The arrows do seem to imply that commenting on my posts goes into my repo, but I'm sure that's just an imprecision trying to express an idea. The whole thing seems very cool and decentralized.
When I went to see what it takes to run a separate PDS on AT, though, I see that it's all nice and packaged up and has certain assumptions:
1. It takes care of SSL etc.
2. It will stand up HTTPS/WSS servers to handle a bunch of RPC
So in practice, you don't get https://roshangeorge.dev and at://roshangeorge.dev because for the latter you kind of need https://roshangeorge.dev/xrpc and wss://roshangeorge.dev
Therefore, you probably end up with https://roshangeorge.dev and at://at.roshangeorge.dev and then you can run https://at.roshangeorge.dev and wss://at.roshangeorge.dev
All minor stuff and doesn't take away from the main point, but it was a thing.
The way I used arrows might’ve been a bit confusing because I use two types of them.
The solid ones pointing from @alice.com downwards indicate ownership. They’re the same thing as grouping by color. All blue stuff is Alice’s.
The dashed ones pointing between records are links. Those are equivalent of <a href>. Any record can link to any other record, no matter which repositories either is in.
When you comment on someone’s post, your comment goes into your repo, but it has a link to the parent post (which may be in any repo). That’s usually how you want to represent it in the data model so that anyone indexing both records can reconstruct the relationship.
In the example, Bob comments on Alice’s post. So Bob’s comment is in Bob’s repo and Alice’s post is in Alice’s repo.
To clarify your specific point, a person commenting on your post will create record in their repo. In fact one can never create records in somebody else’s repo. That’s the central premise.
Hope that makes sense.
Also not totally clear to me (apologies if I missed it in the post) is where repositories live, I have a bsky account with my own domain, but I am not running anything to host a repo. Am I correct in assuming that bsky is hosting my repo, but I would have the option to self host or move it elsewhere and continue using bsky?
Also at:// URIs are of the form at://DID/..., and your human readable handle is bound to your DID through DNS TXT records _atproto.roshangeorge.dev, but applications all know to render that as just roshangeorge.dev. That DID points to a document that specifies where your server lives, so the HTTPS/WSS routes can live wherever you want them to.
Also likes/replies/etc on your posts go in their authors repos not yours, your intuition is correct there.
This is why Bluesky could never have "private likes" in the same way Twitter or ActivityPub does—every AppView needs to track the like counts of every post in the network manually. It's a huge hassle! I just don't see this architecture winning out in the long term, when compared to the AP feed-subscription architecture.
primarily because multiple programs can access the same identity
I didn't know "private likes" even existed, but if atproto includes public key encryption, I could publish a record containing a "like" that I have encrypted with the "liked" user's public key. Only that user would know what the record contained. Though, the fact that the encrypted message exists and had a cleartext "@name" is itself informative to adversaries. Concealing that level of info would require other measures.
We are currently working on something based on https://fedify.dev
Would you consider that can provide more complete AP functionality?
I agree, but why not also apply the same logic to the other two communication platforms you are using (Discord and GitHub)?
One point I disagree on that's also mentioned in the replies: I don't think a global state should be seen as necessary or even desirable. Sure, it helps people who optimize for clicks/likes/attention as a business model But that shouldn't be the only concern. Having some degree of uncertainty around the global state can help reinforce a healthy skepticism towards what you're seeing in general. The 'correct' global number of upvotes on a post, or the majority of what has been said about a subject might still be manipulated to the point of being essentially fake. Optimizing for virality is not desirable if you think of the platform as a public good. Think about what it has done for the centralized platforms, and the consequences it's had in the real world.
> Your goal here is to make the best YOUTUBE videos possible. That’s the number one goal of this production company. It’s not to make the best produced videos. Not to make the funniest videos. Not to make the best looking videos. Not the highest quality videos.. It’s to make the best YOUTUBE videos possible.
When I glance at the Bevy discussion link you shared, my reaction is:
> Your goal here is to make the best GITHUB OPEN SOURCE game engine possible. It's not to make the most performant game engine. Not to make the game engine that powers the best games. Not to make the best looking graphics in a game engine. Not the highest quality game engine or game editing experience. It's to make the best GITHUB OPEN SOURCE game engine.
In theory additional dids could come into existence too, those are just the two that blueksy supports at the moment.
Why do you think that's different in ActivityPub? As far as I know there's nothing preventing (for example) Mastodon and Pixelfed using the same identity.
1. 99.99% (literally) of AT users are on Bluesky, which is helmed by a for-profit corporation. The argument is that they don't control the protocol but considering it is THE dominating instance of that protocol, what's stopping them from strong-arming the protocol and changing how it works to benefit them? Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account? This isn't some hypothetical scenario, this already happened before. A lot of social medias started off with fairly open features and APIs and slowly choked them out for profit.
