I've started putting together a list of apps, focused on implementations of , documenting their status and what tech stack they're (being) built with: ethercalc.org/fediverse-stacks

This is a publicly editable doc, so would appreciate corrections/additions, and feedback especially from fediverse devs, but also from instance admins and users:

- What app/implementation/stack did you try?
- Pros/cons you encountered
- What stack & libraries would you choose if starting today?

PS. We've been talking with @bhaugen and others about the need for a generic agent-centric server, so that instead of signing up to a bunch of different servers, a user could have their indentity and data all in one place, and all the apps they use (clients, but if necessary server-side "plugins" as well) would interact with the activity/objects types that they support.

What do you think?

cc @cwebber @aaronpk @deadsuperhero @aral

Show thread
@mayel fontina dev here

it's worth noting fontina is on hiatus at the moment while I'm working on Pubstomp, a generic AP backend server that fontina is going to be built on top of down the line that uses golang and dgraph as a DB

@mayel @aral @deadsuperhero @aaronpk @cwebber @bhaugen totally. We need an ID that we can migrate from service to service. OpenID plus more.

Right now my data is spread. My identity is spread. And frankly I don't own my ID. If I wanted to migrate instances I'm at the mercy of the instance admins.

@thinkMoult @bhaugen @cwebber @aaronpk @deadsuperhero @aral @mayel

Paradoxically, it seems to me that if we'd like to have *safe* SSO, we'd need a decentralized solution.

@valerauko @cwebber

That would be handy for easier authentication, but the agent-centric server approach would also give the user total control over their identity and private data (at least for those with a domain name and self-hosting, though this could be provided as a service for non-technical folks too.)

@mayel @aral @deadsuperhero @aaronpk @cwebber @bhaugen

wouldn't this cause bottlenecks in the network? Like: imagine your identity is stored on a server that goes down when you most need it. Could this be mitigated by some form of cross-server data propagation/mirroring, just like different torrent trackers can index the same torrent file?

@Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel

> imagine your identity is stored on a server that goes down when you most need it.

1. That's a problem in any radically decentralized architecture. SSB handles it by gossip replication and resyncing, that is tolerating offline situations.
2. Can also happen in a federated architecture like Mastadon where your identity is stored on one server with a bunch of others. That server can also do down.

@bhaugen @mayel @aral @deadsuperhero @aaronpk @cwebber

> That server can also do down

- it sure can, but social.coop going down will not affect any other instance. But what happens if a hypothetical identity.social service holding the identities of thousands of users across the whole fediverse goes down? I'm not being negative, I'm just curious :)

@Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel

Now (just talking and thinking stage) is the best time to be negative.

> a hypothetical identity.social service holding the identities of thousands of users

That's not what I am thinking about, anyway. I'm thinking about combos of people who host their own identity and community-oriented servers that might host identities for community members who do not want to host their own.

@mayel @aral @deadsuperhero @aaronpk @cwebber @Antanicus

So not that different from the fediverse that exists, and compatible with the fediverse that exists.

@Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel

When I looked at Pleroma instances, I saw a lot of single-person self-hosted sites.

@bhaugen @Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel I'm not interested in identity (singular), controlling it or otherwise. But I do want to build tech that protects personhood and however many identities we decide to have :)

@aral @mayel @deadsuperhero @aaronpk @cwebber @Antanicus

We're also good with multiple identites, but if we want to have one identity and use it in lots of AP contexts, we want to be able to do that. And we are definitely looking for a P2P architecture.

@Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel @bhaugen No different than social.coop going down. A generic AP server would host the Actors and their posts snd followings. Unless you had client-side caching like an email client, you will lose access to your data, and you certainly can't send/receive.

Then distributed copies(like IPFS or DAT do) of the database are the only way...

@bhaugen @mayel @aral @deadsuperhero @aaronpk @cwebber

@Antanicus @bhaugen Not necessarily. That would be a distributed system as opposed to a federated one. ActivityPub is not meant to be a database in itself, it's a traversable graph that can be converted to a local database.

