ActivityPub vs AT Protocol

Thanks a lot for taking the time and walking us through this complex topic. It's a very good starter to get into a comparison of the protocols.

Thanks man, I'm developing something and it needed a backbone like AT Protocol but I needed a good run down. This was perfect. Namaste brother

Nice presentation. Thank you!

At 17:08 you start talking about how data is pulled from a PDS into an application indexer/craeler “in ActivityPub”…. I think you meant to say in “AT”…. But otherwise, thank you for the clear explanations.

I was very excited when I heard of ActivityPub with the recent Reddit mess, but as I research more, I cannot stop feeling just confused. It just feels incomplete to me, the integrated Object support for example is extremely basic, and while it is very easy to modify and extend but the more you do it the more it stops being compatible with other instances implementations. You cannot browse Lemmy through Mastodon for example, or even if they are very similar, Kbin and Lemmy have compatibility issues.
It really does feel more like a framework for a protocol rather than an actual usable piece of software that could power the "future of social media".
What pains me the most is that even though this "instability" is obviously an issue, I feel like all of this could have been avoided with some better communication and stronger conventions, even some stricter rules, but now with so many different implementations and some of them becoming more and more alienated from one another it feels like we are just in too deep and the entire point of the protocol seems lost to me.
I really hope ActivityPub works in some way, at least set an alternative to regular social media, but I simply cannot see it as a replacement.

I love the fact that you can't unlike something ! More like a feature than a problem

Great high-level overview. What is super exciting is that this architecture plays well with other protocols. How the PDS is stored and indexed is an implementation detail. I can see eventually people storing their PDS on multiple nostr relays for example.

thank you for explaining so well

Halfway through the video , and awrskme man keep it up

Really nice explanation!

WoW, the linkerd looks neat !

Fantastic video ❤

So you mentioned that within the PDS you cannot remove data and its essential logged in its history forever.
If I own the data in my PDS, can BlueSky for example see what I liked or disliked, if I own the data, can they view the entire history of it, can they access that and use it? If so, how do I own my data, if its public...?
Hope the question makes sense!
---
Also thank you for posting the video, I started learning about Federated Protocols today as a fun little Saturday Activity and this is really helpful in understanding the underlying structure of how ActivityPub and AT Protocol work. Super engaging and fun to watch :)

I truly REALLY appreciate your time and effort in presenting these topics and comparing and contrasting these two protocols in particular. But I'm confused and frustrated on a whole 'nother level about them (NOT YOU, them): So they're going to DECENTRALIZE (yea!) social networks by ...CENTRALIZING them on yet another server?!?! Does anyone actually build real APPLICATIONS anymore? Or is EVERYTHING always MY DATA on somebody else's SERVER?! Are we truly unable to create networks that simply facilitate the connection of my computer to my family and friends' computers? Yanno, a actual SOCIAL NETWORK?! i REALLY think we're still totally misusing the internet and WWW tech stack, and I think we're stuck thinking that way because we've been brainwashed by Big Tech firms that that's the way it has to work. From their perspective, they're right, it's the only way THEY can profit from ME communicating and sharing with MY FAMILY AND FRIENDS, and from 'allowing' me to discover new distant/near virtual friends who are content creators whose content and POV I want to experience. Can we TRULY not DO BETTER?!
I'm about ready to go back to dial-up BBS if necessary. I KNOW I can secure that and use it. Did fine with it throughout the late 1970's and 1980's and through a fair bit of the 1990's. Yeah, it's gotten that bad today.

I understand that you dont need to get all the traffic from threads, If you get only what people are following there will be no need to block them

Posts and stuff not transfering over is a very relative concept, most AP implementations allow you to export / import your data, so if you had 10k posts on server 1, you can migrate your account, export your data, and import it in the new server, sometimes the timestamps will be wrong, but at least the posts are there...
As for media not being in the server itself, in AP, most of the time, it is. Most instances actually do host their media in the same server, because most instances are people owned, and we generally hate big tech companies such as Amazon, so we are never going to store our data on their servers, the whole point of decentralisation is to keep data in OUR servers, not the cloud (someone else's computer)

A new model of content creation /storing has to be considered - not technically, but socially/culturally - creating evergreen content and creating 'time-constrained' content and being able to technically flag which is which, so servers know what to auto-delete after 30 days, or whatever the server chooses. There's no way decentralization can scale by allowing the internet to remember everything, already we're seeing RUclips publicly straining with their move to disallow ad blockers, Twitter obviously, and fediverse admins. Deletion needs to be taken seriously. Otherwise it'll have to move to charging users by their data size+calls to access the data, which will never allow true public adoption of decentralized protocols. The more I think about it, the more it makes sense for admins to auto-delete posts/content older than 30 or 180 days.

implementing AP myself, and a big roadblock for me is authentication. I initially thought AP would provide a way to authenticate against another server, but this is false. From my understanding, AP is only for defining common social activities. All the authentication, algorithms, and storage are up to you to build. So, IMO AP is not a solution to anything. It just makes it slightly easier to share data with other servers. Someone, please correct me where I'm wrong.
Where things get muddy for me, is the spec is abstract enough that the federation could totally start including auth as part of the spec. All they would need to do is include 'instructions' in the profile resolved by webfinger.

Are there any open alternatives to ActivityPub and At?

