Oddbean

The Bluesky team has an academic paper describing the protocol that’s a pretty good high level but somewhat technical overview. It includes how they see Bluesky compares to Secure Scuttlebutt, Nostr, Farcaster, and ActivityPub/Mastodon. I think folks who are building Nostr apps or advocating for it in comparison to Bluesky would do well to read it to understand what they’re doing and how we’re different. We should also write up one for Nostr. https://arxiv.org/abs/2402.03239

This is my only peer reviewed paper presented at a proper academic conference. https://scholar.google.com/scholar?hl=en&as_sdt=0%2C5&q=evan+henshaw+plath&oq=Evan+henshaw#d=gs_qabs&t=1729290169164&u=%23p%3DJsdFhFbpufAJ

Bluesky only works with Bluesky's own code. Thanks for reading my paper. nostr:nevent1qqs90yp42d0j0cfnj5r7ugjcdhtgcah9t02h9aa2flrhrfc8yy0jl6gpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygrkcud2uwjfruweamz8ewshug5umfq38g9mkmn2u9mk6ajru2w2lgpsgqqqqqqsf35982

We’ve submitted a proposal to an international society to organize a conference on decentralized social networks, with Nostr as the main topic. Fortunately, the proposal has been approved, and we’re now working out the details. I’m actively trying to align the conference dates and location with next year’s Nostr events. The goal is to introduce Nostr to academics and promote further research. Hope everything goes well.

WTF, they actually gave up entirely on sovereign identity?! "In principle, the cryptographic keys for signing repository updates and DID document updates can be held directly on the user’s devices, e.g. using a cryptocurrency wallet, in order to minimize trust in servers. However, we believe that such manual key management is not appropriate for most users, since there is a significant risk of the keys being compromised or lost. The Bluesky PDSes therefore hold these signing keys custodially on behalf of users, and users log in to their home PDS via username and password. This provides a familiar user experience to users, and enables standard features such as password reset by email."

"You can sovereignly host your own PDS" Yes. "... and entirely control your identity on bluesky" No. The PDS stores your data, but BlueSky maintains a central registry for IDs in their network. In theory, you could run your own ATProto ID registery. But from what I understand, it would be incompatible with BlueSky. It would be the equivalent of forking BitCoin to create your own blockchain. You can, but it doesn't allow you to transact over the BitCoin blockchain.

My understanding is that AT relays basically operate like a Nostr client does (obviously there's other differences in the protocol too tho). Even though another AT relay couldn't interact with Bluesky, it could pull from the same PDSs so people would be able to interact - just like how Nostr clients don't directly interact, but we're speaking since our clients are connected via relays.

nostr:nprofile1qqsfzzhequxl66lwucls6j42cd2ttkskf44my0yusakd75jvwgzwvmgpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz9thwden5te0dehhxarj9ehhsarj9ejx2a30qy88wumn8ghj7mn0wvhxcmmv9u80rd8x What nostr:nprofile1qqsp77g933m6yf89hc3xerczfjkd44xhgxz46a0dnug5wwagawrwrjcppemhxue69uhkummn9ekx7mp0qys8wumn8ghj7mn0wd68ytn9d9h82mny0fmkzmn6d9njuumsv93k2tcpz4mhxue69uhkummnw3ezummcw3ezuer9wchsdcndl4 said. Imagine X published all the source code for running x.com. You could set up your own version at y.com, but nobody who created an account there would be able to follow accounts on x.com, or vice-versa. So there's no point. That's essentially the situation with ATProto. In theory, you can set up a complete clone of the BlueSky service, but it's totally up to them whether accounts on your service can be seen on BlueSky. The chokepoint is not the software, it's the ID layer. The fediverse/ ActivityPub tried to solve that by taking a leaf out of the IndieWeb's book, and outsourcing the ID layer to DNS. The Zot/ Nomad branch of the fediverse has always had NomadicIdentity, which makes accounts ("channels") independent of the domain names of servers, and there are a number of FEPs describing how to do that in AP software; https://wedistribute.org/2024/03/activitypub-nomadic-identity/ Nostr solves the ID chokepoint problem in a similar way, by having a decentralised ID layer. So that's a step forwards from the existing AP+DNS dominated fediverse. BlueSky is a step backwards, and the main reason people use it is the aggressive Safer Spaces Policing that their ID chokepoint allows; https://wedistribute.org/podcast/blacksky-rudy-fraser/ For some people that's a feature, and a permissionless network is a bug that feature solves.

