Bluesky announces data federation for self hosters

Hi, what is the status of integration with the activitypub protocol? as its currently the most popular protocol in federated social media

Awesome! Why did you choose Caddy as a proxy for PDS? (Caddy creator here.)

Unrelated to engineering but the recent rebrand to a dead butterfly logo[1][2][3] may be off brand for a platform wishing to communicate a more open, social Internet built on first principles and scientific rigor.

[1]https://www.emilydamstra.com/please-enough-dead-butterflies/

[2]https://news.ycombinator.com/item?id=14460013

[3]https://bsky.social/about/blog/12-21-2023-butterfly

Hey! Congrats on the release.

Does the AT Protocol only optimize for Twitter-like flows, or does it allow for other types of social applications to be built like Activitypub? For example a reddit-like social media.

Are there any independent projects implementing the AT protocol?

Congratulations on the release! If I may ask a question - is it possible to register an account without a phone number on a 3-rd party server?

I'm a little confused why the PDS server is both dockerized and has an installation exclusive to Ubuntu/Debian.

Hi. If the protocol is open, the software is free and the main instance openly federates with self-hosters, what's the monetization strategy here? Clearly it's not "harvest all the data and figure it out later" as that avenue seems to be shut down internationally by strengthened privacy laws and ads don't work well with federation and third party clients. Is "grow first, figure out how to make money later" still a viable strategy in this economy?

Will this work for bare metal?

I use BSD, and all I see is a installer for Debian/Ubuntu.

No guide in sight for bare metal nor telling you what services/software are required.

Gonna be that guy!

Any chance the team could create a Home Assistant add-on for this? https://www.home-assistant.io/addons/

I think the Home Assistant community would go WILD for being able to self-host their Bluesky data straight from home with just a few clicks.

It's a pretty big crowd of people. https://analytics.home-assistant.io/ 327k willing to opt-in to analytics.

If I wanted to create a consumer hardware product that packages the PDS host in a user-friendly interface, does the software license permit that?

Also, services like Twitter started off with a developer friendly open API, and then it got closed off when the business needed to make money off the platform. What's the difference with Bluesky?

It would probably be worth clarifying in that repo what the license is for both the code in that repo and the code that it's actually running. It looks like it's just a very thin wrapper around @atproto/pds, which is MIT/Apache 2.0 [0], but the repo you link to has no license.

Edit: now it has one! Thanks!

[0] https://www.npmjs.com/package/@atproto/pds

Given the PDS server works on ports 80/443 and I'd like to use a domain (@nytimes.com in the documentation, but say @example.com), how does it interoperate with existing services that already operate on @example.com , for example a website, blog, cloud.

I'd imagine this use case is quite common for self hosters. If it can't operate alongside an existing, say, nginx on this port, are there recommended alternate practices?

I'm excited at separating identity from hosting, of which self hosting identity gets us closer.

Now that individual posts can be viewed without logging in, is there a way to view/load a feed without authentication?

I'm working on a client and there's a specific scenario where I want to be able to show a feed like "Top 20 - Past 3 Hours" before a user has logged in to their Bluesky account.

No video in 2024 is a total deal breaker for most users. That's insane.

I think everything you said was fair, but you also mentioned Twitter being a conservative cesspool, and a lot these features like federation and composable moderation are designed to help prevent the whole "rich guy buys the company and turns it into something you don't like" scenario.

It's a fair point and we definitely debated it, but it was too important to us that we complete the mission.

Twitter is a conservative cesspool

I disagree. If anything now it's more balanced, every "right of Portland-liberal" is no longer hidden and shadow-banned or worse. I like it a lot more!

Now you can actually read and learn about stuff you care about.

Twitter is a conservative cesspool

Interesting. I see it as the de-facto journalist platform, which to me (as a non american) make it very left leaning. But then again, I don't use X.

I'm not sure what kind of "cesspool" Bluesky is, but it's unbearable. It's like 2015-era Tumblr but worse, somehow. Twitter, by contrast, feels like a breath of fresh air.

This whole thread is oof. Modern politics, to include both sides of the spectrum, has devolved rapidly. It feels like a real-life version of the Spiderman meme.

Not sure I agree. Being the thing that the tech folks find cool isn't a bad starting position at all. And it's significantly harder to achieve than DM's.

I've been using Bluesky for a week and I'm impressed. I actually appreciate that there is less media, it's more about conversation. So far it feels very much like Twitter before it became a cesspool. I'm conversing with local journalists, prominent scientists, sci-fi authors, etc... It's wonderful.

The network is designed to be "locked open" in a way that prevents this. The architecture is designed to work like the web.

… and if not, what the heck is the business model here?

