I would like to give an update on "federation" on Bluesky.
-
@mcc I do, yeah. So it's just one part of the stack. The complicated parts come later, eh?
@tylercook Yes, correct. If you already have a setup for hosting Docker containers standing up the PDS is *trivial*. Like, you could do it in under an hour. I don't pay per byte of bandwidth (VPS) but the load from running my PDS has been so low I don't notice it. And if it turns out to be a problem you can migrate out to another PDS.
I'm going to DM you a link to a Discord I found helpful when debugging issues with my PDS.
-
@thisismissem @mat @eniko Okay, yes, that's more accurate.
-
@fleeky 1. Correct
2. I don't know@mcc am having a discussion of this on bsky that is helping to disambiguate :
https://bsky.app/profile/futur.blue/post/3lyuzwzb2k226
also https://github.com/zeppelin-social/bluesky-appview -
@thisismissem @mat @eniko Okay, yes, that's more accurate.
@mcc @mat @eniko so yeah, I was more saying PHP and WebSockets isn't likely to be the most pleasant time for someone. (much like Ruby and WebSockets)
But yeah, if you're suggesting a sidecar PDS to a wordpress blog that just publishes bluesky posts with a link to the wordpress post, then that'd be relatively simple. It's once you want to go beyond that that things start getting hard.
-
@erincandescent @mcc Nope. Recovery is one of the primary considerations. Unless you intentionally want recovery to be impossible (some people may), you have a recovery policy notarized (can be published or kept unpublished in safe storage you control) prior to any use of the identity. Then proof of conditions satisfying the recovery policy preempt any transfer of control that took place later during a compromise.
-
@mcc @erincandescent The concept is that you intentionally preclude the possibility of detecting "double-spend" so that the system can't be used for exchanging things of value. As a bonus, this also precludes selling identities. It's impossible to prove you're not keeping hidden an earlier-dated transfer to a different new owner when you offer to transfer an identity for money.
@dalias @erincandescent I understand how such a system would work but I would not use it for at least two reasons
-
@erincandescent @mcc Nope. Recovery is one of the primary considerations. Unless you intentionally want recovery to be impossible (some people may), you have a recovery policy notarized (can be published or kept unpublished in safe storage you control) prior to any use of the identity. Then proof of conditions satisfying the recovery policy preempt any transfer of control that took place later during a compromise.
@erincandescent @mcc And in my view, "not usable for money" is a prerequisite for "usable as identity". Related: the whole market for buying popular browser extensions to put malware in them.
-
Why does the "relay" matter? Well, because although Bluesky's claim is that moderation is "composable" in their system— that you can choose which moderators to follow— moderation decisions made by Bluesky are hard binding on systems they control. Someone blocked by Bluesky is blocked from the Bluesky appview, their content will get removed from the Bluesky PDS if they were using that. The Bluesky relay censors content that violates the data "schema"; I suspect (?) it enforces moderation also.
@mcc I don't think the last part is true. Their relay implementation is open source also. Trying to find more info about this
-
@mat @eniko Well, point of order. Do I want to work together? If so, why? I have no incentive or desire to badmouth Bluesky specifically, but also, do I have any incentive to grow their ecosystem or help their corporate project? All I want to do is talk to people. The only ATP dev I've done has been because it makes it easier for me to talk people.
-
And that's why I say, TLDR:
- I am legitimately excited about the work being done by Blacksky Algorithms! I am using their frontend and happy with it.
- Northsky is an interesting development to watch
- If you're on a Bluesky PDS, I recommend migrating off with one of these tools https://bsky.app/profile/did:plc:ii5jchdzlmcojjw4dqczcgkh/post/3lyt6t6qfa22u
- Everything Sucks. A LOT of things would have to change at a social level for *any* entity other than Bluesky to have power or independence in the ATP ecosystem. I still don't trust Bluesky.
-
Why does the "relay" matter? Well, because although Bluesky's claim is that moderation is "composable" in their system— that you can choose which moderators to follow— moderation decisions made by Bluesky are hard binding on systems they control. Someone blocked by Bluesky is blocked from the Bluesky appview, their content will get removed from the Bluesky PDS if they were using that. The Bluesky relay censors content that violates the data "schema"; I suspect (?) it enforces moderation also.
@mcc Content doesn’t get removed from the PDS it would be hidden by labels - accounts do have takedown labels applied.
Bluesky operated relay doesn’t censor Lexicons that don’t validate and it doesn’t enforce moderation.
