Lots of exciting #decentralization protocols and technology out there. Some are not ready for usage, others are not following the paradigm I prefer, I love that we're spoiled for choice.
IMO I still love #SecureScuttlebutt, for me it is still the best offline-first local-first gossip protocol out there. Yes, it has dangerous corners and design issues, but it works and I can build apps with it for my friends.
@cy
> What was that non-blockchain network... Briar I think?
Briar is a neat experiment, but they've never shipped apps for anything but Android. The problem with depending on one proprietary OS ought to be obvious, Goggle's recent decision to start farming Android app devs is a good example;
So until it's cross-platform, Briar is a fun toy, but not suitable for production use.
@cy
> Dunno what one would be good though
Depends on your use case/ threat model. Ask yourself questions like; who do I want to communicate with and why? Are you looking for software for an existing group/ network of people who can make and action decisions about where to communicate? Are you wanting to adopt an app to make new contacts among its current network? How sensitive are the communications? Etc, etc.
@soapdog
> the fediverse is indeed cool, but it is not the p2p I aim for
Pure P2P networks have been the holy grail of every new generation of cypherpunks since the 90s. They've never worked out. Everything that's turned out to be practical for use beyond dogfooding has some kind of supernode, and that's not even a bad thing;
https://bridgeseat.substack.com/p/in-defence-of-servers
> It is very costly to run an instance in terms of bandwidth
If you use Mastodon, sure. There are much more efficient fediverse servers.
(1/3)
@cy
> gatekeeping supernodes
The option is there to be your own gatekeeper, eg with a GoToSocial instance. Most people *choose* to outsource this work. But no one is forced to.
> with no deniability
Huh?
> we're tied to one specific supernode
Not if you use Hubzilla, Streams, Forte, or other apps in theZot/Nomad branch of the 'verse.
Folks are working on FEPs for enabling other AP apps to become nomadic;
https://wedistribute.org/2024/03/activitypub-nomadic-identity/
(2/?)
@cy
> Also substack are Nazis so don't read them
I'm aware of the issues with SS;
https://disintermedia.net.nz/ghosting-substack/
Haven't yet had the time and spoons to republish those Bridge Seat posts so I can stop linking to SS. Hope you'll make an exception for the sake of this discussion.
(3/3)
@cyd
> Secure Scuttlebutt works just fine
It works. But with *many* limitations, which is why other devs have moved on. These include;
* can't use one ID in multiple apps/ devices
* can't delete or edit posts
* rare but unavoidable netsplits that fork your ID
> My only complaint is it uses a blockchain
As @soapdog says, it doesn't. Social apps using a blockchain have been tried;
https://wiki.p2pfoundation.net/Blockchain_Social_Media_Apps
AFAIK they have to sync the entire network and get bogged down by chain size.
can recommend to use `dat` all the upsides, none of the downsides.
identity works multi device too. you can delete or edit posts too and nefsplits do nothing.
its not using blockchains or token either.
then ssb is a blockchain as well, even more so than dat. i understand that one can define it like that, but imho if there is no token/cryptocurrency involved i would not call it a blockchain. usually ppl hearing blockchain think of cryptocurrency.
if you'd call dat blockchain, one should be aware it means every peer usually creates loads of them and only they can write to it and also subscribes to loads of them only writable by others. consensus then means it was signed by owner🤷♀️
maybe just one addition. hypercore is also a low level building block.
i think the best way to experience dat is to use 3 modules instead and make a small demo
1. `corestore` (=persists all data)
2. `hyperswarm` (=p2p network)
3. `hyperdrive` (=p2p filesystem)
and next learn `autobase` (=multiple devices, one identity) 🙂
no you dont.
you start with a hypercore's public key as its address to lookup peers and sync some log entries torrent style. you also sync a handful of "tree nodes" (=merkle proof) with a merkle root signature to verify data integrity using the pubkey you started with.
verifying means you can sync data from any random peer bittorrent style, but you know the data is exacty what the author published and wasnt accidently or maliciously changed.
@serapath
> if there is no token/cryptocurrency involved i would not call it a blockchain
This is also an all trout are fish. A "cryptocurrency" is just one application of a blockchain. There are others that have nothing to do with decentralised finance, eg JamiNS;
https://docs.jami.net/en_US/user/jami-distributed-network.html#the-jamins-blockchain
@cy
> Append-only log is a blockchain
This is an all fish are trout fallacy. All blockchains are append-only logs. But there are many different kinds of append-only logs. Many of them are not blockchains (including SSB and DAT/HyperCore), and don't use global consensus algorithms. So they don't have the same scaling limitations.
@jeremy_list whatis this now? Should we finish cannibalizing your C++ ssb client into embeddable common lisp? I was not aware of much involvement other than you but if a reasonable number of people in our community here I suppose we should finish doing it.
(My blog is down right now so no link)
@jeremy_list
> I do have plans eventually to implement additional protocols in my SSB client
What's the name of your client? If it's not Tilde Friends, I'll add it to the list I just updated here;
https://codeberg.org/fediverse/fediparty/wiki/non-fediverse-federated-social-apps
Everyone please feel free to let me know about any errata or anything you think is missing.
