these cookies are secure, http-only, strict.
03.03.2026 04:47
π 2
π 0
π¬ 0
π 0
these cookies are secure, http-only, strict.
The blacksky.community web application now uses our own API servers to load posts, timelines and profiles.
When data is missing (accounts on the edges of the network, outside of our primary community, etc) we leverage @microcosm.blue
Congrats to the team @tangled.org!
huge! congrats @tangled.org :)
however, authenticity of a did:web document hinges on possession of a private key too: it happens to be the private key held on the web server required for tls! so server-held keys end up having their role in each approach.
so with plc there is a set of "rotation keys" that can be used to manage the content of your did doc. within your did doc is the public key used to sign your repo.
with did:web there's no specific mechanism to manage your did doc, you just update the file where it's hosted however you like.
the did is that point of indirection: behind it is your handle, your pds, and your signing key. there are different ways you can manage your did. did:web ties it to a domain, perhaps most compatible with what you're looking for. did:plc ties it to possession of one in a set of keys.
intent is for handles to be able to change w/o breaking references to your identity or records. the did is the stable identifier. the pds typically manages key material on the user's behalf, but your pds and keys can change over time. so self-hosters manage keys, but most will just use a provider.
despite the term "commit" there is no concept of commit history in your repo (e.g. unlike git). the repo reflects only the current state of all your records, and through the one signature on the root provides cryptographic proof of each record.
exactly, signing over the root provides proofs down to each leaf. your did doc advertises your public signing key and your pds. your pds hosts the repo, but anyone else can also redistribute it. the data is "live" so long as it's signed by you. if your key changes, just sign again and distribute!
you can totally rotate your key and resign your repo without causing any disruption, changing any at uris for your posts, etc.
re: plc read replicas and auditing, worth following along with @bad-example.com who has been getting several regional ones going.
for your pds you could totally setup did:web identities, which are also supported in atproto. that would be neat!
yeah it was looked atβ in fact every existing did method at the time was considered! you may already be aware, but did:plc entries are self-certifying and there's a story for credible exit if needed. read replicas that audit the directory recently released, and more plans ahead!
I'm building on atproto because building infrastructure like "Drafts and Scheduled Posts for every atproto app" is easy as 1-2-3 and as cool as alf.
Announcing alf, the atproto Latency Fabric: leaflet.pub/p/did:plc:3v...
π΄ LIVE https://stream.place/pfrazee.com And we are live with office hours!
(that change happened just this week.)
i knowww. i think it was the api stability signaled by nodejs. i think things should change now that it moved up a level in stability to "release candidate." pumped to get this going in the pds.
new blog post on permissioned data in atproto! this one introduces "buckets", the protocol-level primitive for shared access control. I walk through two approaches that don't quite work and land on something that I think does
let me know your thoughts!
this rules! it would fit so nicely with atproto pds hosting, and very possibly jibe well with standard.site.
It's been almost one full fortnight since our last one, we're doing office hours again this Friday. And we're bringing special guests to talk all about building on atproto.
smokesignal.events/did:plc:lysq...
New blogpost about atproto
It's not federation, it's not a p2p mesh. It's a secret third thing: practical.
www.pfrazee.com/blog/practic...
Did you miss @zeu.dev teaching us about ATProto
No worries! Check out our conversation on the Web Dev Podcast, then code along with us on Learn with Jason.
WDP: codetv.dev/series/web-d...
LWJ: codetv.dev/series/learn...
What even is the AT Protocol?
@jason.energy and I talked about @atproto.com and what the future of social media can look like, where users are in control and developers are given more interoperability opportunities
this was my similar, borderline shitpost-quality protocol diagram bsky.app/profile/divy...
also nods towards what would make a *reeeeally great* relay? in my view it's all about more sophisticated network abuse prevention.
i could see that, totally! no shade on that approachβi thought it was a great call out that sync 1.1 is end-to-end. i think it is a little non-obvious to folks who haven't followed along closely, and this was a good chance to highlight it.
yes! sync 1.1 leans into the end-to-end principle: end consumers (e.g. apps) perform their own verification. technically relays don't have to!
but what makes a *great* atproto relay? a great relay protects consumers from garbage and network abuse, which is why indigo/relay verifies the events.
i'd read it!
p.s. the sync 1.1 proposal turned a year old just last week! good times. github.com/bluesky-soci...