Mastodawn

FR#155 – Where Does Community Live – updates

Last week I wrote an analysis article about how communities get built on open protocols, and how the architecture of both ActivityPub and atproto steer into different directions with what types of communities are possible, while at the same time giving people a significant amount of flexibility in what they are building. It is easy to let the major players determine the narrative for what the networks are for: when Mastodon saying their goal is to build a network of sovereign communities, to understand the entire fediverse and ActivityPub that way. Or when Bluesky CTO Paul Frazee says that the purpose of open protocols is “to guarantee the rights of individuals and communities”, to take this rights-based vision to understand the atmosphere more broadly.

But my interest is not only in describing general structures (“the fediverse is for networked communities, the atmosphere is a social infrastructure”), but also finding how specific news items fit in framework as much as it complicates it. So this week’s Fediverse Report is a collection of news items that relate to this framework.

Fediverse News

Twt Cymru, Wales’ longest-running independent fediverse node, announced a mobile app launching on St David’s Day, built in partnership with the Newsmast Foundation as part of their “Apps for Change” programme. The app wraps the toot.wales Mastodon server into a branded experience with its own onboarding flow, bilingual Welsh/English interface, and curated community feeds, designed to feel like a Welsh social app rather than a generic Mastodon client. Twt’s founder Jaz-Michael King describes it as “a digital lifeboat for Wales and the Welsh, a space that cannot be bought, sold, or broken by the whims of a single billionaire.” Twt Cymru is one of the clearest examples networked communities: a culturally specific community (Welsh language users), running their own infrastructure (a Mastodon server since 2017), now with their own branded app, federating into a much wider open social network. The Newsmast Foundation is pushing into this direction more broadly, with their partnership with the Bristol Cable as another example of how they’re building social apps that are predominantly for their own community, and the integration with the wider fediverse network as a secondary feature.

In Montreal, the first FediMTL conference was held, featuring keynotes from Cory Doctorow and two creators of the ActivityPub protocol, Christine Lemmer-Webber and Evan Prodromou. The conference had two intertwined motivations, that of sovereignty and of community. For sovereignty, with themes such as Canadian digital autonomy, escaping dependence on American platforms, and Doctorow arguing that Canadian technologists should “hack emergency exits” into existing platforms. The other is community, with Qlub, a Quebec-based ActivityPub platform with over 3,500 users, building a social space rooted in Quebec identity. These overlap but they are not quite the same thing: sovereignty asks who controls the infrastructure, and community asks what people build inside it. Both need bounded and self-governed digital spaces, but for different reasons.

The Netherlands swore in the new Jetten cabinet this week, and several ministers have begun posting on social.overheid.nl, the Dutch government’s Mastodon server running since 2023. A small item on its own, but maybe the clearest example of the sovereignty side: a government treating fediverse infrastructure as sovereign communications infrastructure.

The Forkiverse, the Mastodon server launched in January by podcast hosts PJ Vogt (Search Engine), Kevin Roose, and Casey Newton (Hard Fork), has now been running for nearly two months and grown to around 10,000 registered accounts with roughly 3,600 monthly active users. It remains one of the largest new fediverse servers since the 2023 post-Twitter migration wave. That the biggest new fediverse server in years grew out of an existing audience and not from scratch tracks with what the architecture implies: the networked community model works best when the community already exists before the server does. Moderation challenges arrived almost immediately: sexual harassment from federated users, encounters with the Portal Combat propaganda network, and the general discovery that running a server means running a community with real governance responsibilities. As the Hard Fork hosts found out, and as Mastodon’s Executive Director Felix Hlatky described in his recent interview about Mastodon operators, most people who start servers underestimate what moderation actually requires.

A fediverse take on the “link in bio” is being built, designed as a decentralized, privacy-respecting alternative to Linktree. Each profile is itself an ActivityPub actor: it can be followed, it boosts posts from all your other fediverse accounts, and it has its own inbox. The problem of the networked communities model is that this results in having a large number of different fediverse accounts: I had 26 different fediverse accounts last time I counted. The linktree approach turns that fragmentation into a feature by giving you one followable persona that aggregates all your fediverse activity. The challenge is that if your identity is tied to specific communities, each with their own server, you need some way to be visible as a single person across all (or at least some) of them. Atproto solved this by making identity portable and separate from any particular service. The fediverse has not solved this yet, but this is an interesting take on it.

A technical deep dive into Wafrn’s dual-protocol architecture, examining how the Tumblr-like platform implements both ActivityPub and atproto natively in a single codebase. From the perspective of networked communities a server can participate in both networks simultaneously is highly relevant. Wafrn is one of the more technically ambitious projects in the ecosystem, but that can be hard to see behind the deliberately unserious facade of the project (Wafrn stands for We Allow Female Representing Nipples, a reference to the Tumblr ban of adult content).

Atmosphere News

If the fediverse side is building networked communities, the atmosphere side is building the infrastructure those communities could run on. This week, that infrastructure got a lot busier.”

Multiple PDS providers are now explicitly positioning themselves as community infrastructure. Eurosky, the European atproto project, launched its PDS and crossed 1,000 users, releasing EU-HAUL, a migration tool available in 26 European languages. Northsky, the 2SLGBTQIA+ community PDS, published a Phase 2 roadmap covering their own app, moderation labeler, independent appview, and private data infrastructure. They have sent out over 1k invites with a 26% migration rate and 6k more people on their waitlist. The roadmap shows what it takes to turn a PDS into a community home on atproto: PDS hosting is only the first step, and everything else has to be built deliberately. Smaller PDS providers are also growing: npmx.social, run by developers behind a new npm registry browser that integrates with atproto, now hosts hundreds of people and is offering European PDS hosting as a side project alongside their main registry work. Blogging platform pckt also announced their own PDS.

The main development this week are three separate approaches to permissioned data on atproto, with Blacksky, Bluesky and Northsky all working on it.

Blacksky is close to launching private posts and community-scoped visibility. Rudy Fraser announced that their appview goes live next week, with the explicit note that this lets members interact with each other even if Bluesky has banned them, followed by the launch of Blacksky-only posts. Two proposals for community moderation approaches, peer-based communal moderation versus machine-learning image classification, will go to a community vote. Northsky is developing Stratos, their own private data solution that targets what they call “true data privacy rather than hiding in plain sight by using a different lexicon”. They plan to build Stratos for the broader atproto ecosystem, allowing anyone to run their own Stratos service. And Daniel Holmgren, Bluesky’s engineering lead, published the second entry in his permissioned data design diary, introducing “buckets” as a potential new protocol primitive.

Holmgren’s post is worth attention because it shows the protocol-level design problem in full. He works through two approaches that fail. App-controlled access (which he calls “realms”) solves the authorization problem but centralizes power in applications, because users in the same group using different apps cannot see each other’s content without individually authorizing every app. Granular per-record access control gives flexibility but creates a coordination problem: every time someone joins a group, every member’s access control list on every record needs updating. His solution, buckets, is a shared container with a single authoritative access control list that all content within it inherits. A bucket is, in protocol terms, a bounded space with governance: “permissioned data needs a shared context with a perimeter.” How buckets interact with the community-built solutions from Blacksky and Northsky, and whether these converge into shared infrastructure or remain parallel approaches, is worth watching.

Beyond microblogging, the application layer on atproto continues to thicken. A selection of what launched or updated recently:

Skyreader, the atproto RSS reader, now supports subscribing to standard.site publications directly, meaning blogs published on Leaflet, pckt.blog, Offprint, and other standard.site-compatible platforms show up alongside traditional RSS feeds. The same update adds read-it-later functionality with highlights, read progress tracking, and inbox/archive management, all stored on your PDS. The developer notes that read-it-later apps have an annoying habit of getting shut down (I’m still mad about Omnivore), and that storing your reading data on a decentralized protocol is one way to stop losing your library every few years.
Semble, a social bookmarking app, added social following. What makes this interesting is the granularity: you can follow specific collections rather than entire users, what developer Ronen Tamari described as “faceted following.” This means following someone’s collection on protocol governance without also getting their cooking bookmarks.
BeaconBits is a a Foursquare-style location check-in app, added explicit Blacksky integration: users on Blacksky’s PDS now see “View on Blacksky” and “Post to Blacksky” options throughout the app, with a visibility toggle for public or community-scoped check-ins. While a small feature, I think this is one worth tracking for how the concept of community continues to be developed in the atmosphere.
Popfeed officially launched as a pop culture tracking app for films, books, shows, games, and music reviews. The app has been around for a bit, and also features quite some integration with both other tracking apps like Bookhive.buzz as well as with Bluesky.
Hypha Co-op published spores.garden, a digital garden platform on atproto where each garden gets a unique visual identity generated deterministically from your DID. Gardens can pull in content from other atproto apps, and navigation happens through collecting and planting flower identicons in other people’s gardens rather than algorithmic feeds. It is a deliberately weird and playful project, and a good example of using atproto for entirely different modes of communication.
Wireservice is a new WordPress plugin that syncs posts and pages to standard.site records on your PDS. This is notable as a bridge between the existing web publishing ecosystem and the atproto data layer, meaning a WordPress blog can now be a standard.site publication without migrating away from WordPress. I’ll be enabling this soon for this website as well.
The new Ecosystem Action Research project launched a call for participation, a volunteer-led pilot program addressing five shared challenges across the atproto ecosystem: user experience, brand awareness beyond Bluesky, trust and safety readiness, economic sustainability, and contributor enablement.

Finally, Bluesky CTO Paul Frazee published “Practical Decentralization,” a blog post that articulates what he sees as the purpose of open protocols: “to guarantee the rights of individuals and communities on the Internet.” A deeper analysis will follow in a separate article. It is valuable to see protocol leadership put a specific thesis on paper, and I hope others will do the same.

