> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.
And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem. The fact that such a thing is even possible, and that it's seamless to move from one to the other, gives ATproto a massive leg-up compared to even other federated systems, let alone its non-federated predecessors.
Yeah they're describing a real problem, but the cause of that problem—a seamless centralized sign-up funded by VC money—is the reason bluesky took off to begin with.
Bsky offers an on-ramp to a more decentralized experience, but most people won't pay the money and experience the friction to move take that ramp. Platforms like Mastodon are entirely decentralized, but that means the friction of decentralizing happens immediately upon sign-up. The people who don't want to self-host PDSes never signed up for Mastodon to begin with.
I try to be skeptical, but I feel like bsky (or something like it) is the best way can do re: bringing decentralization to the masses.
>And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem.
If there's nothing stopping anyone from fixing a problem, and yet nobody fixes it, then there's something is stopping them.
Might not be a technical impossibility, or a gun in their head. Could be as simple as inertia or addiction.
But saying "the problem is totally solvable" just because there's a solution available, is pretty naive. Solutions have costs themselves, and not all are created equal or equally feasible.
Maybe there are a ton of people who joined Bluesky because twitter devolved into a room-temperature-IQ right-wing hell hole, not because they cared about federation or whatever.
Everything has trade-offs. Again and again people choose centralized services because they are a better product.
It's exactly that. I have an account on Mastodon that I haven't opened in months. I use Bluesky a couple of times a day. On Mastodon I couldn't find interesting accounts to follow for weeks. On Bluesky I was up and running after an hour thanks to starter packs. Ease of use trumps (what a word!) philosophy for me. And probably most other people too.
BTW I already lost 10 years of posting on Twitter. Did not care for a second. Do people REALLY care about their postings on micro blog sites? It's not like a box of photographs that I would pass to my children on my deathbed...
The relay is not that bad, the only really bad part is building an index, and most apps on the atmosphere have no need to index bluesky records, so the economics for them look very different.
The work towards permissioned data and group-shared data will make it so apps can choose their own levels of "decentralization" of "federation" on atproto primitives. For example, two diametric options
1. An app that is not open source code, but still does all the same atproto credible exit stuff. Naturally leans into winner-take-all
2. An app that is tied to community, think something like Discord, where most servers don't care about what other servers are doing. Each community could run their own version and only care about their data. This is raspberry pi hostable.
Fixing the problem requires 2 resources, the knowhow and the money. People need to know how to execute it safely, and people need to have the disposable income to run their PDS.
Even for tech people in HN, not everyone will have the disposable income to self-hosted every digital life lands on. Somehow, somewhere one may need to use free services paid by VC money.
I feel it enters now in the territory of being more confusing for users and having less adoption.
It's tricky to create a decentralized network for the masses.
I don't think “they” have a whole lot to fix. It's more a matter of people needing to fix their own laziness.
I'll be the first to admit I'm guilty of this, too, and still haven't gotten around to moving my main account to a self-hosted PDS (though I've at least taken the steps to backup my CAR and set my own rotation keys, such that if my PDS goes offline or hostile I can still migrate away from it).
Yeah I’m the guy quoted in the opening of the article.
Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.
Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.
I'd like to encourage anyone who is wary of Bluesky to check out Paul (and Dominic's) back-in-the-day project Secure-Scuttlebot which solved most of the issues that Bluesky suffers from by using content addressable storage and signing key cryptography correctly.
The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc
I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.
> Secure-Scuttlebot which solved most of the issues that Bluesky suffers from
I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB
For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.
Jay's unfortunately not wrong about that. Hitting that balance between “so secure even I can't access it anymore” v. “so convenient that cybercriminals can access it, too” is less trivial than a lot of the “just use keypairs” crowd likes to admit — even for those of us with many years of experience working with SSH and PGP keys, let alone people who haven't the slightest idea what a “keypair” even is.
Considering how hard it has been, and to some extent still is, to run your own Bluesky instance, the main problem is that it automatically becomes centralised in a way that no open protocol will solve.
If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).
I don't seem any claim in GP's comment that it would make it decentralized. It does seem, by looking across your comments in this thread, that
(1) You feel very strongly about what decentralized means w.r.t. social media, bluesky, and the PLC
(2) ATProto accepts that it's not planned to be as decentralized as some want, and that it is currently centralized with secondary validators.
(3) No answer or plan for the PLC is going to satisfy you. Nor is any argument you make going to change the plans for identity in ATProto for the foreseeable future.
This is all fine, people can have different perspectives and work/play in different ecosystems, no one is right or wrong. This is precisely why there are multiple protocols out there and bridges between them.
May I then ask why you keep making comments to the same effect aas those you made in the post and multiple times here ~12h ago?
The whole premise of a free social media protocol is that it is resistant to hostile takeovers. All issues stem from this.
1. I absolutely feel very strongly about decentralization. If there is a part of the stack that isn't it opens up the whole project to the kind of issues I'm talking about in the blog post.
2. Then it is not made to be resistant to the above problems
3. Actually, this is where you are wrong! If atproto implemented a more robust, decentralized default identity system I would be a very happy camper.
I make comments because I care about the subject, obviously. I use Bluesky a lot and I don't want it to end up like Twitter.
Does the existence of did:web make it decentralized? You don't have to use the centralized identity provider at all. And if you own a domain why would you?
When reading any essay about the perils & merits of Bluesky's architecture, save yourself some time by searching for "Blacksky" in the post. If they don't address Blacksky, more than likely the author's understanding of the space has major gaps.
(Blacksky is the/one of the furthest along in building competing versions of each part of the AT proto stack.)
But how is that 'decentralized' which was the entire point of Bluesky and the AT protocol to begin with? We're just back to running centralized services. Without decentralization this is just XMPP with extra steps. You might as well just run something like Movim and save yourself the hassle.
There's "decentralized" in the sense that every device runs the whole stack. In an analogy to another protocol, this would be like running SMTP and IMAP on your phone and laptop.
Then there's "decentralized" in the sense that the protocols that govern are open and anyone can plug in without permission. This is how email works in practice. Most people do not choose to run their own email servers, but they nonetheless benefit from the fact that people who are interested can do so and provide email service.
is really to find a good enough middle ground that has competitive enough UX to get people off of the fully centralized, locked in social media providers. In the broader context, ATProto to me means user choice and provenance, which ATProto does better than any other protocol. See all the parts beyond just data hosting, where the entire distributed system is plug-n-play. [1]
ATProto not being purist, preferring pragmatism, is what attracts me over alternatives like AP and Nostr.
Sorry, meant say that Blacksky is much more important than the metrics you point to, with more detail on that wiki.
They're the first alternative full stack, the first alternative AppView, and that is something that the author should have mentioned. However, it weakens the argument so they left it out.
"Number of contributors" has never meant impact. You wouldn't dismiss openssl or curl, ya know?
Does it require people change defaults? If so then 99% will never use it.
A system or protocol is whatever the easiest user journey is. Anything outside of that will never be seen by many users unless there is some value to be gained by going there. And that value has to be something gained now, not a hypothetical like insurance against future closing of the network. People don’t like to buy insurance.
I think these are reasons that Mastodon and Nostr aren't ever going to have a critical mass of users, remaining a niche thing for people who care about the hypotheticals (which is fine). Imho, BlueSky is the only distributed social media project that has a chance of meeting users where there are with usable search, realtime discoverability, and other consequences of centralizing event-busses.
People wine about BlueSky being too centralized, but the fact is that this type of infrastructure isn't self-hostable. You can do social-media over email a la Mastodon (which admittedly is pretty great), but most people will trade that for a walled garden.
The big problem is that all this AT infra is pretty much charity, which doesn't feel sustainable. I wish it could be funded more like public libraries than ad tech.