2. Users don't really care about protocol, they care about momentum and userbase. Piefed/Lemmy/Mbin are all popular-ish Reddit alternatives using AP. It was already a struggle to reach a point where posts could get over a hundred comments a day, how are you going to convince people to move to another platform again? I'm worried this will just end in splintering an already niche community and cause people to just give up and go back to using popular platforms.
Being able to move accounts is a very neat feature but it's not a reason enough to move. You can already export your settings and make an account on another instance in 20 seconds then import your settings again, which would bring back your subscriptions and blocks and all you set up from account 1. To me it's not a huge deal.
See also: https://arewedecentralizedyet.online/
[1]: A fediverse Reddit alternative, e.g https://lemmy.world/ and https://programming.dev/ . See also Piefed which I think is better nowadays https://piefed.social/
Instances don't work like they do on mastodon. There's not really a "dominating instance" in the same way. Heck, even within Bluesky's infra, there are multiple PDSes. Basically, stuff is layered in a different way (which the article shows the details of) and so talking about the structure of things ends up working differently.
> what's stopping them from strong-arming the protocol and changing how it works to benefit them?
This is absolutely a real concern. I believe they have shown themselves to be good stewards, and they also recognize this concern. As the ecosystem grows, this will be fixed.
> Better yet, what's stopping them from doing a rugpull and closing off their open service? What if bluesky decides 5 years from now that you aren't allowed to move your account?
This is built into the protocol! You can back up your CAR file and move it to another host without the approval of your current host.
> You can already export your settings and make an account on another instance
This doesn't work on masto to the same degree as atproto. You lose a lot of stuff when you move on masto, but it's 100% transparent on atproto.
The problem is a social not a technical one. It doesn't matter how good AT Protocol is at account migration. The vast majority of AT Protocol users think of themselves as Bluesky users and don't even know what the AT Protocol is. If the official Bluesky clients move away from the AT Protocol, the majority of users are moving with Bluesky.
For all the UX concerns people have with Mastodon/ActivityPub, at least they make it obvious that different users are hosted on different instances, and no one instance has more to gain than it does to lose by defederating.
How have they shown theyselves to good stewards? Its barely been popular and no where near the point where they can start enshitifying it. All the PBC talk is empty and they still maintain complete control.
Maybe it's because I don't like monster of the week political drama, but I still don't see a reason to use them instead of Tumblr, Pinterest, or even TikTok.
That's why I mostly use Lemmy/Piefed because everything is neatly organized into communities that you can subscribe to. I mostly browse tech & gaming communities and my feed is very chill.
It really depends on who you follow. Almost all the talk I see is tagged with #uspol so I could easily filter it out, but even without it, it's not the dominating topic.
* Usually spoilered with "${local_country_code}POL"
But you have the fact that this is the Internet, and somebody will have archived your post no matter what you or your host instance does. So you can rest assured that whatever you wrote on Mastodon is out there somewhere...
The assumption of the article is that ISPs are stable and net neutral enough that one would not worry about the ISP going under or seeking some personal vendetta against you and booting your domain. A separate entity may no longer be hosting our data, but a private entity is the gatekeeper of whether anyone is able to see your data.
All that to say, if we want true ownership of domains, ISPs need to be a nationalized, democratized service.
It is quite common for national TLDs (like .de, .jp or .cn) to be managed by not-for-profit entities, under contract with their respective governments... which might also not be great wrt censorship.
There is also the general issue of equal access, where shorter, more memorable domains get more expensive and hodling domain names is only disincentivized for people without enough funds. I would very much like to see an alternative system to domain names, probably something more in the web of trust space.
I've actually tried to separate the two in the article although it might be subtle (because I didn't want to make it confusing).
Owning a domain means you own your handle. Not data. In atproto, a domain is just a handle — you can swap it out without breaking links. (This relies on a centralized auditable repository which is currently being moved out of Bluesky as a separate independent entity. If you don't want to rely on that, yes, you'd have to tie your identity to the domain.)
Owning "data" is not related to owning the domain per se. It has to do with the fact that you can point your identity at a different physical server over time without breaking links. So your hosting doesn't have any real leverage over you. That's what I mean by meaningful ownership.
I've sort of conflated domains and persistent identity in the article to simplify the picture a bit. Your identity is not tied to a domain, but a domain serves as a bidirectionally verified user-friendly alias for it. If you lose control over the domain, you can tie a different one to the same identity later. This doesn't break links between records or functionality.
It's getting harder to change DNS settings on Windows, even systemd makes it a PITA to update DNS entries.
There’s a bunch of alternative DNS roots out there, that are similarly hierarchical, but really interesting: https://en.wikipedia.org/wiki/Alternative_DNS_root#Implement...
All jokes aside, an educated guess on what to trust (or not) is necessary. Otherwise you wind up on a slippery slope that goes in circles and always results in 'we need more laws'.