#nlnet

https://connectedplaces.online/reports/fr155-where-does-community-live-updates/

Laurens Hof Feb 20

FR#154 – Search and Community

Last week, Holos Social quietly shut down Holos Discover, a fediverse search engine built on ActivityPub. It had put in serious effort to allow for user consent, it only indexed public posts from accounts with the indexable flag enabled, appeared as a visible follower, processed deletions and edits in real time, and excluded accounts that were locked or had #nobot in their bio. This is about as close you can get to building a consent-respecting search engine in the current fediverse.

Community members pointed out that the indexable flag is enabled by default on many instances, which means that a significant number of accounts with the flag set never made a deliberate choice to be indexed. The flag that’s supposed to signal “this person consents to being searchable” frequently signals “this person’s server admin didn’t change the default”, and on a protocol-level, there is no difference between these two options.

Search and indexing projects on the fediverse tend to end the same way, from early full-text indexing attempts through Searchtodon‘s careful experiment with personal timeline search in 2023, to FediOnFire‘s relay-based firehose display earlier this year. Not all of this resistance was unjustified: Maven imported over a million fediverse posts without notice and ran AI sentiment analysis on them, which is a far cry from what Holos was building. But the community response has rarely distinguished between projects that deliberately violate consent and projects that try to respect it. Bridgy Fed survived a similar cycle by shifting to an opt-in model, but it’s the exception. The norm against search was established during periods of intense community backlash that sometimes crossed into coordinated harassment. These backlashes have grown less intense as people seem to have largely moved on. See for example how Searchtodon got an intense backlash in early 2023, and I explicitly flagged an offline-first client that could do effectively the same in fall 2025 that did not get any backlash. Still, the expectation for backlash persists as internalized caution.

The community correctly identified that the indexable flag doesn’t reliably represent individual consent. Helen Nissenbaum’s work on contextual integrity makes the case that privacy isn’t about secrecy but about appropriate information flows: posting on Mastodon carries an implicit norm about who will encounter that post and why, and violating that norm is a privacy breach even if the post was technically public. Daniel Solove and Woodrow Hartzog make a similar legal argument, saying that publicly available data is still regularly protected by privacy law, and that accessibility alone doesn’t license arbitrary downstream use.

But the only available response to discovering that the indexable flag is unreliable, treating all defaults as non-consent, has some major side effects. It removes the possibility that a server admin could legitimately say “our community values public discovery, so we set defaults that support that.”The protocol has no way to represent whether a default was set deliberately or by inertia. So the community norm treats them the same, which in practice means that a server admin who says ‘our community is about public discovery’ gets treated identically to one who never looked at the settings page. This results in a view of fediverse servers that only contains individual choices, and where a community deciding collectively to be discoverable is not an available category.

This is a strange outcome for a network that’s supposed to enable governance diversity across communities. Mastodon published a blog post this week where Executive Director Felix Hlatky says the mission is to “connect the world through thriving online communities”. But this current structure for how to signal consent for data processing can only recognise the individual, and has no mechanism for a community to signal anything.

There is also something patronizing about the framing that treats defaults as equivalent to non-consent. If we take seriously the idea that servers are communities with governance, then an admin who configures their server for public discovery is making a governance decision on behalf of their community, not failing to notice a checkbox. Treating all defaults as non-consent refuses to recognize that decision as legitimate, which undermines exactly the kind of community-level agency that a decentralized network is supposed to enable. As I argued in another article this week, where community lives in these networks is an open question, but it can’t be answered if the architecture only recognizes individuals.

Meanwhile, there are about half a dozen ways to harvest fediverse data with no accountability and no opt-out attached, and all of them are effectively condoned because they happen out of sight. What the current setup actually does is push practices for data gathering out of sight, where no opt-out mechanisms exist, instead of creating conditions where accountable tools can be built in the open. The current system is better at protecting the community’s idea of itself as a place that takes consent seriously, than it is at actually protecting users.

Mastodon’s Fediverse Discovery Providers project, or Fediverse Auxiliary Service Providers (FASP), is building a specification for pluggable search and discovery services that any fediverse server can connect to, funded by an NGI Search grant. It aims to solve the same problem as Holos, providing discovery infrastructure that can be used by other servers.

The FASP specification explicitly states that providers will “only ingest content from creators who opted in to discovery in the first place” and will “respect this setting,” referring to the same indexable signal that Holos relied on. The spec is well-designed in other respects: it is decentralized, allows servers to choose among competing providers, separates content URIs from content fetching in ways that limit data exposure, and requires signed fetch requests so servers can identify and block specific providers. But the problem is that the consent mechanism at its foundation is one the community has already explicitly said it doesn’t trust.

If the Holos episode established that the indexable flag is insufficient because it can’t guarantee individual deliberate consent, then FASP’s privacy model has the same hole. It shows that the lack of search and discovery is a governance problem, not a technical problem. Holos and their experience building a search engine shows that the ‘indexable’ flag is not sufficient. The technical infrastructure for discovery is being built, but the governance infrastructure for consent, a way to distinguish deliberate community choices from defaults, is not discussed at all.

#nobot

https://connectedplaces.online/reports/fr154-search-and-community/

Laurens Hof Feb 18

Where Does Community Live?

What’s always interested me about Ostrom’s work is that she showed how governance of communities is very diverse, with rules that look chaotic on the surface but share deep structure underneath. What’s more, her understanding of how communities self-organize and govern themselves is relevant to the social web today. Across the open social web there are new types of communities being built, and people actively experimenting with how governance works in these communities.

At the Eurosky conference in Berlin in November 2025, technologist Robin Berjon made a statement that referenced Ostrom, and tied to protocols: “The properties that define the architecture of a protocol and those that define the rules in an institution are the same.” I think that’s largely true, but I also think we can be even more specific.

The open social web today consists primarily of two protocols, ActivityPub and ATProto, each with very different ideas about how to organize social life online. Neither prescribes a single network topology, and both leave fundamental choices about how social space should be structured to the people building on top of them. But their architectural decisions are not neutral: they shape and constrain the topologies that can emerge, the kinds of communities that can form, and the governance tools available to those communities.

That specificity matters because what’s actually happening across ActivityPub and ATProto right now looks, at first glance, like chaos. There are dozens of different applications, community experiments, and governance arrangements, each making different choices about where boundaries fall and who controls what. But just as Ostrom found that the diversity of community governance systems can be generalized into a number of shared structural rules, the diversity of the open social web also has a common set of questions: where does membership begin and end, who sets the rules, how are violations monitored, and what happens when someone breaks the agreement. Protocols don’t answer these questions, but they do determine which answers are even possible.

The simplest way to understand ActivityPub is that servers send messages to each other. A person on one server can follow a person on another server, and when either of them posts something, their server delivers that message to the other. That simplicity hides a deeper question though: what is a server actually for?

The answer that dominated for most of Mastodon’s history is that a server is infrastructure. In a 2023 interview with The Verge, Mastodon founder Eugen Rochko described the product in terms that made servers sound like an implementation detail. “Think about it like email, and you’ll get it. If you don’t like Gmail, you can switch to something else, but you don’t have to quit email entirely as a concept.” When users complained about having to choose a server at signup, Rochko’s response was to make the choice disappear: sorting the server list to show larger servers first, adding a “pick for me” button, and keeping mastodon.social open as a default funnel. He acknowledged this moved Mastodon closer to the Gmail problem he said he wanted to avoid, but framed it as necessity, saying: “However, I’ve learned over the years that there is no replacement for having a default, right?”

In this model, the server boundary is administrative rather than social. Users experience a single network where the fact that their account lives on one server rather than another is, ideally, something they never have to think about, with the server handling uptime, storage, and moderation enforcement. The social graph extends freely across server boundaries and the home feed pulls in content from everywhere, making it feel like a single network.The topology is functionally centralized even though the infrastructure is distributed. This solves some problems regarding engineering and the distribution of power, but does so without creating distinct social spaces.

Mastodon’s current leadership is trying to move away from this. Their new community director, Hannah Aubrey, describes Mastodon as “a front door, not the whole house,” and talks about surfacing and supporting other servers rather than funneling everyone into mastodon.social. Director Felix Hlatky has made distributing users away from mastodon.social an explicit priority, noting that concentrating users on one server is “not the purpose of building a social network.” The target is ambitious: going from roughly 10,000 servers to 100,000, which Hlatky says “needs a mindshift in what it means to start a server.”

In this newer model, the server boundary becomes a social boundary, and your experience of Mastodon is supposed to be shaped by the community you joined rather than just by who you follow across the wider network. Aubrey envisions server starters as “leaders and organizers” who want to build something for their community, whether that community is defined by language, identity, geography, or shared interest, framing the value proposition in terms of belonging: “you can still be in community with people in a safe and healthy way.”

Instead of one network with distributed infrastructure, it is a network of networks where each node has meaningful social coherence. Newsmast, a UK-based organization building ActivityPub infrastructure for publishers and communities, is pushing this further by creating branded apps on top of individual server communities that combine community feeds with a publisher’s content. The logical conclusion of their approach is one app per community, with federation as the connective tissue between them.

Lemmy and PieFed, the Reddit-style link aggregation platforms on ActivityPub, complicate this further. Communities (the equivalent of subreddits) exist on servers but are accessible from other servers, creating a double layer of social boundaries: a community has its own topic, its own moderators, and its own norms, but it also lives on a server that has its own administrators and its own moderation policies. When users from one server participate in a community hosted on another, it is genuinely unclear whose norms apply. The server boundary and the community boundary overlap without aligning, producing a topology of mixed jurisdictions that nobody has fully figured out how to govern.

(PieFed also has a feature called ‘Topics’, which aggregates posts from multiple communities into a single feed around a single theme, making jurisdiction a truly joyful mess: a single post can be made by someone on server A, posted into a community hosted on server B, and then aggregated into a Topic hosted on server C. What happens when rules between servers A, B and C conflict is anyone’s guess.)

The point here is that ActivityPub does not prescribe a single topology. The protocol is flexible enough that each application makes a fundamentally different choice about how much the server boundary matters socially. Mastodon circa 2023 treated servers as invisible plumbing; Mastodon in 2026 wants servers to be communities. PeerTube treats them as institutional containers for self-hosted video libraries, with federation as a secondary feature. Lemmy layers communities on top of servers, creating overlapping boundaries.