25G < PLC postgres < 100G, depending if you want to keep all the spam operations (> 50%) and/or add extra indexes for a handle autocomplete service (like me, takes it over 100GB with everything)
Repo data (records) is in the double digit TB range (low end, without any indexing, just raw)
Blobs are in the Petabyte range.
I aim to find out current and accurate details soon.
Bluesky works because people are told "Go to Bluesky" and they hide the federation. When you're told go to Mastodon and pick mastodon.social or any of the hundreds of other servers, you've lost. For some reason, the federation fans never understood this. I remember an interview with Diaspora's developers and they couldn't stop talking about how people can run their own servers.
Dude.
I have two friends who left Twitter for Bluesky. One's an HR rep and the other is a business analyst for warehouses. Does anyone think a selling point for them was that they can run their own Bluesky infrastructure?
> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.
I don't get it. What is this supposed to mean? Is the author implying people won't leave Twitter? If it's true then this whole article is pure waste of time: if people won't switch to BlueSky anyway then why should we be wary of it?
BlueSky is a direct alternative to Twitter. The UI is a spitting image of Twitter's. The whole premise of BlueSky is that people will leave Twitter when it goes bad.
> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.
Yeah, it played out with my whole social circle leaving, as evidenced by the fact that all my friends link me to the bluesky post whenever there's something happening now.
I might be misunderstanding something about atproto, but isn't it always possible to export data from bluesky because all it takes is reading your data, which is done by any app interacting with your pds anyway? If they block that, they're blocking atproto functionality entirely, no?
> If they block that, they're blocking atproto functionality entirely, no?
Keep in mind, twitter got rid of their API. Google got rid of XMPP federation. Bluesky breaking or defederating atproto wouldn't impact most users, so they'd probably get less outcry than those examples.
Bluesky is architected so you can export your data and follows and followers to your own or someone else's infrastructure at any time. There are some groups that have taken that offer and moved off of Bluesky's infrastructure (see Blacksky). The fact that most people aren't doing that is a sign that people are happy with how Bluesky-the-company is running things. What's the issue?
And Bluesky is better because you're not locked in and can export your posts, follows, and followers off of their infrastructure if they start being evil or you randomly feel like it. Companies like Twitter effectively wield network effects to stop people from leaving. All of one's activity on Twitter increases the sunk cost to keep them on Twitter in a way that's not true for Bluesky.
I recognize that Bluesky is at present more open than Twitter and that all of the necessary building blocks for the infra are publicly available. That's good of course.
However I think the view you expressed there is misguided. If Bluesky locked out third party infra tomorrow presumably the vast majority of people would not move. Thus vendor lockin via network effects remains. (Ie you are always free to leave but you'd be moving from a metropolis to a backwater.)
The only scenario where this isn't true is one where no more than a few percent of the people you interact with reside on any given node. By that metric small AP nodes pass while large ones such as the flagship Mastodon node fail. Similarly Gmail and Outlook fail while any self hosted mail server passes.
> [..] machine-readable archive of information associated with your account in HTML and JSON files. [..] including your profile information, your posts, your Direct Messages, your Moments, your media ([..]), a list of your followers, a list of accounts that you are following, your address book, Lists that you’ve created, are a member of or follow, [..], and more.
(Note that I actually elided some additional things that are included in the export, for readability's sake.)
You can't actually use your followers and following list from X on other sites. With Bluesky, you can move your profile onto other infrastructure, continue to see posts from people you follow, and make new posts that your followers still see like nothing happened. It's like how if you own your own domain name, you can set your MX records to whatever email service you want and change it when you want without affecting anyone you're having email conversations with.
Ah, I see. Your use of the term "export" made me misunderstand. Though now that I've thought about it for a few minutes, I'm not sure what verb makes sense [to me] there. I guess "migrate?"
whether you agree or not, asking "what's the issue" misses the point very badly, since the article is almost entirely about what the issue is (i.e. that most people will not change defaults and the default is to centralise on the bluesky servers)
The fact that the system is built around this escape hatch makes it miles better than almost all other social networks. An escape hatch doesn't need to be used by most people to be valuable.
I know when I’m using a Nostr app because its logo is an endless spinner.
At the scales these systems run at, you need large indexes. Distributing those indexes across many nodes would require a breakthrough in federated queries, and if you have one of those lying around I’d pay good money for it.
yeah I'm not saying the blog is right or wrong; I'm just saying that describing bsky's features and asking "what's the issue?" means you aren't engaging with what it's actually saying.
> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.
But people do and it is reportedly fairly easy so the majority of people are on Bluesky's layers while all is well. But also I don't understand why any of this is a reason to be "wary", it's a great place to be with some unique technical properties - it is way more "open" than any other platform of similar scale.
At this point I despair at anyone who doesn’t understand that the problem isn’t the specific architecture, it’s social media as a scaled up, algorithmically driven concept. Stick so many people on one social graph that can’t possibly be effectively moderated by humans and it will turn into the same pit every time.
Who would've thought true decentralization means everyone hosting their own server? Yes, each user would have to pay and maintain it, but that's the cost of decentralization. ATProto at least makes it easy to jump ship if shit hits the fan and not have to start from scratch. Try doing that with Twitter/Instagram/Etc.
That portability issue was a direct answer to ActivityPub
I will give AP folks credit, they have looked at the success of ATProto and found parts they also think are good ideas and are bringing them back to AP.
I'm not sure if the same can be said about Nostr, I keep my distance from that crowd. I wonder if this submission is reflective of the larger Nostr community or if it's one person who wants to write a put-down piece.
Whereas if Bluesky went evil tomorrow only the “acquired a weariness” part would happen, given that it's straightforward to move to a new PDS and take the entirety of your personal data and social connections with it.
The appviews are interchangeable; any appview will work with any PDS. Whatever appviews my followers and followees end up using, they'd still be able to see my posts, and I'd still be able to see theirs.
All software has trade offs. The “for you” feed is ran on a home server, this is already imho a better situation than other systems. This could be cut off. But it could also be stood up again.
There are specific steps Bluesky could take to decentralize the network. These are going to sound extreme but I agree with the article that it will never decentralize on its own. (Nothing will ever decentralize on its own so this isn't a criticism of Bluesky specifically.)
1. Strongly encourage backups.
2. Force users to migrate off the "official" PDS until it has less than, say, 40% market share.
3. Make the mobile apps use third-party relay/appview by default (could be randomized).
Or invert this, and make it local-first. It's your data, and publishing it to a network is a form of backup. Either that, or the client holds a local copy by default.
The data is local-first, but it's designed so that you publish to online networks. The point is to invert the current model of putting your content into someone else's network and hoping for the best, or expecting users to remember to run some manual backup that's probably going to be a pain to do anything with.
If you get rid of data portability, then isn't it basically a Mattermost server? What is the alternative without going full Nostr where you have to manage all the cryptography yourself?
Either you handle the cryptography for the user AND allow them to DIY it or your target demographic is purely crypto anarchists willing to put up with a shitty UX.
Bluesky isn't my bank records, isn't my photo archive, isn't my github, isn't my Documents folder.
I don't care if Bluesky goes away, gets bought, whatever.
Social media is disposable like a retail outlet. I'm sad if the coffee shop around the corner goes out of business, but there are 99K coffee shops in the US. I can go to another one.
As it is, I don't use Meta or X.. because they're led by despicable beings. Bluesky gets a pass for now, and has enough interesting people that I show up and have a chat. Like a coffee shop or a bar.
Social media should be treated as disposable. Anything that is not yours (as in, is hosted by someone else - for free) should be disposable. In fact id even argue that any media should be treated as disposable. You wouldn't hoard all the material things your accumulate in life, why would you hoard random tweets, comments and reactions forever?