You could have a DHT that resolves to a changing URL, but that doesn't really address availability of the content by itself. You'd need a replication strategy like primary/secondary, and then point to URLs so that they can be tried in-order. Out-of-scope with current AP spec

@bhaugen @Antanicus @cwebber @aaronpk @deadsuperhero @aral @mayel That's why you have an always-on node. I'm exploring the use of DAT for that. See ar.al for posts on Web+ and a step in that direction.

@mayel @bhaugen @cwebber @aaronpk @deadsuperhero @aral That's closer to a peer to peer model and it's similar to what we're exploring also. I want to see "instances of one" :)

@mayel @aral @deadsuperhero @aaronpk @cwebber @bhaugen This would be awesome. Reminds me a bit of tent.io (dead now). Alternatively we build / borrow a separate auth platform (and run some servers for it) which is integrated into the "standard" AP stack by default.

@mayel That's the direction I wanted to go a year ago with those mockups.

@mayel The fastest path to build a performant server is using the scaffolding already available:

See here progress about feature set, what's implemented already and what's still missing:

@h That's definitely what I'd rather do. Have you played around with that library? Opinions?

@mayel It's not complete but it's the best thing available out there today. It's actively maintained and the lead developer is here on Mastodon (going to look up what was their account).
It's not Ruby but a single static binary daemon written in Go could make up for the complexities of maintaining a Mastodon server.

I think I read somebody else was starting a similar project in Rust, but that's probably going to be less accessible code and it's going to take a while to get to completion.

@mayel You've probably talked to @cj before of the go-fed project.
I think the code is promising and it contains some scaffolding that makes the prospect of writing a proper server far less challenging than it would be the case if you started from scratch with say... C++.

@h @mayel I'm happy to answer any specific questions, including discussing limitations of the current library. I've tried to be honestly thorough in the GitHub issues, although please ignore the GitHub milestones, I need to redo those.

A basic tutorial and the library's documentation are also available at go-fed.org

@remotenemesis Thanks! I'm not a front end JS kind of person so plain HTML and CSS it is.

@cj @h

I am very interested if/how the library supports extensions, as that's a key requirement for a couple projects for which I'm looking for the best implementation approach, and your docs say that "ActivityStreams vocabulary supports extensions beyond the Core and Extended types. However, this will be outside the scope of this tutorial"

@mayel @h Gotcha. go-fed could do it, but involves a few hours of time to make 2 code changes.

1) In the tool used to auto-generate the ActivityStreams implementation.

2) The go-fed/activity/pub library also would need to pass-through any new Activities defined in this way.

I'm gonna go ahead and capture both in github issues.

What kinds of extensions are you looking at, specifically?

@mayel OK, I've given it some serious thought and have created two issues to track this work:




In all honesty the work is larger than my gut feel (isn't it always?!) so I've scheduled it as part of the next major version release. I don't have a great sense as to when that will be (on order of months given my current life schedule) so I understand if you eliminate go-fed as a choice because of that.


It always is! Thanks a lot for giving it thought and documentating the issues :)

This still will require hardcoding the extensions pre-compilation, right? That's fine for most use cases but wouldn't work for a "generic server" that can support any activities/objects as in: social.coop/@mayel/10046952506

@mayel You're right. Creating a generic Go server would mean either: raw map[string]interface{} handling (no static typing, still having to code, compile, deploy) or plugging in a scripting engine (no static typing, still having to code and deploy). I decided to do static typing + code + compile + deploy. I haven't seen another compelling way for "generic" handling of ActivityPub data in a statically-typed language. The core problem is that while the data is generic, behavior isn't.

@mayel (Unless of course it is generic behavior desired: proxy-ing, etc. Then some partial deserialization into an ActivityStreams type could occur, if any deserialization is required at all. Go-fed currently does some form of partial deserialization by preserving unrecognized properties, but it's not exactly the same use case).

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!