Here’s an idea to make Lemmy even better: true account portability.
Right now, your Lemmy account and all your content are tied to one server. Moving instances or having one shut down means losing your digital presence. Frankly, the server controls your online identity.
But what if you controlled your identity?
I’ve opened a discussion on the Lemmy dev GitHub about integrating Decentralized Identifiers (DIDs). Think of a DID as a permanent, global ID you own, independent of any server.
Why DIDs are a game-changer for Lemmy:
- Real Account Portability: Move your entire account – posts, comments, followers – to any new instance seamlessly. Your identity travels with you.
- More User Control: Your online presence becomes resilient, managed by an ID you control, not governed by a single server’s policies.
- Proven Tech: It works. Protocols like ATProto (Bluesky) successfully use DIDs for portable user identities.
- Full Fediverse Compatibility: We can add DIDs to Lemmy while staying fully interoperable with Mastodon, Kbin, and all other ActivityPub platforms. No breaking changes, just a powerful upgrade.
This is a big step towards a more decentralized and user-controlled fediverse. If you’re interested in more control over your digital self, check out the discussion:
[GitHub Issue: https://github.com/LemmyNet/lemmy/issues/5942]
If you’re on other ActivityPub platforms, consider pushing for similar solutions! The more platforms that adopt truly portable identity, the stronger the fediverse becomes.
DID as a permanent, global ID you own, independent of any server
So there would have to be another server, hosting my identity? Would identities somehow be federated between identity instances?
Did can be served by your own server as just a json blob or federated between multiple identity servers or on the blockchain. A did is did:source:publickey and their are multiple different sources u can use.
a json blob
So in a way it’s similar to https://joinmastodon.org/verification ? A two sided reference between identity and profiles?
Yeah I don’t think this is gonna get anywhere when the easiest alternative to controlling your account is to just host your own Lemmy instance, and you can do that literally right now with no changes to Lemmy or the protocol.
It’d be nice for ActivityPub to support optional GPG signatures for those that want to have that level of control. That would get you all the identity verification that this new fangled did stuff gets you, with the added bonus of GPG being a reliable, existing, proven technology that people already know how to support.
Did also allows portable identity so ur home instance is whatever instance u feel like. Did has been tested and proven reliable its in use by lots of different applications including bluesky.
I get LLM vibes from this post
FEP-ef61: Portable Objects describes how to use DIDs with ActivityPub. Here’s a slightly less technical introduction: https://codeberg.org/ap-next/ap-next/src/branch/main/nomadpub.md
It’s not easy, though. Adding this feature to an existing project will require a lot of work, especially if you don’t want to share signing keys with servers. This was discussed in #3100, Lemmy devs are not opposed to FEP-ef61, but they don’t plan to work on it.
Also, I don’t recommend copying solutions from ATProto, their
did:plcanddid:webare not really “decentralized”.Real Account Portability: Move your entire account – posts, comments, followers – to any new instance seamlessly. Your identity travels with you.
This is nice in theory but comes with edge cases that are hard to account for. Like, what if you have a post and your new instance defeds the instance the post’s community is on? You either have to allow banned content onto the instance or the user loses data, neither of which are acceptable.
This is part of why ATProto’s decoupling of user data from app logic is kinda genius and the direction we should go in if we want portable actors in Lemmy/thredi.
Full Fediverse Compatibility: We can add DIDs to Lemmy while staying fully interoperable with Mastodon, Kbin, and all other ActivityPub platforms. No breaking changes, just a powerful upgrade.
Not really, every fediverse platform that people use expects an
Object’sidto be a https URI it can just fetch the resource from. This is part of why FEP-ef61 specifies a way of translating a DID to a https URI. That’s not to mention that moving existing actors from their current ID to a DID will cause all sorts of interop problems.Edit: Also, is this AI-generated? It has all the tells of Gemini output, especially the the issue on Github.
Smells like LLM to me.
yeah, if I were a Lemmy dev, I wouldn’t take this proposal seriously because of this. I would be wondering if that person really knows what they’re proposing and if they’re planning to engage in the discussion themselves or let AI do it for them, and in the latter case it would just be a waste of time.
we add a did to objects and keep the id the same. supporting platforms will use did old ones will carry on using id.
did is what ATProto uses this is a step in that direction
I don’t like LLMs either, but I think its harsh to just close the discussion because someone used an LLM to rephrase someone’s initial idea…
I mean, sure, but LLM issues are currently plaguing open source projects. Curl, for example: https://gist.github.com/bagder/07f7581f6e3d78ef37dfbfc81fd1d1cd
If someone isn’t passionate about something enough to write their own request, why would the devs be passionate about implementing it?
Wow that was an amusing read, but not really comparable. Those are automated AI security findings, hallucinated partially. But this is an idea that was phrased out by using AI. He already showed the passion to submit and discuss his idea, what you are doing is valuing the devs passion more than someone that’s clearly not a dev submitting his idea … It sounds a little elitist to me.
The problem is the github issue has hallucinations and incorrect technical terminology. It really shouldn’t be used for this purpose, it’s pretty selfish to expect maintainers to consider something that you used LLM for in my opinion. I don’t think that’s elitist, is it really all that difficult to write a feature request on your own, especially if you’ve already done the hard part (the research)?
