home ~ projects ~ socials

A Global Social Web

These are scratch notes. I'm using them to help think about possible approaches. I'm also interested in getting feedback. Especailly from folks who aren't straight, white, dudes. I've got that demo represented. All that's to say that this is just a starting point and likely to change over time

I have a basic undersanding of public/private keys and I think the basics of what touches on them will work. If I'm off-base and you know better please hit me up on mastodon

TODO

    Make a note somewhere about multiple sites for things like separting public and authenticated traffic for offering your art.

    Make a note somewhere about using public/private keys as a way to confirm identies (and trust chains and all that good stuff)

  • Distribution is something that's been on my mind over the course of the build
  • How do we set up so that folks can find each other? How do we get back to browsing the web?
  • What if feeds are in .well-known locations? The idea being to make the easy for aggregaotrs to pick up. Bascially, they scan domains and find the feeds. It would be much more effificent than search engines and AI bots trying to crawl sites and the fact that those exist it proves it can be done on a technical side.
  • I'm thinking of this as both a type of federation and as a moderation opportunity.
  • Let's start with one. Let's say that neonet.neopoligen.com exists. (It doesn't, but while I'm writing this I'm pretty sure I'm gonna end up building it to prove the point). It would act as a registery of Neopoligen sites.
  • The expansion of what defines a Neopoligen site comes into play here. Originally, it was just a site that would built by Neopoligen, but in order for this to work we'll need to expand the idea a litte. It would also require putting a couple of files in specific locations.
  • Actually, it only has to be a single file, but that single file will have a few things in it (which we'll get to in a second)

  • The file will go at a .well-known location. Those are locations that can be defined to always have a speicif thing. So, we'd end up with something like:

    https://www.alanwsmith.com/.well-known/neopoligen.json5

  • That file will have a specific schema (that's versioned) associated with it that defines the format.
  • The three things that would be required would be:
  1. A list of feeds the site produces directly
  2. A list of feeds the site follows (which may be split into two categoires, individual feeds and then neonet sites that are subscribed too)
  3. A public key (from a public/private key-pair)

- Another aspect of this is the IDs for posts/elemnets/entires or whatever they're called in the Atom Feeds. The idea is that those IDs would be accompanied by a hash created by a sites private key that can then be confirmed by the public key.

- Worth pointing out here again is that my current guideline is that you make your site 100% public or 100% private. If it's public, all this info is available. If it's private none of it is.

- If you've got stuff you want to follow but you don't want it to show up on the site people associate with you the idea is that you can make another site.

- In this way, sites become like accounts. You can have as many as you want to make.

- Thinking about spam for a second, I wonder if it's possible to do a bcrypt type of thing where the cost of genererating a hash for a post is non-trivial. With the power of computers today I'm not sure that would have a chance of working, but it's worth looking into. The reaons is that IDs could be used for replies.

- The way replies would work is that anyone could post a replay to any post on their own site. The feed for that page/reply would include the full replay chain for all the posts it's in line with going back to the original. Because those IDs would be the same (and verifiable via the public key) they should be able to be linked up.

- This is where the aggregators come in. If we have https://neonet.neopoligen.com/ and you've registered your site there it would periodically check all the feeds it's aware of (and we could even set up Neopoligen to ping it directly when updates happen). So, it would know all the posts on it's network that are replies to a post you made.

- Then when you open your Neopoligen instance it goes to https://neonet.neopoligen.com/ and pulls down replies for yours posts.

- How do we make that less intensive for the neonet.neopolige.com site?

- Every neopoligen site could be based off it's domain with a signed copy of they key. That way when neonet.neopoligen.com finds a post that's from one of your sites it can add it to the list for your sites. This would be served in a file like:

https://neonet.neopoligen.com/.well-known/neopoligen-replies/www.alanwsmith.com.json5

- Neopoligen would poll that .well-known location and all the IDs for posts that are in reply chains for your stuff would be in there.