For those following along at home the relay costs about $30/month to run for all ~38M accounts worth of content.
-
@mcc Content doesn’t get removed from the PDS it would be hidden by labels - accounts do have takedown labels applied.
Bluesky operated relay doesn’t censor Lexicons that don’t validate and it doesn’t enforce moderation.
For those following along at home the relay costs about $30/month to run for all ~38M accounts worth of content.
@boris "Content doesn’t get removed from the PDS it would be hidden by labels - accounts do have takedown labels applied." I could be wrong but this seems to be contradicted by actual events over the last two weeks.
"Bluesky operated relay doesn’t censor Lexicons that don’t validate" Contradicted by my own testing. Either the relay censors them or the appview does and it comes to the same thing, because when I make 301-character posts even third party tools can't see them.
-
@mcc am having a discussion of this on bsky that is helping to disambiguate :
https://bsky.app/profile/futur.blue/post/3lyuzwzb2k226
also https://github.com/zeppelin-social/bluesky-appview@fleeky As an update, I searched on blacksky.community for "from:me blackbird" and found a post from 2024. So they have some source of older posts.
-
@boris "Content doesn’t get removed from the PDS it would be hidden by labels - accounts do have takedown labels applied." I could be wrong but this seems to be contradicted by actual events over the last two weeks.
"Bluesky operated relay doesn’t censor Lexicons that don’t validate" Contradicted by my own testing. Either the relay censors them or the appview does and it comes to the same thing, because when I make 301-character posts even third party tools can't see them.
@mcc accounts get taken down! Posts do not / individual posts doesn’t get removed out of the repo (would also break verification of a repo and is detectable)
yes apps all choose their validation (and for that matter strong types). Regardless it’s not the relay that’s doing it if you’d like to be correct about where locus of control is.
-
@mcc accounts get taken down! Posts do not / individual posts doesn’t get removed out of the repo (would also break verification of a repo and is detectable)
yes apps all choose their validation (and for that matter strong types). Regardless it’s not the relay that’s doing it if you’d like to be correct about where locus of control is.
@boris "(would also break verification of a repo and is detectable)"
What happens if I delete a post from a repo? If it can't be removed can someone then query the post from my PDS direct and get a copy of the deleted content?
-
So what I understand from this is that it would be relatively possible for BlackSky or NorthSky to add ActivityPub as a secondary protocol in ways that would likely be unfeasible to do the other way (ActivityPub instance using ATProto as a secondary protocol)
-
@fleeky As an update, I searched on blacksky.community for "from:me blackbird" and found a post from 2024. So they have some source of older posts.
@mcc it seems like with enough effort some amount of mastodon sparsity could be implemented in bsky ,, so my current criticism still stands , i still think mastodon is easier and cheaper to maintain but bsky is definitely more popular (if you like that sort of thing) and could be cludged into different network architectures probably with enough effort .. main question is which way will it evolve ?
-
@boris "(would also break verification of a repo and is detectable)"
What happens if I delete a post from a repo? If it can't be removed can someone then query the post from my PDS direct and get a copy of the deleted content?
@mcc Bsky doesn’t have auth on your account and can’t delete individual posts.
The user can delete posts as they like and then it’s truly deleted and can’t be queried.
-
@mcc Blocks are "enforced" at the client level. I know, I know, that probably merits another "oh dear" but that's how Bluesky is doing it. So blacksky.community as a client doesn't do age verification for DMs in the UK, or block access to Mississippi.
Takedowns by contrast are at the AppView and someties PDS level.
@jdp23 Rudy says they're appview and also client. https://bsky.app/profile/rude1.blacksky.team/post/3lyvbqh3m3s2e
-
As an update since posting the above thread I have received replies from two people, one saying I am underestimating the level of stack coverage Blacksky has, another saying I am overestimating it. Also a "AppView" and "Client" are different. Sorry.
The stack is just so tall! There are *so many* layers in this protocol's model. And it seems like every single one of them is an opportunity to introduce censorship
Update: Rudy who operates blacksky.community responded to this thread on bluesky. Above I said I wasn't clear on how independent Blacksky was of the Bluesky infra. His answer is "completely". They run their own relay (which scrapes PDSes itself), the relay feeds into their own appview, the appview feeds into their own client. https://bsky.app/profile/rude1.blacksky.team/post/3lyv5rwpc722c
And since they bridge end-to-end, in my Hypothetical Example above, they *could* choose to make different moderation decisions from Bluesky PBC.
