git commit log on main: Commits on Apr 20, 2026 fix: expose env vars in Dockerfile meri-leeworthy committed 3 minutes ago · fix: use dynamic public env vars for build injection timing meri-leeworthy committed 18 minutes ago · fix: use PUBLIC env vars but import separately meri-leeworthy committed 24 minutes ago · fix: actually use VITE_ prefix for import.meta.env vars meri-leeworthy committed 41 minutes ago · Commits on Apr 17, 2026 fix: feature flags env var must be public to work in prod meri-leeworthy committed 3 days ago ·

just one of those days 💅

The Arbiter - Group Management for Permissioned Spaces and Beyond The permissioned data proposal has the concept of membership, but leaves it to the app to orchestrate it. The arbiter is our idea for a general-purpose, interoperable ATProto group membership service.

At @roomy.space we've been cooking up the design for the next, ATProto-native iteration of Roomy, and that includes private data on protocol!

The first component that we're working on is a group membership service that we're calling the "arbiter".

Here's full overview of the design so far!

someone at nerd dinner the other night tried to offer a synonym for rhizomatic and we were like no, no, no man, you just stop right there. we're down with rhizomes

rhizome lovers rhize up

exciting, thanks for getting that out! should I be expecting it to show up as an option on keytrace.dev?

that would be incredible!

My @roomy.space roadmap for next few weeks:
1. Private spaces + invites
2. Permissioned channels + roles
3. Big refactor to AppView + XRPC interface / thin client
4. Push notifications

all parallel to @zicklag.dev speccing and implementing an ‘arbiter’ RBAC service for ATProto permissioned spaces

Hi Orta, we started looking at something like this for @roomy.space - we are working on a Discord bridge - and were wondering if you have considered adding Discord as a service provider?

I think this is private set intersection techniques. Aggregating the email addresses of people especially those who are less tech savvy seems hard.

Gander has actually implemented email only auth. It’s totally doable. Pair that with passkeys as the only other option and it’s a nice fit.

like... if the PDS (opt-in) published a hash of your verified email address(es) you could find the account from email by just checking a global index of all the hashes no? curious if ppl would object to that privacy-wise?

imo it'd be ideal to 'sign in' to an app with my email and have it magically detect that i have an atmosphere account... but without my email being publicly discoverable via my account 🤔

do the crypto ppl not have some kind of solution to this?

safari on iOS is suuuuch a pain

Screenshot on safari, video overlay says wasm-function a lot

😅

𝚝𝚛𝚊𝚗𝚜𝚒𝚝𝚒𝚘𝚗:𝚐𝚎𝚗𝚎𝚛𝚒𝚌 implies the existence of 𝚝𝚛𝚊𝚗𝚜𝚒𝚝𝚒𝚘𝚗:𝚋𝚛𝚊𝚗𝚍-𝚗𝚊𝚖𝚎

And also social workers (should) have structured supervision for preventing vicarious trauma and support to navigate ethical issues in long term relationships, not to mention not having your job security depend on personal client relationships 🤪

100%

also have experienced providing complex mental health and social work adjacent supports without formal training or supervision because clients couldn’t access anything else, but you can lose the job anytime

the burnout is so real and DSWs can so easily end up in these situations 😣

I think so. With the DID for adhoc contexts my concept here is about having one personal space per writer owned by the writing user account, but they can all inherit from some common ACL, like the one created by whoever started the interaction by e.g. posting a private post

Just one idea for how things could evolve to give more options for consent to sharing data in social contexts? But yeah generally happy and excited about the direction 😊

If we had those composition semantics in the protocol it could be a bit more elegant than minting DIDs for any more ‘ad-hoc’ social context. So I can comment on your private post and track your private follower list, but I can also keep the audience tied to whoever was in the list at the time

With our arbiter project we are exploring setting a space to derive its ACL from one or more other spaces, like a composition. If we could do that for personal spaces, we could have groups that work a bit like Sender Keys protocol - each user controls read access to their own data and delegates it

Thanks for your responses! I think if minting DIDs for spaces is the norm it basically resolves the concerns, so it helps to hear your support for that. If personal spaces were in some sense ‘broadcast only’ that would feel good too, but then tricky to use for social apps

Evaluating permissioned spaces for community contexts A look at Bluesky's proposed approach to private data on ATProto

Me and @zicklag.dev have been having a closer look at the system sketched out in @dholms.at's Permissioned Data Diaries - we generally like it! And have some scenarios in mind that may be worth considering

hello i'm sitting on atproto.au - lmk if you wanna team up on this

That’s really kind, thank you

Like also that’s just the kind of leftist that I try to be and was really cool to get to see your take on stuff in long form and see how aligned we are on this stuff

IMO your voice and line of argument are really strong, your perspective and values shine through, and the world needs more of this - takes that are critical, strategic, pragmatic at the same time as visionary, ambitious, open minded. Loved it

Just got to reading this now - fantastic writing, very inspiring!

"The anti-AI left does real, important work identifying harms. The pro-AI left does real, important work identifying benefits. And both sides, when the machine gets its hooks in, reduce the other to caricature [...] because the machine demands you pick one and flatten the other."

hey btw sorry I never ended up saying hi at the conference! Was really hoping for a good moment to chat but the time just flew by. Excited by your project and keen to get in sync about stuff ☺️

Live Call: Communities & Permissioned Data for Roomy.space YouTube video by Zicklag

The recording is up for me and @meri.garden's talk yesterday about @roomy.space, communitites, and permissioned data on ATProto!

We'll be publishing a leaflet outlining our thoughts in a more condensed form soon!