If its worth it, surely you'll find a way to keep it in a way that doesnt demand a third party to do it for you for eternity, no?
"Switching costs" man... people move between countries with vastly different languages and cultures and they adapt, make new relationships, refresh ideas. Is switching from database A to database B that difficult really?
This feels like the healthiest take (other than just opting out of social media entirely). I wish there wasn’t this tension between scale and freedom/diversity. I wish the dynamics of tech were a little less winner-takes-all. But such is the nature of global digital distribution. Decentralization and local-first are nice ideas but they create a pretty high barrier to entry that keeps a lot of interesting people out. If I’m going to be on social media I don’t want to be in a cesspool like Twitter but I also don’t want to be an idealogical hobbyist bubble.
This is totally what atproto offers, see my peer comment to yours, then come back and read this.
I'll add here that there are a bunch of experiments going on which aim to break down apps into features. One example is DMs. Ideally all apps can use the same DM infrastructure (MLS based) and as a users, my DMs are the same in any app as my dedicated messenger app. Many people have had the idea to build a "browser" and any app can use bits of another (leaflet blog publish creates bsky post). Some cool experiments around things that look like web components, where you can create records that express a way to render something.
Another place user vs app choice comes into play is around the graph itself. One of the early dreams of app builders was that there is this existing network and you don't have to bootstrap a social network from scratch. While this is partially true, it does turn out reaching network effect is not so easy. Around this, there is a multi-camp debate on whether apps should reuse social graphs or not, one specific example of this is should an app automatically, upon request, or not at all: start from a user's existing social graph.
This is where I'm at, but it would be nice if it had some more longevity to it, as there are costs to switching to the next thing and the thing after that.
I think it's important to separate Bluesky the company from atproto & "the atmosphere", i.e the collection of apps, feeds, labellers, relays, jetstreams, and other participants in the network.
The atmosphere and the PDS are definitely trending towards a single database for all your things. All of the examples you cited are being worked on in one form or another. I'm personally working towards a Permissioned PDS which can power Google Workspace like experience on ATProto, where there is an existing understanding of how sharing, visibility, roles, and permissions work across groups of people (IAM). Permissioned data unlocks an entire (majority) of applications people want to use, but won't until they can do it without broadcasting everything. There are a number of ways this may play out, several will materialize as options, i.e. some apps need e2ee and others cannot have it for the experience they want to deliver.
The overarching ethos is user or individual choice, paired with credible exit, enables real competition. Let's go wild, build all new apps, and let the people decide what they prefer. More indie, less winner take all
I always wondered why people don’t adopt protocols like Nostr as much? At least with nostr you know you can use your private key on any other platform that supports it as a valid auth.
The other problem of who owns the relay where the data is stored still exists. One way to solve this is a scheduled query of your data and keeping a local dump
Left usenet, left IRC, left LiveJournal, skipped MySpace, left Facebook, left the blogosphere, will leave Twitter and BlueSky. You’re either in touching distance of grass or you’re not, none of this matters.
It's also the best place to subscribe to artists and generally find them.
It's also strange that this is not mentioned, but in X it's easy to customize the feed for yourself and block what you don't like. I only see what I'm interested in, and I've never come across any content lately that I'm not happy with.
True p2p is the only approach that will work, not federation. I'd go futher and make the protocol high-friction for federation.
It's true that many p2p attempts have failed, but it's also the only solution that doesn't require someone running servers for free. There's evidence of success as well: napster (and bittorrent). Both were wildly successful, and ultimately died because of legal issues. It might work when the data is yours to share.
I can't imagine a world where a p2p social network is practical. Not when each node is an unreliable mobile phone that's maybe on cellular. Even with something like ipfs you have pinning services, bittorrent has seed boxes, because pure p2p is impractical.
I sort of agree, but federation is good. It's funny that you use bittorrent as an example because it involves every single user running servers for free.
If people can both be an origin for content and a relay for content, and modulate the extent to which they want to do either of those things, there's not really much of a difference between "federation" and "true" p2p. Some people will be all relay, and some people will be all content. Some content people might be paying relays, and some relays might be paying content people. Some relays will be private and some relays will be public. Some people will maintain all of their own content locally, and some people will leave it all on a specialized remote server as a service and not even care about holding a local copy.
Also, browsing would either have to be done through a commercial or public service (federation again), or through specialized software (no one will ever use this and operating systems will intentionally lock it out if they see it as a competitor.)
The problem with wishing this all into existence, though, is that bittorent (not dead) exists and is completely stagnant. There is often a lot of talk about improving the protocol, and the various software dealing with it, and none of it gets done. If bittorrent would just allow torrents to be updated (content added or removed), you could almost piggyback social media on it immediately. It's not getting done. Nobody is doing it, just writing specs that everybody ignores for decades.
So I guess my belief is that "true p2p" is a meaningless term and target when it comes to creating recognizable social media. "True p2p" would be within a private circle of friends, on specialized software. Might as well be a fancy e.g. XMPP group chat; it's already available for anyone who wants it. Almost nobody wants it. Telegram, Whatsapp, and imessage are already good enough for that. They may not be totally private, but they're private enough for 99.9999% of people's purposes, and people are very suspicious of the 0.0001% who want something stronger.
I actually think you're using "true p2p" here to sort of handwave a business model into existence (trying to imply mutuality, or barter, or something.) Whereas I think the business model is the part that needs to be engineered carefully and the tech is easy.
For someone to come in and buy Bluesky and then hold everyone’s data hostage, then Bluesky would actually have to have enough value that someone would want to buy it.
This never-ending whining about oooh but my data ... for a service that you can use for free is nauseating.
This is a for-profit company running this service. It ain't free to operate.
If you don't like that, go elsewhere.
If there is one thing that has been a resounding success on the internet it is this: free services that you pay for with your clicks.
Just look at the plethora of free services you get.
In no other economy would that be even remotely possible.
I do advocate for using other networks (specifically Nostr) that are not designed like this, but the network effect is big and most of my friends are on Blue Sky because they have been lured into a false sense of “it’s decentralised, I can just move! If something bad happens”.
The reason they are on Bluesky is that it just works, its client just works and the barrier of entry is low. Oh, and others they want to follow are on there. That's it.
No regular user cares about - oh my data, it is stored centrally, how evil!
That is just not a problem most people have. Like at all.
> Email is an open, federated protocol. Anyone can run a mail server. In practice, running your own mail server is painful and everyone just uses Gmail. The protocol being "open" didn't prevent centralization.
This is an odd take and hard to agree with. I have never seen anyone complaining that email is a centralised service. GMail might be among the most popular solution, but there is a number of other solutions for "regular consumers", and many institutions, governments, etc. all run their email servers.
The question of whether the users are actually ready to defend is irrelevant if the attackers look at the defenses and decide that an attack isn't worth mounting. As we have learned, this is not a credible threat:
> It will be hard, but we'll self host if we have to
Bluesky offers:
> It will be easy-ish, and we'll self host if we have to
We shall see if it's credible enough to make corruption look elsewhere.
> If an acquirer disables exports, it doesn't matter that the tools existed yesterday.
Don't they have to give you your data upon request? And the cheapest way is to offer an export function? Wasn't this thanks to the EU (GDPR Article 20)?
They can give it to you in the least useful way imaginable and will. What we want and expect is an export that can be easily imported to some other provider and that's where the "good guys" can differentiate.
I can export decades of web browsing history, bookmarks, logins, etc. and import into any other browser with almost no trouble at all. Try to export your mainstream social network (facebook, twitter, insta, tiktok, etc.) content and connections and import it into another social network and let me know how that goes.
Also, at best this says not to host your data on someone else's computer and keep control of it, which is a thing Bluesky explicitly supports and encourages.