Long way to say that I think 'owning' a domain name and publishing on there is way better than the silos we're accustomed to nowadays. The open web never stopped working as intended, the genie is out of the bottle for 30+ years yet, make use of it if you want.
Also, you technically "own" your data on any social network. If you put a public key in your bio and archive every post, you can move to another network. Then use friends and close followers to broadcast your new location; those who care will probably find you without much effort, but if not, Open Social doesn't solve this problem either.
However, I still think Open Social is an improvement. Most social networks are really bad these days: manipulated engagement-driven algorithms, locked-down data accessible via poor UI, toxic community, and inconsistently-applied unspoken rules. These issues all have workarounds, and can still happen on Open Social (BlueSky's community is toxic, I don't know if its algorithm is gamed or its global moderation is reasonable). But it certainly makes them harder to form and easier to avoid:
- If everyone's data is available raw via API, it's easier to create your own algorithm and frontend (or realistically, use someone else's which is better designed and more suited to you personally than what a generic social media company would make)
- With all data available, it's more likely people will develop better algorithms to filter out toxicity and discover interesting posts. At minimum, it's more acceptable and easier to create whitelisted groups, where one person maintains an "algorithm" that simply selects posts they (and others who are granted invites) have determined are not trolls.
- If data access and ban lists are separate, the same network can have multiple ban-lists, so being banned isn't "all or nothing". You can choose a ban-list with rules you agree with and continue to see posts that most others would prefer banned. If no ban list is dominant, there's a good chance the rules that the ban-lists share are reasonable; you can worry less about being banned inconsistently or for a widely-considered unfair reason (e.g. upsetting a specific moderator), because in those cases you'll only be banned from one list.
- If having a public key and archive of your data is the default, and your followers' frontends automatically recognize the key and find your new domain/hub (e.g. if someone links it to the old hub), it's easier to move. If BlueSky shuts down tomorrow, some clients can just be updated to point to another domain with all the data and continue working as if nothing changed. Whereas if Reddit shuts down, in theory one can develop a clone from scratch and populate it with the archived data, but users would have to re-register and it would be a huge mess (+ legal issues).
And once you go to the site, your browser will remember it anyway so you don't need to type the monstrosity.
Or is it a really bad idea™?
If you drop the TLD part though, you can do whatever you want with any domain you want, up to and including handing out free subdomains to anyone who asks. As usual, though, if you try to do this, the dark internet will make you regret it as one day, quite suddenly, you'd find you were hosting the DNS of some massive scam email or other, or any of who-can-even-enumerate ways of making you sorry you put this service up because of their abuse of it. Just like anyone can make a URL redirector, and many people even use it as a sort of "learn this language project" but if you actually put it up online you will rapidly regret it.
It's a bummer and I'm not celebrating this fact, but, yeah, it's not something you want to do.
DNS is not a sybil resistance mechanism
This is basically where did:plc comes in, for atproto. https://web.plc.directory/ provides free ID numbers. For example, mine is https://plc.directory/did:plc:3danwc67lo7obz2fmdg6jxcr .
Your domain then uses a txt record to indicate that you want it to be associated with that particular did:plc.
You're essentially talking about IPv6 addresses.
Interestingly, most residential ISPs these days already issue your home network an IPv6 /64 or better! But they (sadly) just firewall off use of most ports that residential users have no purpose for — on my own network, even if I configure my router to allocate each machine on the network a public-routable IPv6 address, the only port the network (not the router!) is willing to allow non-established incoming flows to is 22/tcp.
But even if they worked, they'd still be ephemeral. At best, even if your ISP keeps the allocation the same, you'd lose it if/when you switch ISPs. (Similar problem to ISP email addresses.)
The real key here, would be if someone was freely giving out tiny slices of IPv6 https://en.wikipedia.org/wiki/Provider-independent_address_s... to individuals; and there were hosting providers / residential ISPs willing to add BGP routes in their ASN for these tiny prefixes. Then you could have a stable and portable and free IPv6 address for life. (It's certainly possible in theory, just not built yet — similar to how LetsEncrypt was "certainly possible in theory, just not built yet" until it was built.)
---
That being said, if you really want this to be DNS (not sure why; if it's not a short memorable name [and thus inherently competed over by typosquatters], then DNS is the wrong tool for the job), then you could do what systems like ngrok do, but directly serving those dynamic records as domains under its own gTLD, rather than serving them as subdomains under a domain. Maybe with each domain getting its own DNS zone and everything. That'd certainly be neat.
Note that way back when, the .me ccTLD sort of did this — they gave away .me "domains" for "free"; but with all web traffic on those "free" domains being intermediated by their L7 reverse-proxy servers, where they'd inject ads into any delivered HTML pages.
Facebook sued the operator (Dutch company called Freenom) for facilitating phishing and now we can't have that anymore.
https://github.com/topics/free-domains
Another thing, the thing that you mention is really similar to how tor onion links work... Except they offer encryption and prevents MITM/any other ways while still having your ip hidden.
