TLDR is there’s no free lunch with TreeKEM and the CGKA lineage. You can’t have FS/PCS + eventual consistency unless you commit to static groups.

Triangle of Forgetting No protocol can guarantee monotone merge, temporal secrecy, and dynamic membership at once. The triangle of forgetting appears when a distributed system cannot tell whether a late update has expired o...

Slowly putting some things I’ve been working on to paper.

Here’s my first post, “Triangle of Forgetting,” an impossibility result for secure group messaging:

Monotone convergence, temporal secrecy, and dynamic membership cannot be guaranteed at once.

weboftru.st/post/triangl...

Cute! The reason I ask is I’m working on a p2p threshold signature protocol that could theoretically provide “pure auth” for a PDS, i.e. PDS cannot sign for you.

I know there are lots of folks who are passionate about atproto and PDS infra, so I thought it might be a fun opportunity to collab.

I just got coffee with a young person who reached out and wanted to hear about my experience working on the decentralized web. And even though I’m not doing anything atproto-related, it was nice to point him in this direction as the *kind* of thing to look into.

perfect, checking it out now. thx!

Has someone made a rust PDS yet?

Everybody loves a “but akshually” guy, right??

I don’t love the choice but I appreciate the pragmatism. I mainly find the “sign-in with atproto” concept confusing.

It’s either a failure of DID to offer a complete auth solution, or failure of atproto to interoperate with their chosen auth ecosystem.

Been using LLMs to help write Lean proofs for distributed systems. Definitely on-point. After you write the proof there’s (currently) an impedance mismatch between proof-generated code and the production implementation, so you spend a lot of time trying to close that gap. Will get easier I’m sure.

Basically 1:1, including examples, apart from a bit of backend machinery. I've tracked the differences here: hxrts.com/paco-lean/07...

GitHub - hxrts/paco-lean: Parameterized Coinduction in Lean Parameterized Coinduction in Lean. Contribute to hxrts/paco-lean development by creating an account on GitHub.

A little esoteric, but I implemented a faithful port of Paco from Coq → Lean, which I needed for another project. Paco lets you write composable proofs about infinite processes.

Original: plv.mpi-sws.org/paco/

Lean: github.com/hxrts/paco-l...

I’ve been working on my own solution for a few months now. It is indeed very complex. Interesting though!

Will be publishing a couple write-ups soon.

Appreciate the refs! My project is a little tangential to atproto, but wanted to see if an integration was viable. I’m starting with a distributed keystore built on threshold signatures. So users could conceivably manage their own identity through a multifactor mobile setup.

Just looked into the latest PDS requirements and it’s less substantial than I thought but would still require a compatibility layer.

I’m working on a p2p protocol that’s meant to run on mobile devices without further hosting. Ideally PDSs would be decoupled from Auth and could PubSub select topics.

From what I can tell this isn’t really how the protocol is trending, so integrating may not be in the cards.

I mis-remembered the author. This was the post. bsky.app/profile/zick...

Oh interesting. I just peeked at their whitepaper and didn’t see a fiat integration, but cool that they have both.

Seems like a cool project. If you ever want someone to give some feedback on private payments UX lmk. Have way too much experience lol.

Not sure what you mean. Cashu is Bitcoin denominated, no? (which is fine)

can someone point me to that article about splitting out app-specific data so that mere mortals can run a PDS? I think it was from the @tangled.org folks?

I'm working on a project that could integrate into atproto if this architectural change lands.

I’m sure this sounds pedantic, but in order to achieve the design goals of 1) accounts having a familiar, convenient trust model while 2) guaranteeing user portability, the protocol relies on established internet standards that are expressly out of the protocol’s purview.

I’m very confused by this internet handle discussion. If the protocol design has been consistent about one thing, it’s that atproto is *not* an authentication system.

You’re signing-in with a DID that uses DNS as a certificate authority.

Interesting. So that means your bookmarks are proprietary to the Bluesky app.

Feels kinda off that the Bluesky app shows you how many people bookmarked something. And exactly who bookmarked the post is technically public, but you can’t see it. Yet the list of who liked your post is visible?

I made a little choreographic programming DSL in rust that let's you write session typed protocols in a concise, safe way: hxrts.com/rumpsteak-au...

Using it for a personal project and it works quite well.

Color lithograph Langage des Fleurs (Language of Flowers) by Alphonse Mucha (1900)

“Floriography (language of flowers) is a means of cryptological communication through the use or arrangement of flowers.” en.wikipedia.org/wiki/Languag...

I might be addicted to vibe coding

aww ty!

There are a bunch of crypto projects with varying levels of grifty-ness doing things around this. Here’s a pretty interesting one. blog.bagel.net

the left needs to learn how to “just do things”

Sam standing in front of a Joan Mitchell painting

me & Joan Mitchell