Lightnews — Scholar-powered news

chrisb

@boscolo.co

330 followers 200 following 610 posts

sojourning through the crazy woods (bosco loco) pondering rainbows and unicorns

Posts Media Videos Starter Packs

Pinned

chrisb @boscolo.co · Jun 13

I'm a bit of a dreamer, I want to message people via ATProto using their ATProto Identity and have it be end-to-end encrypted like Signal.

bsky.app/profile/bosc...

chrisb @boscolo.co · May 15

ATproto devs, app builders, dreamers of a more agentic world—this our opportunity to shape secure, private open E2EE messaging!

This preliminary AT Messaging spec needs your help to finish. Dive in, share your brilliance, join #e2eeWG, and let’s build it together!

github.com/ATProtocol-C...

2 15

chrisb @boscolo.co · 2h

Recently, thought of a way to make my did:fid proposal chain agnostic, at the expense of some interop concerns.

Just add the CAIP chain id like so:
did:fid:1898:84532
would be a DID registered on the Base chain.

chrisb @boscolo.co · 2h

Without a doubt cheaper to use on-⛓️ DID.

Larger concern with did:web is that Facebook-sized players will use it to onboard users, completely undermining the value of the DID.

Recently realized there's an easy way to make👇 chain agnostic, will write a follow on post:
blog.boscolo.co/3lyxzeejguk2h

Solving AT Protocol's Centralized Identity - blog.boscolo.co

I spent the weekend building a proof of concept for a truly decentralized DID method using Farcaster's battle-tested identity system. Here's why AT Protocol needs this third DID option.

blog.boscolo.co

chrisb @boscolo.co · 20h

OAuth stands for OrwellianAuth, is the unfortunate truth...

Reposted by chrisb

Signal @signal.org · 5d

We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...

signal.org

41 2.4K 3.9K

chrisb @boscolo.co · 7d

Conceptually I like this. My concern is that it has a lot of moving parts that can result in failures to lookup DID Documents. Whereas FIDs are simple, battle tested (1M+ created) with a pretty good recovery story.

chrisb @boscolo.co · 10d

A full moon is nature’s shelling point for clock synchronization 🌕

chrisb @boscolo.co · 11d

DNS in AT Proto is used for the human readable handle, like ENS on Farcaster. Hence why I think ENS would make a great decentralized addition.

My proposal was to turn the Farcaster FID into a valid W3C DID as an alternative to the two long term stable account ID currently supported in AT Proto

chrisb @boscolo.co · 11d

I think the fact that ENS names are rented not owned, makes them a poor choice for a long term stable account identifier. But, I’d love to see ENS as valid AT Proto handle (the human readable part of your identity.)

1 1

chrisb @boscolo.co · 12d

Does this require that users (via an app) add a new key pair to their DID?

chrisb @boscolo.co · 13d

In less than one month @leaflet.pub has completely spoiled me.

The ability to copy text on a web page, and turn it into a link with an OG preview that makes it totally obvious which text I am referring to is a game changer.

Note the difference in:
bsky.app/profile/bosc...
bsky.app/profile/bosc...

chrisb @boscolo.co · 13d

slightly tangential, but a PDS API for generic signing of content would be a huge unlock for a bunch of applications!

pfrazee.leaflet.pub/3lzhui2zbxk2...

Three schemes for shared-private storage - Paul's Leaflets

pfrazee.leaflet.pub

4 1 27

chrisb @boscolo.co · 13d

good take. My brain interpreted the "should" in the last sentence as permission to paint outside the lines with this. (ah, the fun of standards...)

Given the desire expressed by many to support aliases in AT Protocol, we should push to get this clarified in that directions.

1 2

chrisb @boscolo.co · 13d

yep, those ＠Aliases shown in PDSls come from the "alsoKnownAs" array in the DID document.

One question that don't think is described in the ATProto docs is how different apps would know which alias to use. BSky uses the first, but doing it positionally is not the answer for other apps.