Another idea which I use sometimes is to use something like cloudflare tunnels or ssh forwarding with things like serveo.net or any ssh based remote forwarding in general like pinggy or even ngrok.
If you are using this in some internal thing, I can also suggest something like piping server which I really like and I want to build something like a web browser tor-onion links esque but on top of piping server, its really really cool
so to offer it for free means somebody has to subsidize it. letsencrypt can operate because big companies with lots of money want their ads to be delivered without being intercepted by an ISP. what's the motivation for anybody to subsidize free domains?
I guarantee you I can store and make available over DNS the less than 1 KiB of data for less than a penny a year.
Instead of free, charge a flat $1, put it in long term US treasuries at 5% / TIPS at 2.5% and you’ve covered your hosting costs forever. The principle will never need to be touched.
One of the beautiful (but perhaps not that practically relevant) things about ActivityPub is that a Mastodon user can subscribe to a Pixelfed user without anything special being done. It's like if Twitter, Instagram, Reddit, YouTube, and Substack all automatically interoperated.
ATproto's system is a bit more well defined (you HAVE to abide by the lexicon/schema of the data collection to be accepted by implementations, reference implementation and some third-party ones have schema validators to do so) and allows for easier intercompatibility, but I do think that it could be a bit looser than it is right now (selective support for additional fields) to provide proper "sidecar" values in a record (they'll be in the user's PDS but it won't validate and could be rejected by indexers). Bridgy Fed does this to include the originating URL from APub and the original text, which third-party clients could certainly take advantage of if they detect that the post comes from a Bridgy account. (https://fed.brid.gy/docs#bluesky-fields)
That OpenAI timeline thing that just launched is more better approach, it solves content problem by just gathering data in background and feeding it to the user anyway. That particular implementation might not work but it sounds correct.
IMO, not much of value of Twitter for most users is in ability to post tweets, it's in data bandwidth. 99.9% of users don't post anything interesting, those might as well be local text file or oit of band shared filler content. The value is in content sourcing, so something like multi-social RSS reader with optional P2P should be the way to go. Just IMdimO, though...
The problem with client-side P2P is you can’t do large-scale aggregation with consistency. Large-scale aggregation with consistency is what normal people expect from social apps.
Re: the OpenAI thing you mentioned, that's actually a perfect example of something atproto excels at. Since the data already exists in the network, you can crawl/index it and run your own tooling that does something proactive on cron jobs etc. See https://github.com/graze-social/iftta for some initial work in that area.
They come up by doing something unique that can't be done on older platforms.
Here's a selection of things built on the protocol: https://nostrapps.com
I would’ve preferred starting off in an empty room, an experience more like using signal.
Except for one thing which has been pointed out by others. Anyone can access *all* of my data over this protocol. I like the idea that a lot of my data is directly accessible similar to the early web. But it would be nice if some of that data was only accessible if the accessor was permitted.
I don't really know much about auth tokens but I'm guessing they shouldn't be that hard to incorporate into this thing? When BlueSky or whatever app queries "@username.com/private/documents" the server expects an auth token, whereas it does not when the app tries accessing "@username.com/bluesky/posts".
The team decided to tackle public data first because scaling aggregation while preserving meaningful ownership is hard. So far I think they’ve succeeded at that.
Private or semi-private comes with a set of different challenges. Indeed scoped tokens are coming (via OAuth scopes) but that’s used for writes. The same mechanism could be extended for private reads in the future, like you describe. There’s questions about what shape private data would have though.
See https://pfrazee.leaflet.pub/3lzhmtognls2q and https://pfrazee.leaflet.pub/3lzhui2zbxk2b for recent thoughts on this topic from Paul who works on atproto.
Imagine a world where a preprint is “published” onto the social web, from which you could aggregate reviews/comments. I eventually ended up thinking about exactly what you raise - it would be great to have some degree of access control on this so both comments and published things can be selectively shared (with an option to make everything public later on, maintaining all the links).
I'm a bit concerned that the open web only won because of first mover advantage. What gives me hope is OSS winning.
I'd love to see something like atproto win though. It's clear that a major issue with social media is network effects preventing better apps from becoming popular.
Oh how times have changed. . .
One thing ATProto does is enable real competition in social apps, assuming they all run on the atproto fabric. One of the core hopes is that we can get everyone over to something like atproto once, to get them out of the silos, such that this is there last time they have to "move" their social network
On one side I find these ideas extremely compelling. This is aligned with the Indie web body of work, that pictures anyone having a personal website of their own content and ownership over that. And this page an article are beautifully put together.
On the other hand, we haven’t really seen a lot of developers adopting these standards for their own projects (like using this for their personal website or open source project). Nor from casual users (including people who make their own blogs and websites).
I am deeply concerned about the apathy people have towards the idea of ownership, openness and interoperability. It gives the idea that people just want to be fed TikTok and Instagram reels.
