Merge branch 'refactor' into 'master'

Draft topics

See merge request arnoldjun/bluesky!84
This commit is contained in:
Jay Graber 2020-07-01 01:00:17 +00:00
commit defcafda65
10 changed files with 116 additions and 100 deletions

25
applications/template.md Normal file
View File

@ -0,0 +1,25 @@
### Identity
### Networking
### Data
### Moderation & Reputation
### Social & Discovery
### Privacy & Access Control
### User experience
### Interoperability
### Scalability
### Metrics
### Monetization
### Implementations
### Links

View File

@ -1,55 +0,0 @@
# Zeronet
Zeronet is a browser for a decentralized network built on BitTorrent and Bitcoin. Instead of having IP addresses, Zeronet site addresses are Bitcoin public keys.
Example sites created on Zeronet include ZeroTalk (like Reddit), ZeroBlog (microblogging), ZeroMail (encrypted mail), and ZeroMe (p2p social network).
ZeroMe is a proof-of-concept that demonstrates how to build a Twitter-like site in a decentralized browser. It has not received wide usage.
### Identity
The creator of a site signs the files with the private key, and the public key is the site address. This is a Bitcoin key which can be exported to a wallet, allowing funds to be sent to the address and collected by the site creator. Zeronet domains end in `.bit`.
ZeroId is an authorization provider that lets you interact with sites without contacting the owner, and is used for sites with user interaction like ZeroMe.
### Networking/Message passing
Zeronet uses the BitTorrent network to find peers that are seeding the site to download the site content from. When a user visits a site, they download the site files. Once they've visited, they start serving that site as well, seeding it to others.
### Data Storage/Message Persistence
Zeronet uses BitTorrent trackers and its own variety of trackers (zero://).
### Moderation/Reputation
Blacklists are opt-in.
ZeroId provides some control over user accounts to fight spam, by limiting the number of registrations from an IP address.
### Social/Discovery
There are a few search engines for Zeronet, which have scraped and index the network. Zeronet addresses are commonly shared out-of-band.
### Privacy and Access Control
Sites that take user input, like ZeroMe, ask the user for permission to grant read/write access.
### User Experience
Zeronet's decentralized hosting design allows for one-click site cloning. Popular sites scale with demand, as visitors become seeders of site content as well.
### Interoperability
Despite being compared to Beaker Browser and IPFS, Zeronet does not interoperate with other sites, or even with BitTorrent.
Zeronet can be run over Tor for privacy. but it does not support .onion sites. I2P is not supported.
### Monetization
The Zeronet project relies on tips.
An interesting element of monetization in Zeronet is that the fact that site addresses are bitcoin addresses, which means that site owners can be tipped directly to the address. The owner can retrieve the funds by importing the private key into a bitcoin wallet.
### Links
[Zeronet](zeronet.io)

