silverpill

Collections in ActivityPub are special, because they are not independent objects, but aggregations of activities. I think FEP-ef61 implementations should not add integrity proofs to them, but treat them as virtual objects whose representations are always server-generated. Re-signing collections and collection pages after every update is not practical.
#fep_ef61

2024-06-05 20:16:10

- reply

@npub1pqp…e753 Matrix is not advertised as zero metadata secure messenger.

2024-06-04 13:55:35

- reply

@npub1q92…lc09 Finally, a good excuse to stop interacting with Windows users

2024-06-04 01:21:36

- reply

Finished the FEP and submitted it: https://codeberg.org/fediverse/fep/pulls/321

2024-06-03 01:53:39

- reply

@npub1zu5…ecsa Maybe I created an infinite loop somewhere, lol

2024-06-03 01:51:44

Let's talk about object ownership in #ActivityPub
I'm writing a new FEP: https://codeberg.org/silverpill/feps/src/branch/main/c7d3/fep-c7d3.md
This topic is rarely discussed, but any server that doesn't implement ownership checks as described in this document is likely vulnerable to impersonation attacks.

2024-05-30 09:19:00

- reply

@npub1pzt…dacm This method is not very convenient, but surely you can do that. You can always enable regular password login later.

2024-05-30 09:10:05

- reply

@npub1pzt…dacm Will send the invite code in a couple of minutes. If you want you can log in without password using your Ethereum wallet (Metamask should still work).

2024-05-29 21:14:06

- reply

@npub1pzt…dacm No idea. All accounts I've been following there stopped posting shortly after the migration, I guess everyone just went back to Twitter.

2024-05-25 22:51:23

can-i-use but for #SQL: https://modern-sql.com/caniuse/merge
Very cool

2024-05-03 13:40:20

Lemmy devs are working on #WASM based plugin system: https://github.com/LemmyNet/lemmy/pull/4695

2024-04-12 00:22:34

FEP-ef61 breaking change: https://codeberg.org/fediverse/fep/pulls/295
Resolvers are now gateways and may accept POST requests.
#fep_ef61

2024-04-08 17:03:13

- reply

@npub1m29…khl9 I stopped paying attention to it after reading this: https://www.poberezkin.com/posts/2023-10-31-why-privacy-impossible-without-venture-funding.html

2024-04-08 01:47:26

- reply

@npub1vcv…9su0 Do you have FEP-ef61 actors already?
I'm still thinking about actor IDs. FEP-ef61 requires new IDs, so existing accounts have to be migrated somehow. I guess it is not an issue for you because you already have working migration mechanism?

2024-04-07 00:08:45

#Mitra v2.15.0
https://codeberg.org/silverpill/mitra/releases/tag/v2.15.0
https://codeberg.org/silverpill/mitra-web/releases/tag/v2.15.0
- Emoji picker in post editor (for custom emojis).
- Subscription access without payment. Subscriber status can now be given as a gift, or in exchange for off-site payment (in any currency). To do this, navigate to any profile page and click on "Subscriber details" item in profile menu.

2024-04-06 00:16:31

- reply

@npub17dy…yf4p
>end up being ""community-driven"" which is basically trendspeak for tacking feature bloat ontop of whatever is being written
In this case it also means outside contributors who were working for free while core teams were enjoying VC money

2024-03-30 01:05:25

- reply

@npub1zu5…ecsa On my machine tor usually consumes 20-30 MB. Do you have an up to date version?
It was vulnerable to DoS attack at some point, but they fixed it

2024-03-30 00:40:50

- reply

@npub1zu5…ecsa How much of this is used by mitra?

2024-03-24 23:42:51

https://help.instagram.com/914046486923176/
>When Threads blocks communication with other servers on the fediverse
>...fails to meet our Community Guidelines...
>We’ll also block a server if it doesn’t have a:
>Sufficient privacy policy; or
>Publicly available policy to restrict access to users under the age of 13; or
>Publicly accessible feed
There are two fediverses. One of them will comply with these rules, and with whatever rules come after that.

