Adam JacobActivityPub spec is a marvelous bit of tech writing. It’s also a pretty amazing example of HTTP’s enduring resilience as a protocol - tons of relatively simple things exposed as objects, with a well written spec for each. I’m glad I read it, because it really reframed what we’re actually doing here (basically posting json to our webserver, and getting copies of each others shit dropped off to shared inboxes across our federated server list). It’s an elegant design.
All that said, it’s going to dramatically fall down if it gets anywhere close to twitters scale - unless it recentralizes very quickly. Basically a small number of super-servers will have to appear, because the infrastructure to run the protocol will require it. Huge amounts of storage, duplication everywhere, it’s going to get crazy quickly. I don’t think that’s unique to activitypub, tho.
A big piece of this is that it’s really a messaging platform first, which makes sense. It makes me wonder if a protocol that wasn’t the web, but that handled the way content was distributed differently (but would likely require more centralization) would work better specifically as a Twitter replacement?
IPmonger@adamhjk I’m curious about the assumptions you are making that seem unstated but lead you to this conclusion. Forgoing the notion that centralization may/may not be desirable, are there others you can point out?
@IPmonger sure. I don’t care so much about decentralized or not. But I’ve done a lot of reading about distributed gossip systems, and the delivery part of this feels like it would be much better designed as one (even if it used http for transport). The cost per interaction will go up as the network grows, unless we condense to super nodes.
Giuliano Barberi 
@giuliano_b @IPmonger there isn’t one targeted at this specifically. Look for “gossip algorithms”, “newscast”, etc
@giuliano_b @IPmonger actually building a protoco this way requires design for the specific use case - you can’t really pick one up off the shelf
Karl Matthias 🇺🇦@giuliano_b @adamhjk if you just want info about a gossip implementation in general, this is a good paper https://www.cs.cornell.edu/projects/Quicksilver/public_pdfs/SWIM.pdf
@relistan @giuliano_b the swim paper is a classic. Here is the docs for habitats gossip model, which has links to the newscast and swim papers: https://docs.chef.io/habitat/sup_design/ - it’s a good example of how customized things get, compared to the academic research
@adamhjk @giuliano_b yeah indeed. I built https://github.com/NinesStack/sidecar gossip-based service discovery on top of customized SWIM for better propagation. Have run it since 2015 in prod, longest at Community.com for the last four. Originally used vanilla memberlist but needed more rapid propagation.
GitHub - NinesStack/sidecar: Gossip-based service discovery. Docker native, but supports non-container discovery, too.
Gossip-based service discovery. Docker native, but supports non-container discovery, too. - GitHub - NinesStack/sidecar: Gossip-based service discovery. Docker native, but supports non-container di...
🐢@adamhjk I think a relatively scalable model that would still allow for smaller-scale governance is to have "relay" servers that function as centralized transports for many instances. They can deduplicate and cache, especially for popular accounts, and allow the leaf instances to focus on serving their users, not talking to every single server out there.
@lisardggY that feels real. It also feels like it would be tough to implement in the protocol. Mostly I’m worried about the storage duplication - there’s in flight messages, and cold storage. Most (all?) instances will eventually simply run out of space for cold storage.
@adamhjk Well, this current boost is exposing the limitations of the original architecture, so its exactly the right time to extend it. I completely agree with you that the p2p architecture is extremely wasteful in large scales, not only in storage and network connections. Not as a slight to the designers or implementers (as you said in the OP), but Mastodon simply wasn't designed for such a scale: https://nora.codes/post/scaling-mastodon-in-the-face-of-an-exodus/
@lisardggY totally. I hesitated to post the original, because I was worried they compliment would get lost in the critique. It’s an amazing spec.
@lisardggY @adamhjk messages aren’t *too* bad if they are time windowed, but media will definitely do it in unless shared better or aggressively pruned. Feels like keeping local copies of federated stuff cached for a time window and referring to server of origin for stuff not referenced in X amount of time could work for a much longer period of time. But that’s not how the protocol works now AFAICT.
JohanVanCamp 
@adamhjk Although obviously the decentralized-and-replicating approach isn't efficient (when compared to a centralized approach)... wouldn't that just bring us back to the USENET days ? That wasn't so bad, was it ? Or am I being overly romantic about the past ?
