Project Decorum Update

It has been a long time, but finally we can give you a proper Project Decorum update! This post will first discuss some differences between the old SAFE Network and the current Autonomi network that impacts Project Decorum’s design, and will then explain on how we adapt and what our development plans are.

No Native DNS
In older designs the SAFE Network had a native DNS, a “domain name system”. For Project Decorum, the main advantage of this DNS was that it was possible to give a piece of data on the network a deterministic and (more importantly for us) predictable address that anyone (or any app) can look up, without the prerequisite of a third party adding it to a managed index first.
Aside from looking up websites, other examples of a user directly using this would be looking up another user’s profile, or a subforum (like a subreddit) by simply knowing or trying its name. For Project Decorum we also wanted to use this on a protocol level, where for example the (potential) replies to a post would have predictable addresses that could be derived from the original post’s network address.

The important thing for us about a native DNS system is that it’d allow users that are completely unknown to each other to discover and interact with each others’ content without a third party being involved in any way. The new Autonomi design does not have a native DNS system, so the discovering of content is always facilitated by either out-of-band sharing (using for example a non-Autonomi messaging app or website) or by searching/crawling the Autonomi-hosted content of other users that you already know (someone’s managed DNS index you have chosen, your social graph, etc.).

Our goal has always been to have Project Decorum’s protocol rely on third parties as little as possible, but without native DNS it’s unavoidable that they’ll play a bigger role than we previously expected. This means that Project Decorum’s apps will work more similar to existing decentralized social media protocols, that typically rely on users to host their own servers or offer a plurality of third party services to choose from. While somewhat disappointing, we also realized this could be an advantage in terms of compatibility with other protocols, and started looking for any established players that would be a good match. And we think we found one!

Atproto
Atproto (short for AT Protocol, which stands for “Authenticated Transfer Protocol”) is a protocol developed by BlueSky for distributed social networking services. The most important features that align with Project Decorum’s goals are:

• Custom feeds
  Atproto puts control over the algorithm that creates your feed in the hands of of third party developers and users, a primary Project Decorum ideal.

• Collaborative moderation
  Atproto supports subscribing to moderation services of your choice and to run your own, something that Project Decorum always planned to have.

• Lexicon
  RDF (Resource Description Framework) has often been discussed on these forums by our community members. Atproto considered using it, but ended up developing something different called Lexicon. Lexicon is more suitable for enforcing schemas than RDF, which is especially important for compatibility and interoperability in decentralized networks.

• Account migration
  Atproto supports migrating your account to different servers. This would allow users to migrate their existing accounts to or from Autonomi as desired. In this way we may be able to partially piggy-back on the network effect of atproto/BlueSky, and if things don’t work out with Autonomi or Project Decorum, users could transfer their account to a regular atproto host!

Development plans
Atproto is designed to run over the regular internet using direct client-server and server-server communication. We aim to make our atproto-compatible protocols run on Autonomi without such direct connections as much as possible, by having clients and servers upload their data to Autonomi to be fetched by others as needed. It should be possible to run your account on Autonomi and interact with other Autonomi users without running a server yourself or any direct connection the rest of the atproto ecosystem (called the Atmosphere).

We also aim to develop software that allows users and services to bridge Autonomi and the wider Atmosphere. Bridges that want to provide Autonomi users access to non-Autonomi content would typically reupload the relevant content to Autonomi and provide pointers to them, while bridges that want to provide access to Autonomi content to the rest of the Atmosphere would function more like typical servers.

Our initial focus will be on being able to run an atproto Personal Data Server (PDS) that stores all the atproto account data on Autonomi. Atproto uses a fairly complex specialized data structure called a Merkle Search Tree (MST) for account repositories. Storing it on Autonomi is not as easy as just uploading the local database, as we need to organize these MSTs in Autonomi data structures in such a way that granular access and updates are possible, while maximizing speeds and minimizing costs.