View File

@ -11,6 +11,8 @@ A user's identity is their ed25519 key pair which is used to sign posts, verifyi
Users can pick a human-readable nickname that is associated with their key, but nicknames are not unique because there is no global registry.
Ssb does not currently support multi-device login, because keys are stored on devices.
### Networking
Nodes request all messages in the feed that are newer than the latest message they know about. The networking component of SSB maintains a table of known peers which it cycles through asking for updates for all followed feeds. Messages are passed through the ssb network via a gossip protocol. Messages may be passed through third parties, which improves availability.
@ -33,6 +35,8 @@ Each message contains:
- An identifier of the hashing algorithm in use (currently only "sha256" is supported)
- A content object
Because of the append-only nature of ssb feeds, there is no ability to permanently delete a piece of content. Applications can work around this by honoring edit or delete messages appended to the feed, but the original content stays in the append-only log that is shared among all nodes, and other applications could choose not to honor such messages. An example of a workaround is [ssb-revisions](https://github.com/regular/ssb-revisions), a basic API that enables applications to use mutable messages by displaying the updated version.
### Moderation & Reputation
There is no global moderation, and no specialized moderators in ssb. A “flag” message is used to send a strong negative signal about bad actors. Applications built on top of ssb allow users to “block” and “ignore”. An ignore will simply not show that data to the user's node, although their node will continue to pass their data through the network. A block will cause the user's node to refuse to replicate data from that feed, segmenting it off from their portion of the network. If enough people block a user or group of users, their part of the network will become partitioned from the rest.
@ -55,16 +59,6 @@ The ssb ecosystem is supported through a variety of grants, donations, income fr
Pubs, the most resource-intensive nodes, are currently volunteer supported.
### User Experience
Key management is one of the biggest challenges of ssb, as users often lose and forget their passwords. Users are in complete control of their identity. That means if they lose their cryptographic key, they can permanently lose access to their account. To address the problem of key management in a decentralized manner, a project in the ssb ecosystem, [Dark Crystal](https://darkcrystal.pw), has implemented a social key recovery system. It splits keys into shards to store with family and friends who can be trusted to help reconstruct a lost key.
Ssb does not currently support multi-device login, because keys are stored on devices.
The p2p bootstrapping process introduces frictions for new users. First, new users typically join a pub to get connected to the network after they download an ssb application. Then, there is a period of waiting time during the initial sync when logs are being downloaded, like the syncing time of a blockchain. A user that has not opened an ssb application in awhile will encounter this synchronization delay again while their node catches up to the state of the network.
The inability to edit or delete content also runs contrary to user expectations. Because of the append-only nature of ssb feeds, there is no ability to permanently delete a piece of content. Applications can work around this by honoring edit or delete messages appended to the feed, but the original content stays in the append-only log that is shared among all nodes, and other applications could choose not to honor such messages. An example of a workaround is [ssb-revisions](https://github.com/regular/ssb-revisions), a basic API that enables applications to use mutable messages by displaying the updated version.
### Interoperability
[Ssb viewer](https://github.com/ssbc/ssb-viewer), an HTTP server for read-only views of ssb content, brings read-only interop from ssb to the web.

View File

@ -10,7 +10,7 @@
### Privacy & Access Control
### User experience (if applies)
### User experience
### Interoperability
@ -18,8 +18,8 @@
### Metrics
### Monetization
### Governance & Business Models
### Implementations
### Implementations & Applications
### Links

View File

@ -1,6 +1,27 @@
# Data
Data structures, data availability, persistence, and mutability in decentralized applications.
Data portability
### Data Structures
Decentralized systems do not have a single central system to coordinate updates.
Shared data structures enable interoperability.
Solid - Solid's data structure is RDF. [RDF](https://www.w3.org/RDF/) uses URIs to name the relationship between things, allowing structured data to be shared across different applications. RDF could potentially [be a barrier to adoption](https://hal.inria.fr/hal-01966561/document), due to its complexity.
Matrix - Matrix transports messages using JSON, and tracks conversation history through DAGs.
Mastodon - ActivityPub uses streams of JSON-LD. Mastodon was formerly compatible with OStatus, which used RSS.
IPFS - IPFS uses a custom data structure, [IPLD](https://ipld.io/), designed to treat hash-linked data structures as subsets of a unified information space.
Ssb - Ssb uses append-only logs of signed JSON.
### Mutability
Federated applications allow users to edit and delete content, handled at the server level. Content may not be guaranteed to be deleted across the entire network in some cases - protocols should require applications to honor delete messages.
P2p applications have more variance around mutability.
Ssb & Hypercore - Messages added to the append-only logs used by ssb and hypercore are immutable. Applications can choose not to display messages indicated as deleted, but the data cannot be overwritten.
IPFS - Once added to a network, content is discoverable by its hash. If a copy remains stored on the network, it is re-discoverable by this reference.
Aether - "Stale" threads that have not been referenced for 6 months get dropped by the network. This design attempts to make posts more ephemeral in a p2p setting.