In ATProto, every user has a Personal Data Server (PDS) that stores their content as structured records, and applications don’t host this data but read from it. The mental model is something like a shared lake of public data: every PDS contributes its stream, and every application draws out the subset relevant to its purpose. A microblogging app reads posts, while a video app reads video records and a code hosting platform reads repositories, all from the same pool of data, through different lenses. Where ActivityPub organizes around the server as the social unit, ATProto organizes around data.

Bluesky is the dominant application built on ATProto, and for most users it is simply a Twitter-like social network. Community formation in Bluesky is supposed to happen through custom feeds, and Bluesky CEO Jay Graber has framed these as the platform’s core innovation. “The algorithm, more than the content type or the app’s appearance, is the core of social media because it directs how you spend your attention there,” she wrote in 2023, describing Bluesky’s goal as replacing the “master algorithm” controlled by a single company with an open “marketplace of algorithms.” The language is consistently about individual choice and control: what you see, what you scroll, what you subscribe to. Bluesky’s own FAQ makes the contrast with Mastodon explicit: “On Mastodon, your instance, or server, determines your community… On Bluesky, your experience is based on what feeds and accounts you follow, and you can always participate in the global conversation.”

But community is not an attention problem. Feeds organize what individuals see without creating shared spaces, shared governance, or shared membership. In Bluesky’s default implementation, you scroll a feed but you don’t belong to it. The absence of community infrastructure at the feed level follows directly from what feeds were designed to do: they solve for individual curation, not collective organization. This is not a protocol-level constraint, though, as the case of Blacksky demonstrates: a feed can carry community infrastructure when it is deliberately built to do so, with dedicated moderation and explicit membership. But Bluesky’s affordances push toward the passive-consumption model rather than the community-building one.

This is a problem for anyone trying to build actual community on ATProto. Blacksky, which serves the Black community on Bluesky, shows what it actually takes. Their approach was to construct community identity first, starting with a custom feed that created a sense of shared space, then progressively building their own PDS hosting, their own moderation system, and their own relay, their own appview. Their moderation relay is particularly significant because it means any application on the network can plug into Blacksky’s moderation rather than relying solely on Bluesky’s, and their recent work on private posts represents the most explicit departure from ATProto’s default assumption that all data is public, carving out enclosure where the protocol assumes openness.

Other community-oriented applications face similar tensions. Gander (Canada), Eurosky (EU), and Northsky (queer community) each target specific populations while maintaining a full-network view, and it remains unclear how these will develop in practice: whether the community identity or the full-network access becomes the primary experience. They are attempting to create bounded social spaces on top of a protocol that was designed to be boundaryless.

Then there are applications that don’t focus on creating social community spaces at all, and these may be where ATProto’s architecture is most naturally suited. Tangled is a code hosting platform with social features, more comparable to GitHub than to Twitter. Margin.at allows users to write annotations on web pages that are visible to other users, an interesting reversal where the application layer spans the entire web and ATProto functions as invisible plumbing underneath. Germ, a messaging app, uses ATProto’s identity system (DID:PLC) for user identity but builds its actual messaging infrastructure off-protocol entirely. Blento allows you to create a personal websites, with the data stored on your own PDS.

While ATProto’s architecture trends towards a flat social topology with global data, this is not a hard constraint, and it can be used to create distinct social spaces as well.

The two protocols create mirror-image problems for community formation: ActivityPub provides boundaries but makes them difficult to experience from the outside, while ATProto makes the entire network navigable but provides no natural boundaries at all.

In ActivityPub, servers are supposed to be communities, but the architecture does not support the social mechanics through which communities actually form. You can’t visit another server or browse a different community’s conversation the way you might walk into a neighborhood bar. And while you can follow individuals across server boundaries, you can’t be present in a space without committing your identity to it. Communities, as sociologists have long observed, tend to form through encounter, through showing up at the same place at the same time and discovering shared interests through proximity. ActivityPub supports following but not presence, and the server boundary, while it matters in theory, is not something a user can experience in practice.

Another challenge with a ‘server as community’ is that the person running a server is simultaneously the infrastructure administrator and the community leader, and these are fundamentally different roles requiring different skills. Hlatky is frank about the reality: most people who start servers “have no idea what moderation means”. They come from tech background, experience a spam wave, and gradually find out what responsibilities come with running a server. Aubrey’s vision of server starters as “leaders and organizers” building something for their community describes a different population than the people who actually run servers, and the overlap between sysadmin skills and community stewardship skills is small. Mastodon’s plan to make server hosting technically easier may widen this gap rather than close it, because the bottleneck is not the technical complexity of running Docker but the social complexity of cultivating a community.

Under the EU’s Digital Services Act, server operators are potentially regulated entities with compliance obligations around content moderation, transparency, and user protection. Mastodon’s own recent strategy announcement acknowledges this tension, committing to a regulatory audit for “our own servers” and exploring “how this knowledge can be shared with the community,”. The person running a Mastodon instance is now expected to be a sysadmin, a community steward, and a legally compliant service provider.

The cross-server interaction problem shows the limits of the server-as-community model. When someone from server B replies to someone on server A, and server A has cultivated specific norms around content warnings and topic sensitivity, the person on server B has never encountered those norms. Server A’s admin can react after the fact by deleting the reply, blocking the account, or defederating from server B entirely, but there is no mechanism for communicating norms before the interaction happens. There is no door to walk through, no house rules posted at the entrance. In Ostrom’s framework, functioning institutions require that participants understand the rules before they act, that monitoring is possible, and that graduated sanctions exist for violations. An ActivityPub server-as-community has sanctions but lacks the prior steps: rules aren’t visible to outsiders and monitoring is purely reactive, which means the institution has enforcement powers but not constitutive ones.

The standard counter-argument is that visiting other servers is narrowly possible: you can browse a local timeline through the web interface and follow people from a specific community. There is a difference, though, between technical accessibility and social experience. A local timeline is a raw chronological feed with no context about what the community is, what its norms are, or what makes it distinct. Compare this to Reddit, where arriving at a subreddit immediately presents the community’s identity as a first-class interface element: its name, description, rules, moderators, visual identity. The community is a navigable object that you can encounter, evaluate, and choose to join. In ActivityPub, the community is metadata on a username, and even when you follow a cluster of people from one server, their posts appear in your home timeline mixed with everything else, the community context stripped away by the presentation layer. Community does not survive aggregation, because the interface does not preserve it.

None of this means ActivityPub servers cannot function as communities. Some do, particularly when the community existed before the server: a podcast audience, an existing forum, a professional network that migrated together. But in those cases, the community coheres despite the architecture rather than because of it, with the server providing infrastructure for something that was already socially real. Building community through encounter, the way most communities actually form, is much harder when the architecture provides no mechanism for encounter.

For ATProto, where community lives is an even more open question. In ActivityPub, the answer is at least clear: community lives on the server. That answer may be structurally difficult to realize, but everyone in the ecosystem shares a common understanding of where community is supposed to be. In ATProto, different projects are testing fundamentally different answers, and the protocol itself is agnostic between them. Applied through Ostrom’s lens, the question becomes: which of these answers can actually produce functioning institutions with clear rules, meaningful monitoring, and graduated sanctions?

The first candidate is the feed. Bluesky’s own framing positions feeds as the primary mechanism for user agency: a marketplace of algorithms replacing the singular Algorithm, giving individuals control over their attention. But as Bluesky’s FAQ itself makes clear, the design priority is participation in the “global conversation,” with feeds as personalization layers on top of that global view rather than as bounded spaces. In institutional terms, a feed has no rule-making capacity, no monitoring function, and no sanctions. It organizes attention but does not organize people.

The second candidate is the appview, which aggregates network data and presents it as a coherent application, making choices about indexing, display, moderation, and features. This is why Blacksky building their own appview is significant: it created a fully independent social space governed by community-chosen moderators and presenting community-curated content. If community lives in the appview, then the appview operator is the place-maker, and ATProto communities form around whoever is willing to build and maintain that aggregation infrastructure.

The third answer is the full infrastructure stack. Again Blacksky provides the example, building not just an appview, but also PDS hosting, a relay, a moderation system, and eventually private posts. Community, in their model, is not a single layer but an assembly data hosting, moderation, application experience, and boundary enforcement. This is the most institutionally complete answer, the one that comes closest to satisfying Ostrom’s full framework, while it is also the most demanding for community builders.

It is also worth noting that this approach looks somewhat similar to the ActivityPub server model, where a single operator controls data storage, moderation, and application experience. The difference is in easier data portability and interoperability, as well as keeping identity separate from data, that ActivityPub’s server-bound architecture lacks. The implication is that the demands of community governance may impose their own architectural requirements, regardless of what the underlying protocol provides.

The last option is to focus on ATProto as a digital identity system, where your identity and data persists across applications, and your data lives on your PDS. This works as a kind of portable individual place: a blogger’s “place” follows them, with software being swappable while identity and data remain stable. Here, communities only become emergent and ephemeral, defined by your social connections. In Ostrom’s terms, this is the weakest institutional answer: it provides continuity of identity but no mechanism for collective rule-making, monitoring, or enforcement. Community becomes something that happens to you through your connections rather than something you participate in governing.

Each of these answers implies a different topology. If community lives in feeds, ATProto is flat: one network, many lenses, no boundaries. If community lives in appviews, the topology resembles ActivityPub’s server model but with explicit role separation and data portability. If community lives in full infrastructure stacks, the topology fragments into a small number of heavily invested community platforms surrounded by a large number of lightweight applications that don’t attempt community at all. If community lives in identity, there is no collective community topology at all, only individual nodes.

After several years of development, the ATProto ecosystem has produced exactly one fully realized community (Blacksky) and a collection of promising projects that have not yet demonstrated they can sustain the institutional demands that community requires.