With all the talk of LinkedIn’s problematic verification process and potential issues with Persona verification service being linked to Peter Thiel, I wonder why a social network like Bluesky couldn’t replace LinkedIn. What would it take?
Good points, but what's the alternative at this point?
Because of network effects, more users is generally more interesting. Blue Sky has "enough" at this point for me to be happy there. Programmers like antirez, my bike racing people like inrng, my city's mayor and one of our city councilors, and also a bunch of urbanists.
Edit: you lose some connections moving around, but I've also had friends I've known since the days of IRC. I think I'm mostly resigned to picking whatever works best in the moment and being willing to move (like abandoning Twitter) when it's not working.
That's just not practical for most people (the publishing part).
And in relation to microblogging, are you going to publish every 140-character, out-of-context thought on your personal website?
There's other syndication models, although POSSE gets talked about most.
If you don't want to get your own domain and run a server (not practical for most people) you can still protect yourself from being stuck in a single silo by broadcasting to many social media sites.
And the atproto is pesetas right? You publish to bluesky or whatever and the content is replicated to your pds.
I recognize the minor difference, but if you have the energy and wherewithal to orchestrate pesetas across silos, surely you can setup a pds elsewhere.
I think of PESETAS as more defensive than what a single protocol can handle. Imagine posting to Bluesky and using automation to syndicate the post to Twitter, Facebook, Mastodon, Threads, and more. If Bluesky goes evil, or you otherwise decide to ditch it, you've mitigated the network effect as you have followers on other platforms already. People can still find you and your content isn't lost.
Imagine if Bluesky decides to ban you, and continues to ban accounts you create elsewhere. Atproto ensures non-Bluesky PDS can see you, but you've lost 99% of the userbase.
There's an ATProto project the main blog sites are working together on around distribution and syndication. It also has places for the off-protocol sites people post or publish.
I can’t comment on the “critical mass”, since I haven’t got the numbers. But what exactly does “accessibility” mean in this context? What are the challenges of opening an account in mastodon.social?
It's the same challenge as picking an email server, which is why no one does that.
...
Seriously, joining Mastodon is not particularly difficult; people just freaked out a few years ago at being asked to pick a server to join. The joinmastodon.org website has gotten a lot better at explaining what that means and just directing people to mastodon.social if they don't want to pick something more specific, but the "oooh, this extra step makes Mastodon super super scary, if you pick wrong YOU ARE DAMNED FOREVERRRRRRRR" vibe persists.
The first challenge most people have when starting AP / Mastodon is that they are presented with a choice "pick a server" before anything else. That's what I hear most often anyway.
The other challenge that AP has as an ecosystem is that they have been hostile to anyone wanting to build an index or business. People need to eat and they turned off a lot of developers who'd love to make their living building social media tech outside of the corporate oligarchy.
ATProto welcomes all, even if there is the occasional drama or hostility.
I mean, I explained in my original comment exactly why it is not a dead end for me. It has 'enough' of the things I'm interested in to make it worthwhile.
I hear you but if you think about it who else has an incentive and skills to create something like Nostr? Who are the people interested in free speech, signatures and decentralization and with the skills to pull it up?
And since you mentioned primarily Bitcoin users those are the crypto folks that seem to be very against the idea of tokenizing everything.
From what I understand by posting something on Nostr you are posting signed events to a list of dumb relays. These events can be of many types and include hints of discoverability. There is no blockchain and no token and the thing they call zap is just a link to a lightning address that is up to the client to show.
Your account is your key pair so you are not at the whims of a power tripping administrator.
It seems like the perfect nesting ground for non corporate user content and pocket islands of communities. Nothing prevents someone from implementing a relay or community that bans any talk about Bitcoin or crypto. I for one would love to see closed content focused relays in Nostr.
I've never looked at the AT Protocol before. It seems like you could have achieved most of that with existing DNS, HTTP and RSS implementations. All they really needed was some file formats and some well known URL schems and all of this could have been far easier to implement and deploy.
This is a good article [1] to get an overview of the "backend" of the protocol, it's very plug-n-play. One question I have about the setup you describe, how does moderation work? ATProto has the best moderation scheme I know of, "stacked." [2]
It's very much a Not Invented Here of Mastodon and the Fediverse.
Bluesky is a good user experience insofar as it's centralised.
Mastodon is a bad user experience insofar as you're forced to be aware of the decentralisation.
If you want successful decentralisation, Mastodon has that out of the box. You can stand up a Mastodon, Akkoma, GotoSocial etc on a $5/mo VM and you're an equal participant immediately. Or you can join someone else's server.
ActivityPub is underspecified and Mastodon just ignored a lot of it and so the actual protocol is an unholy mishmash of the two. It mostly works though, by the process of people beating on it until it works.
With Bluesky, you have a centralised service and a lot of people saying "decentralised!"
AT Proto is theoretically decentralised in the fabulous future and points of absolute and financial centralisation keep turning up.
I spend all day posting to both, fwiw. They each do a particular job. But the "decentralisation" in Bluesky is fake. Or at best, simply not feasiblly true.
Claude is an excellent proofreader, but don't let a single word it generates hit your final copy. Use it to catch things and point things out, and for nothing more.
And even bigger-picture stuff, like "you might want to zoom in here" or "this section isn't paying off". I've only in the past few months started using it for proofreading, and it's pretty solid.
But if you take any of its words, you're infecting your writing with Claude's tone, and it will show.
It's super useful as a reader of your writing. It's a terrible collaborator, unless you're writing for an audience of middle managers.
Vocabulary is only part of it. LLM style is pretty recognizable, and most people don’t normally write like that. One reason is because they’re trained in a lot of marketing material, news articles, and the like. If it sounds like a self-unaware middle manager writing on LinkedIn, but it isn’t one, it’s probably an LLM.
This app flags "'s infrastructure" as a hallmark of AI-generated prose. Other markers of AI generation include "'s not just", "making it", "'t just" (33x more likely in AI!), and "ecosystem".
Pangram seems like a useful service for the world we are going to face. To me the semicolon-newline pair reminds of AI almost immediately. I am surprised that this service didn’t point that out. It could be just to me this pattern is bothering though.
If anything gets too popular too quickly, I just assume it's a PsyOp.
That kind of growth requires extensive media coordination and big money. If you're not paying for a product, then you are the product. As sure as gravity.
Bluesky growth spurts are always when Musk or (less frequently) Zuckerberg step on their dicks again and more people come over from their services. In between are slow declines.
It's good FUD. You re-iterate their talking points. (Also, no CTA, no takeaway, just "worry!")
As others have said, the data has to be publishable to be useful. We do have data export laws. The format is known to be ready to use interoperably, not some private schema--atop the PBC commitment, which will at least have moderate legal costs if not a guarantee. It has unequivocally set a new high bar.
They seem pretty locked in to doing what they committed to. The day may come when they turn. It may come first by friction, but the turn has to be pretty complete, because the data is pretty open. What's needed to view it, use it at all, is pretty close to what's needed to host it.
"The site whose value prop is sharing your posts and data with other apps may stop sharing your posts and data with other apps." Yeah, it's possible. It's also possible they just close.
Paul Frazee’s decision to archive the Beaker Browser project in December 2022 and shift focus from the Dat protocol (now evolved as Hypercore) to the development of the AT Protocol indeed represents a significant pivot in his career.
Many observers in the decentralized-web community, including yourself, continue to regard the pure peer-to-peer architecture of Dat and Beaker as an elegant and philosophically pure approach to user-controlled data and hosting.
It is understandable to view this transition as a regrettable departure from what appeared, at the time, to be the most coherent solution.
To provide context grounded in Frazee’s own documented reflections, he invested several years (2016–2022) in Beaker as a peer-to-peer browser built atop Dat/Hypercore. The system enabled one-click website creation, forking of sites, and early experiments with social applications such as Rotonde and Fritter.
