Follow

P2P ActivityPub: more feasible than you think 

So this thread was conversing about the feasibility of a p2p ActivityPub (including a P2P Mastodon): cybre.space/@nightpool/9901526

I think most people think that that's a very far jump, but in this thread I hope to demonstrate that it's a very short one... at least to make the jump to a minimally-P2P system that people might realistically use.

P2P ActivityPub: more feasible than you think 

So step 0: what would you run it on? Okay, maybe a laptop is not ideal because laptops go offline and online so much. But a home server is realistic; in fact you already run multiple "appliances" at home (at least a router) that are really as much of servers without thinking about it. So you want some always-on computer; those are cheap today (eg @bob has a project to allow people to run home servers on a beaglebone black.. cheap!)

P2P ActivityPub: more feasible than you think 

Step 1: NAT punching is a problem, and let's assume we don't want DNS / SSL CA's because that's a layer of centralization that blocks "p2p" and holds the world at a client/server level.

Guess what! Even Mastodon could support this with one change: support Tor .onion addresses. Bam, one move, you allow anyone to host a p2p ActivityPub server.

P2P ActivityPub: more feasible than you think 

Now that said, it may not be ideal for two reasons. Reason one is re: Zooko's triangle which says you can choose 2 of 3 in a naming system: human readable, decentralized, unique. .onion addresses (and DIDs) choose to eschew human readability in favor of decentralized and unique. But there are ways to get human readability back, the best of which is probably the PetNames proposal; that may be a bit challenging to add to fit into Mastodon's UI tho.

P2P ActivityPub: more feasible than you think 

The other challenge is key upgrade. If you get some gobbletygook string that maps to a unique key, what happens when you need to upgrade the key? Eg a PGP key forged 20 years ago is no longer secure, and if this is your identity for life you need a way to upgrade it. This is what the Decentralized Identifiers standard tackles.

P2P ActivityPub: more feasible than you think 

Fortunately you can combine the three: have users have a DID so they can have key upgrade, use petnames for human readability, and have the DID act as a DNS-like pointer (can point at a .onion address or even an ipv4/6 address)

In fact that's what github.com/WebOfTrustInfo/rebo proposes.

P2P ActivityPub: more feasible than you think 

But I want to reiterate: you can get basic p2p support in existing ActivityPub implementations... including Mastodon!... with a single move: add tor .onion address support.

P2P ActivityPub: more feasible than you think 

@cwebber I'd go with GNS. gnunet.org/gns

P2P ActivityPub: more feasible than you think 

@how I'm not sure GNS includes the full PetNames protocol as in terms of how Mark Miller described it to me but maybe I should read up on it.

P2P ActivityPub: more feasible than you think 

P2P ActivityPub: more feasible than you think 

@how reading!

P2P ActivityPub: more feasible than you think 

@cwebber This is also interesting to understand how the GNS squaers Zooko's triangle gnunet.org/gns-init

P2P ActivityPub: more feasible than you think 

@how I'm reading it and it looks more correct than I realized, though I still have two frustrations with GNUNet (which I would really like to like):

- It doesn't seem feasible to integrate with a program that has its own event loop
- Just look at this UI... just look at it: gnunet.org/sites/default/files

P2P ActivityPub: more feasible than you think 

@how I know that @ng0@toot.cat is a big GNUNet believer though and I'd *like* to be one too. If I could figure out how to connect to it without using GNUNet's event loop... eg using Guile Fibers or whatever... maybe I could give it more of a chance

P2P ActivityPub: more feasible than you think 

@cwebber Yes the UI of GNUnet is terrible. I wish we could have some money to fix that, working with opensourcedesign.net (cc @jancborchardt) and the Federation people. We're onto something here :)

P2P ActivityPub: more feasible than you think 

@cwebber @how haha Holy FRICK.

P2P ActivityPub: more feasible than you think 

@cwebber And #ssb already uses pet names, and it works quite well

@cwebber I'm currently messing around with Smilodon, with the aim of seeing if I can get some ActivityPub messages between two onion addresses.

P2P ActivityPub: more feasible than you think 

@cwebber Another alternative that could work for the same purpose is cjdns. A P2P IPv6 routing protocol where your IPv6 address is your public key, and the routing tables are in a DHT across the network.

Nodes can connect to each other over existing IP networks (like the Internet), or other links such as adhoc Wi-Fi networks, Ethernet cables, Bluetooth...

P2P ActivityPub: more feasible than you think 

@cwebber or cjdns

@cwebber there's also the freedombox project through Debian.

@cwebber FYI I don't consider home-server stuff "p2p"—IMO it has to support offline/online to count. the stuff about home servers is nice but doesn't meaningfully move the needle for end users.

@nightpool Sure, it's arguable you also want to support a store-and-forward mechanism, which admittedly I have left out of this :)

@nightpool Though notably if you have your own home server as the AP server-to-server component, and then your laptop also connects to it over AP client-to-server, I think you've built in 95% of user needs without store and forward.

@nightpool The more challenging thing to me IMO is how hard it currently is to maintain your own servers, and that's true in general, whether at home or via some VPS somewhere.

@cwebber @nightpool but isn't the whole point of P2P that you're not required to have a server running constantly?
P2P means IMO that I can get my computer to talk to my friends computer without involving other computers at all. Everything else is just obscured client-server communications.

If ActivityPub can't handle a node being offline 80% of the time, then it can't do real P2P.

@zatnosk @nightpool I don't think there's anything about any definition of P2P I've read that says store-and-forward or equiv is a MUST property on a p2p network. I don't see anything here for instance: en.wikipedia.org/wiki/Peer-to-

But of course it's a desirable property to combine with a P2P system.

@cwebber @nightpool I'm not saying store-and-forward is necessary, just that it must be possible to have some level of churn as the Wikipedia article calls it.

If the other nodes assume my node is dead and gone and then forget any retains to it, just because it's offline for a week, then it's not a very robust network.

But I don't know what ActivityPub says on this topic, it's been a while since I read the spec. :)

P2P ActivityPub: more feasible than you think 

@cwebber Super happy that you're thinking about it. Last time I had this discussion was with @rysiek, I think it was 30c3... Our conclusion was that the Federation should pursue great interface design and plan for switching to a P2P backend à la GNUnet when it's ready.

P2P ActivityPub: more feasible than you think 

@how @cwebber let's have this discussion again on #34C3 :)

P2P ActivityPub: more feasible than you think 

@rysiek @how Hm, too bad I won't be there!

I will be at the next Rebooting Web of Trust though, which is also a great place to have it. But if you have it at report back! :)

P2P ActivityPub: more feasible than you think 

@cwebber @how I need to go to RWoT.

P2P ActivityPub: more feasible than you think 

@rysiek @cwebber Sorry I won't be there this time. I decided to go with family and pass my ticket to someone else. But I definitely want to follow up on this discussion. Make sure you include Grothoff and PEP.

P2P ActivityPub: more feasible than you think 

@cwebber It seems like you could probably do this as a layer over IPFS pubsub, too?

That'd give you store-and-forward and a p2p CDN for media for free, too.

P2P ActivityPub: more feasible than you think 

@RAOF possibly though AP needs to speak HTTP verbs and headers, not sure that's possible with IPFS

P2P ActivityPub: more feasible than you think 

@cwebber Yeah, I think you'd need to, or at least *want* to, use a different approach for IPFS.

Sign in to participate in the conversation
Octodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!