2024-03-22 20:54:27

It's official now: Threads implemented FEP-e232
https://engineering.fb.com/2024/03/21/networking-traffic/threads-has-entered-the-fediverse/
Article contains a couple of minor inaccuracies: _misskey_quote doesn't build on FEP-e232, and the other property name is quoteUrl, not quoteURL. But overall it's good and I hope other implementers will notice it.
#FEP

2024-03-22 18:33:30

My server can now process preferredUsername changes. I also changed everything to use actor ID as a primary identifier. Previously, actor ID was a secondary identifier after the webfinger address - this is a pretty big change and I hope I didn't break anything. Webfinger is now optional (but preferredUsername is still required).
In UI accounts without webfinger address will have actor ID in its place.
https://codeberg.org/fediverse/fep/src/branch/main/fep/03c1/fep-03c1.md

2024-03-22 17:36:09

- reply

@npub1k08…6xvn Ignoring the corpos-vs-people question for a moment, I actually like the symbol. Reminds me of Ubuntu logo

2024-03-19 11:47:08

- reply

@npub1cwk…qe8n
did:web is a standard with multiple implementations
did:plc is single implementation deployed on a single server

2024-03-18 21:37:20

Decentralized identifiers (DIDs) can be divided into 3 categories, depending on where the authority resides:
- Secret key (did:key, did:pkh).
- Server (did:web).
- Blockchain (hundreds of them).
With a #DID derived from a secret key you can truly own your identity. Unfortunately, key rotation is not supported, and if you lose your key, you lose everything. This can be partially mitigated with distributed key generation techniques that make key recovery possible if only M of N shards are available, but they are complicated.
Servers can rotate keys, but they can also suddenly disappear, and again you lose everything.
Blockchain-based systems support key rotation and don't have a single point of failure (if done right). Sometimes they are called "servers with superpowers". However, popular ones are not suitable for the job because writing to them is very expensive and their clients need powerful computing devices and a lot of storage.
Is there a way around that? Yes. Blockchains can be very lightweight and they don't actually need a cryptocurrency, miners or stakers in order to work. There is a simple consensus algorithm known as Proof of authority, and one of the Fediverse competitors, Bluesky, seems to be planning to build such system:
https://github.com/did-method-plc/did-method-plc
>We are actively hoping to replace it with or evolve it into something less centralized - likely a permissioned DID consortium.
They are afraid to say the B-word, but "permissioned consortium" is exactly what it is. Of course, their identity #blockchain doesn't have to be the only one in existence. I think in the future we might see quite a lot of "identity cooperatives" of different shapes and sizes. Perhaps even a universal client, curl for identity, can be developed.

2024-03-14 22:59:01

- reply

@npub1vcv…9su0 The path can be different, for example it can be /ap/ instead of /.well-known/apresolver/.
Though with /.well-known/apresolver we can be sure that it is not used by any existing AP server.

2024-03-12 11:39:24

- reply

@npub1wc2…4sk7
Another funny Fediverse trend is cancelling projects in favor of "approved" forks
>Popular fediverse projects: Mastodon, Akkoma, Firefish.

2024-03-11 00:56:19

- reply

@npub1vcv…9su0
At this point I'm fairly certain that FEP-ef61 can co-exist with Mastodon. My preferred solution is to use a resolver endpoint URL as object ID instead of a plain DID URL:
https://social.example/.well-known/apresolver/did:ap:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2/path/to/object
@npub1grx…uxfe @npub1f5t…r8ft

2024-02-12 16:40:26

- reply

@npub12y5…6e36 I think one can write a script that copies data from Pleroma database to Mitra database.

2024-02-11 09:55:12

- reply

@npub1pmt…d4ts Until recently the only guidance on HTTP signatures was a post in Mastodon blog from 2018 or so. This is what I relied upon to get it working back then when I started Mitra, and it appears that people still read it today.
So it's not surprising that many developers get it wrong (including myself lol).
Now we finally have a FEP draft: https://codeberg.org/fediverse/fep/pulls/257 (though there's a risk of it being abandoned).

2024-01-29 05:16:05

From now on, my server will be using eddsa-jcs-2022 cryptosuite to sign activities. It is still experimental but soon it will replace custom RSA cryptosuite used by default.
I also updated @context of actor object to pass validation at https://json-ld.org/playground/

2024-01-28 19:42:04

- reply

@npub1vcv…9su0 They were actually talking about changing eddsa-jcs-2022: https://github.com/digitalbazaar/data-integrity/issues/19#issuecomment-1847297553
>At this point, we should presume the eddsa-jcs-2022 spec is wrong and we should fix it.
I think we have two options:
1. Define new cryptosuite (e.g. eddsa-jcs-2022-fep-8b32) and use it. Switch to eddsa-jcs-2022` once the spec is stabilized
2. Go with eddsa-jcs-2022 and later try to guess what variant of eddsa-jcs-2022 is used. Run verification procedure according to the new spec, and if it fails, run according to the old spec.
(2) is probably easier at this point, no need to change the FEP, and also makes the argument against breaking the spec stronger

2024-01-25 22:43:41

- reply

@npub1vcv…9su0 It's working. I noticed activities such as Like in my log where HTTP signature belongs to one actor and integrity proof to another. My server checks both signatures, integrity proof takes precedence, the (actor == signer) constraint is satisfied and activity is accepted.

