How Decentralized Is Bluesky Really?
-
@cwebber we shouldn’t gloss over the decentralised talk regarding Nostr lol
-
@damon is nostr any good? I like some of the (very limited) technical stuff I've heard about it but get the impression the people are largely blockchain/free-speech-absolutist types
-
@cwebber was this answered?
-
@cwebber omg, I skipped all the way to the end and OBVIOUSLY you look at this situation from every conceivable angle, including governance, because it wouldn't be a Christine Lemmer-Webber post without it.
I appreciate the depth of analysis. I do still think that Bluesky should make a donation to Spritely if @bnewbold asked you to make a 25-page report, though.
-
@cwebber I also don't share your optimism about cross-pollination. There's a reason that W3C specifications have to only have normative dependencies on specs from recognized standards bodies. Too many minefields unless you have a clear license.
I'm glad that @bnewbold is in the SocialCG and I hope we can find some opportunities to publish reports with some or all parts of the AT Proto stack.
-
@Gaelan
Good is obviously subjective. I will highlight what I find to be “good” it’s a very simple protocol: pretty much JSON+ relays and clients. Identify are keypairs which are unfortunately left up to the users to manually handle but they can be plugged into any frontend. You prefer a blog, image-sharing, link aggregate over Twitter just use any of those kind of clients.
(🧵1/2) -
Nostr is very grassroots but seems to function well, they use NIPs which are like FEPs.
Culturally, yes it’s a lot of cryptocurrency & Bitcoin folks but you can filter that noise on a client or relay level. I do and there’s still a surprising amount of quality content & non crypto bro users.
(🧵2/2)
@Gaelan -
Robert W. Gehlreplied to Christine Lemmer-Webber last edited by
@cwebber I was definitely surprised how journalists called it “decentralized” right when it started. Now I hear journalists call it “federated.” Bluesky has good PR, for sure.
-
Steve Batereplied to Christine Lemmer-Webber last edited by [email protected]
@cwebber I'd like to hear more about AP follows the (Hewitt) Actor Model of Computation, if that's the one you mean. Just having message passing and an inbox and a thing called an "Actor" doesn't make the thing a unit of computation. Given the stated importance to AP, I don't see Hewitt's actor model mentioned in the spec or in any of the WG transcripts, so I'm curious what I'm missing.
-
@cwebber Some notes:
(Also choosing sha256 over sha256d, there’s maybe the question of length extension attacks, but I suppose the parsing of the document means this is maybe not a problem, I’m not sure.)
So a fun thing amout merkle-damgård hash functions is that they’re only subject to length extension attacks if used at full length. If truncated they’re not vulnerable. So SHA-256 and SHA-512 are vulnerable, but SHA-224 (which is SHA-256 with different constants and truncated to 224 bits) and SHA-384 (which is SHA-512 with initial different initial constants and truncated to 384 bits) are not. Back in 2012 NIST standardised SHA-512/224 and SHA-512/256 which are similarly truncated versions of SHA-512 with different initial constants which also sidestep the length extension attack issue.
Anyway this is to say that because they truncated the hash in did:plc identifiers (to a level which feels unwise to me too!) they’re immune to length extension attcks.
-
:PUA: Shlee fucked around andreplied to Christine Lemmer-Webber last edited by
@cwebber this doesn’t answer if federation is a good thing. Science is yet to discover
-
Christine Lemmer-Webberreplied to Evan Prodromou last edited by
@evan I am glad you liked it after reading the whole thing
I absolutely would not turn down a donation from Bluesky to Spritely should they want to but also @bnewbold welcomed and said he would be "honored" to see me write something, but absolutely did not ask me to write a 25 page document, that's just me lol
But there was too much to cover, and I felt I really could not do the issue justice without covering it from every important angle, so I did. Glad it was well received.
-
Evan Prodromoureplied to Christine Lemmer-Webber last edited by
@cwebber @bnewbold I didn't read the whole thing. ️
Since I actively work on ActivityPub, I can't afford to introduce patented ideas into our specs or extensions, even accidentally or unconsciously.
So, I avoid reading any technical discussions of the BS protocol. I've asked Brian and Mike to offer a public patent license or to release their work through W3C or IETF which also uses a patent license. No luck so far.
Anyway, I'm glad you had fun.
-
find you on :butterfedy1: fediversereplied to smallcircles (Humanity Now 🕊) last edited by
@smallcircles @helge @cwebber i had a looksy at that and the webassembly part for one of the technologies was the only turn-off i could see at a glance.
i realize that the addon system for browsers is tivo-isation by #mozilla (terrible) and that addons aren't harnessing an efficient language/codebase and addons might not be able to do everything in a browser. but by the same token, i dont believe we ought to EXPECT everything to be able to be done in a broser.
-
smallcircles (Humanity Now 🕊)replied to find you on :butterfedy1: fediverse last edited by
-
@cwebber amazing, thank-you for taking the time to put this together. This is exactly the sort of in-depth analysis from someone with deep knowledge of the subject I was looking for.
-
-
Christine Lemmer-Webberreplied to Evan Prodromou last edited by
@evan I am reading backwards in time but @bnewbold encouraged me to speak after I had expressed frustration about biting my tongue about things. I don't think this was for Bluesky's benefit at all and, I think you recognize this later but, tbh my article was *extremely* critical, even if polite
Bluesky folks have received it very thoughtfully but trust me I did *not* take that as a given and it could have very much so have not gone that way. I'm glad it did tho
-
Evan Prodromoureplied to Christine Lemmer-Webber last edited by