Oh yeah, no, it's very centralized at the moment and even in a perfect implementation it'd still be somewhat more centralized than Nostr. Still, they've made a lot of progress (going from 100% centralized to mostly centralized in a couple months earlier this year). Theoretically, whether you were having X.com or Y.com aggregate data from PDSs, it'd still be the same PDSs so people from X.com could talk with Y.com - assuming no blocking/errors/funny-buisness was going on. And for the DIDs, you can actually hold your own with your own PDS. Bluesky itself won't hand you your keys yet, although they are planning migrations at some point so they likely will in the future once that side of thing is developed. Probably not ideal for us and our fellow tech nerds, though most people probably won't care or even prefer custodially held keys.

"Theoretically, whether you were having X.com or Y.com aggregate data from PDSs, it'd still be the same PDSs so people from X.com could talk with Y.com - assuming no blocking/errors/funny-buisness was going on." The point is that x.com and y.com have the power to block each other's accounts. So as I say, there's no point setting up y.com. It's much cheaper and easier to set up an AP server or Nostr relay instead. So unless something radically changes in the ID layer of ATProto, it will always be controlled by BlueSky, and it will always be as centralised as Xitter where it matters most. > most people probably won't care or even prefer custodially held keys This is like when apologists for Gmail say that most people don't care about runing their own email server. Or when apologists for proprietary software say that most people don't care about reading or modifying source code. Or when apologists for dictatorship say that most people don't care about reading laws or government reports. It's probably true, but entirely beside the point. The fact that you *can* do it, if you want to, totally transforms the incentive structures.

I'm not sure what they're getting at with their description of Nostr "Communication (e.g. reply threads) is only possible between users who have at least one relay in common" That's true of any client-server architecture no?

80% of nostr misunderstanding (particularly wrt scaling) comes from not understanding how something like outbox would work. which is fucking retarded. the “public square” use case of nostr basically implies (something like) outbox; it’s like saying nostr can’t work because people can’t do math that quickly since the spec doesn’t mention computers.

Use simplex and just add a searchable directory of available groups. Then you have a secure, properly decentralised, meta data free Telegram upgrade without a CEO. Job done. Don't reinvent the wheel.

Martin Kleppmann is very good at this stuff. He also helped design bluesky. I honestly thought nostr was better than bluesky at the start. But they have worked really hard to improve every aspect.

Thanks for the share, as a fellow protocol nerd it looks like an interesting read. On writing a Nostr breakdown paper I'd potentially be interested in collaborating on something like that of anybody was looking for volunteers - though it's important to note I've written zero academic papers (unless college essays count). Though I did write a blog post comparison of the big three a bit back. An earlier version of it actually got featured in the O'Reily trend newsletter (May of '24) which was super cool. But definitely not anything academic. https://nate.mecca1.net/posts/2024-08-11_microbloggingv2/

Why did they rename BGS to "Relay"? That is very unpolite, we took that name first. Also BGS ("Big Graph Service") sounded better. Maybe we should rename Nostr relays to something cooler. NDU: Note Dissipating Unit CXS: Content Exchanging Server ANN: Availability Named Node RSS: Reachability Spreader Service LGBT: Local Graph Broadcasting Transmissor

As of now, academic research on decentralized social protocols includes Mastodon with over 70 papers, Bluesky with 10+, Farcaster with 7, and Nostr with only 4. Mastodon has seen the most extensive study, while the relatively small body of research on Farcaster is somewhat surprising. Given Web3’s momentum in academia, one would expect more work on Farcaster. From July to September last year, YakiHonne participated in academic conferences at the University of Hong Kong, Nanyang Technological University, and ITSC in Bilbao, Spain, where we introduced Nostr to researchers. At the time, very few had even heard of Damus. Three weeks ago, we provided 10 Nostr-related research topics to academics studying decentralized social networks. Some challenges were raised, particularly regarding Farcaster’s research, but we eventually settled on an empirical analysis of Nostr. That said, this is still far from enough. Nostr deserves its own dedicated decentralized research group. https://image.nostr.build/d937a7437e6a71e3998c59dcbeef32f388fcb687701f920dfba90eebfe9621a0.jpg https://image.nostr.build/9d9259f948a9d56b16e1f2b0f384ee0a667be70772a815bb3530be4c74026e36.jpg https://image.nostr.build/1ff5e05105caeca9af434a44e9a4bf31eafe7c7607db0f7e3a85ded9b6864b75.jpg https://image.nostr.build/72f5b6fda8bb1189f5c88f1f9b3ddd45b1542b8000c5d1149685cbca787c1feb.jpg nostr:note127gr256lylsn89g8ac39smwk33mw2k74wtm65n78wxnswggl9l5s6tzk0s