It’s too dependant on encryption. Yes, it’s a cool technical feat that stuff can be in the open but also private - but:
1. I want to be able to follow my freinds if my phone dies and i have to get a new one.
2. I am very technical, and idk exactly what a X25519 keypair is.
I would like for people to come up with more stuff like this that is designed for small communities but not for very secure communication. Like I want something where it’s secured by a username and password, that i give to a server i am registered with - and that server handles the encryption business. If the server rotates keys, that’s for the admin to figure out and exchange keys with sibling servers.
Idk I’m just making up specifics but this is the kind of ethos i think is needed to make things that can be successful with non-technical people in a way that can unseat big tech.
In case i sound too critical - this is cool. It just isn’t something i can use with family and friends to replace facebook or even email.
If we are ever going to free ourselves of rent-seeking middle men, we simply have to make a cultural change where non-technical people do more for themselves. I don't even think it's about technical difficulty (most of the time). I think people just want someone else to take care of their shit.
The above includes us highly technical people on HN. We really can't expect (or lecture) the normal mainstream population to make a cultural change to adopt decentralized tech when most of us don't do it ourselves.
E.g. Most of us don't want to self-host our public git repo. Instead, we just use centralized Github. We have the technical knowledge to self-host git but we have valid reasons for not wanting to do it and willingly outsource it to Github. (Notice this thread's Show HN about decentralized social networking has hosted its public repo on centralized Github.)
And consider we're not on decentralized USENET nodes discussing this. Instead, we're here on centralized HN. It's more convenient. Same reason technical folks shut down their self-hosted PHP forum software and migrate to centralised Discord.
The reason can't be reduced to just "people being lazy". It's about tradeoffs. This is why it's incorrect to think that futuristic scenarios of a hypothetical easy-to-use "internet appliance" (possibly provided by ISP) to self-host email/git/USENET/videos/etc and a worldwide rollout out IPv6 to avoid NAT will remove barriers to decentralization.
The popular essay "Protocols Not Platforms" about the benefits of decentralization often gets reposted here but that doesn't help because "free protocols" don't really solve the underlying reasons centralization keeps happening: money, time, and motivation to follow the decentralized ethos.
"But you become a prisoner of centralized services!" -- True, but a self-hosted tech stack for some folks can also be a prison too. It's just a different type. To get "freedom" and escape the self-hosted hassles, they flee to centralized services!
This only works with a TINY part of the population. Most people, even if they actually do care, just don’t want to expend the immense mental capacity to learn all the technical specifics. This stuff is HARD for people. Imagine having to learn metallurgy in order to drive a car.
> I don't even think it's about technical difficulty (most of the time)
I do. We simply don’t appreciate enough how HARD things are for non-technical people that we take for granted.
> I think people just want someone else to take care of their shit
Of course, that’s what software is supposed to do. And we can build software that does this, even with good primitives. We just have to laser-focus on UX and can not hand-wave away glaring issues that will instantly lose 95% of users like most of us keep doing.
"Making a cultural change" is not something you or any group of people can do. The superstructure of the game decides those, not the players. You can try, but nobody will play your new game.
Eg your bank genuinely helps with finance and transfers compared to transacting directly on a blockchain or snail mailing cash around.
> I think people just want someone else to take care of their shit.
Yes, division of labour!
I get where you're coming from, and as much as I'd love to see everyone become more technical, we live in a specialized society. You could use the exact same phrase to talk about fixing cars, making clothes, or producing your own produce & livestock.
A while back I, who has very little mechanical experience, decided to swap out my snow tires myself and fix a broken valve stem. After buying tools and parts (nearly the cost of having a mechanic do it) I probably spent nearly 12 hours on those two things combined. It was a slog, and didn't make logical sense for me to do it (working a bit extra to cover the cost of a mechanic's labor would have been more efficient), I just did it because I want to learn how to do basic mechanical stuff.