2 1

chrisb @boscolo.co · 13d

This is my understanding.

chrisb @boscolo.co · 13d

Does everyone have to come to a rough consensus on your drink?

chrisb @boscolo.co · 13d

In @pfrazee.com latest leaflet about "arenas":

The description of apps sending personal private data to other apps matches how we have designed AT-SMS, tho AT-SMS treats the inbox task as a service much like the PDS so users can choose their inbox provider. ☯️

pfrazee.leaflet.pub/3lzhui2zbxk2...

Three schemes for shared-private storage - Paul's Leaflets

pfrazee.leaflet.pub

1 1 2

chrisb @boscolo.co · 13d

slightly tangential, but a PDS API for generic signing of content would be a huge unlock for a bunch of applications!

pfrazee.leaflet.pub/3lzhui2zbxk2...

Three schemes for shared-private storage - Paul's Leaflets

pfrazee.leaflet.pub

1 5

chrisb @boscolo.co · 13d

Are you talking about the "alsoKnownAs" in the DID doc?

This is up to each app to decide. bsky app only looks at the first.

Important thing app devs need to remember is that users can write anything they want in this array. Each one must be verified by ensuring the forward lookup returns the DID.

1 4

chrisb @boscolo.co · 13d

This is pretty huge! I don't think people realize how soon payments are going to happen over HTTP.

Cloudflare @cloudflare.social · 14d

Cloudflare introduces NET Dollar, a new U.S. dollar-backed stablecoin that will enable instant, secure transactions for the agentic web. https://cfl.re/4msrZWd

Cloudflare Introduces NET Dollar to Support a New Business Model for the AI-Driven Internet | Cloudflare

Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today announced plans to introduce NET Dollar, a new U.S. dollar-backed stablecoin that will enable instant, secure transactions f...

cfl.re

chrisb @boscolo.co · 14d

Now do Safari

chrisb @boscolo.co · 14d

Do you want to fund an open source alternative to WhatsApp built on AT Protocol?

It requires no viral algorithms to win, just a great user experience and a commitment to build an open protocol.

#AT-SMS

Robert Reich @rbreich.bsky.social · 14d

The richest man on earth owns X.

The second richest man on earth is about to be a major owner of TikTok.

The third richest man owns Facebook, Instagram, and WhatsApp.

The fourth richest man owns The Washington Post.

See the problem here?

1 1 5

chrisb @boscolo.co · 14d

non vedo liquore?

chrisb @boscolo.co · 14d

recipe?

My aunt passed before I was wise enough to ask her how she made what was the best tiramisù i've ever had. 😞

Reposted by chrisb

Ezra🦋 @ezraboeth.com · 14d

I feel like it's feasible to put *permissioned* data on atproto, but not *private* data. "private" colloquially means only accessible to those you intend to show it to, which is things like Signal/iMessage chats or an encrypted file system on your laptop. "permissioned" just means some people have-

1 1 2

chrisb @boscolo.co · 14d

I've already been bitten once using an app that had a broken privacy model storing "unpublished" data in the PDS.

bsky.app/profile/bosc...

I suspect we are going to see many more cases driven mostly by developers describing the feature as something it isn't. "private"

I hope I'm wrong.

chrisb @boscolo.co · Sep 2

While using WhiteWind and Leaflet I had an interesting observation about using the PDS for private data

Both support "unpublished" blog posts. I discovered @whtwnd.com stores these draft your PDS, which means they can be discovered prior to publishing.

Not sure where @leaflet.pub stores drafts?

chrisb @boscolo.co · 15d

Payments coming to an HTTP response code near you! 💵

Who will be the first to stand up a PDS with 402 support?

#x402 @cloudflare.social

www.coinbase.com/blog/coinbas...

Coinbase and Cloudflare Will Launch the x402 Foundation: Building the Future of Agentic Commerce

Tl;dr: Coinbase is announcing our intent to launch the x402 Foundation, in collaboration with Cloudflare. This new initiative is designed to establish x402 as the universal standard for AI-driven paym...

www.coinbase.com

2 2 11