2024-01-21 00:20:05

@npub1yry…c8tp @npub1z9a…zn6y I might need to add a rule that associates .loki domains with http: URL scheme (there are similar exceptions for .onion and .i2p domains).

2024-01-20 19:52:15

- reply

@npub1mka…zl8u @npub1ln5…xyw6 @npub108p…yev6 Mastodon doesn't actually provide a webfinger entry, I used Friendica as an example.
I should support that in Mitra too, because adding <link> tag to SPA frontend is complicated.

2024-01-20 18:41:01

- reply

@npub1js9…maz4 I perceive these files as documentation rather than code. Something like CC0 could be a good fit (same license is used for FEPs)

2024-01-19 02:41:16

- reply

@npub1pwl…5qzr Interesting. I didn't know about Torrent RSS feeds

2024-01-17 21:28:17

- reply

@npub1ln5…xyw6 I fixed signature validation (on mitra.social), and my follow request was processed correctly. Thank you!

2024-01-17 19:21:16

- reply

@npub1ln5…xyw6 Made another attempt.
>missing field "name"
Maybe it is because some items in attachment array don't have this field?

2024-01-17 18:50:48

- reply

@npub1ln5…xyw6 Thanks! I un-followed and sent another follow request at 2024-01-17T17:49:35
Undo -> 200
Follow -> 520

2024-01-17 00:30:15

- reply

@npub1ln5…xyw6 Should I make an exception for id query parameter? This is not difficult, and as far as I know, using query parameters in actor IDs is perfectly valid according to AP spec - just not common.

2024-01-16 23:44:55

- reply

@npub1ln5…xyw6 Sorry, I think I was wrong about the instance actor. Mitra discovers actor by analyzing the keyId parameter in Signature HTTP header. If the value of this parameter contained URL with a query such as ?id=920666, it was removed, so only https://ap.podcastindex.org/podcasts remained.
I explained that in a subsequent reply:
https://mitra.social/objects/018d1433-67e4-028f-79b8-7ced5a7bad0c
The address of public.mitra.social instance actor is http://public.mitra.social/actor
#note1jtx…864u

2024-01-16 22:35:29

- reply

@npub1ln5…xyw6
Mitra tries to guess actor ID from key ID without making additional requests. Most of the time removing the fragment is enough, but some implementations use query parameter instead of fragment to identify the key, so these are removed too.
I think I can simply add exception for id query parameter if you prefer this URL structure.

2024-01-16 15:36:20

- reply

@npub14wf…qfey @npub1ln5…xyw6 @npub108p…yev6
FEP-0ea0 also supports payment URIs like BIP21.
Perhaps someone already proposed an URI scheme for LUD-16 addresses? Similar to mailto: for email addresses and acct: for webfinger addresses,

2024-01-15 23:32:32

- reply

@npub1ln5…xyw6 @npub108p…yev6 Is it possible to encode necessary information in URI?
Re-purposing PropertyValue is a nice hack, but I think a better solution is needed. I wonder if FEP-0ae0 is applicable: https://codeberg.org/fediverse/fep/src/branch/main/fep/0ea0/fep-0ea0.md

2024-01-15 04:37:00

Activity Connect, my little side-project, has reached usable state:
https://codeberg.org/silverpill/activity-connect
- Follow, unfollow, create and delete posts - basic activities are supported. Translation is not perfect but can be improved in the future.
- Allowlist-based bridging
- Tor and I2P are supported
- Media URLs are not translated
- Compiled to a single binary, uses SQLite database, configured with environment variables
#note1qqj…qcqh

2024-01-13 22:47:42

- reply

@npub14cl…sqpy I agree, this is an important direction of research, especially for services like PeerTube
https://github.com/Chocobozzz/PeerTube/issues/5783

2024-01-12 20:11:03

- reply

@npub108p…yev6 Not yet.
But what I'm planning to do is similar to what you're doing in Ditto (if I understand it correctly).
- Client interacts with the server using Mastodon API.
- When the user performs some action, the server creates an activity and sends it to the client.
- Client signs the activity and sends it to outbox (per FEP-ae97).
So, I think implementing FEP-ef61 in Ditto may make sense.