For a mechanic, that probably would have taken like 10 minutes - they might say "Hey, people should work on their cars more. It's not hard, people just want other people to fix their problems." But it's a lot harder for somebody who doesn't have a career in fixing cars, and I think a lot of IT guys have a bit of a blind spot when it comes to how easy tech is. Not that it's harder to learn than anything else, but that we already took the time to learn it, and it makes a lot more sense for people specialized in other things to outsource it.
The solution, IMO, is to create more user friendly alternatives to the user friendly centralized services. Open source &/or decentralization don't need to be much more complicated than something like Facebook would be.
* trust giant unaccountable organisations
* do things yourself, because you're the only one you can trust
we won't solve the issue, because there are too many things that every individual would have to understand, execute correctly , and do so with perfect OpSec.
We need to work out the social bit, as well as the technical. How do we make it practical for individuals to delegate trust to smaller organisations, so that they can switch between them if they show signs of abusing that trust? This needs social innovation as much as technical - how do we bootstrap trustworthiness for small organisations? How do we do it fast enough that the next move is to an ecology of small organisations, not just to the next Facebook/Play Store?
2. You don't need to know unless you want to implement the protocol! To use (the very barebones) implementation all you need to do is fork the repo & give access, which I admit can be too much for family/friends so you might have to set it up for them (and I bet they'd be stoked to have a website of their own!)
Having seen enough story in the vein of "if only I still have my bitcoin wallet from 2014" and "our storage server failed and when we tried to restore from backup we found out our last working backup was from two years ago," I have to say I have a rather dim view of how competent people actually are when it comes to keeping backups working.
I am not saying cryptography isn't useful for safeguarding your data, I just think for perhaps 90% of the users out here the risk of being locked out of your data permanently is more realistic than your data being accessed by a bad actor.
> which I admit can be too much for family/friends so you might have to set it up for them (and I bet they'd be stoked to have a website of their own!)
From reading the website, I was under the impression this is a techie oriented project still looking for technically inclined early adopters instead of something you can readily tell grandma to hop on. I sincerely doubt the average friend and family member who needs other's help to set up a personal website knows what the protocol does or why should he or she use it instead of Instagram or Facebook, or Signal, if the point is just to keep in touch with people you already know.
I wonder if there's a decent way to encode these private keys in QRCodes? You can jam about 4kB in a high density one from memory? (I know that'd be possible from a developer/technical point of view, but if this were my project I'd want a talented UX designer to have complete authority over how this is presented and explained to users.)
One other idea - maybe implement a Shamir's Secret Sharing mechanism where your private keys get sharded and encrypted to a sufficient number of selected friends, so of you lose your s@ private key it can be re assembled by convincing - say - 8 out of 12 selected friends to give you their part?
Or alternatively - automate a "recovery mechanism" where you set up a new key pair and publish it on a temporary domain/site, and can then ask a friend/follower who can authenticate your identity out-of-band - to export all you posts decryptable with your new key, then put you new key and all your old posts back into your main site.
Some of the issues I was thinking about:
Email clients by default block many types of messages and the allowed mime types are limited as is the support of html. So you really need your own email client to bring in the types of features we’d like to see, or, as you say, an intermediate format that is reinterpreted.
There’s also the fact that gmail or outlook mail servers may simply block and blacklist the content. Email was designed to be decentralized but it has moved to a system where a few companies control the major mail servers. If you wanted to re-decentralize email and add some anonymity then everyone would become their own mail server but this would raise the problems of email viruses and spam - and it’s not as convenient as just using your existing email and app.
On the original concept is restricted to share outside the participating people but could be relevant that people add more people that are interested in a topic.
Email is a good transport layer. Nowadays people just imagine it as messages between large providers, but I'm in strong favour that small providers or self-hosting email can still be used.
I don't think this is a real proposal, but more a thought experiment about how a static site could integrate into BlueSky. I saw a few similar efforts to integrate the "passive" components of ActivityPub into static site generators so that you could make your static blog consumable via the Fediverse.
