leafie making a variety of expressions: confused, angsty, snarky, ANGST, hurt but smiling about it, and the face she makes when she drinks alcohol (it tastes yucky)
yeah yeah and I'm alright
I took a sip of something poison but I'll hold on tight
Read part 3 here:
It is. It’s a social problem. And technical infrastructure should not try to solve it. It *should* try to reflect it meaningfully as it would exist in real life, though. In other words, define social structures as a composite of individual relations, rather than as server-side infrastructure.
I think making systems where individual components naturally compose to a centralized structure, and where severing one individual relation causes a minimal or recoverable loss on either side, is a good middle ground between “complete centralization” and “complete distribution”
I dont think this can be meaningfully resolved. Incumbency & centralization has its advantages. Rather than fighting against it, we should analyze the roles of the central authority, deconstruct them, and recompose them as bounded, auditable relations where severing one doesnt compromise the whole
Fair enough! Keep up the good work
I don’t think this is the right framework to think about this problem.
🫡
I’ll be talking about the proposal during part of my presentation at ATmosphereconf if you’re interested in hearing more
*embedded signatures for credentials, not signed records
An XRPC endpoint for credential issuance would be nice for future privacy applications but not strictly required for experimenting, since the signed credential could just be embedded in a public record
Not much tbh! The only unorthodox part is signed records. Beyond that, the rest is built on what the protocol already has. The architecture is deliberately designed to need as little new protocol surface as possible
It takes advantage of the tendency centralization to converge communities towards a service with an architecturally limited mandate. From there, community infrastructure is populated by services that scopes to those credentials and perform the work of defining community spaces, and all it entails
The architecture separates low-frequency high-stakes decisions from high-frequency low-stakes decisions. Bad decisions from one layer creates back-pressure from other layers toward good governance through effects on trust relations and credible exit.
tl;dr: make membership an irrevocable credential, like a DID. Allow credential issuers to make labeler-esque “withdrawals” for members they no longer trust. Services have the final say on who does or doesn’t belong.
one of the clearest gaps in the ecosystem - working against the lofty decentralisation goals - is how power concentrates in tools: lists/feeds/labellers
the implicit decision by bsky rn is "don't let these things become powerful", which also means "don't let these things become *too* useful"
Yesterday’s world seems just so far away from these days
Part 4 will probably take a few more days, since it’s dealing with a categorically different problem set than the first 2 parts (UX and reconstituting the architecture into something recognizable). But I’m pretty excited about how it’s going!
Online communities are always reduced to the same structure: Stewards as Landlords
Part 3 of Composable Trust wields ATProto to architect a solution: decomposing communities into 3 sovereigns—Members, Rosters, and Venues—each with full jurisdiction over their own domain, and none over each other’s.
Thank you to Google @opensource.google for joining #AtmosphereConf as a major sponsor! We appreciate your support!
Ahh, my bad! Yes, this makes sense, actually. I think it’s a good distinction to make, especially once the proposal gets to initial specifications!
It’s essentially the PLC ledger dependency, just one layer up haha
Where this “Roster Authority” service would live outside of simply an AppView, I haven’t given much thought to. Even if credentials are *initially* published publicly by a Roster, It’s probably still too heavy of a burden to expect every service to provide
One could plausibly factor out a “scope set” calculation service which indexes credentials, interprets Venue credential policies, subtracts users removed from the scope set from the Cluster, and returns a list of in-scope users. Such a service would have no hard dependency on the Roster itself
The trust set could be defined as the totality of the cluster - Roster “untrust” records. Since the untrust records are just signals that are interpreted by changes in the downstream’s scope, there is not a strict need for persistence.
Not at all! There’s actually no strict need for the Roster to maintain a central registry. An AppView could index credentials as part of their existing indexing work. “Lack of signal” != “Lack of entry”
Good catch!
Since this is the technical heart of the proposal:
@bnewbold.net I would really like to hear your thoughts on this
@kandake.africa, @bmann.ca, and @knowtheory.net, I think your inputs on the safety and privacy implications of such a system would be really important before any implementation.
Online communities are always reduced to the same structure: Stewards as Landlords
Part 3 of Composable Trust wields ATProto to architect a solution: decomposing communities into 3 sovereigns—Members, Rosters, and Venues—each with full jurisdiction over their own domain, and none over each other’s.
In Part 2:
To enable credible exit, ATproto deconstructed the “Platform” into independent layers with bounded authority.
Yet in online communities, a single steward necessarily becomes a single point of failure.
How can we deconstruct the *community* Atmospherically? What happens if we do?