That would only work if Bluesky stays the only significant network node. Which is _possible_, but we haven't seen it with, say, Mastodon. Google Chat was arguably a bit of a special case; vast majority of users never used federation at all, whereas any Bluesky user will, pretty much, just by naturally using Bluesky.

If they can do that, then the whole federation idea is useless and just a theatre. But I don’t think Bluesky will ever reach critical mass anyway.

I'm especially curious to learn about the moderation layer in-depth.

You'll want to read:

* "Composable Moderation," this is the core conceptual idea: https://bsky.social/about/blog/4-13-2023-moderation

* "Moderation in a Public Commons," which describes specific features that were added in pursuit of the previously-described goal https://bsky.social/about/blog/6-23-2023-moderation-proposal...

* "Bluesky 2023 Moderation Report," which discusses specifically how (what is now) the main instance was moderated last year https://bsky.social/about/blog/01-16-2024-moderation-2023

I'm kind of tired of social networks in general, but this is attractive to me just because of that. I like Mastodon, but the underlying ActivityPub protocol was rather underwhelming.

Someone has been working on a bridge between BlueSky and Mastodon, and uh, it has generated a TREMENDOUS amount of controversy on the Mastodon side.

I have my own biases so I don't want to describe it further than that, nor link to it directly so as not to cause even more disagreement, but the controversy does not seem to faze the developer, so I believe you will have your wish.

In general, most of mastodon is too cliquey and over-dramatic to tolerate any sort of bridging. I see so many reports on block trackers of various kinds of bridging daily. Back when Threads had just been announced and merely mentioned eventually bridging with ActivityPub, the tracker was flooded with preemptive blocks of the domain.

That's Friendica. Bluesky apparently will be available in next release

Yup, https://fed.brid.gy is one such project, and as another commenter mentions there's been a lot of discussion over the last couple of weeks. Some very good discussion, some interesting points, and a bit of unfair venting, but looks like it's moving in a good direction

Every time Bluesky comes up as a topic on Mastodon, the discussion becomes a total shitshow. I think most people are just going to be happier if the two stay separate.

This post immediately comes to mind: https://bsky.app/profile/caseynewton.bsky.social/post/3kktr3...

This is just for a brief period during polishing/debugging since this is the first time third-party PDS hosts have been added to the network.

The goal is just to help PDS operators join the network and make sure that if there's a problem we have a channel of communication open.

Is that a direct quote? I don't see it anywhere. What I do see is

Because the PDS distribution is not totally settled, we want to have a line of communication with PDS admins in the network, so we’re asking any developer that plans to run a PDS to join the PDS Admins Discord.

https://docs.bsky.app/blog/self-host-federation

This is much more reasonable than an actual gate on the feature.

What would you like to see instead for groupchat-style quick low-threshold discussion?

Maybe some kind of federated option?

Your argument against federation and open communication is that bad people might use it? What's to stop bad people from using the main Bluesky instance?

This is entirely by design:

Moderation on Bluesky is not tied to your server, like it is on Mastodon. Defederation, a way of addressing moderation issues in Mastodon by disconnecting servers, is not as relevant on Bluesky because there are other layers to the system. Server operators can set rules for what content they will host, but tools like blocklists and moderation services are what help communities self-organize around moderation preferences. We’ve already integrated block and mute lists, and the tooling for independent moderation services is coming soon.

The whole point is to decentralize moderation so that users aren't stuck with only the moderation provided by their host.

Decentralized moderation and the tools needed to support it are not solved problems but are instead ongoing projects. Block and mute lists clearly won't be sufficient to enable robust decentralized moderation so it will he interesting to see how support for third party content filters get implemented.

And don’t say “lets defederate with said bad actors” since they would still exist and anyone can join said bad actors instances.

Er... fine, and who cares? If everyone defederates (slightly more a nuclear option on Bluesky than Mastodon but still I think possible?), then, well, the bad instance is its own problem.

Or are you saying that even an unfederated instance with bad people would be bad? Like, the only solution there is to ban all open-source social networking software.

The linked blog post includes a section called "Does this mean Bluesky is going to be like Mastodon?" which lists a few differences. Is there something in addition that would be worth clarifying? I agree it would be great to include that on the site and not just on the post.

No. There are two components: data storage, and "indexing". You can always, feasibly, own your data. Being your own indexer is less feasible, but you'd choose one like you'd choose a Mastodon instance or something. Portability is trivial because you have the data. "Usk" buys your indexer to put ads on it, you can just move. Moderation only controls what you see on your feed, using a different indexer just means logging into a different site and seeing a slightly different set of posts.