2024-01-11 19:06:16

- reply

@npub1p77…0jxq FYI, this object looks malformed: https://snac.jamesoff.net/jamesoff/p/1704978630.677698
"cc": [null],
Also one of mentions has href: null

2024-01-02 22:02:46

Fediverse tech roadmap
This is how I want our network to evolve in 2024. Some of the things listed here may have been implemented already by a small number of projects, but more work is required on standards and interoperability.
- Data portability. In my opinion, this is the most important problem. I'm in favor of FEP-ef61, which also solves identity portability and unlocks many new features.
- End-to-end encryption. MLS has become a standard, and it would be wise to adopt it. Issue 3 at fediverse-ideas provides a good overview of what we have at the moment (not much). Some variation of FEP-ae97 is likely needed to make end-to-end encryption work.
- Connectivity. Improving connectivity means fighting indiscriminate instance-level blocks, expanding to overlay networks (Tor, I2P and others), maybe also developing standards for bridges. In many ways, these tasks are linked to data portability.
- Moderation / spam resistance. Anything other than "list of instances I don't like" would be a huge improvement. Fediseer is an interesting development, but still leaves a lot to be desired. Additionally, standardization of reply controls is needed. FEP-5624 exists, but the mechanism described there has many flaws.
- Scalability. How to publish to 1M followers from a single-user instance running on cheap hardware? FEP-8b32 should make various optimizations possible (inbox forwarding, efficient reposts, etc).
- Plugins. Something like Pleroma MRF, but cross-platform (e.g. Wasm-based). Also, pluggable timeline algorithms.
- Discovery. Content discovery on small instances: relays, decentralized search.
- Developer experience. Documentation of de-facto standards (HTTP signatures, WebFinger). Simplified ActivityPub spec. Error reporting.
- Groups. We have several competing standards for groups: FEP-1b12, FEP-400e, Mastodon developers are working on their own standard. It would be nice to converge on a single standard, that also supports private groups.
- URL handlers. Again, competing standards: FediLinks, FEP-07d7 and several other proposals.
- Quoting. FEP-e232 is a proposed standard, but most fediverse applications still use non-standard properties. Mastodon developers are trying to invent something completely different.
- Synchronization of replies. Various approaches are being considered, but there's no clear winner.
- Markets. So far there's only one server implementation capable of processing payments. FEP-0837 (a protocol for federated marketplace) was designed, but lacking adoption.
- Forge federation. ForgeFed is being implemented in Forgejo, although the work is progressing very slowly.

2023-12-30 19:32:12

- reply

@npub1js9…maz4 Hmm. If "naive embedding" of signed objects is not compatible with JSON-LD, then FEP-ae97 is also not compatible, because client-signed Create(Note) activity needs to have its object embedded in order to work with what we have in Fediverse.
Between data/identity portability and JSON-LD compat, I would pick the former.

2023-12-30 14:06:36

- reply

@npub1js9…maz4 You made it compatible with existing consumers, that's nice. But why bad example is bad is still not quite obvious to me.

2023-12-26 21:32:31

- reply

@npub108p…yev6 One man's Vegan is another man's Alt-Right
https://wedistribute.org/2023/12/authorized-fetch-circumvented/

2023-12-25 17:02:44

- reply

@npub108p…yev6 mitra.social is hardly a flagship, as I'm the only user here :) And I think Meta blocking my server is more likely a result of incompetence rather than a declaration of war. Nevertheless, thanks for mentioning Mitra

2023-12-24 22:18:26

- reply

@npub1k08…6xvn @npub16gl…syzj Sounds good. But I don't know what enclosure is, did he mean inline audio/video?
>Enclosures. This makes it possible to use social media for podcasting. Why not? The two seem to go well together.

2023-12-24 15:25:37

- reply

@npub16a2…q5u4 No, it is still in research phase. I will start working on implementation in the beginning of the next year.
I think something similar already exists in Streams where ActivityPub is used alongside with Nomad protocol.

