I would like to give an update on "federation" on Bluesky.
-
@mat @eniko Another thing to note. Posts on ATProto are 300 characters. The entire system is set up to mark "schema invalid" and wholly censor any post which is more than 300 characters. So what you'd have to do is put a 270 character summary of your post, plus a link to your real wordpress, into the PDS. (It's not a schema violation to contain *extra* data, so you could include a "full-text" field in the post blob, but no system in existence could read it— not even yours, you'd be publish-only)
@mat @eniko So at that point, barring building an entire alternate Bluesky-like system for reading longposts— a system which would be redundant when ActivityPub exists— you're not mirroring your WordPress on Bluesky, rather you're using Bluesky as a funny kind of RSS feed, posting a short announcement of each post there… at which point, isn't it easier to just link your WordPress to a *regular* bluesky account, and use the API to auto-post summary+announcements for new posts?
Am I making sense?
-
@gunchleoc the Bluesky addon for Friendica is here [0], I haven't had time to check how it works... name suggests it would use the Bluesky PDS and I've seen issues about Bridgyfed on the issue tracker, so not sure whether that's what's used to post or not.
[0]: https://git.friendi.ca/friendica/friendica-addons/src/branch/2025.07-rc/bluesky
Do you have a link about Hubzilla? I haven't seen anything about ATProto compatibility
@gbargoud @mcc -
@erincandescent i think in order to solve this problem without centralization you do need a ledger ("blockchain"). That's simply the way to get a canonically agreed on ordering of events. I think there are some reasons to go with a data structure *other* than literal blockchain for your ledger. But if you create a canonically agreed on ordering of events (which as far as I'm concerned you need if you want to support key rotation/did changes) then more or less by definition you've made a ledger
@mcc @erincandescent I have a system that doesn't need blockchain. Instead it uses a "nocoin" (term I coined, pardon the pun) distributed notary system that doesn't have a ledger because there's no way to enumerate things that have been recorded, only to prove that a particular thing was seen by a notary at a particular time.
-
@mat @eniko "but where are replies to those posts coming from in this setup?"
Short version: "You can't get them"
Long version: Currently the only ways to get replies to a post published in your Bluesky PDS are
- Run a "relay". This means (this is not a joke) receiving from Bluesky PBC a copy of literally every post made in the network, and filtering for ones that @ you.
- Log in to bsky.app (or a clone like blacksky) with your PDS username and password, and look in the notifications tab.
-
@mat @eniko "but where are replies to those posts coming from in this setup?"
Short version: "You can't get them"
Long version: Currently the only ways to get replies to a post published in your Bluesky PDS are
- Run a "relay". This means (this is not a joke) receiving from Bluesky PBC a copy of literally every post made in the network, and filtering for ones that @ you.
- Log in to bsky.app (or a clone like blacksky) with your PDS username and password, and look in the notifications tab.
@mat @eniko Now, that last thing is possible, and even easy. But at that point it's really, super unclear *why* you would architect your Wordpress server to *be* a PDS, rather than running the regular PDS software on the same box, and having the Wordpress server post to it from time to time using the external API. It's extra work, but there's no obvious advantage and there's barely even a difference.
-
@mcc @erincandescent I have a system that doesn't need blockchain. Instead it uses a "nocoin" (term I coined, pardon the pun) distributed notary system that doesn't have a ledger because there's no way to enumerate things that have been recorded, only to prove that a particular thing was seen by a notary at a particular time.
@mcc @erincandescent The concept is that you intentionally preclude the possibility of detecting "double-spend" so that the system can't be used for exchanging things of value. As a bonus, this also precludes selling identities. It's impossible to prove you're not keeping hidden an earlier-dated transfer to a different new owner when you offer to transfer an identity for money.
-
-
@mat @eniko Now, that last thing is possible, and even easy. But at that point it's really, super unclear *why* you would architect your Wordpress server to *be* a PDS, rather than running the regular PDS software on the same box, and having the Wordpress server post to it from time to time using the external API. It's extra work, but there's no obvious advantage and there's barely even a difference.
-
@mat @mcc @eniko yeah, because you need sync, afaik. https://atproto.com/specs/sync
-
@mat @thisismissem @eniko The continuous event streams are HTTP. Mine are being proxied through Apache
-
@mcc @erincandescent The concept is that you intentionally preclude the possibility of detecting "double-spend" so that the system can't be used for exchanging things of value. As a bonus, this also precludes selling identities. It's impossible to prove you're not keeping hidden an earlier-dated transfer to a different new owner when you offer to transfer an identity for money.
-
@mat @thisismissem @eniko The continuous event streams are HTTP. Mine are being proxied through Apache
-
@mcc I do, yeah. So it's just one part of the stack. The complicated parts come later, eh?
@tylercook Yes, correct. If you already have a setup for hosting Docker containers standing up the PDS is *trivial*. Like, you could do it in under an hour. I don't pay per byte of bandwidth (VPS) but the load from running my PDS has been so low I don't notice it. And if it turns out to be a problem you can migrate out to another PDS.
I'm going to DM you a link to a Discord I found helpful when debugging issues with my PDS.
-
@thisismissem @mat @eniko Okay, yes, that's more accurate.
-
@fleeky 1. Correct
2. I don't know@mcc am having a discussion of this on bsky that is helping to disambiguate :
https://bsky.app/profile/futur.blue/post/3lyuzwzb2k226
also https://github.com/zeppelin-social/bluesky-appview -
@thisismissem @mat @eniko Okay, yes, that's more accurate.
@mcc @mat @eniko so yeah, I was more saying PHP and WebSockets isn't likely to be the most pleasant time for someone. (much like Ruby and WebSockets)
But yeah, if you're suggesting a sidecar PDS to a wordpress blog that just publishes bluesky posts with a link to the wordpress post, then that'd be relatively simple. It's once you want to go beyond that that things start getting hard.
-
@erincandescent @mcc Nope. Recovery is one of the primary considerations. Unless you intentionally want recovery to be impossible (some people may), you have a recovery policy notarized (can be published or kept unpublished in safe storage you control) prior to any use of the identity. Then proof of conditions satisfying the recovery policy preempt any transfer of control that took place later during a compromise.
-
@mcc @erincandescent The concept is that you intentionally preclude the possibility of detecting "double-spend" so that the system can't be used for exchanging things of value. As a bonus, this also precludes selling identities. It's impossible to prove you're not keeping hidden an earlier-dated transfer to a different new owner when you offer to transfer an identity for money.
@dalias @erincandescent I understand how such a system would work but I would not use it for at least two reasons
-
@erincandescent @mcc Nope. Recovery is one of the primary considerations. Unless you intentionally want recovery to be impossible (some people may), you have a recovery policy notarized (can be published or kept unpublished in safe storage you control) prior to any use of the identity. Then proof of conditions satisfying the recovery policy preempt any transfer of control that took place later during a compromise.
@erincandescent @mcc And in my view, "not usable for money" is a prerequisite for "usable as identity". Related: the whole market for buying popular browser extensions to put malware in them.
