AT protocol

• #decentralization
• #development
• #distributed
• #encryption
• #federation
• #opensource
• #socialmedia
• #technology

A protocol for building decentralized social media platforms. Most well known for powering the Bluesky microblogging network.

The protocol is designed such that there are several interchangeable parts composed to make up the experience, and each part can be built and operated by different providers.

The main parts:

• DNS domain names as user handles, and DIDs and DID documents as unique identifiers for users
• Personal data server (PDS): hosts and serves user data repositories, both directly for random access and indexing, and also as a Websocket streaming new data as it is created. The PDS is where a user authenticates themself to update their data repository (i.e. make posts, likes, follows, etc.). The AT protocol does not dictate what authentication methods a PDS offers.
• User data repository: the source of truth; each user stores all of their published data (posts, likes, follows, etc) in a single public repository, which is stored on a PDS and is cryptographically authenticated
• Lexicon: a set of strongly defined data types and concepts for a particular social mode (Bluesky is the microblogging mode)
• feed generators and labelers: functions for determining what you see in your activity feed, and for analyzing and labeling posts to enable content filtering, classification, and curation of posts
• indexing infrastructure: services and tools that crawl and index data from user data repositories, used to provide search, do large scale data analysis, etc.
• relays: indices used to create the "firehose" for a social mode; in the case of Bluesky, it is used to power the live feed of updates used to notify subscribers of new posts.
• app views: services that consume the firehose of indexed data, process the records relevant to a particular lexicon, and construct a user experience out of the resulting data, which is presented to end users as a website, app, etc. App views are also where moderation controls are enforced. They are also not opinionated, leaving that to feed generators and labelers

Pros of the AT protocol

• broken into several parts that can be built and operated separately so that users have control over what they see, where their data is stored, etc.
• decentralized, in that PDSes can be run on cheap storage services, leaving the heavy lifting of translating the data to indexers, relays and app views
• DNS domain names as handles leans on a established, mature and well understood system that is simple and affordable
• customization and democratization of the app user experience, feed generation, data classification, and moderation
• the ability to support any social mode (microblogging, photo sharing, video, etc.) for which someone creates a lexicon and associated indexers and app views

Cons

Currently the data for a user is almost entirely public to the whole world, since a user data repository must be publicly accessible in order to be indexed. This makes social activity like private messaging or tight access controls to different posts or types of data difficult. See this discussion.

There is some serious talk about using Messaging Layer Security (MLS) to enable private data.