2023-12-24 14:19:36

- reply

@npub16a2…q5u4 Here's one possibility: https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md
When object IDs are not linked to a particular server, both identity and data become portable

2023-12-21 20:55:52

- reply

@npub1pqp…e753 I don't think it will be very different. CBDC networks will be permissioned: only selected parties can deploy contacts and adjust spending conditions.
Without strong privacy by default Bitcoin and Ethereum are losing fungibility and may end up in a similar state. CBDCs with extra steps.

2023-12-21 20:36:21

Important information for FEP-8b32 and FEP-c390 implementers:
https://github.com/w3c/vc-data-integrity/issues/231
It was reported that context injection is a necessary step for eddsa-jcs-2022 cryptosuite. It is necessary even if secured object is nested inside an object with @context property (as in FEP-c390).
This means FEP-c390 feature file is wrong, because I assumed that context injection is not needed. What's worse, it is not even clear how context injection must be done in this case (should we inject a string, or an array?).
In cases where top-level object is being signed, the context injection is not needed, so existing FEP-8b32 implementations are probably correct.

2023-12-20 20:51:24

- reply

@npub1js9…maz4
>Powered by Forgejo
Here is the good news: the work on federation seems to be progressing
https://codeberg.org/forgejo/forgejo/pulls/1680
I'm not sure why they use Star activity instead of Like, but it's better than nothing

2023-12-19 22:02:54

- reply

@npub1xak…udwf I'm not particularly fond of IPFS either, but what are other options?
I think IPFS URIs can be useful even without IPFS node, as a more widespread alternative to urn:sha256

2023-12-18 20:20:57

- reply

@npub1xak…udwf I'm currently in favor of IPFS URIs because IPFS folks made an effort to bring them to the Web (there's a browser extension that can open them, IIRC they even work in Brave browser out of the box).

2023-12-18 20:14:40

- reply

@npub1xak…udwf
DIDs are primarily for describing how to verify digital signatures.
For media you may use other kinds of URIs, for example urn:sha256 that you mentioned before, or IPFS URIs, or magnet URIs

2023-12-14 22:08:20

- reply

@npub108p…yev6 Yes, mitra.social had incoming requests from facebookexternalua, but at some point they stopped and I can't trigger them anymore

2023-12-14 21:47:32

- reply

@npub108p…yev6 I tried to fetch https://www.threads.net/ap/users/mosseri from my other instance public.mitra.social and received a pingback from facebookexternalua. Is it possible that they block mitra.social but not public.mitra.social? Seems unlikely. I think their federation client may simply give up after several unsuccessful federation attempts.

2023-12-14 21:02:15

- reply

@npub108p…yev6 I also see attempts to fetch instance actor in my log, but the last one was ~5 hours ago. Now when I make a signed request, threads.net doesn't react at all, even if I send a signed request as a different actor.

2023-11-24 03:53:23

Lately I've been working on a little side project: https://codeberg.org/silverpill/activity-connect
ActivityConnect a simple AP-to-AP bridge, similar to activitypub-proxy. It's not quite ready for production yet, and only works in read-only mode.
The primary goal of this project is connecting Tor and I2P instances with clearnet instances, and it will be also useful for circumventing instance blocks.
Connecting DID-based actors with domain-based actors is in scope too, but I don't know yet if that will be necessary.

2023-11-21 22:44:08

- reply

@npub1l8w…4ty8 I believe everyone deserves their own Fediverse instance, regardless of the cognitive capacity. A better-designed software would magically configure itself, but unfortunately we are not there yet, so I added better descriptions of these configuration options to the example file: https://codeberg.org/silverpill/mitra/src/branch/main/contrib/mitra_config.yaml#L10-L13
Having some kind of cheatsheet would be nice, that's for sure. Maybe I'll write it later - thank you for the feedback.