ActivityPub and ATProto are not two implementations of the same idea. They represent two different shapes of answers to the questions how should social life be organized online, where should boundaries fall, who should govern what happens within them, and what does it mean to belong? Ostrom spent a career studying how communities develop institutions to manage shared resources, and one of her central findings was that the most resilient arrangements evolved through local experimentation rather than external imposition. The successful communities she documented did not adopt a single governance template, instead they tried things, failed at most of them, and arrived at rules fitted to local condition. What worked in one context did not necessarily transfer to another, even when the resources and stakes were similar.

The open social web is in this experimental phase, and different projects are testing different answers. But these answers are not equally viable, and topologies that concentrate institutional functions, that combine rule-making, monitoring, and enforcement in a coherent operator, produce more resilient governance than those that distribute these functions across layers or leave them to emerge organically. This holds whether the starting point is an ActivityPub server or an ATProto infrastructure stack. The protocol shapes the available answers, but community governance has its own structural demands, and those demands are not infinitely flexible.

But experimentation is not the same as success, and neither protocol has yet demonstrated a scalable, repeatable model for community formation. ActivityPub has a clear answer to where community lives that turns out to be structurally difficult to realize. ATProto’s architecture suggest a more individualised and global network, but projects like Blacksky also show that building communities is possible, even if it requires extending the protocol.

Robin Berjon, speaking in Berlin, observed that the structural properties of a protocol and the structural properties of an institution are the same. If he is right, and the evidence increasingly suggests that he is, then the question facing the open social web is not which protocol wins, but whether either ecosystem can produce the institutional designs that the communities forming within them actually need.

#nlnet

https://connectedplaces.online/where-does-community-live/

Laurens Hof Feb 13

FR#153 – What does a Discord replacement look like?

Discord has announced plans to age-verify all users globally next month, as age verification laws around the globe are taking root. As many people understand the open social web in a form of contrast with Big Tech platforms, seeing it as a refuge from enshittification, this led to another round of conversations on what alternatives there actually are for Discord.

The closest option as a Discord alternative is Matrix, who posted a blog ‘Welcoming Discord users amidst the challenge of Age Verification‘. In it, Matrix co-founder Matthew Hodgson describes plainly how Matrix is beneficial as an open standard, but that this does not fully prevent people from avoiding age verification laws: “The biggest difference between Matrix and Discord is that Matrix is an open standard, like email or the Web. There’s a wide range of both clients and servers, and anyone can run their own server on their own terms while participating in the global Matrix network. However, it’s important to note that server admins are still subject to the law in the jurisdiction where they operate. Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it.”

Another part that stands out to me is how Hodgson is open about how the client ecosystem for Matrix is limited: “Meanwhile no other organisation stepped up to focus on the “communication tool for communities” use case and provide a production ready Discord alternative, but clients like Cinny or Commet may feel much closer to Discord.”

PieFed is also trying to get a piece of the Discord user base Pie, and also wrote a blog post explicitly positioning itself as a Discord alternative. At this point, people making posts on microblogging sites complaining that Discord should not be used for documentation is practically a meme, but does get at a real frustration that all sorts of features that should not be chat-based are being used by a chat platform. PieFed makes this case explicitly, describing itself as having ‘all the advantages that traditional forums have over Discord’, and additionally having “community building features”, such as wikis, events, private groups, and StackOverflow-like questions-and-answers.

This gets at a familiar problem across the open social web: people active in the ecosystem can clearly see how these open protocols can be used to replace Big Tech platforms, but the gap between that potential and a polished, complete alternative remains wide. Matrix can handle real-time chat, PieFed can handle forums, but neither on its own offers the full bundle of features that makes Discord sticky.

Searching for a single Discord alternative may be asking the wrong question however. Discord itself is an extensive bundle of functions smashed together: real-time chat, persistent forums and documentation, voice chats, events and even games. Rather than replicating that bundle in a single app, the open social web may be converging on a different model entirely, where specialised services handle specific functions while sharing identity and social connections across protocol boundaries. These individual services themselves do not have to share the same protocol underneath, and may actually work better if they don’t, with each protocol handling the part it is best designed for. Several developments this week illustrate what this composable model looks like in practice.

Germ, an E2EE messaging app for iOS that uses atproto’s identity system, has been in beta with atproto integration since August. But this week, both Blacksky and Bluesky shipped native Germ buttons directly on user profiles, meaning users can now launch into encrypted conversations straight from the apps they already use. Germ uses MLS for its encryption and atproto handles as its account system, so users can message each other without needing a separate account or phone number. The significant part is less the feature and more the product decision behind it, as rather than building end-to-end encrypted messaging into their own apps, both Bluesky and Blacksky are now using a third-party service that shares the same identity layer. Germ has also published implementation guidelines for any atproto developer to integrate the same functionality.

Standard.site is a set of atproto lexicons for long-form writing, designed collaboratively by three independent blogging platforms to ensure their posts are interoperable with each other and with any future platform that adopts the same schema. This kind of cross-project coordination on shared data formats is exactly what the composable model requires to function: not just different apps built on the same protocol, but active collaboration to make sure the building blocks actually fit together. This is also directly relevant to one of the most persistent complaints about Discord: that communities use it for documentation and knowledge that should be persistent and searchable rather than buried in chat history. With a shared lexicon for long-form writing, that content can live across multiple platforms while remaining portable and discoverable through atproto’s identity infrastructure.

A New Social’s most recent Bridgy Fed update is about making the bridge between atproto and ActivityPub more functional at the interaction level. Previously, if someone on Mastodon replied to your bridged Bluesky post (or vice versa), you’d get a notification but couldn’t respond without logging into the other platform. Now you can like, repost, reply, or block directly through Bridgy Fed without needing an account on the other side. This kind of interoperability plumbing is easy to overlook, but it’s essential if the multi-protocol ecosystem is going to feel like a coherent experience rather than a collection of disconnected tools.

Taken together, pieces of a composable alternative are starting to appear. BlackSky provides feeds for their community on atproto, Germ adds encrypted messaging as a modular service any atproto app can plug into, Standard.site enables long-form publishing and documentation, PieFed offers forums, wikis, and Q&A through ActivityPub federation, and Matrix handles real-time group chat. None of these apps individually replaces Discord entirely, but collectively they can cover the entire feature set and even go beyond it.

There is an obvious counterargument here: Discord succeeded precisely because having everything in one place is convenient. Asking people to use four different apps instead of one is a real user experience cost, and for many communities the friction of that setup will outweigh the benefits. But the point is less that everyone should adopt this composable model today and more that the building blocks are now being laid. As interoperability between these services improves, the multi-app experience may become seamless enough that it stops feeling like a compromise.

The reason decentralisation matters for something like age verification isn’t just “run your own server,” as Hodgson acknowledges that server admins are still subject to local law. It’s that when your social life isn’t bundled into one platform, no single company’s policy change can disrupt all of your communication, community, and content at once.

What we’re finding is that for decentralisation to really make an impact, it needs to happen on multiple axes at the same time. There is the decentralisation in the way it is usually understood by communities on ActivityPub and Matrix: from a single centralised server to many decentralised servers run by independent groups. This gives communities autonomy over their own spaces, but each server still replicates the same software and feature set.

There is the decentralisation in the way it is done on atproto: from a single software stack to separating identity, data storage and apps. This means your identity and data aren’t locked to any one application, and different apps can offer different experiences on top of the same underlying infrastructure.

And there is a third axis that is now starting to become visible: the decentralisation of features. Rather than a single app that bundles everything together, like Discord, multiple different apps each specialise in a few things and are interoperable with each other. This is the axis that the developments this week are starting to illustrate, and it may be the one that ultimately matters most for resilience against the kind of platform-wide policy changes that sparked this conversation in the first place.

#nlnet

https://connectedplaces.online/reports/fr153-what-does-a-discord-replacement-look-like/

Laurens Hof Feb 7

FR#152 – The DSA Needs Big Tech

Last week was the FOSDEM conference, where my time was mostly spend chatting with people so I had little time actually listen to all the talks at the event itself. I want to spend some time on one panel in particular, because while rewatching the panel I realised it surfaced some pretty deep structural issues between the fediverse and the DSA.

The panel “The Fediverse and the EU’s Digital Services Act” brought together Alexandra Geese, a Member of the European Parliament and one of the lead negotiators of the DSA; Felix Hlatky, the recently appointed Executive Director of Mastodon; and Sandra Barthel, founder of the Alliance of Open Networks. The title of the panel suggested this was about complementary approaches to the same problem of how Europe can protect democratic discourse online, but turns out there’s a bit more to it.

Geese laid out the DSA’s most powerful provision clearly. Article 34 requires Very Large Online Platforms (VLOPs, defined as platforms with more than 45 million monthly active users) to assess systemic risks, and allows the Commission to mandate changes to algorithms, targeting systems, and business models. This, Geese argued, is what makes the DSA meaningful. It gives Europe the ability to intervene in how platforms shape public discourse, without having to become a “ministry of truth” that decides what content is or isn’t allowed.

Hlatky then described the fediverse as a fundamentally different kind of network. “It’s a network of a lot of small networks. In fact, in the fediverse there’s around 30,000 active small servers.” He went on: “From a regulatory point of view, it’s very attractive because they all of them default under the SME exemption, small medium enterprises, so all of these servers are very small so they fall under this exemption.” When asked what makes the fediverse a nicer place than mainstream social media, Hlatky pointed to design and culture: “Polarizing content on Mastodon and the broader fediverse, it will never be amplified in the same way as in other networks, simply because of design choice, that this content doesn’t have this strong amplification. But the second thing that is probably more important is that trust and safety is not an afterthought, something that is bolted on later because we need this for regulatory compliance, but it’s part of the initial product design process.”

These are both reasonable statements on their own, but positioned next to each other it is visible that both Geese and Hlatky describe projects that work against each other. Geese’s entire model depends on VLOPs actually existing, as without a platform that crosses the 45 million monthly active users article 34 of the DSA has nothing to act upon. The DSA’s power to force algorithmic changes, to mandate risk assessments, to reshape business models, all of it requires a centralized platform large enough to qualify. Without a VLOP, the DSA actually does very little. On the other hand, Hlatky, as the Executive Director of one of the largest software developers building the alternative, is explicitly celebrating the fact that nothing in the fediverse qualifies for the DSA, and that the structure of the network makes it likely that nothing will ever qualify. The network architecture of the fediverse creates the possibility for the large majority of participants (if not everybody) to avoid DSA regulation via the SME exemption.