Who hosts the crawler? And where does the crawler store the data?

So, ActivityPub is expensive because the volume of data transferred from server to server when servers have thousands of users.
I would think an implementation that is intended for a single user instance would mean that the costs could be distributed equitably. 1 server with 1000 users costs $100.00 per month, 1000 instances with 1 user, each user pays some fraction of this to, host/own/secure their own data.
Implementing something like this using a serverless infrastructure could keep costs very low per user.
Users with a ton of followers and posts would get more traffic.

So if someone posts illegal images they just remain on my server even if I "delete" them? That makes me liable to go to prison for hosting one of these things.

There are many things in this video, that are wrong.
- ActivityPub doesn't work like RSS. In the opposite, it works more like E-Mail. When I post something, and you follow me, I send my post to your inbox. And from there your application can present it to you. If you like it, you send that like to my inbox. Instead we could have send E-Mails. RSS on the other side doesn't send anything. If I post something in an RSS feed, you have to ask my server for updates. Actually that's how you described how the At Protocol works. There you have a server with your data and others have to crawl it from there, right? So if you want to stay up to date, you call it maybe once very 5 seconds? While with ActivityPub you push it once to the follower's inbox and that's it. Also as ActivityPub does it, the post is now on both servers.
- You are right, that a lot of servers talk to each other. But you are wrong with the scaling. There is no issue with scaling. It works similar to email, and emails scales very well over different servers. If you run a server, you don't have to configure all other servers. It's just, that your users connect with other users and they exchange messages. So your server is just sending data to other servers, if your users do something, like post, follow, like, etc. Other servers only send your server data, if someone on the other server did something, that effects your user. Else no data needs to be exchanged. So the size of the server depends on the number of users you have and how active they are.
- You explain instance blocking as something negative. It's actually a big feature of ActivityPub. The most important thing of a social network to work well, is good moderation. Without that you are flooded with advertisement, hate, porn and other stuff, you might not want to have.
- It's not true that with ActivityPub you can not move posts. You can implement that. It's not a problem and Mastodon has that feature in their Backlog. The problem with it is moderation. Maybe a user is coming from another server to my server and I have rules on my server about the content. But when I allow them to copy all their post onto my server, I will probably also copy posts I'm not allowing. So I would have to moderate thousands of posts. Also someone could do that maliciously and import posts to reduce the reputation of my instance, saying "look at all the posts here, that are hateful, this is a bad instance", but they have just been imported. So maybe as an instance you want to mark them as imported. They haven't solved such questions, so they didn't implemented it yet, but it will come eventually.
- Sure, an attacker could take over an instance and manipulate stuff. The same thing can happen with the AT-Protocol. I don't see a difference there between the protocols. Somewhere the data is stored and that can be manipulated, if a hacker comes into that system, whether it's a PDS or ActivityPub Server.
- You are wrong with where images are stored. I don't know the AT Protocol so much, but for ActivityPub it's not necessarily the case that they are stored somewhere else. With Mastodon they are stored on your instance, together with your posts and Mastodon also stores images and stuff from other instances as well. So if you follow someone, all their images are stored on my Mastodon server as well. I think probably for privacy reasons, because I the other instance would know, when I load the images. Maybe to keep a good performance, I don't know. It seems to be a waste of resources for me. So for ActivityPub it depends on the implementation, but can be within the server itself.
- 14:09 Well for ActivityPub you can do the same. So PeerTube does video and Mastodon makes microblogging and Pixelfed pictures. But you can implement an ActivityPub server that can post videos and microblogging and pictures. It's just different content you publish over the same protocol. And they can speak with each other. There is no problem to implement an ActivityPub server, that is completely agnostic to the fields and implement clients separately that have different views or different use cases. Also the existing servers already work together. You can follow someone on Pixelfed from your Mastodon account and see their data. So having the separation of storage and functionality already in the protocol is kind of a smart move of the AT protocol, but similar architectures can be build on top of ActivityPub, without any problems.
- You say that the crawlers in the AT Protocol would scale better than ActivityPub. How is that the case? As you explained, when I push something, it's added to my PDS. So the crawler has to ask my PDS "hey dude, is there new content?". How often does the crawler do that? Once an hour? Then it needs an hour until my post is visible for other users. So let's assume there is a big event, like a football game. And I post something about it, I want others to see it right away, right? So with ActivityPub my server pushes it to my followers and they can see it in less than a second later. With the AT protocol, the crawler has to ask the PDS of all the users all the time, right? So it has to ask my PDS "hey dude, is there new content?" maybe every second? 86400 times a day? And for a million users, this crawler has to do 86400000000 requests every day? Or do they accept a delay and just load the data every minute? Or is it just active, if I load data on my client? So let's assume I follow 500 people. So then I open my client, and that client asks the crawler for data, the crawler then asks the 500 PDS of the people I follow, if there is something new and then presents it to me? Doing 500 requests needs a lot of time, so I have to wait a while, until data pops up in my client? Both variants don't scale. So either it works differently from what you presented or it just works because bluesky has direct access to all the data and can optimize it. But it doesn't sound scalable, while ActivityPub totally scales. Everything that happens in ActivityPub follows an user interaction. So there is no polling and things like that, that could be a problem for scaling.

Wouldn’t Web3 (blockchain decentralised social media) solve the Acitvity Pub issues?