I respect the vision and the work. Will personally see if we can use this for our work. But I wonder how we make this into something that’s not just a micro niche hobby.
But there's a lot of work developing on that front, and the next 6-12 months will be super exciting to watch.
The longer story is that most people don't understand that ATProto is more than just Bluesky, and the usecases are wayyyyyy broader. That's going to take more time to play out in the market.
Basically our thing would give that ecosystem the ability to have personal pages that can look like Patreon, YouTube, Instagram and others
Can you expand on this feeling? Why is it deeply concerning? Why should people care about the abstract concept of data ownership? People were totally fine when they had zero ownership or agency over media and they were fed TV, books, movies, radio, etc. Most people do just want that, their primary motivation to engage with media is just to be entertained in that moment.
Now that they have places where they can publish stuff and their friends and family and maybe even some other people might see it, why should they care that they don't "own" their Instagram post, whatever that means?
Disagree. The punk phenomenon was largely about reclaiming that ownership and agency over cultural output, and it was massive in the 70s/80s/90s. The early web was very punk in attitude, with people basically self-publishing. Even in the '00s, there was still a clear distinction between "corporate" portals and grassroots.
This phenomenon where even creatives and intellectuals are Just Fine with playing in someone else's heavily-tweaked, hyper-monetized sandbox, is a new development.
One never knows, but for sure it won't happen when we do nothing.
If the answer is that most people should just make a bluesky account, that defeats the whole purpose because then everyone will still be on one or two large providers.
There isn’t such a thing as “Bluesky getting federated” — that doesn’t on its own mean anything. In Mastodon world, “getting federated” means many copies of the same webapp emailing each other. In atproto, you don’t create many copies of the same app. Instead, it’s shaped like the web — individual users can host their data in different places, and apps aggregate over that data. There’s no point in having many copies of the same app.
The BGS server you’re referring to is the “relay” mentioned in the article. Running your own relay is possible (Blacksky does it, as mentioned in the article). It costs about $30/mo with the current traffic. However, note that a relay is very dumb (it’s just a retransmitter of signed JSON over websocket). It’s cool that anyone can run one but by itself this isn’t a vanity metric to chase. We’ll probably see more independent relays but usually someone would run one for a reason — to insulate a company or a community from upstream failures, or maybe to censor things (in repressive governments).
This also completely misunderstands the architecture. Things don't hinge on the relays at all and they don't act as routers.
If I'm going to delete my Facebook/Instagram account then why am I trying to pick up a new drug to replace it?
I think many people find social media useful. If you aren't one of those people, fair enough. But not everyone is angry and addicted all the time.
Like RSS, people can host it on github pages, a service would poll it periodically to aggregate.
This would lower the barrier of entry by a large margin.
Maybe not all of bsky functions are viable, but I hope certain core part of "open social" can happen in this way.
But ATProto chose wss:// isntead.
In the future, the plan is to also enable some types of private data on the protocol. See these recent notes from Paul on the state of things:
Links to my own efforts on this
- https://github.com/blebbit/atproto (fork)
- https://youtu.be/oYKA85oZc8U?si=DIf09hu8-REw-yHj&t=3758 (presentation I gave last week)
I can’t link to a Bluesky post. I can’t use Bluesky from the browser. It’s a silo’d network.
The indie web has the right idea: Use the web, build ontop of blogs, degrade gracefully. We could have central aggregators just like Bluesky crawling the web with microformats.
The polished experience with Bluesky has little to do with the tech and everything to do with financing and talent. Give me millions of dollars in grants and I’m sure I can build a polished UX too.
What do you mean? Both of these things are trivial.
Here is a link to my most recent post on Bluesky: https://bsky.app/profile/steveklabnik.com/post/3lztkahefs225
You can sign into bsky.app (or deer.social, or anisota.net, or...) in your browser and post just fine.
It may seem inconsequential to some, but AT is fundamentally hostile to the web. The goal of AT is to move syndication and content off the web to another network. No. I’m done with that.
https://en.wikipedia.org/wiki/OpenSocial
It was a complete disaster
Apparently I wrote about it a fair bit back then, mostly noting how confusing it all was: https://simonwillison.net/tags/opensocial/
But going back to this obsession about data. It's really an obsession with control. But none of you really have control. You hope that you can "engineer" your way into control of your own lives, of your data, even of the way the world works. But engineers do not have power. Businessmen do. Until you realize that, you will continue writing technical specifications like this, making micro-communities, and missing the big picture. Control requires power. Power requires money. If you can't monetize it, you have no control.
Whatever federated thing you think is going to win, isn't going to win, if there isn't enough money to back it. Because someone with money will just make the biggest "federated thing" (or not; it could be completely proprietary and billions of people will still use it), and eventually close it off once they have enough users. You cannot engineer your way out of money, politics, or human nature.
Lost me right there. Open source is the infrastructure that powers closed cloud. None of the openness makes it to the end user. It only benefits highly technical users and businesses.