During the panel, Geese was remarkably candid about the geopolitical pressure the European Commission faces when trying to enforce the DSA against US-based platforms. She described how US government threats, including tariff escalation and NATO posturing, are actively deterring the Commission from enforcement. In her framing, DSA enforcement is no longer just a regulatory question, and she sees it as one of three fundamental geopolitical conflicts facing Europe, alongside defense against Russia and economic competitiveness, and argued that enforcing the DSA requires political courage at the highest levels of European leadership.

This problem of political will only matters if VLOPs exist to enforce the DSA against. In a network of 30,000 small servers, there is no entity for the Commission to pressure, and no platform for the US government to shield through diplomatic coercion. The fediverse sidesteps the geopolitical vulnerability that Geese described, but does so by eliminating the regulatory lever entirely.

The very geopolitical pressure that makes DSA enforcement difficult is itself an argument for the fediverse. If the Commission can be coerced into not enforcing against US-based VLOPs, then a network architecture without VLOPs is more resilient, not just technically but geopolitically. But that resilience comes at a cost to both sides of the current power dynamic. For the US, a world without VLOPs removes the ability to fuse state power with platform power, the dynamic that currently allows the US government to shield companies like X and Meta from European regulation. For the EU it removes the regulatory lever that the Commission has spent years building, and with it the role the EU has carved out for itself as the global counterweight to Big Tech. The EU’s position in digital governance, as well as the way the EU understands itself, is built around being the entity that regulates platforms. Without platforms large enough to regulate, that position loses its foundation.

For Hlatky, this avoidance of the DSA is not a big problem, as he sees many positive traits for the fediverse, such as polarizing content not being amplified and trust and safety being integrated into product design. However, these traits can better be described as how Hlatky views Mastodon, as those are not characteristics that are intrinsic to an ActivityPub network, and the claim that trust and safety is integral to Mastodon’s product design is contested within the community as well. While other ActivityPub software also proclaims these traits, it might just be an emergent property that flows from the type of people and their interest who are the early adopters and new builders of of open social platforms. In a potential world where open social protocols gain mass adoption, I’m not sure these characteristics will hold up, especially if it becomes a hyped new technology that attracts a very different user base with other priorities.

This is something I have written about before: one of the reasons the European Commission actually needs platforms like X to exist is that it has built its entire regulatory infrastructure around the assumption that VLOPs exist. Open social networks don’t just offer an alternative to Big Tech, they undermine the assumptions that European digital regulation is built on. The panel at FOSDEM was collegial and constructive, and everyone agreed that the fediverse is good and the DSA is necessary. But nobody asked the harder question: if the fediverse succeeds in replacing centralized platforms, what regulatory framework takes over from the DSA?

Some other news

For Protocols For Publishers I gave a presentation on the state of the open social web, explaining to publishers how both ActivityPub and atproto have different visions for how a social network can function. In my opinions these visions can be complementary to each other, with atproto well suited for the distribution of news, and ActivityPub creating new primitives for community building. The slide deck can be downloaded here.

PieFed has seen a sustained growth of new users over the last week, increasing it’s total user base by 50% in a week. The main driver of growth for PieFed, created by New Zealand based developer Rimu Atkinson, is a popular post on the BuyFromEU subreddit that describes the platform as an European Reddit Alternative. While impressive growth in relative terms, in absolute terms the entire network is still small, with some 8k monthly active users (MAU) for PieFed and 36k MAU for Lemmy.

Mastodon has announced that they are beginning work on a new onboarding experiment, where they’ll recommend “the closest server geographically that is in the correct language during the sign-up flow.” Mastodon using the mastodon.social as a default server for signup has been a point of critique for years within the community, and the organisation is now addressing this feedback.

Holos continues to be one of the most interesting projects moving ActivityPub forward. It runs an ActivityPub servers on your mobile phone, with a relay that handles your identity, as well as data forwarding for the periods when your phone is inaccessible. The latest update allows you to set your identity based on a domain name you own, fairly similar to atproto. Once the project launches as a 1.0 I’ll write a more detailed explainer about it and why I think it matters, for the protocol-minded people I already recommend taking a look.

FediMTL is a conference about digital sovereignty and the social web, that will be held on February 24, 2026 in Montreal (streaming options also available).

#nlnet

https://connectedplaces.online/reports/fr152-the-dsa-needs-big-tech/

Laurens Hof Jan 29

FR#151 – TikTok Won’t Be Another Twitter

The identities of both the fediverse and the atmosphere have been strongly influenced by Elon Musk’s acquisition of Twitter. Bluesky’s growth trajectory, Mastodon’s cultural identity, and the entire discourse and self-understanding of making social platforms resistant to billionaire purchase are all downstream of that transfer of ownership of Twitter. Three years after Twitter changed hands, we now have a second case study, with TikTok’s transition from the Chinese Bytedance to a majority American ownership last week. The culture of ActivityPub and ATProto are shaped by what it means to watch a dominant Big Tech platform become owned by a fascist oligarch, and the question now is whether TikTok will leave a similar mark. Early signals of the impact of the transfer of ownership is how users claim that TikTok is now blocking mentions of Epstein and ICE, or Emmy-winning Palestinian journalist Bisan Owda reporting a permanent ban from her 1.4 million follower account.

The standard story about why X is hard to leave centers on network effects, the idea that the network is valuable because everyone else is there. This isn’t exactly wrong, but misses a nuance in what makes a platform sticky. People don’t make individual choices based on the user count of the entire network, they make choices based on their perception of the network effects. People perceive which accounts matter to them, and are making their platform choice based on that. Crucially, this perception is shaped by the platform’s architecture.

Twitter and X’s chronological timeline (and even to an extent their algorithmic feed, more so for Twitter than for X) make the network legible. You can see who of your follows is actually there, and who is posting. This also makes it visible when prominent accounts go quiet or announce their departure. This legibility is what made coordinated migration possible: you could see others leaving, which gave you permission to leave.

Beyond this legibility, Twitter had also accumulated a particular political significance, it had created the common knowledge that it was the place where public discourse happened, where news broke, and where politicians and journalists gathered. This common knowledge was never fully accurate, but accurate enough to make Twitter feel like the agreed-upon stage for public political life.

Together, this created a unique set of circumstances for the case of staying or leaving Twitter: leaving means abandoning the agreed-upon place for public political life. Moreso, it was a visible act that others could see you do. This move of people towards Mastodon and Bluesky was as much about joining a new platform as it was about making a collective political starement.

TikTok’s structure differs from X in two meaningful ways. The first is that its TikTok’s architecture makes the network much more invisible to its own users. The For You Page algorithm is not strongly influenced by the accounts you follow, instead it responds instantly to the videos you most recently watched and liked. This makes it very hard for people to build a mental model of what their network on TikTok actually is. TikTok’s algorithm selects from a pool so vast that individual departures are virtually undetectable by people. You cannot see who has left, because it is very hard to build a stable sense of who was there in the first place. The ban of Bisan Owda got the attention of Al Jazeera, but not every ban will get that attention. Most followers might never notice her absence, with the algorithm simply serving them a never ending supply of other videos.

This creates a coordination problem for migrating to other platform. While Twitter and X were not great for coordinating collective actions to join other platforms like Mastodon and Bluesky, it was in fact possible, as both platforms did experience such spikes in people joining. This pattern has died down in the last year for people going from X to either Bluesky or Mastodon, suggesting that collective actions to join other platforms are both possible but not guaranteed to happen and can be disrupted.

The second way that a migration away from TikTok might look different than X, is that where Twitter and X are the centers of political discourse, TikTok is the center of culture. When journalists and politicians left Twitter, they were making a statement about the public political sphere. When creators leave TikTok, they are making a career decision about where their audiences are. These actions have different motivations, with different symbolism, and will likely not create the type of collective identity that has developed on Bluesky and Mastodon as a result of people leaving Twitter and X. The fediverse and Bluesky both carry the imprint of being “the place people went when they refused to stay on Musk’s platform.” This does not mean that TikTok users won’t move to differrent platforms. It means that this move, if it happens, likely won’t follow the same “leaving” narrative that has shaped open social’s current identity.

There’s a lesson here from what actually happened with the moves away from Twitter. In raw numbers, Meta won, as Threads has now overtaken X in daily active users, and has around 140M daily active users on mobiel, compared to Bluesky’s 3 million total daily active users. Bluesky, although much smaller than both other platforms, does hold outsized political impact already, especially for politicians on the left side of the political spectrum. While Threads did win the ‘number-go-up’ game, it’s political and cultural relevance is surprisingly low in Western countries.

Meta is well-positioned to repeat this numerical victory with TikTok, and Instagram Reels already competes directly for the same attention and the same creators. If TikTok users move away due to privacy concerns or content moderation frustrations, Reels is the lowest-friction alternative option, together with YouTube Shorts. But this tells us little about whether open social will benefit, because open social platforms select heavily for early adopters and the type of people who want to built the future of social platforms.

There’s a another structural difference worth noting, beyond the nature of the migration itself, namely that video is harder than text when it comes to running independent social networking platforms. Text-based social media is relatively cheap, and accessible for self-hosting. You can run a Mastodon or GoToSocial instance on a cheap VPS, especially if the server is only for a few people, same with self-hosting a ATProto PDS. Video is in an entirely different category, with storage costs, bandwidth costs, transcoding costs, CDN costs that are both much larger than text, and scale superlinearly with usage. Then there is moderation, and where the moderation of text is already diffecult and expensive, video moderation either requires massive (and expensive) compute for automated systems, as well large-scale human labor for manual review.