In reality, if you really wanted to publish your static site blog posts on BlueSky, this is probably a good place to start! As you mention, there are some serious usability issues with doing everything by hand, but you may find that acceptable or invest in workarounds. Maybe it's possible to use your BlueSky identity so that you aren't in the business of managing keys. Or maybe you could use a script or static site generator plugin to pull credentials from somewhere.
Where is it stated that this is a goal for this project? You and I both may want a way to break the influence of the dominant social media companies. But this doesn't have to be that in order to be successful. It just needs small groups of people to use it in a way that benefits their communities.
https://apps.apple.com/gb/app/notesub/id6742334239
I like it. And mass adaption is not required to use it.
I would have loved to have made this a true social network in some regards, however, there are issues of moderation and storage that become very expensive at scale.
Moreover, adoption of a new social network is super hard to promote. So many Twitter, Insta, etc clones have failed because they are just 'clones'. Not offering any thing new.
It should be considered although Thiel talks of 0 to 1... A great deal of dramatic software/hardware progression comes from a highly evolved successor to an average pre-existing product.
The iPhone was not a zero to one, nor was Apples GUI, they were just highly evolved versions of average or below average products that already existed. Social media apps are already highly evolved for their function. We need something better for edge cases, but the current state of social media platforms means that something supremely better is required before any adoption drive becomes meaningful. When such a product comes, mass adoption is inevitable; we crave and succumb to better ways of communication and contact.
But nothing obvious about your friends being able to see them.
Isn't that basically Mastodon?
To be honest if we’re talking truly accessible, even usernames and passwords aren’t great. Users forget them. That’s why a lot of sites these days offer to email you “magic links” to log you in. And if you want to do that you need to make sure you’re running a server sending emails that won’t immediately go to spam.
At a certain point if you want a truly scalable, decentralized platform you’re going to have to cut back on backend responsibilities. This is a logical answer to the problem.
What does this mean
https://ianix.com/pub/x25519-deployment.html
For example, does "technical" mean curious, enjoys learning, motivated to take things apart to understand them, ...
Does it mean likes to create accounts, signs up for websites, apps, etc., heavy social media user, terminally online,...
What does it mean
I've never understood selfhosters fascination with cloudflare. They have some cool products but I have a feel 2026/27 is the time they start to show their evolving colours
As in, you cannot describe it exactly, or you have never run into it?
Additionally, you could just look it up if you care about the technical details.
Who's gonna sniff your traffic from home? NSA, your ISP?
They already do.
Same as in corporate networks: your data is MITM anyway.
Fun should be unencrypted. It's not shopping or ssh into server.
Five years ago I would totally agree. Now, when you do not want to share your fun thoughts with a border guard; a police person; an AI scavenger; a random jerk -- I would say, having a safe-ish space becomes almost a necessity
Names matter. We can keep the technical stuff under the hood, while presenting a clean interface for those un-interested in the details. But we can only do that when the thing built right. Notice how you don’t have to share encryption keys when your friends want access to your home wifi?
Even the password part is harder than it should be. Idk why routers don’t just have a button you press when someone wants on the wifi. They knock on the network, a light flashes - press button, they are let in. Would work for most home use.
Woah.. when will those people learn? _Any_ browser storage is unreliable. Anything goes wrong with your web experience? Clear browser settings. Make new profile. Re-install browser. The browser's localStorage is not a replacement for filesystem. It cannot be backed up, it is super volatile, and it should _never_ be used for anything important. It's one of those "worst of both world" cases, where malware can access it with no problem, while legitimate backup programs are locked out.
(And yes, the post mentions "new device" flow, but how many people would (1) remember to export their private key and (2) won't lose it with their device? I bet in practice people will use the network until the first time localStorage is lost, and then they will get annoyed that their feeds are lost forever, and will likely leave the network for good)
> Woah.. when will those people learn? _Any_ browser storage is unreliable. Anything goes wrong ...