Open source was made irrelevant (to non-technical users) by the shift to services and cloud.
Can you also do one for NOSTR?
The functioning is similar, albeit there is no need for hosting user data since it can be sent to multiple relays and live reachable to others from there.
Thanks in advance.
Quite a lot of food for thought today. Thank you for that.
Ideally, if I see a post or comment, a process that I control should be able to establish whether the user is trustworthy, by asking the intermediate nodes whether the next hop is trustworthy. Essentially, I should be able to walk that chain of trust to see whether the information comes from a trustworthy source (and possibly input user's own evaluation of the chain links and nodes).
Unfortunately, social media companies do not let users access the social graph, because not being able to ascertain provenance of information is what makes paid advertising possible. It would also greatly help to combat bots.
[0] A collection is basically an app's particular set of records stored in a user's PDS repository. Here's an example using the Bluesky CTO's follow records: https://pdsls.dev/at://did:plc:ragtjsm2j2vknwkz3zp4oxrd/app....
These are summed up by Bluesky's app server (app view) and then used to fill out following lists in apps that connect to that server through its API.
A fact checking or web of trust tool could pull these records down and use it for exactly this purpose. It could even weight by who they repost, for example.
1. Because open social has to actually compete for a user's business, any sufficiently mature platform build in the ecosystem will necessarily trend towards being more responsive to those users needs, which will trend towards a better product than the legacy crop,
2. Precisely at a moment where governments lean on large, visible corporate entities to enact desired policies, splintering that ownership helps ensure a resilient communications network
It could definitely work as an alternative for the HTTP based web.
Web and websites did the heavy lifting of instant and world-wide information sharing.
With social media, open or closed, there are many non-obvious tradeoffs; I am not sure whether on the whole, we are better off with or without them - time will tell
We have this cache thing via wss connections. Do they invalidate this messages from user B? Is user's A worldview now completely dead?
Owning a thing in the internet is a complicated topic i guess.
Preserving past information via copying what a user said so that it does not get lost maybe also in the interest of some users (equivalent to the webarchive). I understand that this contradict the whole "owning your data" premise, but fundamentally since it was open in the first place the thing always can be copied right?
Whatever content is produced in this "open social" network, some of it may have long lasting "value" to an individual. Is there anything to make sure that what they interacted with can not completely broken by the other site of the party?
If the user's repo just goes down (e.g. the host is down), then indeed it won't be available upstream and only cached versions will remain. It might be that the user is having problems, and the repository will be up on a different host later. It's up to each application how to handle this, but it seems reasonable to keep serving cached content since there was no explicit deletion instruction. E.g. I presume Bluesky would keep showing both replies in the conversation.
>I understand that this contradict the whole "owning your data" premise, but fundamentally since it was open in the first place the thing always can be copied right?
Yeah this is a tricky thing. The general guideline is that the user expresses intent (e.g. can delete post or entire repo) and well-behaved apps respect that intent. But of course there can be non-well-behaved apps that don't, or that permanently archive everything ever emitted.
Decentralization is also more complex for the developers and particularly for the users, this creates a market for people offering services to operate decentralized systems, which ends up centralizing the network. This is how the WWW, Email, Git, BTC all got more and more centralized.
For a more technical overview, see “identity” here: https://mackuba.eu/2025/08/20/introduction-to-atproto/
It's one of those in-progress things that will get better and easier to use.
In the long-term, ATProtocol will be separated from Bluesky the company and end up as a standards and in some shared governance structure
I want both to thrive, but I prefer AP for small communities.
The AppServer, if you want index the full bluesky network (39M users) will run you about 200-300 dollars a month. Again, not really needed but you can if you want. There's also experiments people are trying out to only index smaller parts of the network, e.g. only users you follow which would mean hosting an AppServer would be even cheaper. FWIW, I like both protocols and want them to succeed, anything that gets people off of closed social media.
If you want to fully run a full copy of everything yourself, it's going to be more expensive, sure, but those costs have gone down dramatically over time. The most expensive bit is running $34/month: https://whtwnd.com/bnewbold.net/3lo7a2a4qxg2l
However, this post was about the at protocol, which seems like you just hand-waved in one sentence:
> The AT Protocol used by Bluesky has some interesting features, although to be honest I don't know how many of these are just impossible to achieve on ActivityPub or are just WIP lagging behind due to funding constraints.
I don't think the debate between them is super useful because their architectures are very different.
You also mentioned an issue with the bluesky relay, but others already exist so it's not techincally tied to Bluesky. Heck, I think the fact multiple can exist at the same, while degrades the social aspect, still makes it decentralized.
As for the identity management issue, they announced just last week that it's getting branched to an independent entity: https://docs.bsky.app/blog/plc-directory-org
Question:
> What’s more interesting is that Tangled prefilled my avatar based on my Bluesky profile. It didn’t need to hit the Bluesky API to do that; it just read the Bluesky profile record in my repository.