View File

@ -3,3 +3,13 @@
In decentralized networks, whether federated or p2p, there is often no global search functionality.
This issue being discussed in Mastodon: https://github.com/tootsuite/mastodon/issues/9529
Hashtags are used to filter and discover content in ssb, diaspora, mastodon
### Data availability
No server has a unified global view of a decentralized network.
Data is only available along user connections or the follow graph, whether that is determined by node or by server.
Mastodon - No global search functionality

View File

@ -18,7 +18,7 @@ Desirable qualities for decentralized identities:
## Decentralized Identity
OAuth is currently the most successful identity standard. OAuth was created to securely transfer user credentials from one site to another. OAuth identity providers became centralized because users could not run or choose their own identity providers.
OAuth is currently the most successful identity standard. OAuth was created to securely transfer user credentials from one site to another. OAuth identity providers became centralized because users could not run or choose their own identity providers. (See decentralized identity protocol comparisons in [Decentralizing the Social Web](https://hal.inria.fr/hal-01966561/document))
### Identity in federated applications:
@ -41,18 +41,20 @@ P2p systems key management, key verification, key backup. Account recovery.
- Aether
- Iris
### Blockchain identity
### Blockchain Identity
In 2001, Zooko Wilcox-O'Hearn named three desirable properties of decentralized network identifiers: human-meaningful (memorable), decentralized (global), and secure (unique). This became known as [Zooko's triangle](https://en.wikipedia.org/wiki/Zooko%27s_triangle). Prior to the invention of cryptocurrency blockchains, which enabled decentralized global consensus, it was thought that only two of these three properties could be achieved at one time. Now, many projects have created protocols for naming systems that fulfill all three properties.
- Namecoin
- Blockstack
- Handshake
Lots of them.
Microsoft
IBM
- Microsoft
- [IBM](https://www.ibm.com/blockchain/solutions/identity/networks) - IBM is helping to create, operate and maintain permissioned decentralized identity networks built using Hyperledger
### Decentralized Identifiers (DIDs)
[DIDs](https://w3c-ccg.github.io/did-primer/) are a new type of globally unique identifier that do not require a centralized registration authority, and can serve as a decentralized public key infrastructure. DIDs are a [W3C standard](https://www.w3.org/TR/did-core/).
The [DID W3C standard](https://www.w3.org/TR/did-core/) is an emerging standard around decentralized identifiers. [DIDs](https://w3c-ccg.github.io/did-primer/) are a new type of globally unique identifier that do not require a centralized registration authority, and can serve as a decentralized public key infrastructure.
The format of a DID is: a scheme identifier, followed by the DID method, followed by a method-specific identifier. A simple example: `did:example:123456789abcdefghi`

View File

@ -1,8 +1,8 @@
# Moderation
One of the most acute problems with centralized platforms is the need to develop one-size-fits-all moderation policies for billions of users. Decentralizing social platforms places the power to determine moderation policies in the hands of users or communities.
One of the most acute problems with centralized platforms is the need to develop one-size-fits-all moderation policies for billions of users. Decentralizing moderation puts decisions about what content to block or allow in the hands of users and communities.
## Moderation in federated systems
## Community moderation
### Matrix
@ -10,10 +10,18 @@ Servers in Matrix have terms of use that users agree to when they join. Rooms ma
### Mastodon
Each server admin can create their own moderation rules as well as a theme for their server. Their TOS may include rules about whether data can leave the server, etc. Users choose which server to join, opting into the moderation policy, theme, and TOS they prefer.
Each server admin can create their own moderation rules as well as a theme for their server. Their TOS may include rules about whether data can leave the server, etc.
## Moderation in p2p systems
### Reddit
## Experiments
### Aether
Curation and moderation markets
Users elect and impeach topic moderators.
## User moderation
User level moderation allows users to opt into different content preferences, for example subscribing to shared blocklists, or enabling certain filters.
# Mastodon
Users choose which server to join, opting into the moderation policy, theme, and TOS they prefer.