Can't that be solved by a 1-liner button like "Export key in safe location" then URL.createObjectURL( localStorage.getItem("myTopSecretKey") ) and let the user save that on their filesystem?
> but how many people would (1) remember to export their private key and (2) won't lose it with their device?
How does this help with either of those options? for example, I am on the phone, and imagine I've remembered to download the key... if my phone breaks, it'll be deleted. I also need to store it somewhere - google drive? password manager?
So yes, it could be solved but it would be more like "1-liner + few manual steps user must do", and there will be no guarantees that user will do those steps. So maybe people who are really invested into the new network or maybe crypt-owners who are used to manager their private key will do it, but most people will just loose their friend lists once they get a new phone or clear storage.
It's also one of those cases where "perfect is the enemy of good enough", and also very easy to solve, offer a download/upload button that offers you to save the key, or upload a arbitrary one. Now every issue you mention disappears, and it's maybe ~50 lines of code...
And yes, loosing keys can mean you lose access. People who used 2FA are well aware of this problem, and yes it requires diligence. Also people who maintain their own cryptocurrency wallets seems to be able to handle this too, so not like it's completely impossible, just infeasible for the average Joe.
Pretty sure that the only people who use un-recoverable private keys are crypto-wallet users, and even they regularly lose access, despite having strong monetary incentive to keep backups.
Now of course it's all open source, and authors can implement whatever they want, including things like: "It's your own fault that you did not do that backup procedure correctly, the button was _right there_. Serves you right that you have lost your account, maybe you did not deserve it in the first place." But that may be no the best approach if you want to create something that people actually use...
Would a `/.well-known/` be helpful here?
I might want several directories in the future, and even if I don't, I might want it separate from my .well-known robots.txt. Many, many reasons I can think of not to blend these.
Bad idea.
Personally, I think a possible angle of attack for a new practical social network protocol is data management, as the amount of data people generate, consume, store, and share is enormous these days. More like, manage data conveniently, and share them easily as a side-effect.
As someone who tried to give all of the decentralized social networks a shot... something I realised along the way is that they are never going to fly because they are not giving you dopamine kicks like the big tech giants are. I ended up forgetting to visit Lemmy or Pixelfed or <whatever> because I had 2-3 times when I opened up the app and saw the exact same content, giving me a feeling of "nothing is happening here" and thus, I didn't need to check in.
I mean, even Signal has that Instagram story function but I have never seen a contact use it because no one goes to Signal "just to scroll" or whatever. They go there to send or read a message.
Any social media needs content for people to visit. They need to make people feel like they are missing out if they are not visiting. Otherwise, they're just going to end up as an app on the phone which is never opened.
I think this is the point the OP is making though, there's little to no actual benefit if the content doesn't change often. You probably never forget to check HN for example.
An RSS reader linked to this via a browser extension might be a more useful interface for feeds that aren't updated as frequently.
We need something like Discord, except each server is an actual self-hosted server like a Minecraft server. DMs between two users should be handled by a mutual server. Account credentials should be handled by a Nostr-like protocol, which also gives you global tweeting capabilities as a bonus.
Run the whole thing on Yggdrasil Network or something similar so that it's not tied down to IPv4v6 and DNS and all existing hardware infra, but can still take advantage of them. And add reciprocal inter-server onion routing to make it difficult to geolocate servers. Also take a page from SoftEther VPN's book and wrap all traffic in HTTPS and perform automatic NAT traversal, so that people can host servers from behind ISP firewalls.
Anything short of that and we lose to big tech and govs in the long run. But once we've achieved the above, the decentralized web can truly take off: we will get WiFi routers running open-source firmware to make a mesh network to act as alternative physical layer infra for the new web. We can still take advantage of the existing Internet's bandwidth as long as there's an unblockable path to send a little bit of data to discover and coordinate nodes.
This is not a software issue, it doesn't matter how good the tech is, the masses will always aggregate to big tech networks because decentralized networks will never have billion dollar marketing budgets.