2023-11-21 01:11:00

- reply

@npub1l8w…4ty8 @npub1dv5…r0q6 Thanks for trying it!
>You really need better and more in-depth documentation btw.
I'd appreciate if you tell me what parts were difficult to follow
>How do I change the allowed domains list?
Use http_cors_allowlist configuration parameter:
https://codeberg.org/silverpill/mitra/src/commit/ae8eb32c8693c4e101b62d9ab90923ee5cd406c4/contrib/mitra_config.yaml#L17-L18

2023-11-19 19:46:54

- reply

@npub1pmt…d4ts It might work, I don't see any serious flaws in this solution.
It is not yet clear which solution is easier to implement

2023-11-18 19:14:17

I think FEP-ae97 with server-independent IDs is the best way to make identities and data portable in #ActivityPub world.
FEP-c390 + Move activity makes identity portable but not data, and requires wide adoption to provide meaningful benefits. So far there haven't been much interest from developers.
FEP-ae97 with server-independent IDs makes data portable as well, and while it is not compatible with existing software, the server can support both AP flavors at the same time, so it is not worse than FEP-c390 + Move. I also found a way to make it work with Mastodon API, that makes it a clear winner.
There is still a couple of things that need to be figured out, of course:
- What it the best way to specify a list of hosts where data is stored? I'm not entirely satisfied with ?hosts=server1.example,server2.example solution.
- How to encrypt data? It's harder to maintain confidentiality of private messages when they are stored on multiple servers, therefore they should be encrypted.

2023-11-17 17:03:31

- reply

@npub1pqp…e753 I thought you were asking about developers, why they link identity to a server. As a server owner you can serve many users using a single domain. But if every user needs to bring his own domain name, that would be much less convenient
Haven't used these providers. I guess there are some downsides, like you can lose it at any time?

2023-11-17 11:38:37

- reply

@npub1ajw…aj8d @npub1xak…udwf @npub1van…0lzh @npub1sfs…sy9p Yes, it's going to be similar to activitypub-proxy (with Tor/I2P support).
The number of clearnet instances connected to Tor remains small, and I think the bridge can make hosting a Tor-only instance much more attractive, as it will connect you to the whole network.

2023-11-17 10:41:30

@npub1sfs…sy9p @npub1van…0lzh I'm working on a bridge, it should help with a ghost town problem (though it won't be an ideal solution from a UX perspective).
Here's the gist of idea
- You follow clearnet actors using a handle like @[email protected]
- Clearnet actors follow Tor/I2P actors using a handle like @[email protected]

2023-11-17 03:07:38

- reply

@npub1k2u…gk9j Try to load this post by searching for its URL. If the server will fail to do that, it will write an error message in the log.
Try to load the quoted post too: https://monero.im/post/3925
Maybe they are blocking you?

2023-11-16 22:39:44

- reply

@npub1x62…rtpr @npub1yry…c8tp With Mitra 2.4.0 you can configure your instance to allow text/plain or any other media type (be careful though, some media types expose users to XSS attacks).
Use configuration option limits.media.extra_supported_types (the value should be an array)

2023-11-16 22:25:33

- reply

This release mostly includes internal changes and refactoring. I'm moving low-level federation code to a separate crate, which I will use to build a bridge (more on that later).

2023-11-16 22:22:53

#Mitra v2.4.0
https://codeberg.org/silverpill/mitra/releases/tag/v2.4.0
https://codeberg.org/silverpill/mitra-web/releases/tag/v2.4.0
Allowlist federation. This might be useful for Tor and I2P instances where domain blocks are not effective against spam.

2023-11-16 19:56:41

My actor passes all tests at https://verify.funfedi.dev
https://verify.funfedi.dev/?actor_uri=https%3A%2F%2Fmitra.social%2Fusers%2Fsilverpill

2023-11-16 19:53:08

- reply

@npub1pqp…e753 DNS names are not free, I think that's the main disadvantage.
>you can just slap a pubkey in a record, and sign a challenge with your private key
Easy if software supports DIDs https://danubetech.github.io/did-method-dns/

2023-11-12 09:15:04

- reply

@npub1k2u…gk9j @npub1uf6…d07h I could build one, sounds like an interesting project.
There was an old system based on BitMessage, but it is unusable and unmaintainted: https://www.getmonero.org/resources/user-guides/multisig-messaging-system.html.
Someone is trying to build I2P-based version with an integrated marketplace: https://github.com/creating2morrow/neveko. It doesn't look very usable either, and developer is trying to do everything at once, which is usually a bad idea.
I would make it as a standalone tool that can work on clearnet and can connect to other software

2023-11-08 13:41:27

- reply

@npub1pkp…wu0z Sure, will send you one in a minute

2023-11-07 21:23:10

- reply

Also in 2.3.0:
Session length is now configurable
The default token expiration time is 7 days. Short expiration time is considered a good security practice, but might be annoying for users.