However, in his official post-mortem on the Beaker archive notice, Frazee outlined the practical limitations that led to discontinuation. https://github.com/beakerbrowser/beaker/blob/master/archive-...
He explicitly noted that the project “never solved the hard problems” required for broad adoption, particularly for dynamic social networking.
In a more detailed 2024 essay titled “Why isn’t Bluesky a peer-to-peer network?,” Frazee elaborated on the specific shortcomings of pure peer-to-peer models when applied to large-scale social systems.
He concluded that insisting on a fully device-hosted peer-to-peer network for a mainstream social platform “would’ve been a mistake,” given users’ unwillingness to sacrifice features or reliability for theoretical decentralization benefits.
The AT Protocol, which Frazee helped architect as Bluesky’s CTO (a role he continues to hold as of early 2026), represents a deliberate hybrid synthesis rather than an abandonment of prior principles.
It retains core peer-to-peer innovations—cryptographically signed user data repositories, hosting agility, Merkle-tree-based verification, and portable identities—while delegating aggregation, indexing, and high-scale delivery to dedicated infrastructure (Personal Data Servers, relays, and AppViews).
This design enables the data sovereignty and forkability that Dat/Beaker championed, while delivering the performance, discoverability, and moderation capabilities necessary for widespread use.
The ongoing FreeSky initiative, discussed in our prior exchange, further advances this by providing independent Personal Data Servers and relays, reducing reliance on Bluesky-operated infrastructure and realizing more of the original portability vision.
The Dat/Hypercore protocol itself was not discontinued; it continues under the Holepunchto organization and powers other applications. Thus, the technical lineage persists in parallel.
In technology development, particularly within decentralized systems, iterative refinement based on empirical constraints is common.
Frazee has publicly framed the transition as an application of lessons from multiple prior projects (including Secure Scuttlebutt and CTZN) rather than a repudiation.
Whether one regards the shift as a misstep or a pragmatic evolution depends on the relative weighting of ideological purity versus practical adoption and usability at scale.
Bluesky’s growth to millions of users and the expanding AT Protocol ecosystem suggest the hybrid model has achieved broader traction than pure peer-to-peer social experiments previously attained.
In summary, FreeSky embodies the practical "alternative" envisioned in early AT Protocol discussions—offering decentralized hosting and tools within the Bluesky-compatible network rather than a separate platform. For those interested in trying it, start by exploring custom handles through freesky.social or reviewing the dashboard for operational insights. Additional details are available via Project Liberty announcements and AT Protocol documentation at atproto.com
Several people have mentioned that "you can just own your own data, so that's enough, right?"
Interoperating with Bluesky requires you to either 1) opt into the did:plc standard, which is a centrally controlled certificate transparency log, or 2) have all your users create did:web accounts by manually setting DNS records.
So it is not possible to build on Bluesky at all without opting into this centrally controlled layer. This original post covers this, but maybe not in enough detail to stop commenters from missing the point.
Bluesky the company controls 95%+ of PDSes in the system, which control users' private keys, and they're extending PDSes to include more functionality that prevents users from easily exiting the network, e.g. private data is being implemented in a way where Bluesky LLC can see all your activity. The protocol changes often and with limited community input.
This is being done because "there are no other ways to do it" and "our users are okay with it". The community does pretty consistently attack people who dissent (e.g. look at what happened when Mastodon leaders objected). There's a lot of cheerleading for people who do opt into the system, and there's really no incentive for informed criticisms.
It's not really decentralized or neutral infrastructure; it's a great network for a number of specific subcultures who have a nice space away from X, and I hope the team embraces that.
The work to make the PLC not centralized has already begun
1. Non-profit (separate entity from Bluesky)
2. Moving to Switzerland (get the f' out of the US)
3. Consortium control (proof-of-authority)
A PLC read-only mirror implementation was released the last week. I've been running one for a almost a year, redoing my hardware right now, so it's currently down. There are others out there.
> Email is an open, federated protocol. Anyone can run a mail server. In practice, running your own mail server is painful.
Wizards can be difficult to develop and maintain. Writing a working, useful, functional, robust, informative, environment-agnostic, and re-entrant script (or GUI/TUI) can take scads of effort. Now that LLMs abound, much of that grind is quickly solved. For example, here's a vibe-coded script that to get dovecot, postfix, and virtual users set up on my new server with mailboxes copied from an old server:
After a few kicks at the can (run script, capture errors, feed errors to LLM, repeat), it finally configured a working system. Reviewing the script, yes, it's beyond painful. It doesn't have to be, though; the authors of complex software could produce similar guided installers.
Writing code isn't the hard part of running an email server. Getting your server not marked as spam is essentially impossible, not a coding problem, and why everyone gives up on this.
And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem. The fact that such a thing is even possible, and that it's seamless to move from one to the other, gives ATproto a massive leg-up compared to even other federated systems, let alone its non-federated predecessors.
Bsky offers an on-ramp to a more decentralized experience, but most people won't pay the money and experience the friction to move take that ramp. Platforms like Mastodon are entirely decentralized, but that means the friction of decentralizing happens immediately upon sign-up. The people who don't want to self-host PDSes never signed up for Mastodon to begin with.
I try to be skeptical, but I feel like bsky (or something like it) is the best way can do re: bringing decentralization to the masses.
If there's nothing stopping anyone from fixing a problem, and yet nobody fixes it, then there's something is stopping them.
Might not be a technical impossibility, or a gun in their head. Could be as simple as inertia or addiction.
But saying "the problem is totally solvable" just because there's a solution available, is pretty naive. Solutions have costs themselves, and not all are created equal or equally feasible.
Maybe there are a ton of people who joined Bluesky because twitter devolved into a room-temperature-IQ right-wing hell hole, not because they cared about federation or whatever.
Everything has trade-offs. Again and again people choose centralized services because they are a better product.
BTW I already lost 10 years of posting on Twitter. Did not care for a second. Do people REALLY care about their postings on micro blog sites? It's not like a box of photographs that I would pass to my children on my deathbed...
That being said, the nature of Mastodon does still make it more difficult to find interesting accounts.
Also, the open source version of the appview doesn't work at Bluesky scale. You need a proprietary database for sufficient speed.
AT Proto is completely decentralised, except for all the structural and financial points of absolute centralisation.
The work towards permissioned data and group-shared data will make it so apps can choose their own levels of "decentralization" of "federation" on atproto primitives. For example, two diametric options
1. An app that is not open source code, but still does all the same atproto credible exit stuff. Naturally leans into winner-take-all
2. An app that is tied to community, think something like Discord, where most servers don't care about what other servers are doing. Each community could run their own version and only care about their data. This is raspberry pi hostable.
Even for tech people in HN, not everyone will have the disposable income to self-hosted every digital life lands on. Somehow, somewhere one may need to use free services paid by VC money.
I'll be the first to admit I'm guilty of this, too, and still haven't gotten around to moving my main account to a self-hosted PDS (though I've at least taken the steps to backup my CAR and set my own rotation keys, such that if my PDS goes offline or hostile I can still migrate away from it).
Is there something missing from my answer about what the plan is for the PLC?
https://news.ycombinator.com/item?id=47104673
Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.
Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.
The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc
I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.
I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB
For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.
This isn't just on Paul, Jay has publically stated that she doesn't believe users (even powerusers) can be trusted with keypairs.
If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).
(1) You feel very strongly about what decentralized means w.r.t. social media, bluesky, and the PLC
(2) ATProto accepts that it's not planned to be as decentralized as some want, and that it is currently centralized with secondary validators.
(3) No answer or plan for the PLC is going to satisfy you. Nor is any argument you make going to change the plans for identity in ATProto for the foreseeable future.
