Replying to Avatar Sjors Provoost

I'm thinking a bit more about how to bridge to the Fediverse. One of the problems is that ActivityPub doesn't use public keys for identity. Instead it relies on a URI, and so ultimately on the https certificate of the instance owner.

https://www.w3.org/TR/activitypub/#actors

This means that, when seen from the Nostr side, there could be multiple copies of the same Fediverse user, depending on which bridge their messages went across. And it's non-trivial to verify the original message wasn't tampered with by the bridge (though anyone can do so, by comparing).

So we could propose additional an optional public key to the standard. It would allow folks to sign their own message and would give Fediverse folks a unique identifier, independent who builds the bridge to Nostr.

But:

1) Changing a standard is work and could take years

2) Even with a public key in place, and even assume it's a curve Nostr clients can deal with, ActivityPub message are probably signed in some particular way, different from regular Nostr posts. So Nostr clients would still need special-case handing for this.

Avatar
Sjors Provoost 2y ago

Relying on a single bridge, like Mostr, fixes the duplication problem (for both sides). But it's otherwise suboptimal. Anyone on Nostr can ruin the reputation of the Mostr instance in the Fediverse and cause it to get banned by many administrators.

I think it would be better when most people who care about following folks in the Fediverse run their own bridge. This could be based on Mostr. You could self-host it on your own domain or point your DNS to use a cloud-service. Maybe you can even create a Fediverse account on some bridge-service. It would then only cross-post messages from your public key to your Fediverse account, and create Nostr messages for any replies to you.

That leaves the problem of how to handle boosts. When you boost Joe Rogan from the Fediverse, your Nostr followers will see a new npub, e.g. npub_sjors_joe_rogan. Then when you buddy also boosts them, that creates a whole new npub, e.g. npub_sjimmie_joe_rogan. De-depublication remains a pain.

Let's call the fedi-multiverse problem :-)

Reply to this note

Please Login to reply.

Discussion

Avatar
Sjors Provoost 2y ago

One hack could be to agree on a (totally unsafe) deterministic nsec key generation to represent any given URI. That solves the duplication issue: no matter the bridge, it will always generate the same npub for the same person in the Fediverse.

But it means anyone can fake messages from anyone in the Fediverse, with no way to know what to filter.

Perhaps this could be fixed by making the bridge add their private key to the deterministic key. This would require adding a meta-data field to the Nostr post ("orig-URI"). That way all clients can de-deduplicate by subtracting the URI from the npub. And then they can keep a list of which bridges they trust and ignore the spam.

Avatar
Sjors Provoost 2y ago

This doesn't solve duplication in the other direction. Each bridge creates a unique Fediverse user for each Nostrich. That may be less of a problem though. If you have your preferred bridge, just give that to your Fediverse friends.

Avatar
Sjors Provoost 2y ago

Oh and now you created a feedback loop where each npub gets replicated into N (bridges) identities in the Fediverse which N - 1 bridges may not recognise as such and turn into N * (N-1) npubs, etc… but that seems solvable.