Atproto makes use of commit Event Streams from PDS and PDS aggregators (Firehoses) to notify the rest of the network when users create or change content. While we don’t want to rely on direct connections to follow these Event Streams, atproto also supports a backfill window, which we can change to upload the relevant data to Autonomi instead. These Events are typically structured as a “diff” between the old and the new account repository, and we’ll maintain a certain amount of the most recent at the same time. Implementing this would be the next step after the MST account repositories are present on Autonomi.

Afterwards, if nothing else pops up that we need to do first, we will start working on the Project Decorum AppView, which is the software that aggregates data from repositories and event streams, filters it and provides an UI to the user. We will likely take the BlueSky AppView as a starting point.

While BlueSky/atproto has been focusing on “micro-blogging” (public data) use cases so far, they have included support for privately shared data and end-to-end encrypted direct messaging in their 2025 roadmap. We will keep a close eye on these development and support them when we are able to.

Impossible Futures
We are excited about seeing what the Impossible Futures program will bring, but don’t think the program is a good match for Project Decorum.

The main value of participating in Impossible Futures for Project Decorum would be marketing, but I’d much rather start marketing after we have something working, not before. There is some risk that things don’t go well during the program, either with the network itself or with our current plans, and if people have voted and locked funds it could result in both unnecessary conflict and negative marketing value.

In addition, the Impossible Futures builder rewards can really help new projects that are short on funding, but for Project Decorum it wouldn’t really make the difference. So we’d much rather see other projects win this competition!

Lastly, since our goal is making existing atproto software run on Autonomi we won’t develop a typical proof of concept product first, going straight for integration instead which may not line up with the timeline of Impossible Futures.

So in short, we are generally positive about the program and believe it can be of great help for other projects, but it doesn’t align that well with Project Decorum’s current position and plans.

That concludes the update, if you have any questions please do ask!

Thank you for this update.

What role is the Decorum token supposed to play in all this?

With the shift to Blockchain, the cost, for the users, of microblogging and similar Apps skyrockets. Any ideas on what’s being proposed to reduce these costs?

I’m not vested in project decorum, so I wish it luck regardless.

However, I wonder why a simple DNS system can’t be created, even if it is largely for Decorum usage.

I did a bit of digging into DNS for AntTP, with the decision to exclude it being less of a technical decision, but more of a name management issue, i.e. to decide who is allowed to take what name.

So, I’m a little surprised that it is turning into more of a hybrid autonomi/clear net plaform. There is certainly more competition in that area, depending on how much autonomi is included.

All the best with whichever solution makes the project viable though.

Nice @Seneca seeing this feels like the the bluebells or cherry blossoms of network spring.

I think we need the native Autonomi token before apps like this can become viable, from both a costs and a user experience perspective.

The idea for Decorum’s PDC token has not changed, it will probably play a role in our default feed algorithm. But we need support for native tokens on Autonomi to implement it, a blockchain L2 token is not a viable solution here. When we have that we will work out the details.

Great to hear things are starting up again and you’ve obviously been busy.

Like @Traktion I have reservations about ATProto. Only from following commentary, but my impression is of a consensus among many that it is not decentralised yet and likely to remain a poor second in this respect to even federated servers because of the onerous nature of hosting the protocol and other factors such as VC involvement.

This week has highlighted this with news of Bluesky receiving and complying with censorship requests, such as from the Turkish government seeking to suppress opposition voices. But apparently this has been happening for a while. I realise the protocol is a separate thing, but that isn’t reassuring to me. I see plenty of examples where VC backing has enclosed what were we believed, open protocols.

I don’t know much of the ATProto protocol but have heard people says it’s easier to implement than ActivityPub.

The latter I was hoping might be a way for dweb Autonomi apps to integrate with the fediverse (not just Mastodon but also many other federated services that act as replacements for YouTube, Reddit etc). But more importantly as a way for dweb to support dynamic social features such as blog comments and sharing in a decentralised way.

So I share Traktion’s concerns about the slide towards old internet.