I did the research I looked at many different way to get the desired solution. I learned how ATProto works i looked into other services with did got an llm to put those ideas in the required format for the issue. Can you please point out the hallucinations in the issue so i can go and fix them
i looked into other services with did got an llm to put those ideas in the required format for the issue. Can you please point out the hallucinations in the issue so i can go and fix them
No. Asking other people to read (and now also to correct!) your LLM slop is extremely inconsiderate. Please don’t do that again.
Someone claimed it contained hallucinations. I read through the entire thing as well as doing all the research and understanding of the concept being talked about. If someone is claiming that their are issues I expect them to be able to prove that. I’m not asking for a fact checker I’m asking for someone to provide evidence of the thing they verbatim claimed. If u wanna tell me that my research showing the sky is blue is wrong I would appreciate u pointing out my error otherwise ur just making baseless claims.
I also don’t get it, as far as I understood you only used the LLM to have a spell checker on crack basically and not generate the idea or straight up technical solution so whats all the fuzz about?
That’s exactly what I did. Its essentially a translater from 3 pages of dotpoints and notes that would be incoherent to anyone but myself to normal English.
As someone with DID (Dissociative Identity Disorder) please pick a different name/acronym
Hey, consider yourself lucky. People who go to Cognitive Behavioral Therapy have it so much worse
Bad news champ, it’s already in mainstream use.
Fuck the mainstream
i didn’t name it that’s what its called.
So we’re filing LLM slop for Lemmy issues now? Also that’s a pretty poor choice for a name.
how would one find someone’s DID public key/ DID documents? wouldn’t it have to be hosted on some single trusted server?
No thats the whole point of a DID. Its an existing standard that has been established to manage decentralised identity. Their exists multiple ways to handle it so a did is did:source:id where the source can be many different things blue-sky uses a group of trusted identity server, but u can use a selhosted file, the blocckchain all sorts of things. Hell u could even use bluesky u could have the same login for ATproto (bluesky) and activpub (lemmy)
The way this comment is written doesn’t sound anything like the OP or the GitHub issue. Different tone, different dialect/spelling… lot of linguistic red flags. Not that I’m judging either way, it’s just suspicious how vastly different they are.
yeah it has the telltale tone and structure of a tool that a lot of us hate yk, reply seems to be human though?
im lazy i used llm to write issue and post.
ah yeah that makes sense
It will probably need it’s own RFC but let’s hear from the devs if they want to do it. (In my experience it’s hard to push through the desired change)
You will have better time trying to implement this in piefed
IMO nomadic identity is more important in Mastodon, etc where the fundamental connections of the network are person-to-person - the emphasis is on following other people and having them follow you and that is what determines what content you see. Also being free to leave (and go somewhere else) is a killer feature that centralized social networks cannot offer and nomadic identity really leans into that strength.
In contrast, in the threadiverse you can’t follow other people - you join communities. Also when a post is viewed the author is just another piece of meta data, the focus is really on the content. With Mastodon they make a much bigger deal about who is saying the thing, display their avatar much bigger, etc. On Mastodon they’re YOUR posts that are strongly tied to you. But here, the posts you make are kiinda more like contributions to a shared wiki (community).
So in PieFed/Lemmy if you need to drop your account on an instance and create a new account on another it’s really much less of a loss and not really disruptive at all. You can just import your settings from the old account and continue to post in all the same communities you did before. The need for a nomadic identity just isn’t as strong.
Moving communities to another instance, tho, now that would be great. It’s on my very long list.
Due to how the fediverse works if users can be given a did so can a community. It would only migrate for services that support did but wouldn’t be all to different.
Yep good point. A group is just another type of actor, after all.
yeah, that’s doable, I would do it like this: DIDs could just be cryptographic signing keys, and your client could just sign all your posts, and send it to any server, which will federate that. same with the upvotes/downvotes(timestamps will have to be signed so a server could not just replay an upvote or downvote if you change your mind) in this case, servers will only be useful for naming(and keeping the bio and public signing key) and relaying the messages to other servers. what’s described is pretty much that.
DID already exist they are a Decentralised IDentiy (DID) it is a keypair and user data so usernames, profile, bio, and a list of accounts across different instance that allows associating post comments likes etc.
https://joinfediverse.wiki/Nomadic_identity
As far as I can tell Hubzilla seems to do it by having alts on different instances and then having a way to associate them with each other, so every instance knows that all the alts they’re the same user. It’s a bit clunky but it avoids as many fundamental changes to ActivityPub because most things under the hood are the same as without nomadic identity and the UI just treats several actors as the same user.
That’s essentially how ATProto does it and they publish other instance actors under “also known as” in the did. that’s essentially what im proposing.
I like how the
didfield is in addition to the existing actor field, providing a way to gradually transition the protocol to the new way.Yeah that’s critical without it everything would break
Somehow, this remembers me of Nostr. How much is this different from Nostr? (insofar an user generates their own pair of public and private keys that they use to publish content anywhere within the Nostr ecossystem, at least it’s as far as I remember about Nostr, as it’s been a long while since I don’t use Nostr anymore after it went down the cryptobro road)
yep a did can be anywhere even did:nostr:publickey its part of the same system
This could be easily solved with domain name and certificates
then you have to pay for it though
what by having all users exist on a centralised server? That sounds like vendor lock in which is exactly what federation was trying to avoid.