I'm a bit confused by this. If a bluesky avatar contains an image, isn't that stored (at least by default) within bluesky? Meaning that Tangled will have to hit the Bluesky API?
Or maybe Dan is saying that his own repository is not hosted with Bluesky in which it would make sense, if wherever his repo is stored is getting hit to retrieve the image.
But I wonder, why JSON if the web is already built on HTML documents? Is it possible to just store our data in a web of authenticated html documents and have the protocol be built on that? Are there other open standards we can leverage to reduce the amount of new infra / protocols? I wonder if there's a less complex "good enough" mvp version.
https://kyefox.com/nobody-cares-about-decentralization-until...
What's different here and why is it better? Do we really need another standard / protocol?
It perfectly illustrates the old saying: a picture is worth a thousand words.
I had never heard of this protocol before (even though I’ve been using Bluesky since the Twitter/X takeover), but after reading this, I feel even more confident that the migration was the right call.
Anyone can run a moderation service. Users subscribe to the services they want. When you flag a post or account for moderation, you choose which service you send the report to.
> How does blocking work?
Blocking works by publishing a "hey I've blocked this person" record in your database. Applications then can use this to enforce that.
> How do people make sure to distance themselves from political enemies?
I'm not sure what this means.
> Do the aggregator cache servers block certain user domains?
They could, and this is also a property that's not really about blocking, that is, you could choose to cache only part of the network if you choose, which could be useful for various reasons.
> How do you ensure that the aggregator returns valid and non-forged comments and likes?
Cryptography, basically.
That’s also why it frames the benefits in the concrete way that shows up in the products — like products being able to riff on each other’s data.
My audience for this article is slightly technical so I put some focus on the technical parts. I don’t try to avoid mentioning the “protocol” for the same reason why teaching to make websites involves mentioning HTTP.
I 100% agree with you though and that’s important for broader communication. What people care about are good products.
Also, does everyone need to have their own domain name in order to have an identity cuz that seems like a non-starter.
If you're creating a social app, website, or whatever, you still have to host all your users' data regardless. This is just about the protocol you use which enables universal compatibility, meaning users have the choice to store elsewhere.
> Also, does everyone need to have their own domain name in order to have an identity cuz that seems like a non-starter.
Not really. Bluesky is a good example; when you first sign up it does it for you under their own top domain by default iirc, but the great thing is you can actually use your own domain.
Think Twitter posts, StackOverflow answers, Reddit comments, etc. The stuff you don’t want companies to gradually start locking up for their own gains (as they tend to).
The protocol will likely be extended for private and semi-private data in the future, which would work by granting explicit permissions to apps. For now, app developers would keep private data in databases, same as usual.
It could be interesting to see what other apps may be born out of the protocol though!
Yes, down in every measure over the last 6 months. I think it's primarily used by a lot of people to organize sockpuppet-aided raids on twitter towards people who are instantly banned by mass-reporting the second they create an account on bluesky. It's basically old 4chan for unfunny people who think they're better than everybody else.
I'd be positive about any distributed social protocol, though, no matter who delivered it. The problem is that this was a Dorsey project that he already abandoned and denounced because it took a bunch of VC and is just waiting for the rugpull. Now you're supposed to trust a bunch of people you never heard of and a few famous paid evangelists.
I just can't help but think that the whole ethos of Open Social Media is misguided. I think that social media isn't good for us -- not just because of the big companies making it worse, but because the technology itself doesn't promote health.
It feels like trying to make cigarettes open-source. Sure you can stick it to big tobacco but at the end of the day you're still making cigarettes.
- Social today is not healthy
- Single account instead of N
- All apps keep your data in your database
- User level choice over apps, algos, moderation. Esp algos, my social media usage patterns have changed for the better since I started using custom feeds
- Real competition in social media
- Take back our shared digital experience from a handful of billionaires deciding everything and keeping us locked into their attention economy
There's a space here where we can move from nobody having smart phones or hosting digital presences -> everyone having digital presence provided by Facebook/Instagram, and icloud/google accounts -> Accounts w/ something like ATProto where its your stuff, you get to decide where you keep it, and you get to decide who gets access to it.
Twitter and Instagram are fundamentally different scenes bc of their restricted formats. Twitter has/had character limits. Instagram was primary for photo sharing. if you try to cram a long political rant in an instagram photo or description.. it is fighting against the app format and limitations. This sculpts the apps "culture"
im sure it can work, creating a hodge podge of random unstructured content.. like the blogosphere or Facebook. But it wont displace the walled gardens. You can make a Kiki app that only shows images, but youre following someone who is using Booba app which allows him to post pictures with descriptions. And suddenly nobody really knows what to expect
Data in user repositories is treated as untrusted input by apps, and rejected if it doesn’t pass the corresponding schema. Schemas are evolved in a backwards-compatible way with a nudge towards future extension (eg open unions are default).