> I'm probably going with PZP
Ah, so there is still some dev interest in PZP since ManyVerse was abandoned. Good to know : )
(1/2)
You raise some valid concerns about the costs (financial and otherwise) of self-hosting. But my point remains; the option is there.
@cy
> Can you afford to buy a domain name? How about an SSL certificate? Both of the financial barriers involves paying rent to some parasite who doesn't even do anything.
Not with SSL certificates, thanks to Let's Encrypt;
The objective of Let’s Encrypt and the ACME protocol is to make it possible to set up an HTTPS server and have it automatically obtain browser-trusted certificates without any human intervention. This is accomplished by running an ACME client on a web server. To understand how the technology works, let’s walk through the process of setting up https://example.com/ with an ACME client. There are two steps to this process. First, the ACME client proves to the Certificate Authority (CA) that the web server controls a domain. After that the client can request or revoke certificates for that domain.
(2/?)
True, domain names can only be leased not bought and that's annoying. I proposed one way around that here;
https://disintermedia.net.nz/a-free-online-birth-certificate/
But a domain name costs about NZ$20-$50 a year. That's about what we pay per month to be connected to the net here. It's hardly a high barrier.
> there isn't much of a choice for many people, who only have a phone on a flaky network at best
They could use managed hosting;
https://codeberg.org/fediverse/fediparty/wiki/Hosting-services-offering-managed-fediverse-servers
(3/?)
@cy
> a phones on a flaky network
... is just as much of a problem in P2P networks, as the dev of ManyVerse found out the hard way.
Anyway, remember the context; my argument is not that everyone ought to self-host. My opinion is kind of the opposite, for reasons laid out in that Bridge Seat post about the value of servers. I'm just pointing out that using someone else's server isn't compulsory.
(4/?)
OK, I understand what you mean by deniability. I agree that the fediverse is not a suitable place for sensitive non-public discussions. *Unless* you and all your correspondents are self-hosting, or trust all the admins/ mods of the servers you're all using.
That's something that Matrix or XMPP+OMEMO is better for. See;
https://disintermedia.substack.com/p/get-a-room
But that doesn't mean the fediverse isn't useful in general. Clearly you think otherwise, because here you are ; )
(5/5)
Also worth noting that SocialCG (W3C Social Community Group) has a taskforce working on using (D)MLS to make it possible to send E2EE private messages over ActivityPub;
https://socialwebfoundation.org/2025/12/19/implementing-encrypted-messaging-over-activitypub/
@strypey @cy @soapdog GoToSocial doesn't provide hosting so the privilege problem still applies.
I haven't had time to look into the "Nomadic" stuff yet though.
@soapdog @strypey @cy Fedi's relatively hard requirement on low-latency clearnet peering also requires considerable privilege that is unreasonable to expect of every user.
@lispi314
> GoToSocial doesn't provide hosting
Why should a software developer pay for hosting for everyone who wants to use their software? Seems like a weird expectation to me.
> the privilege problem still applies
Me:
> The option is there to be your own gatekeeper, eg with a GoToSocial instance. Most people *choose* to outsource this work. But no one is forced to.
Why should a software developer pay for hosting for everyone who wants to use their software?
No particular reason.
But self-hosting requires considerable economic and infrastructural privilege.
Clearnet self-hosting requires even more privilege.
The option is there to be your own gatekeeper, eg with a GoToSocial instance. Most people choose to outsource this work. But no one is forced to.
Not having money to spend on spurious things like that isn't a choice.
The circumstances to enable payment and having no privacy concerns about it are also a form of privilege.
@sj_zero @cy @strypey @soapdog You're considerably understating it.
You need a reliable connection, a reliable machine and a reliable electrical grid (I don't have that and I'm privileged enough to have UPS, which I care very much about for that same reason, it means I ride through minor disruptions and at least get to shut things down properly for major ones) for low-latency clearnet self-hosting, at the minimum.
(Unless your use-case, like that solar-powered website (without battery), doesn't expect considerable uptime nor reliability. And even then, it has the two other points besides power.)
@lispi314
> And Nostr is also getting in on the paygating relays
That's been a thing from early on. The argument is that this is better than paying with your data and your eyeballs. I'm sceptical but happy to see people run the experiment.
There are still plenty of gratis relays run by outfits like Nos.social. Even if there weren't its possible to self-host them.
> same problem but worse
Same problem as what?
Supernodes aren't bad things, but gatekeeping supernodes with no deniability are. That's why the Fediverse uh... sucks. That and we're tied to one specific supernode.
It's gatekeeping of the same kind as the Fediverse, but even more exclusive. Sure it's not a single node but unless you're rich if they all paygate it'll soon be close-enough, unless they finally fix the relay gossiping that's missing.
Payment is also typically much harder to make deniable reliably (Monero works until it has some critical flaw found that screws all that up).
Which is like the opposite of good from a privacy standpoint.
Requiring payment also has this flaw in most incarnations.
SoapDog
Cy
Strypey
𝓼𝓮𝓻𝓪𝓹𝓪𝓽𝓱【ツ】☮(📍🇨🇦)
screwlisp
Jeremy List
LisPi
sj_zero