Non big tech solutions need solid UI and UX that does not assume your average user can balance a binary tree, know what is a private key and how to safely back it up (other comments brought up this exact issue) or even knows what a "static website" means. Non big tech solutions need to give non technical users (read: the overwhelming majority of humanity) a good onboarding experience that does not involve learning ten new jargons and acronyms. Non big tech solutions need to know they have a limited strangeness budget [1] and should only spend it on places it matters. Non big tech solutions need to start actually cater to the unwashed masses before being befuddled by them choosing to stay on mark zuckerberg's platforms instead.
[1] https://steveklabnik.com/writing/the-language-strangeness-bu...
You have named networks that are federated together, and people can publish to the networks they are invited to or sign up for. The networks survive even with individual servers go down. Data is cached all over at the edges.
Your version is just way too susceptible to rot, unless you see that as a feature. I see it as most of the good content falling into the ether sooner rather than later.
Also can use people viewing the pages as hosts https://gabe.durazo.us/tech/ephemeral-p2p-project/
Each device (cellphone/laptop) is a server. They connect to preferred server stations that are used for discovering other peers. There are things like common chat rooms on the station servers but personal messages are completely p2p using webrtc.
There are other apps there, for example to host own websites or blogs and other things you'd expect from modern usage. Mesh is done today using cheap ESP32 devices (3 euros each).
It is a work in progress, the main point is that it can exchange data even outside the internet and use radio connections.
Ideally, nobody except a single server node of your choice (which is probably the one you self-host) is able to match your Nostr identity to your real IP address. Instead, IP-like-identifiers (like in Yggdrasil Network) should replace IP addresses when interfacing with other nodes. Server hosts would not share their traditional IP when inviting new people to connect to it, only their IP-like-identifier. The invited person can pick/host their own trusted server node as well, and that trusted server would relay that user's connection to your server, which they don't trust. Everyone has a trusted server that represents them.
The trusted server and the untrusted server should not have eachother's IPs during this relay process, either. Instead, the data should be bounced through some other server first, who may bounce it again, and again. The actual underlying path the data travels between the two servers which represent the two users should involve many onion-routed bounces that is not fully known to any server or user. The only situation where a device needs to know another device's IP is when two server nodes establish a reciprocal routing agreement and exchange IPs over an encrypted tunnel ("if I bounce X amount of traffic for you, you will bounce X amount of traffic for me in the future", it's a bandwidth transaction). Such negotiations should be made by querying random addresses or established manually (early on, when the network is small and sparse). This is where offline meshes can help. An ESP32 mesh doesn't have nearly enough capacity to handle all the messages and multimedia flying around, but they can be an alternative pathway to negotiate routing agreements. When the network is dense enough, it will be difficult to pin down your IP, even for state-level actors. And they certainly won't be able to surveil many people at once because even honeypotting one would be incredibly expensive.
Also consider encapsulating all of the Internet-routed traffic in HTTPS using only port 443 (like this: https://www.softether.org/1-features/1._Ultimate_Powerful_VP...). It needs to blend in with traditional web traffic so that no infra operator can identify/block/throttle it.
Also make sure to stay anonymous while developing this so you can't be sued or prosecuted.
https://github.com/Vigno04/discord-selfhosted-alternatives
unfortunately though i think self-hosting is one of the problems. one of the features of discord is how easy it is to create your own server.
from that list i am checking out commet now, which seems to promise a better experience on top of matrix. that would at least solve the self-hosting issue, as i'll be able to use it on any existing matrix server. matrix has the technical features needed to work like discord, but not the interface.
(The IndieWeb wiki is probably the best resource for exploring the personal website-based social networking tech nowadays. I recommend the author check it out and maybe iterate on that instead :)
Or it's all super niche for "personal website-based social networking" enthusiasts and never took off, because big players didn't implement it and we need them to, or whatever?
> sAT Protocol (s@) is a decentralized social networking protocol based on static sites. Each user owns a static website storing all their data in encrypted JSON stores.