With great power comes great responsibility. In a decentralized system you need to take responsibility for your data; specifically you need to backup your data. Bluesky has much better migration/backup/restore than Mastodon. If you want someone else to take responsibility for your data you can use a centralized system like Threads.

Imagine as fractions of content goes missing for a while or is just deleted.

It may have changed since I have been user there but, I consider content on sites like Facebook or Twitter, that is not really recent, to be lost anyway. Because searching or browsing older content was hard.

If not, if the content remains stored somehow then I dont own my data and I cant remove it?

This is true of any federated system. Once you put things out into the world, you can ask that others delete it, but that doesn't mean they will.

Even in centralized systems, things like archive.org exist.

In some sense, public statements are always immutable.

The same criticisms and solutions apply to web pages.

Various organizations provide "archive" services. Relays and/or AppViews can utilize (or be) such a service. Removal from such a service depends on that service's systems (and possibly the legal context.)

PDS are crawled by relays who cache the messages and can offer a holistic view over many PDSs for client apps to use. If a PDS goes down the data would still be stored by the relay.

People will run pods on cheapest VPS and they will get hacked, run out of money, get bored, go broke etc.

Imagine as fractions of content goes missing for a while or is just deleted.

All of your complaints apply for the internet. Would you say the internet was a bad idea?

I linked to primary sources on moderation upthread: https://news.ycombinator.com/item?id=39471973

Block lists don't work at the instance level, so the answer to your question isn't just "no", but that it is impossible.

After a couple of years on Mastodon this has just never been an issue for me.

If it is one for you, nothing stops you from using s client that supports multiple accounts.

But people banding together to not just block proven bad people (by whatever criteria) but also those who closely associate with them will happen in any federated system one way or other, because blocking at an individual level is too cumbersome.

Bluesky's successes is really making me feel that the first S of the abbreviation S.N.S. do stand for what it stands.

There's tons of alternate social media out there. Forums, Subreddits, Tildes, Discourse, Matrix, IRC, Mastodon, Lemmy, Usenet, and on and on. The truth is the S in SNS is always what social networks have been about.

Basic anti-spam. Just look on Mastodon (and the thankless job of many instance mods) or on how Twitter gets overrun with porn, crypto, crypto scam or troll bots...

You have shared a discord link. Does it allow publicly accessible links now? I was shown a login/signup screen.

CGNAT is for IPv4, so users can share IPs. It's pretty hard to use the internet without IPv4 access today, so it's not that much of a limitation.

But we do certainly plan to make IPv6 work on all our network services.

Why do Farcaster proponents never mention that it's not free in their pitches?

To sign up, users must pay a $5 sign-up fee, meant to prevent the creation of spam accounts. Further, users can only post a limited number of “casts” on Farcaster apps, which are tied to packages called storage units. Storage units, which go for $5 a piece, grant a user 5,000 casts, 2,500 reactions, and 2,500 links or photo posts within a one-year period.

web3 = crypto = scams and weird scammy people. going to be hard to undo that association but good luck!

Web3 for social media? Isn't it just a crypto scam framework?

Bluesky doesn't have "instances", it has PDSes, Relays, and AppViews. People can run their own PDSes but PDSes are kind of invisible so you won't "see" them. You'll just see the whole Bluesky network as usual.

It's free of any association with cryptocurrency for one thing.

Nostr is relays + clients.

BlueSky is PDS + relays + clients.

If you look at the history of Nostr and try to really understand the protocol, where it came from and what it was trying to solve, Nostr was also meant to work on a PDS + relay model, except it degenerated to the point where most Nostr app developers are simply writing Javascript browser apps that use relays as a "poor man's cloud", sort of, without any consideration for achieving self-sovereignty of the user.

"I save the data in the 6 most popular Nostr relays and done." is what 99% of the so called "Nostr apps" do. Sounds good in theory, until it is not. Relays were really meant to be treated as ephemeral actors, that come and go, and data was meant to be stored somewhere the user was in control of, but instead, relays are treated as some sort of reincarnation of IPFS, where you save your data and have it safe forever.

Bluesky seems to solve this by introducing the concept of PDS. It's not like PDSes cannot be built for Nostr - there are indeed some Nostr apps that work using the PDS model - save the data in a place the user has complete control of, and then propagate it to relays. The benefit of Bluesky seems to me that it formalizes the concept of PDSes, so that app developers don't have to think about it and cannot mistake the relays for PDSes.

It depends which one 100x’s the other

Live and die by network effects.

If I have my facts straight, they have gone from 2M to 5M users since they opened to the public just 17 days ago.