2023-11-07 20:02:15

#Mitra v2.3.0
https://codeberg.org/silverpill/mitra/releases/tag/v2.3.0
https://codeberg.org/silverpill/mitra-web/releases/tag/v2.3.0
Highlights:
- Implemented replies collection. This means replies to Mitra posts can be fetched using mitractl fetch-replies command. Eventually this feature (loading missing replies) will be available in the GUI too.
- Profile images can be removed.
- Donation buttons for Lightning Network addresses (Mitra is looking for profile fields with labels "lightning address" and "lud16", just like PeerTube Lightning plugin).
- (Experimental) Support for recurrent payments via Monero Subscriptions Wallet. I haven't tried the app yet, just added automatic generation of their payment request codes for every invoice.

2023-11-07 12:14:13

- reply

@npub1k2u…gk9j @npub1uf6…d07h Apparently it was never attempted. What is so great about Nunchuk, integrated chat?
Given that monero-wallet-rpc provides CLI interface, GUI shouldn't be difficult to build. I think it can be even built by integrating multisig into an existing chat or social application.

2023-11-06 21:30:55

- reply

@npub1k2u…gk9j @npub1uf6…d07h monero-wallet-rpc can manage multisig wallets, but I've never tried it: https://monerodocs.org/interacting/monero-wallet-rpc-reference/#make_multisig
This functionality doesn't seem to be available in Monero GUI.

2023-11-04 00:09:01

- reply

@npub1cx7…8tc2
>We are also working on more long-term features, like the much awaited quote posts, but those need some preliminary protocol-level work before we can start the implementation.
The preliminary work has already been done: https://codeberg.org/fediverse/fep/src/branch/main/fep/e232/fep-e232.md

2023-11-01 20:15:46

- reply

@npub1xak…udwf I haven't watched FEP-fffd issue closely but in theory any url value should work now

2023-11-01 16:17:51

https://pleroma.social/announcements/2023/10/29/pleroma-release-2.6.0/
Finally!
This release includes fixes for bugs that prevented adoption of FEP-e232 and FEP-fffd

2023-10-31 20:25:23

- reply

@npub1m29…khl9 Right, senile bureaucrats should be kept as far as possible from anything intelligent.
But is it a real thing? Even if it is real, it probably won't last for long.

2023-10-29 20:04:31

- reply

@npub1vf6…2cew I think It will remain a small network, unless something really bad happens to matrix (its main competitor).

2023-10-24 23:07:07

- reply

@npub1pmt…d4ts qbittorrent and i2pd are examples of good engineering. Each does one thing and does it well, and now we can combine them

2023-10-24 11:56:46

- reply

@npub1mka…zl8u Thanks. Extracting address from key-value fields is straightforward, but I can't figure out how LN support is detected for "donkimberlin-1" commenter in the video example you provided.

2023-10-23 18:37:23

qBittorrent v4.6.0 includes #I2P support
...and it just works! All I had to do is launch i2pd service, enable "I2P (experimental)" in qBittorrent's preferences and download a torrent file from http://tracker2.postman.i2p

2023-10-20 19:57:36

Authentication/Authorization page in #ActivityPub wiki has been brought up to date:
https://www.w3.org/wiki/SocialCG/ActivityPub/Authentication_Authorization

2023-10-20 13:41:12

- reply

@npub1k2u…gk9j Have they reached the point where the situation is rebranded as "exit to community" and presented as a very good thing?

2023-10-08 17:23:59

- reply

@npub1836…8jp6 Apparently web-extensions-sys provides partial support for Firefox but it's hidden behind firefox feature
https://github.com/web-extensions-rs/web-extensions-sys/pull/40/files

2023-10-04 14:26:30

- reply

@npub1s7y…u8ak @npub19j8…wcd3 I've built an AP-based microblogging platform that has content subscriptions: https://codeberg.org/silverpill/mitra
Monero is supported.

2023-10-01 09:14:19

- reply

The deb package attached to 1.36.1 release contained a mitra binary with higher libc/libssl requirements, and it caused breakage on older systems.
I removed the 1.36.1 package and built a new one with statically linked binaries:
https://codeberg.org/silverpill/mitra/releases/tag/v1.36.2

2023-09-28 20:25:50

#Mitra v1.36.1
https://codeberg.org/silverpill/mitra/releases/tag/v1.36.1
https://codeberg.org/silverpill/mitra-web/releases/tag/v1.36.1
A small bugfix release. Probably the last one before 2.0.0