Cryptographically, a problem is that it makes ciphertexts publicly enumerable, protected by a X25519-derived key. This makes it very vulnerable to harvest-now-decrypt-later attacks, if you believe quantum computing will ever happen.
... and you don't believe that everything will be totally fucked when it does happen.
If there is a global passive observer, and they get quantum computing, a huge amount of supposedly encrypted private information just got popped. Whether or not I care about my dinky little private social network posts when every ssl/tls connection I've ever made is being cracked and data mined is an interesting question.
It's basically PGP + RSS, only mapped to a bunch of files of specific structure. Those could be RSS/ATOM feeds instead of JSON, to reuse an existing format. The reuse of the ideas is good, these ideas are time-proven.
As any PGP-lookalike, this thing has the key distribution problem, and won't scale to billions of users due to that. Key rotation and revocation is another problem. But for a small-scale network it should be fine, and can run on very tiny, very low-power devices, maybe even with intermittent connectivity.
Not true, the "content key" is common to all viewers of all posts, from a particular author. (hence the need to re-encrypt the world when you unfollow someone...)
I see.
I see...
_ /
. .Forking, paths, JSON, decentralized, encryption, key rotation, etc and I still have no idea why I would bother and who else could use it (a decentralized social network is only so much fun if you are the only one on it).
Right now, those circles of friends are _reasonable_ well served with some combination of Mastodon (effectively zero security but with decent findability) and Signal (much more limited mostly to only people you'd be OK with having your phone number).
I will definitely take this for a spin, and start having discussions with particular groups of friends to see it I get any traction.
https://satellite.earth/ (Satellite nostr client)
https://nsite.run/ (literally static sites on nostr)
Anyway, I really like this idea, it's cool. When I think about this one though, I feel there's too much friction in the follow/unfollow process. Having unfollowing requiring reenecrypting and rebuilding the entire website for everyone seems cumbersome. It's not a killer in itself, but combined with this:
> If the original post is inaccessible (e.g. the viewer doesn’t follow the author), the reply is hidden entirely. A user only sees replies from people they follow — this is the spam prevention mechanism.
I think this is going to prevent it from scaling in any desirable way. I know it's not intended to scale, and is targetted at smaller freinds networks, not influencers, but again, even small friendship networks grow complex, and I can see the experience on S@t turning into the worst parts of activitypub where you can only read half of the interesting replies because not being friends, and it being a pain to then become mutual friends.
But, I really, really do like that s@t feels like a combination of RSS, activity pub and static sites, having a browser heavy client is interesting to.
It does feel a bit like s@t wants stuff to be easily locked down between a dynamic list of friends though, and it feels a bit weird to have the foundational tech of such a protocol be static sites, which by definition make it hard to lock stuff down to a dynamic list of friends. Hmmmm, I really do love/hate static site architecture
This is nice though, thanks for sharing.
is perfect forward secrecy no longer considered valuable?
PFS in an open, freely-associable environment is far more complicated when you move beyond even the smallest of group sizes. Realistically, once the group size is beyond Dunbar's number you can reasonably assume that PFS is moot, because you no longer can depend on maybe four or five people's personal security, but 150+. Statistically, someone's opsec failure will be guaranteed.
This is a very common problem. There is potential to possibly make this more decentralized with smart card technology. Like imagine a smart phone with access to pub keys in the hardware tied to an account cryptographically. Then you can say something like phone number = subscriber = pub key. Encrypted messaging apps seem to bootstrap off of ownership for numbers in the mobile system (mobile system security is very bad so there are dragons here.) The other apps like pidgin with OTR plugins they have unique phrases that help with the issue.