Skylight, the ATProto-based TikTok alternative, crossed 380,000 users this week with around 95,000 monthly active users. The pattern of signups is arguably just as interesting as the numbers itself, with CEO Tori White says that compared to previous signup waves, this one is more sustained, with continuing elevated signups of around 4k new people per day, whereas previous waves had a more spike-and-crash pattern. What makes this possible for Skylight is ATProto’s infrastructure model. Skylight does not need to set up their own complete infrastructure stack, instead it uses Bluesky’s relay, CDN and AppView.

This model, where an app on ATProto can start out as a client, grow its own user base, and gradually built out infrastructure later is a genuine novel pattern that we’ve not really seen before. It does create dependencies however, where Skylight’s existence is contingent on Bluesky’s continued funding and moderation.

ActivityPub has it’s own TikTok-style video platform with Loops, which has a different path to viability. The fediverse model assumes instances run by independent operators, which are largely hobbyist volunteers. This works well enough for text-based platforms, where costs are manageable. For video at scale, the question of ‘who is going to pay for this’ becomes unavoidable however. Loops cannot bootstrap on shared infrastructure the way Skylight can, and each instance must bear its own costs from the start. This means for Loops to become a meaningful TikTok competitor, someone needs to commit serious money to operate a video platform at scale.

Twitter’s ownership transfer has become an integral part of the story for both the fediverse and the atmosphere. It established the concept that growth for these networks happens as a result of people ‘leaving’ Big Tech platforms, and that decentralised open protocols are a recognisable alternative. TikTok’s ownership transfer is unlikely to produce the same dynamic. The structural differences, namely the lower visibility of what your ‘network is’, the lower presence of political signals and the much higher cost of video infrastructure all suggest that the dynamics will be different. This does not mean that platform migrations won’t happen, but does mean that it will be driven by different forces, and produce different kinds of communities as well. Skylight’s sustained growth indicates that people are aware of the issue and looking for alternatives. TikTok will likely not produce another Twitter effect for the open social networks for structural reasons, and video on open social networks might have to grow without one.

#nlnet

https://connectedplaces.online/reports/fr151-tiktok-wont-be-another-twitter/

Laurens Hof Jan 23

FR#150 – On ICE, Verification, and Presence As Harm

The U.S. Immigration and Customs Enforcement, ICE, became one of the most-blocked accounts on Bluesky within days of receiving its verification badge handed out by Bluesky PBC. The account itself has not posted anything, because it does not need to, with the presence being the point. ICE joining Bluesky was part of a moment in November 2025 where the US regime decided to antagonize the ATProto network by having multiple organisations, including the White House, join the network. They quickly lost interest again however, and most accounts have not posted anything over the last two months.

The decision by Bluesky PBC to verify the ICE account, two months after registration and without the account being active, lead to quite different responses for the fediverse and for the ATmosphere. On the fediverse, the choice by Bluesky PBC to lend legitimacy to ICE was a final nail in the coffin, with loud declarations to disconnect from Bluesky and block the bridge between these two networking protocols. Mastodon founder Eugen Rochko was the most notable account, who publicly declared to disconnect from the bridge.

Within the ATmosphere, the response focused on two parts, both a frustration with Bluesky PBC verifying the ICE account, as well as a call to block the account en-masse, which led to the ICE account quickly becoming one of the most-blocked accounts on the network.

The difference in response between the networks provide an insight in how both the ActivityPub network and the AT Protocol network have very different underlying assumptions, where these obscure difference in network architecture lead to diverging outcomes in social structure and behaviour.

In the ActivityPub model, servers are understood as opinionated communities or places, that choose to connect with other communities. Federation is optional and based on a match in values between the connecting servers. This value-question is baked into it’s network structure, and makes it clear that every individual server is a non-neutral place.

(As a side-note, the fediverse as-it-exists struggles with this model, with Mastodon being uncomfortably stuck between the marketing material promoting a network-of-communities with shared values, but the software having a deeply ingrained mental model of ‘lets-federate-with-everyone’, which in itself explains a fair amount of conflict in the fediverse over the years).

ATProto takes a different approach, by separating the base layer of data storage from the application layer. The base data storage layer is designed to be neutral infrastructure, where data lives in Personal Data Servers. This data is ‘neutral’, in the sense that it is permisionless and anyone can set up a PDS without permission. The applications built on top of that infrastructure are assumed to be opinionated and not neutral. Every ATProto application takes a subset of the entire network of data, and can be opinionated about what they surface and to whom they present this.

This creates a sense of ‘neutrality’ at the base layer (hello to all the people whose eyes start twitching every time they read the claim that social software can ever be neutral), with value-based and opinionated apps build on top of this base layer.

When fediverse users say they don’t want to be bridged to Bluesky, they’re applying an ActivityPub mental model to ATProto infrastructure. In one sense this is a bit of a category error, the bridge connects to networking infrastructure, not the application. This way your’e not just refusing to federate with the Bluesky-the-app but with the entire ecosystem, including apps with different values, such as Blacksky or Leaflet.

But in another sense, this shows the issue with bridging between these two networks, and how this is not just a matter of networking architecture, but of how network architecture leads to different mental models that are not always compatible with each other.

The choice by Bluesky PBC to give ICE a verification checkmark shows that while the company has built systems that enable the ‘neutral infra, opinionated apps’ model, their operational choices fall back to a 2010s mental model where the platform itself is the neutral ground, where everyone, including Trump, is welcome.

Bluesky’s Community Guidelines lists the two major principles as ‘Safety First’ and ‘Respect Others’. It is somewhat unclear how the presence of a fascist police force that is actively working to instigate civil war aligns with the principles of safety and respect that Bluesky supposedly champions.

When it comes to actual rules in the guidelines, it is all about user behaviour and the content on Bluesky. The problem is that it is the presence of ICE itself that is already causing the harm. The intimidation of ‘we are here, you cannot escape us’ is the point, and the accounts by the regime are deliberately trying to provoke an outrage. The account doesn’t need to post anything that violates the rules because the intimidation is the presence itself. Bluesky’s Community Guidelines emerged from a moderation paradigm that moderates content (its called content moderation for a reason), and has a structural blind spot for presence-as-speech. Fascists intuitively understand this difference, and are skilled at exploiting it.

The problem is that there is no easy fix for this either. Bluesky board member Mike Masnick formulated this as Masnick’s Impossibility Theorem: Content Moderation At Scale Is Impossible To Do Well. And if content moderation on a platform is already impossible to do well at scale, it is even more impossible to do well at scale when off-platform behaviour were to be considered. Which makes it understandable why a Trust & Safety team would not want to consider off-platform behaviour when enforcing rules.

But Bluesky’s own open protocol makes this all the more difficult the further the network grows. If a fascist publishes a nazi blog under the standard.site lexicon on their own self-hosted PDS, should Bluesky PBC let this account use their Bluesky app? According to the current Community Guidelines the answer is yes: “These Guidelines only apply to social networking that happens on Bluesky. If you’re using another social networking application on the AT Protocol that isn’t Bluesky Social (a “Developer Application”), the terms and conditions of that Developer Application will govern your experience. We are not responsible for the content or practices of Developer Applications.”

The fundamental problem is that the way Bluesky is set up, both the company and the app, it is virtually impossible to do moderation that takes off-platform behaviour into account. But if you don’t take off-platform behaviour into account, your principles in the Community Guidelines of Safety and Respect lose their meaning.

The second issue here is that not only let Bluesky have ICE have an account, but that they felt the need to verify this account, after the account had been dormant for a while. Verifications via checkmarks are ostensibly to prevent against misinformation and impersonation, but in practice their main use case is to signal social status, endorsed by the verifier.

Bluesky’s verification system was explicitly designed to distribute trust rather than concentrate it. When launching the system in April 2025, the company wrote that trust “emerges from relationships, communities, and shared context,” not just top-down from platforms. The Trusted Verifiers feature allows independent organizations to issue verification badges directly.

This design of the verification system is a good example of the infrastructure/application separation of ATProto, where verification doesn’t have to be a network-wide decision made by Bluesky PBC. Instead the system allows for multiple verification sources with different values and criteria, letting users decide which verifiers they trust.

For government accounts, Bluesky had options. They could have delegated verification to a news organization, a government accountability group, or some other entity willing to take on that role. They could have let ICE exist as an unverified account, authenticated only by its domain handle. Instead, after nearly two months of apparent deliberation, Bluesky PBC verified ICE directly.

Bluesky PBC built a system designed precisely for moments like this, where verification decisions could be distributed and delegated to other actors, rather than centralized. And then, the first time it could have meaningfully applied that distinction, the company defaulted to acting like the platform that decides who gets legitimacy, where they themselves wanted to be the ones that verified ICE.

Let’s be clear here: ICE is conducting a reign of terror, committing excessive violence and murder, with the blessing of the state for its officers to not be bound to the law, with the explicit purpose of baiting people into committing violent responses and stoke the flames and possibility of civil war. The very presence of ICE is to cause terror.

And if your social networking guidelines say “sorry we can’t do anything about this”, something has gone pretty wrong somewhere, in a way that goes beyond just this individual decision itself.

So when fediverse people apply an ActivityPub-style mental model of networked communities to an ATProto model that separates infrastructure from application, how wrong exactly is that, when the company that has built the tools for that distinction does not operate according to them when the pressure is on?

The case of ICE shows two unresolved problems that will only intensify as the ecosystem grows: how to deal with abusive behaviour that happens outside of the app (and especially if it happens outside of the app but on-protocol) but causes harm on it, and how in a world where fascism is a real and existential threat, harms on social networks have evolved from not only being content-based but also being presence-based.

#nlnet

https://connectedplaces.online/reports/fr150-on-ice-verification-and-presence-as-harm/

Laurens Hof Jan 16

Fediverse Report – #149 – On Protocol Governance

The W3C has announced a new Social Web Working Group, starting January 15, 2026, to maintain and update the ActivityPub protoocol. The group will be chaired by Darius Kazemi, who created Hometown Mastodon fork and the Fediverse Schema Observatory. The aim of the Working Group is to release updates to ActivityPub, and its specifications such as Activity Streams and Activity Vocabulary. Most of the work on the protocol is scheduled to be done by Q3 2026, with the Working Group running until January 2028.