- Your version of Neopoligen doesn't have to do anything with them. It doesn't even have to query the service. This is all optional.

- When I get to making the UI for creating a site this will be an explict decision to opt-in or opt-out of.

- You could also subscribe to multiple networks. So, in addition to neonet.neopoligen.com, you could also subscripte to neonet.alanwsmith.com and pick up the replies feeds from there.

- More importanly, you get to chose who you subscribe to. This allows for some a vetting/moderation point. For example, neonet.neopoligen.com could crawl as much of the internet as it can find and aggregate all of it.

- In contrast, my neonet.alanwsmith.com server would be something I curate to only pull sets of feeds for folks who have joined my network. (In this case, the idea is that I've invited these folks to my network, but I don't necessarily follow them so they wouldn't show up in my folks-i-follow feed.

- If I'm thinking about this right, we could use the neonet.example.com structure as a layer of moderation.

- Anyone at any point can reply to any public post, but if you're not subscribed to a neonet that watches their feeds it wouldn't show up in your replies.

- TBD with that on how reply chains would work. That is, if someone who isn't in your neonet replies to you and you don't see it, but then someone in your network replies to them what happens?

- The good news is that with this set up that decision becomes one that's in your control. Your configuration could be set up to show the post that's not on your network, hide it and give you a link to open it, or just ignore it completley. (though, from a UI perspective you'd probably want to have at least some indication that there is a part of the reply chian you're not seeing.

- This also opens the way for block lists.

- Block lists can be configured in various ways:

  • Block individuals
  • Block any individual that's part of a given neonet
  • and effectively any combination based of the data availabe.
  • Would need to figure out ways that could be attacked though (e.g. ways in which folks could try to fool your Neopoligen into blocking people you didn't mean to block). I'll need help from security folks in deciding what to do there.
  • And, just to state it clearly: I want to provide as much control for folks over their interactions as possible.
  • There's another post that talks about the two layer connection between folks you follow and folks they follow but not moving beyond that. The stuff outlined here is an optional addition to that (and of course, you could replace it and only use the neonets and not the followers if you want to go that route.)
  • Oh, yeah, this same approach could be used for likes, follows, boosts, quoting, bookmarks, and whatever else as well. I'm still thinking about what those categories should be but some version of them would be in the mix.
  • And, just to make it explicit, this would all be open-source in terms of the spec. So, there won't be a way for Neopoligen or any other company to pull things back into their systems in a way that prevents other folks from moving away from them.
  • Folks could also set up their own private neonets. Like a family could have one set up designed for limited connections. (e.g. you could control who's allowed on it and then set up Neopoligen to only have access to it. I'm thiking here of parent controls.
  • a lot more thought needs to go into anything having to do with keeping things behind authentication/authorization. (note that I'm not saying private, because I think when non-techies hear that they have a tendency to think it's something that can be enforced to a level that isn't technially possible (e.g. someone can always take a photo of a screen))
  • Related: need to do thinking about how feeds for protected content would work. Again, I think it would be a binary switch for the entire site. That would extend to the feeds. Lots more thinking and design to do there.
  • Oh, yeah. tags should be a thing too. Need to write up something about them. They could be added into the atom feeds in a custom field and then you could scan neonets for
  • Oh, yeah. Worth pointing out that not only are you in control of who you follow, you're in conrol of the way things are displayed. There will be algorithms built into Neopoligen itself along with controls to adjust them or to make your own. For example, you could split out your friends and make sure to always show the latest one from each of them regardless of the last time they posted and then split out the rest of your network chronologically.
  • Oh yeah, the neonets could do things like add counters for the numbers of boosts, likes, quotes, etc... to each post based off the data they have availbe.
  • It's worth noting that these numbers won't be guaranteed to be fully representative. For example, if you're following a server that tries to find everything globally but it missed some feeds those wouldn't be represented.
  • Something intersting about the numbers if that you could see what the numbers are for each network individually. E.g. the global neonet numbers are one thing, but if you're connected to something like a neonet for artists you'd be able to see just the likes/boosts/etc... that happen on that server (aka in that community)
  • Worth pointing out that I'm thinking of servers as a type of community. You can join as many or as few as you want.
  • The software to run a neonet will be open source as well, but separate from Neopoligen.
  • Thinking back to the server itself for a minute, there should be a space for the neonet communications in terms of incoming data to. Linkbacks, etc... are already a thing, but I don't know enough about the speicifcs of them yet.
  • I just realized that a key to all this working is the fact that even though Neopoligen produces static sites it's a full blown piece of software itself. So, it can be what sends the signals to neonets when updates happen (i.e. you don't need anything dynamic on the site server itself).
  • Since that signal will come from Neopoligen during a deploy the neonets will want to verify the content is actually live on the respective site/page prior to putting it in the feeds. (In theory you could push back to Neopoligen to verify, but that would cause a ton of traffic for viral posts that any given indivudal site might not be ready for. Better to keep that responsiblity on the neonet server.
  • A nice feature is that even if a neonet goes down you would still get feeds from indiviudal you subscribe to and other neonets
  • Yeah, I really like the idea of the neonet and the fact that you can still just run a static site but still join the network. This feels like something with real potential.
  • A specific thing to point out about this approach is that it offers resistance to enshittification. You maintain control of the feeds you subscribe to and how those feeds are displayed.
  • Also worth pointing out that this approach provides resistance against censorship while still providing for moderation. Or, more to the point, if you don't like the way a neonet is moderating their feeds (either on the leaving too much in or cutting too much out) you can leave it and join another neonet. But, the critical factor is that the neonets don't have power of the original content so they can't censor the source.
  • It's worth brining up the fact that folks will be able to do both nasty and illegal stuff with Neopoligen sites. That's no different than any other tool. The way I'm thinking about it now, moderating content will be a requirement of the hosting provider (who may or may not have a corresponding neonet)
  • Something I need to investigate more is linking from neonets to content if someone sends in a link to something illegal. If the neonet acts as a content distribution network it would certinally need to add moderation to prevent distibuting illegal (or TOS violating) content
  • Hmmmm. the more I think about it, the more I think neonet.neopoligen.com will need to have content moderation at some point if it's to become the built-in default suggestion for getting started. Like, part of me would like to track the entire network, but like, that would let folks troll against popular material. (I'm not thinking about harassment itself for this point, just folks posting illegal content). Yeah, there would totally have to be moderation of any feed that looks at the entire network. (NOTE TO SELF: go back and edit out anything where you talk about maybe not needing that).
  • The good news is that to start with neonet.neopoligen.com will be explicity moderated to folks that I know. That could change quickly though if things get going so I'll need to work out the details before launch. (There are services that offer content moderation. It's primarly a matter of buliding the functionality. TBD on the cost, but that's another thing that folks paying for hosting would be supporting. Probably worth making that explict when talking about the services that are provided)
  • In theory you could do some push stuff from a neonet server to Neopoligen clients, but that's way down the road to even consider. Starting would just be the clients pulling from the server when the boot up and then again at polling intervals.
-- end of line --

Endnotes

- I'd love it if neonets could be run without needing to be ad suppored. That should totally be possible for curated ones where there's a limited set of feeds that's followed, but one that searches globally would likely be non-trival to run in terms of cost and resources. Creating ad networks that respond to feeds would be a possibility there. That could create a game of leap frog like we have with ad networks now when it comes to blocking, but because everything has public/private keys available it would be easier to identify ad networks. And, if a neonet keeps trying to rotate ad network keys as a way to try to avoid detection you can just switch to another network.

My sincere hope is that neonets can be self funded. The biggest way I see this happening is by some number of folks who subscribe to it also using it to host their content at a level that they pay for. (In my vision of the world everyone has access to free sites but there would be services (like sending emails and hosting bigger/more files) that would be paid servies designed to keep the neonet in business without having to be ad supported.)

References