That’s exactly why you can’t make a 500 character post on Bluesky. The Bluesky server will ignore your record as being invalid.
A big part of Twitter’s “culture” is creating “threads” to work around the character limit, which kind of defeats the point.
Lots of people there to direct you to specific resources
I love the idea to define data formats first, and then build on top of that. It's the only way we should do everything, because if you have the data, everything can be re-built on top. Unfortunately the way AT works is all contained in here:
> Social aggregation features like notifications, feeds, and search are non-negotiable in modern social products. [...] Coincidentally, that’s the exact mechanism you would use for aggregation. You listen to events from all of your app users’ repositories, write them to a local database, and query that database as much as you like with zero extra latency. [...] This might remind you of how Google Reader crawls RSS (rip).
In order for the social aspect to work, all data must at some point or another be aggregated in a single place. Said single place must then be huge, as it scales linearly with the activity of the network; in a still-capitalist world this means that this single place will always be run and led by money, unless some extraordinary volunteers-based project like Wikipedia springs up. The example of Google Reader is to the point: it was the biggest tech company at the time, provided a service for free, and decided to stop because it didn't care anymore.
In fact Google Reader is a very good comparison. AT works exactly as if you had websites, each with their own RSS feed, and then a big relay called Google, providing search, feeds, notifications, ... but as we all know by being the middleman between producers and readers Google gained an astonishingly high power. That is the business model described by Cory Doctorow when he talks about enshittification. Put yourself in the middle, and everyone will depend on you.
The only way an AT based product works at scale, ie with everyone easily talking to everyone, is with one or a few mega intermediaries between everyone of us. I fear this is not going to solve any of the issues we have.
What is different in ActivityPub ? Intermediaries are definitely useful for some services, but once your network is built you don't need them anymore: content flows directly between the repository, no middlemen needed.
In short: if we want a single network at large scale, AT requires large scale centralization points, while AP certainly needs them but could survive without them. Either we face that, or we start exploring and living within small-scale networks
I do think that you’re underestimating the value of open network for large-scale aggregation. Yes, for big open world you need big indexes. But indexes don’t have to always done by single entity. Some can be shared. Resources can be pooled for apps that need a materialized index of the same data. We haven’t really seen how this plays out yet because big indexes only existed behind the doors so far.
And if all else fails, limiting the scope (by time or community) works in atproto too. It’s just… not as fun :)
This is not so in ActivityPub. The data you post is owned by/controlled by the instance you're on. In the language of the article, you're still a row in somebody else's database.
I was on Mastodon for a while until the instance I was on shut down. I naively assumed that I could export and re-import my posts but that was not so. Everything is deleted. I technically have an archive of it in the form of some JSON files, but as illustrated by the article, this is now dead data. The same will happen again if/when my current instance shuts down. The only way around it is to run my own instance, which for the vast majority of people is a ludicrous proposition.
I get that theoretically the two should be similar or even identical in practice, but I feel like the way Bluesky goes so hard at "literally individuals maintain control over their own stuff" is kinda too hard for most, and that Mastodon's "just trust the server" way, which ABSOLUTELY has it's own problems, of course -- is still better, mostly because we have better practice in this style, in the form of good ol email.
>Social aggregation features like notifications, feeds, and search are non-negotiable in modern social products.
Conceptually, Mastodon is a bunch of copies of the same webapp emailing each other. There is no realtime global aggregation across the network so it can only offer a fragmented user experience. While some people might like it, it can't directly compete with closed social products because it doesn't have a full view of the network like they do.
The goal of atproto is enable real competition with closed social products for a broader set of products (e.g. Tangled is like GitHub on atproto, Leaflet is like Medium on atproto, and so on). Because it enables global aggregation, every atproto app has a consistent state of the world. There's no notion of "being on a different instance" and only seeing half the replies, or half the like counts, or other fragmentation artifacts as you have in Mastodon.
I don't think they're really comparable in scope, ambition, or performance characteristics.
Mastodon requires a complex decision upfront, which server do I trust, which is analogous to where you create your account on ATProto, but unlike ATProto, doesn't give the tools to seamlessly transition later.
The trust lens I think is a good one. You want to let different users make different tradeoffs in effort without having that leading to a worse experience..
The server shouldn't need to be specific to mastodon/bluesky networks either
Ghost (the blogging platform) is kind of a peek into this — you can host your microblogging account there and interact with other activity pub networks like mastodon
this is the promise of the activitypub standard, anyone that uses the standard can interact with anyone else using the standard...
This is clearly a wild claim that almost undermines the rest of the argument, but to the extent that we can accept that there are open source software packages that decision-makers deep in that industry will reliably choose for their business...it's not clear how this revolution will extend to "regular people." They just want easy. Make something as easy and fun as Instagram. They don't give a crap about all this, they don't want to think about it.