To understand why this matters, some context on how the W3C operates is necessary. The standards organisation distinguishes between Community Groups and Working Groups. Community Groups are open to anyone and serve as incubation spaces for ideas. Since 2018, the Social Web Incubator Community Group (SocialCG) has been the steward of ActivityPub. While Community Groups serve as a grass-roots place, they are very limited in publishing official documentations and formal updates to protocol standards. Working Groups, by contrast, are the bodies that can actually publish official W3C Recommendations, meaning formal standards. Participation in Working Groups is restricted to representatives of W3C member organisations (which pay membership fees on a sliding scale) and invited experts approved by the chair.

ActivityPub became a W3C Recommendation in January 2018, and the protocol work was done by a Working Group. After ActivityPub became an official W3C specification, this Working Group disbanded, and the SocialCG was formed. Since then, the specification has not been formally updated, despite significant implementation experience revealing ambiguities and missing features. The SocialCG has maintained an errata document and developed extensions through the Fediverse Enhancement Proposal process, but these carry no official W3C status. The new Working Group changes this by providing a formal path to update the core specification.

Fediverse advocates regularly point to ActivityPub being a W3C standard as a mark of legitimacy, but for the past seven years the organisational structure that created the protocol has also prevented necessary updates to it. The W3C has done a massive service to the community by holding space for the creation of the protocol in 2018. But since then, the same organisational structure that allowed the protocol to be created also slowed down necessary further work on ActivityPub. This shows up both in errata documents not becoming part of the formal documentation, but also larger work on the Client-To-Server part of the ActivityPub needing more work in order to be suitable for larger adoption.

The new Working Group for ActivityPub changes this situation, and there now a formal path to update the core specification, incorporate errata, and potentially advance new work like LOLA (Live Online Account Portability) to official status. LOLA is a proposal for server-to-server account migration that would allow users to move between ActivityPub servers while retaining both their posts and their social graph. Unlike the current Move activity that only migrates followers, LOLA would enable full content portability. The charter includes LOLA as a potential deliverable, which means it could become an official W3C specification rather than remaining a community proposal.

The are some major complicating factor however, and that is about who actually gets to make decisions. The Community Group lacked power to make official chances to ActivityPub, but it did provide an open place for anyone to participate. In contrast, the Working Group requires participants to either be a paid W3C member or to be an Invited Expert. There are only two organisations that are active in the fediverse that are a paid member of the W3C: Meta and the Social Web Foundation. With the Social Web Foundation also receiving funding from Meta, the company that built Threads now has more institutional standing in ActivityPub governance than any of the organisations actually building open fediverse software. Mastodon gGmbH, Framasoft, and others are not W3C members and cannot participate in the Working Group unless they are invited.

This is by all accounts an extremely funny outcome for a network that aims to be independent of Big Tech’s power.

A few nuances to this. It is unclear if Meta will actually participate in the Working Group, and considering they recently put their Threads<>fediverse integration on maintenance mode, there is a good change that Meta has no interest in actually participating. The Working Group also has yet to communicate who the Invited Experts will be. It could theoretically be that Meta is absent from the group, while Mastodon and Framasoft employees are invited to be part of the Working Group.

Another challenge for the W3C Working Group is that there has long been a disconnect between ActivityPub protocol development and the people creating ActivityPub software. While the above makes it sound that fediverse developers are excluded from the protocol development process, the practical reality is also that the developers of the main fediverse platforms like Mastodon, PeerTube and Lemmy have shown very little interest in engaging with the process when it was openly accessible under the SocialCG. This is illustrated by the meeting last year in which the SocialCG voted to charter a Working Group, where no member of any of the fediverse platform developers was actually present. There has long been a disconnect between the people who develop ActivityPub software and the people who maintain the ActivityPub protocol, with only a few notable exceptions.

This matters because of how W3C standards work. The charter’s success criteria states that updating the Recommendation requires “at least two independent implementations of every feature defined in the specification, where interoperability can be verified by passing open test suites.” The Working Group can propose whatever changes it wants, but for those proposals to become part of the official ActivityPub standard, they need to be implemented in actual software.

LOLA, the proposal to improve account portability, is a clear example of this challenge. Already in fall 2024, Lisa Dusseault, the author of the proposal, said that the specification was ready for developers to start testing implementations. The main bottleneck since then has been getting organisations like Mastodon interested in actually building it. The protocol work is largely done, but what remains is the persuasion and coordination to get implementers interested in using it.

The importance of protocol maintenance and further development of ActivityPub points towards responsibilities for software implementors, especially Mastodon as the dominant ActivityPub implementation. Mastodon’s choices become de facto standards whether or not the project engages with formal standardisation processes. The most clear example is how the Mastodon API has effectively taken over from ActivityPub’s Client-to-Server as the dominant protocol that other softwares have to implement. That position comes with obligations, and when Mastodon doesn’t participate in protocol governance, it creates a vacuum where the largest implementer (in this case also Mastodon) is able to set standards for the rest of the network, but without the governance or formal documentation. When protocol development and maintenance in the Working Group happens disconnected from the largest implementations, the specifications that may not reflect implementation realities.

What this situation reveals is that using network architecture to solve issues of power distribution simply shifts bottlenecks rather than eliminating them. A decentralised protocol does not automatically produce decentralised governance, it also moves power to different, less visible places. The W3C membership structure concentrates formal power in ways that don’t reflect the fediverse’s values, while the implementers who could counterbalance that power have largely opted out of the process. The new Working Group creates an opportunity to address both problems, but who gets to shape the specifications of ActivityPub depends on both who is allowed to participate, as well as who is willing show up and do the work.

#nlnet

https://connectedplaces.online/reports/fediverse-report-148-on-protocol-governance/

Laurens Hof Jan 9

X Is a Power Problem, Not a Platform Problem

Happy 2026 everyone. The world’s richest man runs a subscription service to remove the clothing from photographs of children, and I don’t know how to write about it. It’s been just over a week and the global order has already drastically changed, in ways that affect everything, including how open social protocols understand themselves.

Remember 2023 and 2024? When every time Musk did something bad, people got excited because that would lead to Elon Musk Events, with signup waves to Mastodon and Bluesky? And when ‘bad’ was understood be frivolous things like DMs not working? Now in 2026, when ‘bad’ means generating CSAM and NCII on-demand at industrial scale, it’s crickets, and there is no initiative at all to leave the platform anymore. Society is going through the motions of vocal condemnation, pointing at agencies who should enforce something, but then not enforcing anything. It is clear now that actually leaving X is a step too far and unthinkable.

On January 3rd, US forces bombed Caracas, captured Maduro and his wife, and killed at least 80 people. Trump posted photos from a makeshift situation room at Mar-a-Lago showing the raid being monitored in real time. In the situation room photos, visible on the big screen behind Defense Secretary Hegseth, was an X feed showing search results for ‘Venezuela’. Another photo showed the OSINTdefender account on the screen. Few things illustrate the current role of X in our society as well as the heads of the most powerful military in the world, monitoring the X account of OSINTdefender while the CIA director sat next to them in the room.

Grok’s latest update allows people to generate sexualized images of women and children on demand, at industrial scale, generating multiple such images per second. Everyone is aware that this is happening, and continues to happen, as nobody is willing to stop it. Musk’s attitude is to use the crying-laughing emoji on complaints is an indication of how serious he takes the issue. Politicians have universally condemned it in words, calling it unacceptable. What is so maddening, however, is that their actions say otherwise. Governments all around the world are very clearly afraid of picking a fight with Elon Musk and a belligerent US regime.

This fear by politicians is further accentuated by the raid on Venezuela and Maduro’s kidnapping, which shows that the US is now a rogue state that does not care in the slightest about adhering to any forms of law. With realistic further threats being made to annex Greenland by the US, it is in fact understandable why politicians are afraid to take actions against the richest man in the world. When the UK said it might potentially think about enforcing its own laws against X, a US congresswoman threatened to sanction not just Starmer but ‘Britain as a whole,’ calling enforcement ‘a political war against Elon Musk.’ X is both protected by US state power, as well as being a source of US state power.

This widespread societal resignation of ‘guess our government communications now happens on a deepfake porn site’ is maddening, but also points to a deeper issue. We’re used to describing X as a platform, and analyse X accordingly. The photos of X being on the big screen while coordinating the Maduro raid is an indication that X acts as the infrastructure for power, the glue that connects the neo-royalty.

But the refusal of governments around the world to do anything about the CSAM and NCII generation machine, and how other countries get bombed and their leaders kidnapped because it creates content for X, shows that X is about power, and less about a platform.

When Elon Musk took over Twitter late 2022, alternative open social networks gained prominence, and platforms like Mastodon and Bluesky presented themself as alternatives to Twitter’s function as the digital public square. Both networks understood that there was an issue with the idea of having a single platform as a public square, and thus did not copy Twitter fully, but put their own spin on it.

The fediverse and Mastodon focused on there not being a single public square at all, but instead many digital places and communities that interconnect with each other. For Bluesky the solutions were aimed at giving users more control, with composable moderation and custom algorithmic feeds.

What this framing missed however is that Twitter also stopped being the digital public town square, in the years since Musk’s acquisition. Instead, it became the internal coordination space for a political faction that now controls state power. People still treat X as if it is still 2015, pretending it is the town square and using it for everything from talking about sports news to keeping up to date on pop culture. This lends validation and legitimation to X’s new role, facilitating the power of the neo-royalty.

The neo-royalty is the small network of political, capital, and tech elites centered on Trump, and X is their coordination infrastructure. Because they are rapidly gaining power around the world, and are in full control of the world’s military hegemon, you cannot separate yourself from this power infrastructure that X has become. Leaving X does not insulate or protect yourself from the warping effects it has on global power. This goes for both the large geopolitical aspects (see Greenland), and the local impacts, as the Somali families in Minnesota who lost their childcare funding because of a viral X video weren’t on X.