I would have concerns even with ActivityPub, but much moreso with ATProto because at worst it’s just another VC project, from the same stable as Twitter and looking likely to go down the same route, like a wolf in sheep’s clothing. That’s a big risk IMO.

ATProto seems too risky a bet for the whole Decorum venture. Less so if it was just offering add-on features as I was imagining using ActivityPub for. So this doesn’t sit well with me based on what I have heard over the years.

At the same time @Seneca, it’s great to have you back.

I applaud your sense of responsibility.

I think we all do but mainly when we look at it from this perspective. We can also view it as them sliding this way, gradually.

I am a total SAFE maxi but I am definitely seeing the advantage to following suit (to a degree) by having some, not all, some hybrid type applications. It broadens the ecosystem and they will become onboarding ramps to full fledged autonomous goodness. Which was probably @Bux master plan all along, the cheeky lass.

I too am bummed about the lack of an Autonomi DNS.

If there were three things on my wish list (beside Decorum, duh) they would be @joshuef Labeled Data, @JimCollinson Perpetual Web Browser design, and DNS.
Lexicon sounds really interesting too! I’ll have to look into that.

I definitely see value in this approach and the tooling you and @bzee create, @Seneca. I am looking forward to those, so please do share as you progress. It’s so good to see you guys back at it. In hind site you guys probably saved so much time and money taking a wait and see approach, very wise philosopher you are there, haha.

Anyways, this is awesome and I can’t wait to see it, and to communicate, just like this using Decorum on a daily basis.

I’m really delighted to have you back active in the mix.

I wonder if you’ve came across this during your research, @Seneca

This isn’t meant proscriptively or critically, I just think it’s a great resource. I wonder if there would be anything there useful or relevant to your planning.

Nice article!

I’ve followed CLW for a good while and while I don’t follow her directly any more have a lot of respect for her technically and wrt ethics and decentralisation. She invented ActivityPub and I find this quote intriguing. Maybe worth a look @Seneca if you haven’t already;

several years ago I wrote a demo of how to combine content addressing with ActivityPub

I skimmed the rest but there are concerning quotes about ATProto particularly around how centralised it is:

So how challenging is it to run [ATProto nodes]? In July 2024, running a Relay on ATProto already required 1 terabyte of storage. But more alarmingly, just a four months later in November 2024, running a relay now requires approximately 5 terabytes of storage. That is a nearly 5x increase in just four months , and my guess is that by next month,

Everything is public, including who you block

You may be reading so far at this point and be wondering: so far I have only analyzed Bluesky from the perspective of public content. What about private or semi-private content? How does Bluesky provide its various services of filtering and labeling and so on in such an environment, and how does Bluesky know which messages are sent in reply to your messages with limited or entirely private messages?

The answer is that Bluesky and ATProto have no design for this at present, and most of the architectural assumptions assume public messages only.

Direct messages are fully centralized

But you may notice! Bluesky provides direct messages! So surely not all information is publicly available, because otherwise else direct messages would simply not work! So how do direct messages work in Bluesky?

The answer, if you guessed it, is centralization. All direct messages, no matter what your Personal Data Store is, no matter what your relay is, go through Bluesky, the company.

ATProto’s portable identity challenges

Bluesky’s credible exit claims rely both on content addressing but also on its use of Decentralized Identifiers (DIDs) for account migration. This is certainly a good goal, and account migration support is something we should see more broadly (including on the fediverse).

However, there are several major problems:
[snipped]

Amazing work @Seneca And difficult decisions to be made.

The future of decentralized technologies should in my opinion be based on open standardized protocols. Where the development of those protocols is determined by a functioning democratic body. Something like the W3C is doing with this charter: Linked Web Storage Working Group Charter

I’ve been fond of the following two protocols as well:

• Atomic Data: https://docs.atomicdata.dev/
• Nextgraph!: This one is really promising as well, it’s amazing what he has accomplished so far! https://nextgraph.org/ and I can highly recommend looking at the comparison table on this page: Survey - NextGraph