@johanvc it would. The economics of running those super-nodes will eventually bring about monetization directly.
webhat
Andreas, DJ3EI, he/himI don't see yet why the duplication inherent in Activitypub will become crazy or prohibitive.
Each single person will only be able to read so much, given human reading speed.
By today's standard, relatively small storage can store what a single person can read in a life's time. So servers that cater to single people are quite feasible, storage-wise.
If several people team up and use the same server, storage requirement per person drops.
Do I have any fault in that reasoning?
@dj3ei the flaw is that the local timeline will be anemic. Discovery drops. And the hyper connectors that drive viral conversations will degrade, since they’ll cause a flood. Imagine an account with millions of followers - server inboxes will help, but only a little. But yes, storing your own data is feasible if you’re capable of caring and feeding it.
The average Fediverse user follows a limited number of others, probably < 200.
So the average person is also only followed by that number of others. (Most less. Very few many more. Those few will need special solutions, yes.)
The *average* load a person poses to the Fediverse network when exchanging text messages is quite manageable, both storage and traffic. Modest computing power easily handles a lifetime's text feed.
The game changes when videos are involved, yes: Links FTW!
@dj3ei 25k people on hachyderm. I had 15.5k twitter followers. I was small time, kelsey Hightower has 193.2k. The flood of outbound traffic on a single Kelsey Hightower publish has to be crazy town. Especially if he starts putting media in.
@adamhjk
How many of those 25k people on hachyderm.io have more than 200 followers? Better yet: Do you have a chart "number of followers" vs. "percentage of users that have at least that many followers"? I'd find that very interesting!
I wonder whether hachyderm is already too large and should be split up. I imagine its local instance timeline has become unfollowable a long time ago. In other respects, too, it may have escaped human scale. What do you think?
helmingstayN=1 here at #hachyderm: I've regularly dipped into /local for the past week and it has offered plenty of value at 30k users. It's more a creek with a strong diurnal pulse than a raging torrent. Easily used for serendipitous social interactions and community "events".
Consider user's read-to-write ratio, & average non-reply posts per day. And, more intentional use of unlisted (vs global) replies helps keep public timelines at "human scale".
@adamhjk why is storage an issue? Each server should in theory need to store "only" the posts from external people/hashtags that are followed by someone on that instance. There's definitely a lot of duplication but that also works as a form of read replicas. Now it would certainly be an interesting thesis for someone to figure out some numbers. I don't understand the bandwidth though bc it seems instances send all posts as long as one person from that instance is followed?
@giuliano_b that can become a shitload of data fast. Especially if they don’t age out.
@giuliano_b the bandwidth is because it’s going to parallelize the push - you publish, and it takes every server in the follow list, dedups it, and sends it along. If there is other content (media) attached, then it’ll also trigger fetches for that, I expect. Hachyderm is over 25k accounts - it could become cumbersome quickly.
@adamhjk Does hachyderm send all posts to all instances that there is at least 1 follower or is it smart enough to only send to the instances of the poster's followers (if that makes sense)? I think it's the former because of how I've read the federated timeline works but that seems to be much less efficient than the latter
@giuliano_b I don’t know - from reading the paper, it sounded like only followers
@adamhjk Does hachyderm send all posts to all instances that there is at least 1 follower or is it smart enough to only send to the instances of the poster's followers (if that makes sense)? I think it's the former because of how I've read the federated timeline works but that seems to be much less efficient than the latter
Eric Sampson@adamhjk the original design made elegance/efficiency tradeoffs that some people have derided, but I feel like the recent huge increase in interest and activity is going to be an excellent forcing function for evolution of the protocols and systems.