The implicit theory behind the open social web was that platform quality would determine outcomes. Build something that’s better, and in combination with the incumbent getting worse, this would lead to such difference in quality, user experience and safety that at some point people would switch from X to alternatives like Mastodon or Bluesky. This theory held up for a while in 2023 and 2024. In 2025 it started to falter, as Musk aligned himself with Trump, the signup waves to the alternative platforms effectively stopped. In early 2026, this theory is now really over, because X has fundamentally changed. Mastodon and Bluesky are not in competition anymore with the platform X, because X has changed. It changed from being a platform to the power structure for the neo-royalty, with the public square shambling along as a zombie, animated by everyone who still treats X like it’s 2015.

You cannot out-compete ‘where the ruling faction radicalizes and coordinates’ by having better moderation policies or algorithmic choice. X is not a platform problem anymore, it is a power problem, and building a different platform does not solve the power problem.

Other countries will need to leave the platform to untangle themselves from this dependency, and reduce its legitimacy. But the functioning of the neo-royalty is such that other governments taking actions against X will be taken as an offensive action by the US regime, that will likely trigger extensive retaliation. No country seems to be willing to be the first one to move to take action and thus take the brunt of the counter-offense of the regime.

We’re now at a strange stand-off, where it is extremely clear it is unacceptable what X is doing, and governments make a lot of noise about how upset they are, without daring to pull the trigger on taking action. Everyone is waiting on everyone else to take the first move.

This leads to three possible outcomes:

no government dares to take action, and they keep to calling things “completely unacceptable” while accepting the actual situation. Things stay as they currently are, and the world keeps sliding into a more dangerous and harmful place.
One government takes action against X, and the US regime retaliates so hard that no other government will dare to do meaningful enforcement against the massive harms created by X.
One government takes enforcement action against X, creating a permission structure for other governments to also take actions.

All three options have a meaningful impact on the open social web. For the first two outcomes, it further cements X as the place of power for the neo-royalty, further cementing its dominance in the political sphere. This position of power is also what prevents the alternative open networks to become a place of political power in it’s own right. The third option, of mass enforcement, is what creates an opening for open social networks to not just be an alternative, but to be a source of political power as well.

I do not know what the outcome will be, and with how rapidly the world has been changing I do not know which option is likely either. It’s easy to be highly cynical, and that point of view has been extensively validated over the years, but I do choose to hold to hope that we can build a better, more ethical, social internet out of the toxic waste ground of the current state of the internet.

#148 #nlnet

https://connectedplaces.online/reports/a-power-problem-not-a-platform-problem/

Laurens Hof Dec 19

Fediverse Report -#147

This will be the last report for 2025, with a break over the holidays. It seems fitting to end the year with an effective end to the Threads <> fediverse integration. The interaction of Threads with the fediverse was a major part of the conversations on the fediverse in 2024, dominating the mind share and people’s understanding of what the risks to the network are. In 2025 those conversations died down, as it turned out that marginally few people actually made use of the connection. With the year at the close, it also means closing the chapter on the fediverse-Threads story for now (although it might be back some day, you never know).

Thank you so much for all your support and reading Connected Places this year, it’s been much appreciated, and I wish you all happy holidays!

-Laurens

The News

Threads’ integration with the fediverse is on maintenance mode, says head of Threads Connor Hayes in an interview by Alex Heath. Hayes said about the fediverse: ““It’s something that we’re supporting, it’s something that we’re maintaining, but it’s not the thing that we’re talking about that’s gonna help the app break out”. In October 2023, Mark Zuckerberg gave an interview with Alex Heath, who asked him about decentralisation and open protocols, with Zuckerberg saying he “always believed in this stuff“. With the fediverse integration for Threads now in maintenance mode, this must surely be a big blow for Zuckerberg’s belief in decentralised social networking.

Threads’ integration with the fediverse was never popular, especially from the side of Threads. In January 2025 the mastodon.social knew about 25k Threads accounts which had turned on federation. But while that number is already low considering the total number of Threads users, the interest in actually following an account on Mastodon from Threads was even lower: in January 2025, only 800 Threads users followed at least one account on mastodon.social. Threads deliberately made it difficult to follow fediverse accounts, and later updates deprioritised the fediverse feed even more. Regardless, it is not particularly hard to understand why a platform that now boasts about having 400M monthly active users is not putting in much effort to maintain a complex system that only a few thousand people at best make use of.

My take is that Meta and Threads have played the game well. They immediately capitalised on the moment in 2023 when decentralisation and Twitter-alternatives got large-scale attention, and knew how to say the right buzzwords to ride the wave. It got them in the right light for regulators, and gave them something tangible to point out to say ‘hey we’re doing interoperability now!’. The fediverse turned out to be highly vulnerable to such a strategy, a sitting duck for Big Tech companies to pluck some good PR from. That it turned the fediverse against itself, resulting in vicious and endless arguments about whether servers should block Threads, and whether Threads joining the fediverse validated the movement, was only a nice bonus. By slowly rolling out an implementation over the years Threads built their own positive-PR machine, every slight update worthy of a new article that put ‘Meta’ and ‘Interoperability’ in the headlines again. That nobody ever really used the integration between Threads and the fediverse never really seemed to matter, only the hypothetical future mattered. Nor did the press seem particularly interested in reporting on the fact that marginally few people seemed to be using the connection between the fediverse and Threads. Still, the company found itself a place at the table for protocol conversations about ActivityPub, which might pay dividend in the future if the need arises.

GGWP to Mark Zuckerberg and Adam Mosseri, for the skillful execution that helped Meta significantly, nestled themselves into the fediverse were it ever to become useful again, and taking some of the wind out of Bluesky’s sails as well as a bonus.

The WordPress ActivityPub integration has some interesting updates, with better moderation tooling support. You can now subscribe to shared blocklists, where the blocklist of your site will automatically sync with the source blocklist. This is an easy way to keep the moderation process automatic, provided you trust the source of the shared blocklist. The team also shared a sneak peek at a new upcoming feature, an ActivityPub reader. This is a client that turns your WordPress admin dashboard into a simple reader client, where you can see posts from the other fediverse account that your WordPress account follows. This feature is still in development, but the team is looking for feedback. It further cements the move of a WordPress site as a full-featured native fediverse server, that includes not only the technical backend part, but also the frontend of using the site as a fediverse platform.

This move also brings further competition to Ghost. WeDistribute’s Sean Tilley wrote an extensive overview of the current state of Ghost, saying it feels half-baked. One of the main standout features that Ghost has over WordPress is their reader client, but it seems like that it won’t stay that way for long.

Holos continues to be one of the most interesting projects on the fediverse from a technological perspective. The goal of Holos is to run an ActivityPub server on your phone. Because mobile devices are traditionally not particularly suitable for this (changing IP address, not always online), Holos adds a Relay service that mitigates these issues. The project posted an explainer of how it all works here. Holos also changes some long-standing dynamics in the fediverse: in this project, your data lives on your phone, which does mean owning and control over your data is more tangible than when you are dependent on your local friendly fediverse server admin. At the same time, it creates a new form of dependency, where the Relay operator manages your identity. This new type of implementing ActivityPub also introduces new unknowns regarding how account and data portability are handled. Still, experimentation is cool to see, and as mobile phones are the primary and often sole device for the majority of the population, it’s good to see fediverse projects that are even more directly mobile-first.

Speaking about mobile development: PeerTube has updated their app with a new creator mode. This allows people to manage their PeerTube channel, as well as uploading and editing new videos. During an crowdfunding earlier this year, which raised over 75k EUR, one of the specific goals of the campaign was to build a creator mode for the apps. Framasoft, the organisation behind PeerTube, promises even more features for the app, and says they are working on the ability for videos to play in the background, live streaming support, and a tablet version of the app. Publishing apps that allow for video streaming from a decentralised network on the app stores is quite a challenge however, as Framasoft found out: both Apple and Google are restrictive here, which forced PeerTube to limit the number of servers that could be accessed via the app.

Bonfire has completed their crowdfunding campaign, raising 32k EUR for the maintenance of the software. They describe putting maintenance of the software first as a matter of care. With the first implementation of the software, Bonfire Social, now ready and launched as a full version 1.0, there is now space to build and maintain the software for the long run. Bonfire does have a lot of plans (and unmet stretch goals) for growing the project, such as by adding support for groups. However, the first challenge is more practical: convince communities to start running and operating a Bonfire server. While some people are slowly testing out the software, nobody has committed yet to running a Bonfire server in production.

Mastodon says that they have plans to address a long-standing criticism within the community, namely that the mastodon.social server is too large in size compared to all other servers. Mastodon.social has 270k monthly active users, with virtually all other servers having 10k MAU or lower. The only exception behind pixelfed.social, with 60k MAU. This also ignores the two really bad places in the fediverse, Baraag and Pawoo, who are the second and third-biggest Mastodon servers with 40k and 18k MAU respectively. It is not yet known how Mastodon plans to handle this situation

Loops has added a For You feed, an algorithmic recommendation feed for the short-form video platform. While most of the microblogging side of the fediverse focuses on not having algorithmic feeds, short-form videos have different user expectations, leading to creator Daniel Supernault implementing such an algorithm. An infographic describing how the algorithm works is available here.

The Links

This week’s fediverse software updates.
Mastodon is looking for feedback on their upcoming Collections feature, their own interpretation on Bluesky’s Starter Packs.
Mastodon has enabled their Wrapstodon feature, giving you a short overview of your account over the last year.
The schedule for FOSDEM 2026’s Social Web Devroom is now live.
Announcing Key Transparency for the Fediverse.
The Social Web Foundation talks about implementing E2EE over ActivityPub.
An exploration of using ActivityPub’s Client-to-Server part of the protocol (some context on C2S here).
Fedify Developer Hong Minhee made a new logging library.

#nlnet

https://connectedplaces.online/reports/fediverse-report-147/

Blog	https://connectedplaces.online/
Profile	https://connectedplaces.online/author/laurenshof/