Comment by psionides

Comment by psionides 4 days ago

11 replies

View on Hacker News

Anything "social" basically - the first ideas that come to people's minds are of course things like: GitHub but on ATProto, Instagram on ATProto, Tiktok on ATProto, Reddit on ATProto…

jazzyjackson 4 days ago

Why isn't there a Discord built on ATProto ? [Serious Question, wondering if there are trade-offs that make this especially annoying]

Reply View 10 replies
  • OneDeuxTriSeiGo 4 days ago

    Currently atproto is still figuring out how to approach private data. Right now there exists extremely limited abilities to store private data via the bluesky preferences but until that mechanism is standardised in a way other projects can use, there's not really a good way to store data privately let alone transmit data privately.

    There's a working group for doing this but it'll be a while before anything is adopted at scale.

    If fully public is okay for you, there is actually already a chatroom/IRC-esque platform called Roomy. It works well but it is all public and there's a touch more latency than a normal client-server platform due to the nature of atproto's gossip protocol.

    Reply View 0 replies
  • psionides 4 days ago

    So, one big problem is that there's basically no way to have shared-private data in the protocol - it's either private to you, or fully public. Hence no "locked accounts", "followers-only posts" and so on on Bluesky, and this also prevents more sensitive ideas like e.g. "Strava on ATProto" (where you probably don't want to share your run map with the whole world!).

    They are working on this, but it's still gonna take a while as I understand.

    Reply View 7 replies
    • jazzyjackson 4 days ago

      Ah thanks for the answer. What's the PKI story on bluesky, doesn't every identity have a corresponding public key? So if I had a list of people I wanted to a post to be visible to, couldn't I "just" encrypt it with a key that is decryptable by each of those individuals via their pubkey?

      Reply View 6 replies
      • verdverm 4 days ago

        PKI distribution for encrypted data is an unsolved problem at the scale of many millions or billions of people. Signal caps at 10k iirc

        It's also generally not advisable to make your cypher text publicly visible

        That being said, I'm working with others in the ecosystem on "permissioned space", which are much closer to how people think about Google Docs and similar systems working.

        There is also another effort around E2EE content (MLS) for messaging. They are also thinking beyond just messages too

        Reply View 2 replies
      • kristo 4 days ago

        It’s not that shared private data is impossible, just that the mechanisms haven’t been fleshed out yet. I expect this type of setup might be difficult to scale?

        Reply View 0 replies
      • psionides 4 days ago

        I'm not really familiar with that layer of things, but I think it's possible, though that "just" is doing a lot of work here of course, and I think it might not necessarily be a good idea to have encrypted messages available publicly for everyone all the time, so they can collect them and wait until someone slips up / a vulnerability is found / they have enough hardware to crunch it...

        Reply View 0 replies