This is all fine, people can have different perspectives and work/play in different ecosystems, no one is right or wrong. This is precisely why there are multiple protocols out there and bridges between them.
May I then ask why you keep making comments to the same effect aas those you made in the post and multiple times here ~12h ago?
1. I absolutely feel very strongly about decentralization. If there is a part of the stack that isn't it opens up the whole project to the kind of issues I'm talking about in the blog post.
2. Then it is not made to be resistant to the above problems
3. Actually, this is where you are wrong! If atproto implemented a more robust, decentralized default identity system I would be a very happy camper.
I make comments because I care about the subject, obviously. I use Bluesky a lot and I don't want it to end up like Twitter.
(Blacksky is the/one of the furthest along in building competing versions of each part of the AT proto stack.)
I do think it's a critical omission to not address the main player(s?) who are working on key parts of this, and where they may yet run into problems.
Then there's "decentralized" in the sense that the protocols that govern are open and anyone can plug in without permission. This is how email works in practice. Most people do not choose to run their own email servers, but they nonetheless benefit from the fact that people who are interested can do so and provide email service.
Bluesky is the second kind of decentralized.
But why do we keep getting articles trying to convince us that it needs to be the first kind?
is really to find a good enough middle ground that has competitive enough UX to get people off of the fully centralized, locked in social media providers. In the broader context, ATProto to me means user choice and provenance, which ATProto does better than any other protocol. See all the parts beyond just data hosting, where the entire distributed system is plug-n-play. [1]
ATProto not being purist, preferring pragmatism, is what attracts me over alternatives like AP and Nostr.
[1] https://atproto.com/articles/atproto-for-distsys-engineers
They're the first alternative full stack, the first alternative AppView, and that is something that the author should have mentioned. However, it weakens the argument so they left it out.
"Number of contributors" has never meant impact. You wouldn't dismiss openssl or curl, ya know?
A system or protocol is whatever the easiest user journey is. Anything outside of that will never be seen by many users unless there is some value to be gained by going there. And that value has to be something gained now, not a hypothetical like insurance against future closing of the network. People don’t like to buy insurance.
People wine about BlueSky being too centralized, but the fact is that this type of infrastructure isn't self-hostable. You can do social-media over email a la Mastodon (which admittedly is pretty great), but most people will trade that for a walled garden.
The big problem is that all this AT infra is pretty much charity, which doesn't feel sustainable. I wish it could be funded more like public libraries than ad tech.
25G < PLC postgres < 100G, depending if you want to keep all the spam operations (> 50%) and/or add extra indexes for a handle autocomplete service (like me, takes it over 100GB with everything)
Repo data (records) is in the double digit TB range (low end, without any indexing, just raw)
Blobs are in the Petabyte range.
I aim to find out current and accurate details soon.
Bluesky works because people are told "Go to Bluesky" and they hide the federation. When you're told go to Mastodon and pick mastodon.social or any of the hundreds of other servers, you've lost. For some reason, the federation fans never understood this. I remember an interview with Diaspora's developers and they couldn't stop talking about how people can run their own servers.
Dude.
I have two friends who left Twitter for Bluesky. One's an HR rep and the other is a business analyst for warehouses. Does anyone think a selling point for them was that they can run their own Bluesky infrastructure?
And plenty of people people posting racist stuff about White and Asian people.
It's no better than Twitter or 4chan at this point.
I don't get it. What is this supposed to mean? Is the author implying people won't leave Twitter? If it's true then this whole article is pure waste of time: if people won't switch to BlueSky anyway then why should we be wary of it?
BlueSky is a direct alternative to Twitter. The UI is a spitting image of Twitter's. The whole premise of BlueSky is that people will leave Twitter when it goes bad.
Yeah, it played out with my whole social circle leaving, as evidenced by the fact that all my friends link me to the bluesky post whenever there's something happening now.
Joking aside, I think what we see in the larger scheme is a fracturing of social media. More choice, more competition.
This is a good thing
hopefully one day we lurk at the same protocol and type: with more federations, more choice. This is a good thing.
Keep in mind, twitter got rid of their API. Google got rid of XMPP federation. Bluesky breaking or defederating atproto wouldn't impact most users, so they'd probably get less outcry than those examples.
https://support.google.com/code/answer/55703?hl=en
However I think the view you expressed there is misguided. If Bluesky locked out third party infra tomorrow presumably the vast majority of people would not move. Thus vendor lockin via network effects remains. (Ie you are always free to leave but you'd be moving from a metropolis to a backwater.)
The only scenario where this isn't true is one where no more than a few percent of the people you interact with reside on any given node. By that metric small AP nodes pass while large ones such as the flagship Mastodon node fail. Similarly Gmail and Outlook fail while any self hosted mail server passes.
It's not an easy problem to solve.
I'd rather be optimistic than nihilistic about it. It's still early and there are a lot of good things happening.
> [..] machine-readable archive of information associated with your account in HTML and JSON files. [..] including your profile information, your posts, your Direct Messages, your Moments, your media ([..]), a list of your followers, a list of accounts that you are following, your address book, Lists that you’ve created, are a member of or follow, [..], and more.
(Note that I actually elided some additional things that are included in the export, for readability's sake.)
https://help.x.com/en/managing-your-account/accessing-your-x...
edit: also, thanks for clarifying!
At the scales these systems run at, you need large indexes. Distributing those indexes across many nodes would require a breakthrough in federated queries, and if you have one of those lying around I’d pay good money for it.
But people do and it is reportedly fairly easy so the majority of people are on Bluesky's layers while all is well. But also I don't understand why any of this is a reason to be "wary", it's a great place to be with some unique technical properties - it is way more "open" than any other platform of similar scale.
The post discusses why, when all is not well, it will be too late.
Who would've thought true decentralization means everyone hosting their own server? Yes, each user would have to pay and maintain it, but that's the cost of decentralization. ATProto at least makes it easy to jump ship if shit hits the fan and not have to start from scratch. Try doing that with Twitter/Instagram/Etc.
I will give AP folks credit, they have looked at the success of ATProto and found parts they also think are good ideas and are bringing them back to AP.
I'm not sure if the same can be said about Nostr, I keep my distance from that crowd. I wonder if this submission is reflective of the larger Nostr community or if it's one person who wants to write a put-down piece.
Yeah, I left.
(And in fact I am wary of all social media.)
The only social connection i lost is a person who lives on mastodon now. The rest of people that matter to me are on bluesky now.
They already ban signups using email aliases, and apparently block alias emails to their unban support address too.
Archived: https://archive.ph/PsTrp
In the meantime the article is also on Nostr if anyone wants to read it: https://habla.news/a/naddr1qvzqqqr4gupzql5ujf9w2f2ujkj9f552a...
Thanks for the heads up!
But they migrated to Bluesky, right? So it played out fine?
1. Strongly encourage backups.
2. Force users to migrate off the "official" PDS until it has less than, say, 40% market share.
3. Make the mobile apps use third-party relay/appview by default (could be randomized).
Or invert this, and make it local-first. It's your data, and publishing it to a network is a form of backup. Either that, or the client holds a local copy by default.
Either you handle the cryptography for the user AND allow them to DIY it or your target demographic is purely crypto anarchists willing to put up with a shitty UX.
I don't care if Bluesky goes away, gets bought, whatever.
Social media is disposable like a retail outlet. I'm sad if the coffee shop around the corner goes out of business, but there are 99K coffee shops in the US. I can go to another one.
As it is, I don't use Meta or X.. because they're led by despicable beings. Bluesky gets a pass for now, and has enough interesting people that I show up and have a chat. Like a coffee shop or a bar.
Social media should be treated as disposable. Anything that is not yours (as in, is hosted by someone else - for free) should be disposable. In fact id even argue that any media should be treated as disposable. You wouldn't hoard all the material things your accumulate in life, why would you hoard random tweets, comments and reactions forever?
