clunky, not the protocol. You don't give much detail of the specifics of why you think the protocol is the problem, so I can't address much more than that.

ActivityPub is very generic; it can accommodate all kinds of changes. E.g. if you want to introduce activity / object types that have improvements over what Mastodon supports, you can do so. If you want to introduce vocabulary within existing object types that Mastodon wouldn't understand, you can do so without breaking federation with Mastodon or other Fediverse servers. I'd be a lot more sympathetic to anyone who decided to extend ActivityPub.

The minimum viable subset of ActivityPub is largely: Provide an endpoint that returns an Actor with a list of the required endpoints (inbox, outbox, follower, following etc.) - the spec requires a list of them, but you don't even need all of them for basic interop - and handle POST's to your announced inbox, and GET requests to the outbox. Add unique URL's as "id" fields in the JSON, and support GET to them. Follow the format of the JSON to provide at least the minimum set of fields to address the activity, provide a type, and provide the minimum fields for the given type.

For interop w/Mastodon you'd want to support Webfinger to find the Actor. Nothing stops you from also supporting other mechanisms, like BlueSky's domain validation.

Nothing stops you from supporting additional federation mechanisms. Nothing stops you from providing additional fields. Nothing stops you from storing data locally. Nothing stops you from adding additional ways of signing claims about individual objects or a whole repository of objects. Nothing stops you from providing additional mechanisms for distributed lookup of objects by id. Many of those things would be welcome if people wanted to do it on top of ActivityPub.

[barnabee]

Sure nothing stops you doing those things, but also nothing makes them seem like a good idea.

Why bother with Mastodon interop? Why bother building on top of a standard that doesn’t do what you want if you don’t think being part of the “Fediverse” is particularly interesting or a goal of the platform you’re building?

Something new is a better bet at this point than being anchored to or seeming like part of Mastodon IMO.

[vidarh]

> Why bother with Mastodon interop? Why bother building on top of a standard that doesn’t do what you want if you don’t think being part of the “Fediverse” is particularly interesting or a goal of the platform you’re building?

Because they pretend to want to be open, and it's sending a very clear signal that is not their goal if they're not even trying to work with the existing ecosystem.

If they just want to be a silo, that's fine. But in that case be honest about it.

[Ar-Curunir]

Er why are you conflating “being open” with “being part of the Fediverse”? The Fediverse has no monopoly on that notion, and in fact shaming folks for not wanting to integrate with it is the opposite of open. It’s like saying “BSDs pretend to be open, but they’re not even trying to be compatible with Linux”.

[barnabee]

The “Fediverse” is not an existing ecosystem in any way that replaces Twitter or builds an interesting social network, from my perspective at least.

No matter how open I wanted to be, if I was setting out to build a social network, I’d please precisely zero value on being connected to that “existing network”.

It is irrelevant to me, despite what a vocal minority might want me to believe.

[nr2x]

“We have a thing that is arcane and hasn’t taken off with the public so don’t make a new one” isn’t exactly a stellar argument.

The only winning move is to onboard users and given hundreds of millions of people may be looking to leave Twitter, Mastodon utterly shit the bed and missed the moment.

That’s the end of the story: if the system can’t catch users raining down from the sky during a generational upheaval in social media it ain’t never gonna make it.

[robertlagrant]

I wondered if Twitter would try extending its protocol so it integrated into the Fediverse, and just become the best Mastodon server ever that everyone ended up congregating on.

[Sytten]

My experience with mastodon is that both explore and the feed are miles behind the experience I have on twitter to discover content I care about. No offense but everybody that switched from twitter to mastodon that I know went back. In the end I dont care what protocol you use but mastodon experience really isn't great IMO so I tend to be willing to give Bluesky a shot before I judge.

[mattdesl]

Creating a restriction where every new social media protocol has to be built on top of ActivityPub sounds awful. There is room for innovation outside of this narrow scope of ideas.

[cxr]

> the major standard used on the federated internet right now: ActivityPub

This might be a true statement for microblogging, but the major-est "standard used on the federated internet right now" is surely SMTP+IMAP, and I wouldn't be surprised if RSS/Atom were in the #2 spot even though "nobody" is using it anymore (esp. considering "nobody" includes most podcasts).

[pxoe]

this seeming belief that activitypub - or rather, mastodon - is be-all end-all and the only thing that anybody should be concerned with and cater to, is kinda off-putting

personally I hope it doesn't actually become "the one thing" with how opinionated and callous it is about some features

[OJFord]

> , it uses crypto, handles auth

Good? HN also uses crypto. Unless I'm missing it, it's not using cryptocurrency or 'tokens' or anything, just good old fashioned cryptography.