Makes me think of this excellent new post by @mononcqc (that I hope ends up on his blog : )
https://cohost.org/mononcqc/post/467669-a-bridge-over-a-rive
A bridge over a river never crossed
When I first started my forever project, a peer to peer file sync software [https://github.com/ferd/ReVault/] using Interval Tree Clocks [https://ferd.ca/interval-tree-clocks.html], I wanted to build it right. That meant property-based testing everything, specifying the protocol fully, dealing with error conditions, and so on. Hell, I grabbed a copy of a TLA+ book [https://link.springer.com/book/10.1007/978-1-4842-3829-5] to do it. I started a document where I noted decisions and managed to write up a pretty nifty file-scanning library that could pick up and model file system changes over trees of files. The property tests are good enough to find out when things break due to Unicode oddities, and I felt pretty confident. Then I got to writing the protocol for a peer-to-peer sync, with the matching state machines, and I got stuck. I couldn't come up with properties, and I had no idea what sort of spec I would even need. Only one sort of comparison kept popping in my mind: how do you invent the first telephone? It’s already challenging to invent any telephone (I would assume so at least), but you’d have the benefit of having existing infrastructure and networks, on top of having other existing telephones to test it with. But for the first telephone ever, you couldn’t really start with a device that has both the mouthpiece and the ear piece in place, and then go “okay now to make the second one” and have a conversation once they're both done. In some ways you have to imagine starting with two half-telephones, but your both sides have a distinct half. You start with a part to speak in and a part that goes on the other side and sort of gradually build up a whole pair I guess? An actor portraying Alexander Graham Bell speaking into a early model of the telephone for a 1926 promotional film by AT&T, public domain. The phone is a simple conical part in which the actor is speaking, attached to a piece of wood, with no ear piece at all [https://i.imgur.com/YiHGmTw.png] This was the sort of situation I was finding myself in for the protocol: I wanted to build everything correctly the first time around, but I had no damn idea about how to wire up only one fine half to nothing just to figure out what shape exactly should a whole exchange have. I had written protocols before, I had written production-grade distributed software before, there was prior art for this sort of thing, but I had never built this specific one. To put it another way, I wanted to build a bridge that would be worth it, but I was trying to do it over a river I had never once crossed. I could imagine the finished product’s general shape and purpose, and had even built bridges before, but not over this specific river. Hell, without having gone over the gap once end-to-end, I had no idea what the other side looked like. As it turns out, forcing myself to prototype things and make a very bad version of the software was the most effective way to make a slightly less bad version of it that follows. And then a slightly better one, and another. This was iterative development winning over careful planning. I’m nearing the point where I have a shoddy wooden bridge that I can cross over on. It’s real crappy software, it doesn’t deal with errors well (it’s safe and doesn’t break things, but it’s also unreliable and crashes or hangs all the time), it’s not very fast, and it's downright unusable. But then I also figure that either way I’ll have a lot more infrastructure to work with. And once I’m through with the mess, I can maybe design a nicer form of it. Building the bridge as you cross the river for the first time is a paralyzing thought, and despite all my wishes about it being done right on that initial attempt, it turns out it's a pretty good idea to make that first crossing as cheap and easy to tear down—and replace—as possible. Saying "build a prototype and be ready to replace it" is a long known piece of conventional wisdom. The challenge is how crappy or solid should your prototype be? What is it that you're trying to figure out, and are you taking the adequate means for it? There is a difference between a rough sketch with the right proportions and exploring from an entirely wrong perspective. Experience sort of lets you orient yourself early, and also lets you know which kind you have in your hands. I guess I'll find out soon if all the fucking around was done in the proper direction. Funnily enough, traditional arch bridges were built by first having a wood framing on which to lay all the stones in a solid arch [https://www.youtube.com/watch?v=nJgD6gyi0Wk]. That wood framing is called falsework [https://en.wikipedia.org/wiki/Falsework], and is necessary until the arch is complete and can stand on its own. Without falsework, no such bridge would be left standing. That temporary structure, even if no trace is left of it at the end, is nevertheless critical to getting a functional bridge. Falsework centering in the center arch of Monroe Street Bridge, Spokane, Washington, 1911. An elaborate wooden structure is supporting concrete until it can self-stand. [https://i.imgur.com/lL71ihl.png] I always considered prototypes to be a necessary exploratory steps, where you make mistakes, find key risks about your project, and de-risk a more final clean version. They were dirty drafts, meant to be thrown out until a clean plan could be drawn. I thought, if I had enough experience and knowledge, I could have that clean plan and just do it right. Maybe I just needed to get over myself and consider my prototype to in fact be Falsework: essential, unavoidable, fundamentally necessary, even if only temporary. note: this text itself might just be a draft (or falsework?) for a follow-up, less rambling post on my blog.