And btw, using Neil Gaiman as an example, he is prolific on Bluesky. He has 861 posts on Mastodon, vs 4.5k on Bsky. He seems to have already made the move to a large extent.

https://bsky.app/profile/neilhimself.neilgaiman.com

https://mastodon.social/@neilhimself

So what data goes and what data is blocked by transitioning away from the main server?

Nothing. It is fully transparent to everyone. Your followers won't notice, and you won't notice. Everything Just Works.

Thanks Steve! You've been very fair the entire time and your feedback/thoughts have been helpful.

Interesting. What's this hole? I used Reddit and HN for a decade without complaint (well, the quality of Reddit nosedived a few months ago). Seems to me like they can last pretty long without perverse incentives. Bbcode forums have often been nice too.

Does anyone why firesky went from showing the username, to now showing the "did" user code instead? Is this an effort at some privacy in AT?

It's no longer just about Twitter.

Meta yesterday integrated Threads with Facebook allowing you to cross post and almost every week they are deepening the integration with Instagram.

They are clearly trying to broaden the user base to include the other few billion who never signed up for Twitter.

What do you define as "broad"? I'm not going to claim BlueSky is mega popular, but to put a number on it, hit 5 million users today. That's not huge, but it's also not small.

See this thread: https://news.ycombinator.com/item?id=39471556

Agreed, not to mention phone numbers can easily be used by entities to ID anyone's account which has a chilling effect on freedom of expression.

Yes, we have an "AutoMod" system and other protections in place. But it is a cat-and-mouse game, so we expect it to be one of the challenges. But because the network is completely open, it's also something anyone who is interested can help with.

Other people can't delete your account or your data. (They can moderate it into oblivion instead.)

In fact, it's mostly inaccurate.

"the protocol has an official webpage with a waitlist and a private beta?"

Both the waitlist and the private beta are gone.

"The “protocol” is just a description of whatever the Bluesky app and servers do, it can and does change anytime the Bluesky developers decide they want to change it"

1. atproto is well documented and the plan and desire is to make it a proper internet standard.

2. There are hundreds of independent projects relying on the protocol to create alternative clients and custom feeds (algorithms).

3. The protocol includes namespaced schemas so that different apps can evolve without breaking each other e.g. the "app.bsky" namespace is for the Bluesky microblogging app.

"The “DID Placeholder” method..."

There is already support for did:web and plans to support other DID methods, including potentially (non-POW) blockchain methods.

"All posts go through the Bluesky central server..."

All posts go through any Relay that anyone cares to operate. It's also possible to fetch posts directly form the origin PDS host, it's just slower and results in more load on the PDS.

"And you, as a reader, doesn’t have any control of what you’re reading from either..."

Apps are in full control over where they get posts from. An app can enable users to select a Relay/AppView or fetch posts directly from the origin PDS.

"But I fail to see why even more than one network provider will exist,..."

People may want to operate their own Relay/AppView services so they have more control for their specific application, for higher performance (latency/throughput) reasons, or for geographic/jurisdictional reasons, to name a few.

And the compute/network requirements are not beyond the capabilities of small startups, non-profits, coops, or public services and likely never will be.

I believe that they have gone from 2M to 5M users since they opened to the public 17 days ago. All is not lost.

I am not interested in Mastodon and interested in Bluesky partially due to the differences in protocol. "just use AP" isn't interesting. This is.

(To me! others feel the exact opposite. Diversity is good here.)

My understanding is that a PDS instance only hosts data for it's users.

Caching can happen at Relays or AppViews and those will presumably need to do something to avoid caching CSAM.

For now, yes, our network services are IPv4 only.

These are optional things that you choose, and you can even write yourself. The default feeds are "posts of accounts you follow," just like Mastodon, so it's a positive because it's extra possibility on top.

As a meaningful example: someone (not BlueSky themselves, I don't believe) published a "Quiet Posters" feed. I have subscribed to that. Now, in addition to "Following," and "For You," I have a "Quiet Posters" feed. This exclusively shows posts by people who don't post very often. Since subscribing to it, I have seen a lot more content from the folks who aren't as chatty as the people who fill up my timeline. That's very nice.

I wish I knew more about how one would stop instances full of malicious spam bots from flooding the services, but as for DMs, my understanding is the fact that everything is public through the AT protocol is probably why it doesn't yet have DMs (though maybe through public key crypto, one could have something). Maybe in the future, BlueSky will allow for messaging by tying accounts to some messaging protocol or services.

Apparently, DMs are low priority: https://github.com/bluesky-social/social-app/issues/1114

Bluesky is a public social network.

The AT Protocol, which Bluesky is built on, is designed to support public conversations.

Ah, ok.

Solid is more generic than social media but yeah, it has a similar storage/app split as Bluesky.