this post was submitted on 02 Jan 2025
147 points (77.7% liked)

Selfhosted

40971 readers
530 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Plebbit is a selfhosted, opensource, nonprofit social media protocol, this project was created due to wanting to give control of communication and data back to the people.

Plebbit only hosts text. Images from google and other sites can be linked/embedded in posts. This fixes the issue of hosting any nefarious content.

it has no central server, database, HTTP endpoint or DNS - it is pure peer to peer. Unlike federated instances, which are regular websites that can get deplatformed at any time,

ENS domain are used to name communities.

Plebbit currently offers different UIs. Old reddit and new reddit, 4chan, and have a Blog. Plebbit intend to have an app, internet archive, wiki and twitter and Lemmy. Choice is important. The backend/communities are shared across clients.

The code is fully open source on

https://github.com/plebbit

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 week ago (3 children)

What would be the possible alternatives to block chain?

[–] [email protected] 2 points 6 days ago (2 children)
[–] [email protected] 1 points 6 days ago (1 children)

I thought Blockchain was how the protocol knew how to federate, e.g. where to find other users. (?) I don't really remember how Blockchain works but iirc it is a way to verify trust, e.g. this person really is /u/sem because our shared document says they are.

I know DNS is an alternative but it kind of sucks. Bluesky is inventing it's open DiD thing for identity and it is centralized in practice but might be a good system. And I have no idea how it works.

[–] [email protected] 3 points 6 days ago* (last edited 6 days ago)

Projects with blockchains work like BITtorrent to find peers. That's why bitcoin was called BITcoin.

Federation doesn't require blockchain. Blockchain was created for a very unique solution to storage of digital cash transactions that's not relevant in almost any other system's storage.

[–] [email protected] 1 points 6 days ago

Reading the white paper you find the "serverless" has servers. Each community needs to be always online to serve captchas to posters. The system is federated on community level, instead of instance level, and uses DHT instead of DNS.

[–] [email protected] 9 points 1 week ago (2 children)

Assuming you're talking about authentication:

  • public key signatures - users sign every posts and broadcast their username/pub key combo
  • centralized (could be multiple) auth authority - openid, oauth, etc; posts signed by some unique key from that auth service

I'm deciding if the first is sufficient or if I actually need some form of blockchain to prevent tampering.

[–] [email protected] 4 points 1 week ago (1 children)

Thanks for your thoughts on this.

I am not sure how Matrix handles keys but it is a real headache for end users. For me at least

With openid, etc, it's decentralized compared with centralized and distributed, so you wouldn't get stuck with one openid provider.

I don't know much about any of these so thanks for developing for the rest of us.

[–] [email protected] 4 points 1 week ago

Yeah, I'm thinking of having a separate key per device, and there would be a registry that ties them together. Usernames would not be unique, so to tell two users with the same name apart, the app would check the post signature against the keys in the registry.

This should prevent name squatting, but it would enable pretending to be another user. As long as user names aren't very important (i.e. it's closer to Reddit than Twitter/Facebook), this is probably fine and similar to what we have on Lemmy (only unique to your instance).

If we want to guarantee unique usernames, we would probably need to use a consensus system like blockchain. But blockchain has other drawbacks and I'd really rather not go that route.

Which one we go with doesn't really impact my moderation plans, so I'm going with pub keys for now because they're dead simple. It's also nice that it'll keep working if your country disconnects you from the internet, and someone could smuggle in data from outside if you really wanted to.

[–] [email protected] 2 points 1 week ago (1 children)

The first is sufficient. You only need to see someone's public key once, then you cache it and can authenticate all future signed messages.

[–] [email protected] 3 points 1 week ago

I just need to think about potential attack vectors. I think issues can be worked around, but I've spent most of my time thinking about how to create something and less about how to protect it from attack.

But yeah, public key crypto w/o a central database is my first choice, blockchain is my second.

[–] [email protected] 1 points 1 week ago

Holochain is an interesting option I haven't seen mentioned.