Hacker News new | ask | show | jobs
by NiallBunting 49 days ago
I think it would be interesting if the file servers had read/write/list/delete permissions on files. For both groups and users.

It would mean the public stuff could see your files but private projects could exist. Eg. Maybe I don't want my At Protocol version of Figma making all my drawings public. If they could be shared in a group (anyone in a list in that folder or whatever).

Maybe this is coming, but would interest me way more about using applications on the atmosphere.
1 comments
nightpool 49 days ago
The ability to make information private fundamentally conflicts with how ATProto is designed. All records have to be sent to all Relays and AppView nodes on the network to provide a "global view" of the network. So there's no way to keep records private without locking out some user's servers from viewing them, and since AppViews are centralized indexing services, they won't function without being able to see the entire network.
link
NiallBunting 49 days ago
Yeah, apps wouldn't be able to only listen to the firehose.

There are some proposals for private files. However, I'm outside the AtProto world so not sure what exactly the suggested implementations are. I just hope they give enough control.

I think the technology could potentially be used for way more than microblogging. I would love to use webapps that store the data on my devices and share it with specific people. The data and access under my control.

[1]: https://dholms.leaflet.pub/3mhj6bcqats2o

link
blackqueeriroh 49 days ago
What you linked is by Bluesky’s own staff - it’s him laying out the design plans for the protocol’s private data implementation.

He’s doing it to engage publicly with the community, since many of us also build on the protocol.

link
nightpool 47 days ago
> Sync is pull-based. Applications are responsible for staying in sync with all member PDSes. PDSes assist by sending lightweight write notifications to prompt pulls when new data is written.

It looks like this basically just reinvents ActivityPub (local servers can pull or push to remote servers). So it defeats all of the "benefits" you get from Bluesky's firehose-based approach anyway, except for the fact that Bluesky assumes you're going to be using their AppView and they will always have access to your private data.

link
tardedmeme 49 days ago
What would happen if you returned different content depending on who was asking?
link
nightpool 47 days ago
It would fail the merkle tree validation
link