View File

@ -10,37 +10,39 @@ Protocols must be open source in order to be used and adopted. Applications buil
Advertising
- Charge advertisers for user impressions or clicks through the applications
- Users can pay to not be shown ads
In-app purchases
- Charge for promoted tweets
- Charging for custom curation or moderation services, or taking a cut of monetized services offered by third-parties.
Transaction fees on
- User monetization of premium content
- User tips and donations
Premium experience
- Users can pay to not be shown ads
# Provider Level
If applications access the provider, (as in Solid, where applications access user data through pods), the provider can charge a commission of the revenues of each application.
If applications access user data through a provider, (as in federated systems where a user signs up to a server, or in Solid, where applications access user data through pods), the provider can have a separate business model from the application.
If users access the provider (as in federated systems where a user signs up to a server), the provider could charge the user a fee, perhaps for premium features like extra storage. Up-front membership fees for users tend to discourage adoption of social applications, where users have come to expect free service.
- Charge a commission of the revenues of each application.
- Charge users a membership fee. (However, up-front membership fees for users tend to discourage adoption of social applications, where users have come to expect free applications.)
- Charge users for premium features like extra storage.
## Protocol Level
Protocol level business models have been explored in recent years through cryptocurrencies.
One method is the creation of a token used for transactions internal to the protocol. An example is Facebook's Libra.
One method of protocol-level monetization is the creation of a token used for transactions internal to the protocol. Facebook's Libra, which will allow users to send payments to each other, is an example of this approach. Brave browser created [BAT, Basic Attention Token](https://basicattentiontoken.org/), for transactions between publishers, advertisers and users. Advertisers pay in BAT to place ads. Publishers receive most of the BAT from ad revenue and Brave takes a percentage. Users of Brave browser earn BAT when they view ads. They can't withdraw it, and instead can only donate it to publishers of their choice. According to Brave's research, in 2020, Users could earn up to $200 by consuming ads. Publishers haven't been vocal about their earnings, but [freecodecamp have said that they earned $2000 between early 2018 to mid 2019.](https://www.freecodecamp.org/news/the-brave-browser-how-much-money-can-your-website-make-as-a-publisher/).
Existing cryptocurrencies can also be used for protocol-level business models.
Existing cryptocurrencies can also be used for protocol-level business models. Brave originally used Bitcoin instead of BAT for in-browser micropayments. In a server-based federated system, servers that provide services to the network could also function as Lightning hubs that route Bitcoin payments through the social graph using payment channels, and collect fees for doing so.
Servers could function as Lightning hubs that route Bitcoin payments through the social graph using payment channels, and collect fees for doing so.
Namespaces are a limited resource across a common protocol. For this reason, business models could be developed around username registrations, like how domain names are sold on the web. Currently, Twitter prohibits the trading of usernames, but a [black market has emerged](https://www.theguardian.com/technology/2018/apr/17/selling-twitter-handles-big-business-identity) anyways, illustrating the latent demand for good names. Legitimizing a username marketplace could be one method of monetization for a decentralized Twitter.
Sell username registrations
## Links
https://blog.ethereum.org/2014/04/30/decentralized-protocol-monetization-and-forks/
[Decentralized Protocol Monetization and Forks](https://blog.ethereum.org/2014/04/30/decentralized-protocol-monetization-and-forks/)
https://avc.com/2016/07/the-golden-age-of-open-protocols/
[The Golden Age of Open Protocols](https://avc.com/2016/07/the-golden-age-of-open-protocols/)

View File

@ -1,14 +1,23 @@
### Security
Designing for public communication requires less focus on privacy than more intimate social applications. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.
Designing for public communication requires less focus on privacy than social applications designed for close social circles. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.
Some e2e messaging encryption options:
Many decentralized social applications that include direct messaging use e2e encryption to preserve the privacy of messages.
- Noise protocol
- Matrix - [End-to-end encryption guide for Matrix clients](https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide)
- ActivityPub - Mastodon is [adding e2e encryption to ActivityPub](https://github.com/tootsuite/mastodon/pull/13820). Previously, messages were unencrypted on the server.
- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed around the network.
Some more e2e messaging encryption options:
- [Noise protocol](http://www.noiseprotocol.org/), used by WhatsApp
- [Messaging Layer Security (MLS)](https://messaginglayersecurity.rocks/)
### Access Control
There may be a need for different levels of access to user data - for example, to create read-only applications, paywall, or private sharing.
Different levels of access to user data can be controlled through server permissions on federated systems. In p2p systems, access control must be implemented through cryptographic permissions, or access control lists.
Object capability security authorization system
Object capability security authorization systems:
- [Adding object capabilities to ActivityPub](https://gitlab.com/spritely/ocappub/blob/master/README.org)
- Peergos provides [capability-based access control](https://github.com/Peergos/Peergos) for files on top of IPFS