When you start looking at decentralized pub key infrastructure tied to human-meaningful names you start to run into zookos triangle:
https://en.wikipedia.org/wiki/Zooko%27s_triangle
human-meaningful, decentralized, secure -- pick two
This is not true of indieweb's web mention: https://indieweb.org/Webmention
It just uses HTTP POST (like pingback/trackback/etc, except it has a second step verifying the page sending the webmention actually has a link to a URL on the website). You can them them with a browser or cURL or some complex backend script. Receiving them is as easy as logging POSTs to a specific URL endpoint or even using someone else's community backend your site interfaces with via javascript (ie, https://webmention.io/ - not static since it uses JS). Or anything in between.
Totally decentralized and very simple. I implemented a simple nginx POST logging format in the config to receive on my static site. And HTML forms on my static site can send. http://superkuh.com/blog/2019-12-11-3.html
Why not use git for social networking ;)
Question about this:
“Threads are positioned in the timeline by the original post’s created_at; replies within a thread are sorted by their own created_at ascending.”
Does this mean, I, as the person replying to the post can manipulate my reply time to say, 3 minutes before person X’s reply?
If so, I can imagine a few adversarial ways of (ab)using this.
I understand this is more for friend groups, just curious if my understanding is correct.
edit: I guess an easy fix is to append a cryptographic hash to the post ID, but yeah currently I'm assuming you trust your friends.
As the source is available, other clients can easily parse the data so that content can be made available beyond the browser, such as text-only clients, indexing and discovery networks and custom readers. I've built a prototype terminal client to test this out.
Now that the editor is working, my plans are to add public follow/block/like lists to sites to add a lightweight social layer and to build an open indexer framework for content discovery.
It's not trying to be another social network protocol. It's first and foremost a publishing platform, designed to be as easy to use as something like Medium while still being simple, open and portable.
I'd really appreciate any feedback: https://www.sparktype.org.
I think it needs to not have a dependence on github. This is a microsoft thing, and at best it means this will become another way for a corporation to make money from people.
Speaking of money, it needs to be paid for. (The github part is free from Microsloth and so is NOT free). So how do you pay for this? Micropayments.
So we need a system of micropayments. Then we need it to provide a way to help people economically. These are not barriers, because this is hacker news, instead this is an accurate understanding of more of the problem.
People keep talking about a collaborative internet without using the term. But to be clear we are talking about a fundamentally different kind of internet. That we can build.
Also I think you're confusing "free as in beer" and "free as in free" here. The last thing any alternative social network needs is to bake capitalist incentives into the model, as that would just lead to everything optimizing for the same dark patterns and influencer garbage people want to avoid. There already exist plenty of ways to help people economically.
I'd imagine that similarly to TWTXT, this suffers from the same accessibility and barrier of entry issues. It's one thing when all you have to do is type text in a textbox and click "Submit", but it's a whole thing entirely when you have to screw around with updating your website to do anything.
I'd be keen to revisit those ideas and see if they can take shape in another form.
MIT licensed if anyone's interested: https://github.com/yakkomajuri/recess
That's dead on arrival. The domain name system is one of the core reasons why everything has become so centralized in the first place. If one wants to fix anything wrong with the Internet, finding a better way to naming things should be the first step.
If authors want this to take off they need to work on user experience, particularly for non-technical users. Otherwise it might at best become some tech niche that will eventually die.
then allow people to blog/post in a standardized format using rss. any other site can then subscribe to that site.
It is and has been for years. You can literally just sign up for a shared hosting account on hundreds, possibly thousands of services and put whatever you want online (within legal limits of course.) You can even still use SFTP if you want.
People just don't do it anymore, but it's never been less expensive or more accessible.
A lot of decentralized/local-first social projects improve the protocol story, but the UX is still "please think about keys, storage, sync, exports, and trust boundaries yourself." That's fine for hackers, not for most users.
Something Claude Code-like, but local-first and protocol-aware, could make this much more approachable. The user says "post this to close friends" and the local agent handles signing, encryption, storage, syncing, and recovery.
That doesn't solve discovery, spam, or network effects, but it might solve a lot of the usability problem.
Let's crash the fediverse! https://wire.wise-relations.com/