If its worth it, surely you'll find a way to keep it in a way that doesnt demand a third party to do it for you for eternity, no?
"Switching costs" man... people move between countries with vastly different languages and cultures and they adapt, make new relationships, refresh ideas. Is switching from database A to database B that difficult really?
This is totally what atproto offers, see my peer comment to yours, then come back and read this.
I'll add here that there are a bunch of experiments going on which aim to break down apps into features. One example is DMs. Ideally all apps can use the same DM infrastructure (MLS based) and as a users, my DMs are the same in any app as my dedicated messenger app. Many people have had the idea to build a "browser" and any app can use bits of another (leaflet blog publish creates bsky post). Some cool experiments around things that look like web components, where you can create records that express a way to render something.
Another place user vs app choice comes into play is around the graph itself. One of the early dreams of app builders was that there is this existing network and you don't have to bootstrap a social network from scratch. While this is partially true, it does turn out reaching network effect is not so easy. Around this, there is a multi-camp debate on whether apps should reuse social graphs or not, one specific example of this is should an app automatically, upon request, or not at all: start from a user's existing social graph.
The atmosphere and the PDS are definitely trending towards a single database for all your things. All of the examples you cited are being worked on in one form or another. I'm personally working towards a Permissioned PDS which can power Google Workspace like experience on ATProto, where there is an existing understanding of how sharing, visibility, roles, and permissions work across groups of people (IAM). Permissioned data unlocks an entire (majority) of applications people want to use, but won't until they can do it without broadcasting everything. There are a number of ways this may play out, several will materialize as options, i.e. some apps need e2ee and others cannot have it for the experience they want to deliver.
The overarching ethos is user or individual choice, paired with credible exit, enables real competition. Let's go wild, build all new apps, and let the people decide what they prefer. More indie, less winner take all
Sounds like he was worried so much he left Bluesky already.
The other problem of who owns the relay where the data is stored still exists. One way to solve this is a scheduled query of your data and keeping a local dump
It's also strange that this is not mentioned, but in X it's easy to customize the feed for yourself and block what you don't like. I only see what I'm interested in, and I've never come across any content lately that I'm not happy with.
It's true that many p2p attempts have failed, but it's also the only solution that doesn't require someone running servers for free. There's evidence of success as well: napster (and bittorrent). Both were wildly successful, and ultimately died because of legal issues. It might work when the data is yours to share.
If people can both be an origin for content and a relay for content, and modulate the extent to which they want to do either of those things, there's not really much of a difference between "federation" and "true" p2p. Some people will be all relay, and some people will be all content. Some content people might be paying relays, and some relays might be paying content people. Some relays will be private and some relays will be public. Some people will maintain all of their own content locally, and some people will leave it all on a specialized remote server as a service and not even care about holding a local copy.
Also, browsing would either have to be done through a commercial or public service (federation again), or through specialized software (no one will ever use this and operating systems will intentionally lock it out if they see it as a competitor.)
The problem with wishing this all into existence, though, is that bittorent (not dead) exists and is completely stagnant. There is often a lot of talk about improving the protocol, and the various software dealing with it, and none of it gets done. If bittorrent would just allow torrents to be updated (content added or removed), you could almost piggyback social media on it immediately. It's not getting done. Nobody is doing it, just writing specs that everybody ignores for decades.
So I guess my belief is that "true p2p" is a meaningless term and target when it comes to creating recognizable social media. "True p2p" would be within a private circle of friends, on specialized software. Might as well be a fancy e.g. XMPP group chat; it's already available for anyone who wants it. Almost nobody wants it. Telegram, Whatsapp, and imessage are already good enough for that. They may not be totally private, but they're private enough for 99.9999% of people's purposes, and people are very suspicious of the 0.0001% who want something stronger.
I actually think you're using "true p2p" here to sort of handwave a business model into existence (trying to imply mutuality, or barter, or something.) Whereas I think the business model is the part that needs to be engineered carefully and the tech is easy.
This is a for-profit company running this service. It ain't free to operate.
If you don't like that, go elsewhere.
If there is one thing that has been a resounding success on the internet it is this: free services that you pay for with your clicks. Just look at the plethora of free services you get.
In no other economy would that be even remotely possible.
No regular user cares about - oh my data, it is stored centrally, how evil! That is just not a problem most people have. Like at all.
I should add a time stamp to the blog.
This is an odd take and hard to agree with. I have never seen anyone complaining that email is a centralised service. GMail might be among the most popular solution, but there is a number of other solutions for "regular consumers", and many institutions, governments, etc. all run their email servers.
> It will be hard, but we'll self host if we have to
Bluesky offers:
> It will be easy-ish, and we'll self host if we have to
We shall see if it's credible enough to make corruption look elsewhere.
Don't they have to give you your data upon request? And the cheapest way is to offer an export function? Wasn't this thanks to the EU (GDPR Article 20)?
I can export decades of web browsing history, bookmarks, logins, etc. and import into any other browser with almost no trouble at all. Try to export your mainstream social network (facebook, twitter, insta, tiktok, etc.) content and connections and import it into another social network and let me know how that goes.
Will normal people do it, no. But you can.
https://atmosphereconf.org/?ref=verdverm.hn
Because of network effects, more users is generally more interesting. Blue Sky has "enough" at this point for me to be happy there. Programmers like antirez, my bike racing people like inrng, my city's mayor and one of our city councilors, and also a bunch of urbanists.
Edit: you lose some connections moving around, but I've also had friends I've known since the days of IRC. I think I'm mostly resigned to picking whatever works best in the moment and being willing to move (like abandoning Twitter) when it's not working.
which is not opposed to you being on Bluesky or Instagram or LinkedIn or wherever.
If you don't want to get your own domain and run a server (not practical for most people) you can still protect yourself from being stuck in a single silo by broadcasting to many social media sites.
https://indieweb.org/PESETAS
Imagine if Bluesky decides to ban you, and continues to ban accounts you create elsewhere. Atproto ensures non-Bluesky PDS can see you, but you've lost 99% of the userbase.
https://standard.site/
...
Seriously, joining Mastodon is not particularly difficult; people just freaked out a few years ago at being asked to pick a server to join. The joinmastodon.org website has gotten a lot better at explaining what that means and just directing people to mastodon.social if they don't want to pick something more specific, but the "oooh, this extra step makes Mastodon super super scary, if you pick wrong YOU ARE DAMNED FOREVERRRRRRRR" vibe persists.
The other challenge that AP has as an ecosystem is that they have been hostile to anyone wanting to build an index or business. People need to eat and they turned off a lot of developers who'd love to make their living building social media tech outside of the corporate oligarchy.
ATProto welcomes all, even if there is the occasional drama or hostility.
The Wikipedia page says "Nostr is primarily popular with cryptocurrency users, primarily Bitcoin users."
That's not my crowd.
And since you mentioned primarily Bitcoin users those are the crypto folks that seem to be very against the idea of tokenizing everything.
From what I understand by posting something on Nostr you are posting signed events to a list of dumb relays. These events can be of many types and include hints of discoverability. There is no blockchain and no token and the thing they call zap is just a link to a lightning address that is up to the client to show.
Your account is your key pair so you are not at the whims of a power tripping administrator.
It seems like the perfect nesting ground for non corporate user content and pocket islands of communities. Nothing prevents someone from implementing a relay or community that bans any talk about Bitcoin or crypto. I for one would love to see closed content focused relays in Nostr.
But you are right back to the same UX issue that prevented crypto mass adoption, i.e. lose your keys, lose everything
Very few want to own that risk.
[1] https://atproto.com/articles/atproto-for-distsys-engineers
[2] https://bsky.social/about/blog/03-12-2024-stackable-moderati...
Bluesky is a good user experience insofar as it's centralised.
Mastodon is a bad user experience insofar as you're forced to be aware of the decentralisation.
If you want successful decentralisation, Mastodon has that out of the box. You can stand up a Mastodon, Akkoma, GotoSocial etc on a $5/mo VM and you're an equal participant immediately. Or you can join someone else's server.
ActivityPub is underspecified and Mastodon just ignored a lot of it and so the actual protocol is an unholy mishmash of the two. It mostly works though, by the process of people beating on it until it works.
With Bluesky, you have a centralised service and a lot of people saying "decentralised!"
AT Proto is theoretically decentralised in the fabulous future and points of absolute and financial centralisation keep turning up.
I spend all day posting to both, fwiw. They each do a particular job. But the "decentralisation" in Bluesky is fake. Or at best, simply not feasiblly true.
* Overusing verbs
* Poor structure
* Bad transitions between grafs
* Passive voice
And even bigger-picture stuff, like "you might want to zoom in here" or "this section isn't paying off". I've only in the past few months started using it for proofreading, and it's pretty solid.
But if you take any of its words, you're infecting your writing with Claude's tone, and it will show.
It's super useful as a reader of your writing. It's a terrible collaborator, unless you're writing for an audience of middle managers.
I don't think it's trustworthy.
> His answer:
https://bskycharts.edavis.dev/edavis.dev/bskycharts.edavis.d...
As others have said, the data has to be publishable to be useful. We do have data export laws. The format is known to be ready to use interoperably, not some private schema--atop the PBC commitment, which will at least have moderate legal costs if not a guarantee. It has unequivocally set a new high bar.
They seem pretty locked in to doing what they committed to. The day may come when they turn. It may come first by friction, but the turn has to be pretty complete, because the data is pretty open. What's needed to view it, use it at all, is pretty close to what's needed to host it.
"The site whose value prop is sharing your posts and data with other apps may stop sharing your posts and data with other apps." Yeah, it's possible. It's also possible they just close.
Paul Frazee’s decision to archive the Beaker Browser project in December 2022 and shift focus from the Dat protocol (now evolved as Hypercore) to the development of the AT Protocol indeed represents a significant pivot in his career. Many observers in the decentralized-web community, including yourself, continue to regard the pure peer-to-peer architecture of Dat and Beaker as an elegant and philosophically pure approach to user-controlled data and hosting. It is understandable to view this transition as a regrettable departure from what appeared, at the time, to be the most coherent solution.
To provide context grounded in Frazee’s own documented reflections, he invested several years (2016–2022) in Beaker as a peer-to-peer browser built atop Dat/Hypercore. The system enabled one-click website creation, forking of sites, and early experiments with social applications such as Rotonde and Fritter. However, in his official post-mortem on the Beaker archive notice, Frazee outlined the practical limitations that led to discontinuation. https://github.com/beakerbrowser/beaker/blob/master/archive-...
He explicitly noted that the project “never solved the hard problems” required for broad adoption, particularly for dynamic social networking. In a more detailed 2024 essay titled “Why isn’t Bluesky a peer-to-peer network?,” Frazee elaborated on the specific shortcomings of pure peer-to-peer models when applied to large-scale social systems.
He concluded that insisting on a fully device-hosted peer-to-peer network for a mainstream social platform “would’ve been a mistake,” given users’ unwillingness to sacrifice features or reliability for theoretical decentralization benefits.
The AT Protocol, which Frazee helped architect as Bluesky’s CTO (a role he continues to hold as of early 2026), represents a deliberate hybrid synthesis rather than an abandonment of prior principles. It retains core peer-to-peer innovations—cryptographically signed user data repositories, hosting agility, Merkle-tree-based verification, and portable identities—while delegating aggregation, indexing, and high-scale delivery to dedicated infrastructure (Personal Data Servers, relays, and AppViews).
This design enables the data sovereignty and forkability that Dat/Beaker championed, while delivering the performance, discoverability, and moderation capabilities necessary for widespread use. The ongoing FreeSky initiative, discussed in our prior exchange, further advances this by providing independent Personal Data Servers and relays, reducing reliance on Bluesky-operated infrastructure and realizing more of the original portability vision.
The Dat/Hypercore protocol itself was not discontinued; it continues under the Holepunchto organization and powers other applications. Thus, the technical lineage persists in parallel. In technology development, particularly within decentralized systems, iterative refinement based on empirical constraints is common. Frazee has publicly framed the transition as an application of lessons from multiple prior projects (including Secure Scuttlebutt and CTZN) rather than a repudiation.
Whether one regards the shift as a misstep or a pragmatic evolution depends on the relative weighting of ideological purity versus practical adoption and usability at scale. Bluesky’s growth to millions of users and the expanding AT Protocol ecosystem suggest the hybrid model has achieved broader traction than pure peer-to-peer social experiments previously attained.
In summary, FreeSky embodies the practical "alternative" envisioned in early AT Protocol discussions—offering decentralized hosting and tools within the Bluesky-compatible network rather than a separate platform. For those interested in trying it, start by exploring custom handles through freesky.social or reviewing the dashboard for operational insights. Additional details are available via Project Liberty announcements and AT Protocol documentation at atproto.com
Several people have mentioned that "you can just own your own data, so that's enough, right?"
Interoperating with Bluesky requires you to either 1) opt into the did:plc standard, which is a centrally controlled certificate transparency log, or 2) have all your users create did:web accounts by manually setting DNS records.
So it is not possible to build on Bluesky at all without opting into this centrally controlled layer. This original post covers this, but maybe not in enough detail to stop commenters from missing the point.
Bluesky the company controls 95%+ of PDSes in the system, which control users' private keys, and they're extending PDSes to include more functionality that prevents users from easily exiting the network, e.g. private data is being implemented in a way where Bluesky LLC can see all your activity. The protocol changes often and with limited community input.
This is being done because "there are no other ways to do it" and "our users are okay with it". The community does pretty consistently attack people who dissent (e.g. look at what happened when Mastodon leaders objected). There's a lot of cheerleading for people who do opt into the system, and there's really no incentive for informed criticisms.
It's not really decentralized or neutral infrastructure; it's a great network for a number of specific subcultures who have a nice space away from X, and I hope the team embraces that.
1. Non-profit (separate entity from Bluesky)
2. Moving to Switzerland (get the f' out of the US)
3. Consortium control (proof-of-authority)
A PLC read-only mirror implementation was released the last week. I've been running one for a almost a year, redoing my hardware right now, so it's currently down. There are others out there.
you don't have to like it, that's fine, you have Nostr as an alternative
but when Nostr people come around bad mouthing everyone else, especially with outdated and misleading claims, you make people want to use Nostr less
Your answers have all been that it'll be solved in the fabulous future. Quite possibly! But until it happens, it hasn't happened.
Wizards can be difficult to develop and maintain. Writing a working, useful, functional, robust, informative, environment-agnostic, and re-entrant script (or GUI/TUI) can take scads of effort. Now that LLMs abound, much of that grind is quickly solved. For example, here's a vibe-coded script that to get dovecot, postfix, and virtual users set up on my new server with mailboxes copied from an old server:
https://autonoma.ca/mail-setup.txt
To vibe code it, the prompt included content from:
https://xtreamsolution.net/complete-email-server-setup-tutor...
After a few kicks at the can (run script, capture errors, feed errors to LLM, repeat), it finally configured a working system. Reviewing the script, yes, it's beyond painful. It doesn't have to be, though; the authors of complex software could produce similar guided installers.
I've run my own since the 1990's, it is certainly possible, there are many others who have done the same. I have no issues with email deliverability.
> everyone gives up on this.
Not everyone gives up on it, some do, some don't.